| { pkgs, ... }: |
| |
| let |
| name = "mikrotik-exporter"; |
| user = name; |
| group = name; |
| |
| prepare-secrets = pkgs.writeShellScript "${name}-secrets" '' |
| ${pkgs.coreutils}/bin/install --owner=${user} --mode=500 --directory /mnt/secrets/${name} |
| ${pkgs.coreutils}/bin/install --owner=${user} --mode=400 -t /mnt/secrets/${name} \ |
| /etc/nixos/secrets/${name}/ap.yml |
| ''; |
| in { |
| users.users."${user}" = { |
| group = "${group}"; |
| isSystemUser = true; |
| uid = 1003; |
| }; |
| users.groups."${group}" = {}; |
| |
| systemd.services."${name}" = { |
| description = "Mikrotik prometheus exporter"; |
| wantedBy = [ "multi-user.target" ]; |
| serviceConfig.Type = "simple"; |
| serviceConfig.ExecStartPre = [ "!${prepare-secrets}" ]; |
| serviceConfig.ExecStart = "${pkgs.prometheus-mikrotik-exporter}/bin/mikrotik-exporter -config-file /mnt/secrets/${name}/ap.yml -port 127.0.0.1:9436"; |
| }; |
| } |