swendel/nixpkgs
1
0
Fork 0
mirror of https://github.com/SebastianWendel/nixpkgs.git synced 2024-09-20 04:19:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #274543 from fugidev/sabnzbd-exporter-loadcredential

Browse source 
nixos/prometheus-sabnzbd-exporter: use LoadCredential for apiKeyFile
This commit is contained in:
WilliButz 2023-12-18 15:09:35 +01:00 committed by GitHub
parent 45052e5e52 6430b7a181
commit 92ad5c907c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
nixos/modules/services/monitoring/prometheus/exporters/sabnzbd.nix
View file

@ -19,7 +19,11 @@ in
};
apiKeyFile = mkOption {
type = types.str;
description = "File containing the API key.";
description = ''
The path to a file containing the API key.
The file is securely passed to the service by leveraging systemd credentials.
No special permissions need to be set on this file.
'';
example = "/run/secrets/sabnzbd_apikey";
};
};
@ -30,18 +34,24 @@ in
serviceOpts =
let
servers = lib.zipAttrs cfg.servers;
apiKeys = lib.concatStringsSep "," (builtins.map (file: "$(cat ${file})") servers.apiKeyFile);
credentials = lib.imap0 (i: v: { name = "apikey-${toString i}"; path = v; }) servers.apiKeyFile;
in
{
serviceConfig.LoadCredential = builtins.map ({ name, path }: "${name}:${path}") credentials;
environment = {
METRICS_PORT = toString cfg.port;
METRICS_ADDR = cfg.listenAddress;
SABNZBD_BASEURLS = lib.concatStringsSep "," servers.baseUrl;
};
script = ''
export SABNZBD_APIKEYS="${apiKeys}"
exec ${lib.getExe pkgs.prometheus-sabnzbd-exporter}
'';
script =
let
apiKeys = lib.concatStringsSep "," (builtins.map (cred: "$(< $CREDENTIALS_DIRECTORY/${cred.name})") credentials);
in
''
export SABNZBD_APIKEYS="${apiKeys}"
exec ${lib.getExe pkgs.prometheus-sabnzbd-exporter}
'';
};
}