From b54ae5a868d36633d4f4bacd63c06ffb068ff257 Mon Sep 17 00:00:00 2001 From: Julien Malka Date: Fri, 23 Sep 2022 07:04:23 +0200 Subject: [PATCH] nixos/uptime-kuma: init module --- .../from_md/release-notes/rl-2211.section.xml | 7 ++ .../manual/release-notes/rl-2211.section.md | 2 + nixos/modules/module-list.nix | 1 + .../services/monitoring/uptime-kuma.nix | 76 +++++++++++++++++++ nixos/tests/all-tests.nix | 1 + nixos/tests/uptime-kuma.nix | 19 +++++ 6 files changed, 106 insertions(+) create mode 100644 nixos/modules/services/monitoring/uptime-kuma.nix create mode 100644 nixos/tests/uptime-kuma.nix diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml index 99f9a4eb57ed..a84549bda1fb 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml @@ -437,6 +437,13 @@ services.listmonk. + + + Uptime + Kuma, a fancy self-hosted monitoring tool. Available as + services.uptime-kuma. + +
diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md index 20c23a0cdd73..53afe1ca4d68 100644 --- a/nixos/doc/manual/release-notes/rl-2211.section.md +++ b/nixos/doc/manual/release-notes/rl-2211.section.md @@ -148,6 +148,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable). - [Listmonk](https://listmonk.app), a self-hosted newsletter manager. Enable using [services.listmonk](options.html#opt-services.listmonk.enable). +- [Uptime Kuma](https://uptime.kuma.pet/), a fancy self-hosted monitoring tool. Available as [services.uptime-kuma](#opt-services.uptime-kuma.enable). + ## Backward Incompatibilities {#sec-release-22.11-incompatibilities} diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 1a87df989769..5c59e41bbc08 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -718,6 +718,7 @@ ./services/monitoring/ups.nix ./services/monitoring/uptime.nix ./services/monitoring/vmagent.nix + ./services/monitoring/uptime-kuma.nix ./services/monitoring/vnstat.nix ./services/monitoring/zabbix-agent.nix ./services/monitoring/zabbix-proxy.nix diff --git a/nixos/modules/services/monitoring/uptime-kuma.nix b/nixos/modules/services/monitoring/uptime-kuma.nix new file mode 100644 index 000000000000..3a6091de679d --- /dev/null +++ b/nixos/modules/services/monitoring/uptime-kuma.nix @@ -0,0 +1,76 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.services.uptime-kuma; +in +{ + + options = { + services.uptime-kuma = { + enable = mkEnableOption (mdDoc "Uptime Kuma, this assumes a reverse proxy to be set."); + + package = mkOption { + type = types.package; + example = literalExpression "pkgs.uptime-kuma"; + default = pkgs.uptime-kuma; + defaultText = "pkgs.uptime-kuma"; + description = lib.mdDoc "Uptime Kuma package to use."; + }; + + settings = lib.mkOption { + type = + lib.types.submodule { freeformType = with lib.types; attrsOf str; }; + default = { }; + example = { + PORT = "4000"; + NODE_EXTRA_CA_CERTS = "/etc/ssl/certs/ca-certificates.crt"; + }; + description = lib.mdDoc '' + Additional configuration for Uptime Kuma, see + + for supported values. + ''; + }; + }; + }; + + config = mkIf cfg.enable { + + services.uptime-kuma.settings = { + DATA_DIR = "/var/lib/uptime-kuma/"; + NODE_ENV = mkDefault "production"; + }; + + systemd.services.uptime-kuma = { + description = "Uptime Kuma"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + environment = cfg.settings; + serviceConfig = { + Type = "simple"; + StateDirectory = "uptime-kuma"; + DynamicUser = true; + ExecStart = "${cfg.package}/bin/uptime-kuma-server"; + Restart = "on-failure"; + ProtectHome = true; + ProtectSystem = "strict"; + PrivateTmp = true; + PrivateDevices = true; + ProtectHostname = true; + ProtectClock = true; + ProtectKernelTunables = true; + ProtectKernelModules = true; + ProtectKernelLogs = true; + ProtectControlGroups = true; + NoNewPrivileges = true; + RestrictRealtime = true; + RestrictSUIDSGID = true; + RemoveIPC = true; + PrivateMounts = true; + }; + }; + }; +} + diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 83c1779f2659..0662c3ab08a7 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -658,6 +658,7 @@ in { unit-php = handleTest ./web-servers/unit-php.nix {}; upnp = handleTest ./upnp.nix {}; uptermd = handleTest ./uptermd.nix {}; + uptime-kuma = handleTest ./uptime-kuma.nix {}; usbguard = handleTest ./usbguard.nix {}; user-activation-scripts = handleTest ./user-activation-scripts.nix {}; user-home-mode = handleTest ./user-home-mode.nix {}; diff --git a/nixos/tests/uptime-kuma.nix b/nixos/tests/uptime-kuma.nix new file mode 100644 index 000000000000..3d588d73cdb5 --- /dev/null +++ b/nixos/tests/uptime-kuma.nix @@ -0,0 +1,19 @@ +import ./make-test-python.nix ({ lib, ... }: + +with lib; + +{ + name = "uptime-kuma"; + meta.maintainers = with maintainers; [ julienmalka ]; + + nodes.machine = + { pkgs, ... }: + { services.uptime-kuma.enable = true; }; + + testScript = '' + machine.start() + machine.wait_for_unit("uptime-kuma.service") + machine.wait_for_open_port(3001) + machine.succeed("curl --fail http://localhost:3001/") + ''; +})