nixos/netbird: fix port conflict on metrics endpoint (#357105)

This commit is contained in:
Sefa Eyeoglu 2024-11-22 20:03:23 +01:00 committed by GitHub
commit ecd6e1eed1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 65 additions and 14 deletions

View File

@ -44,6 +44,8 @@
- `authelia` has been upgraded to version 4.38. This version brings several features and improvements which are detailed in the [release blog post](https://www.authelia.com/blog/4.38-release-notes/).
This release also deprecates some configuration keys which are likely to be removed in version 5.0.0.
- `netbird` has been updated to 0.31.1. This adds a built-in relay server which is not yet supported by the NixOS module, as well as a metrics endpoint for both the management and signal services. The default metrics port for the `signal` service has been changed from `9090` to `9091` to prevent a port conflict with the management server. This can be changed with their respective `metricsPort` as needed. Refer to the [release notes](https://github.com/netbirdio/netbird/releases/tag/v0.31.1) and [this pull request](https://github.com/NixOS/nixpkgs/pull/354032#issuecomment-2480925927) for more information.
- `compressDrv` can compress selected files in a derivation. `compressDrvWeb` compresses files for common web server usage (`.gz` with `zopfli`, `.br` with `brotli`).
- [`hardware.display`](#opt-hardware.display.edid.enable) is a new module implementing workarounds for misbehaving monitors

View File

@ -196,6 +196,12 @@ in
description = "Internal port of the management server.";
};
metricsPort = mkOption {
type = port;
default = 9090;
description = "Internal port of the metrics server.";
};
extraOptions = mkOption {
type = listOf str;
default = [ ];
@ -360,6 +366,13 @@ in
}
];
assertions = [
{
assertion = cfg.port != cfg.metricsPort;
message = "The primary listen port cannot be the same as the listen port for the metrics endpoint";
}
];
systemd.services.netbird-management = {
description = "The management server for Netbird, a wireguard VPN";
documentation = [ "https://netbird.io/docs/" ];
@ -387,6 +400,9 @@ in
# Port to listen on
"--port"
cfg.port
# Port the internal prometheus server listens on
"--metrics-port"
cfg.metricsPort
# Log to stdout
"--log-file"
"console"

View File

@ -15,7 +15,12 @@ let
mkOption
;
inherit (lib.types) enum port str;
inherit (lib.types)
listOf
enum
port
str
;
inherit (utils) escapeSystemdExecArgs;
@ -41,6 +46,20 @@ in
description = "Internal port of the signal server.";
};
metricsPort = mkOption {
type = port;
default = 9091;
description = "Internal port of the metrics server.";
};
extraOptions = mkOption {
type = listOf str;
default = [ ];
description = ''
Additional options given to netbird-signal as commandline arguments.
'';
};
logLevel = mkOption {
type = enum [
"ERROR"
@ -54,24 +73,38 @@ in
};
config = mkIf cfg.enable {
assertions = [
{
assertion = cfg.port != cfg.metricsPort;
message = "The primary listen port cannot be the same as the listen port for the metrics endpoint";
}
];
systemd.services.netbird-signal = {
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = escapeSystemdExecArgs [
(getExe' cfg.package "netbird-signal")
"run"
# Port to listen on
"--port"
cfg.port
# Log to stdout
"--log-file"
"console"
# Log level
"--log-level"
cfg.logLevel
];
ExecStart = escapeSystemdExecArgs (
[
(getExe' cfg.package "netbird-signal")
"run"
# Port to listen on
"--port"
cfg.port
# Port the internal prometheus server listens on
"--metrics-port"
cfg.metricsPort
# Log to stdout
"--log-file"
"console"
# Log level
"--log-level"
cfg.logLevel
]
++ cfg.extraOptions
);
Restart = "always";
RuntimeDirectory = "netbird-mgmt";