Merge pull request #120492 from SuperSandro2000/prometheus-unbound-exporter

Prometheus unbound exporter
2021-04-29 10:54:22 +02:00 · 2021-04-29 10:54:22 +02:00 · 674cea17a7
parent e6ff969632 d3fe53a8a6
commit 674cea17a7
5 changed files with 274 additions and 148 deletions
--- a/nixos/modules/services/monitoring/prometheus/exporters.nix
+++ b/nixos/modules/services/monitoring/prometheus/exporters.nix
@ -59,6 +59,7 @@ let
    "surfboard"
    "systemd"
    "tor"
+    "unbound"
    "unifi"
    "unifi-poller"
    "varnish"
--- a/nixos/modules/services/monitoring/prometheus/exporters/unbound.nix
+++ b/nixos/modules/services/monitoring/prometheus/exporters/unbound.nix
@ -0,0 +1,59 @@
+{ config, lib, pkgs, options }:
+
+with lib;
+
+let
+  cfg = config.services.prometheus.exporters.unbound;
+in
+{
+  port = 9167;
+  extraOpts = {
+    fetchType = mkOption {
+      # TODO: add shm when upstream implemented it
+      type = types.enum [ "tcp" "uds" ];
+      default = "uds";
+      description = ''
+        Which methods the exporter uses to get the information from unbound.
+      '';
+    };
+
+    telemetryPath = mkOption {
+      type = types.str;
+      default = "/metrics";
+      description = ''
+        Path under which to expose metrics.
+      '';
+    };
+
+    controlInterface = mkOption {
+      type = types.nullOr types.str;
+      default = null;
+      example = "/run/unbound/unbound.socket";
+      description = ''
+        Path to the unbound socket for uds mode or the control interface port for tcp mode.
+
+        Example:
+          uds-mode: /run/unbound/unbound.socket
+          tcp-mode: 127.0.0.1:8953
+      '';
+    };
+  };
+
+  serviceOpts = mkMerge ([{
+    serviceConfig = {
+      ExecStart = ''
+        ${pkgs.prometheus-unbound-exporter}/bin/unbound-telemetry \
+          ${cfg.fetchType} \
+          --bind ${cfg.listenAddress}:${toString cfg.port} \
+          --path ${cfg.telemetryPath} \
+          ${optionalString (cfg.controlInterface != null) "--control-interface ${cfg.controlInterface}"} \
+          ${toString cfg.extraFlags}
+      '';
+    };
+  }] ++ [
+    (mkIf config.services.unbound.enable {
+      after = [ "unbound.service" ];
+      requires = [ "unbound.service" ];
+    })
+  ]);
+}
--- a/nixos/tests/prometheus-exporters.nix
+++ b/nixos/tests/prometheus-exporters.nix
@ -1,5 +1,5 @@
 { system ? builtins.currentSystem
-, config ? {}
+, config ? { }
 , pkgs ? import ../.. { inherit system config; }
 }:

@ -8,7 +8,7 @@ let
  inherit (pkgs.lib) concatStringsSep maintainers mapAttrs mkMerge
    removeSuffix replaceChars singleton splitString;

-/*
+  /*
    * The attrset `exporterTests` contains one attribute
    * for each exporter test. Each of these attributes
    * is expected to be an attrset containing:
@ -192,7 +192,8 @@ let
          "plugin":"testplugin",
          "time":DATE
        }]
-        ''; in ''
+      ''; in
+        ''
          wait_for_unit("prometheus-collectd-exporter.service")
          wait_for_open_port(9103)
          succeed(
@ -258,7 +259,8 @@ let
      '';
    };

-    fritzbox = { # TODO add proper test case
+    fritzbox = {
+      # TODO add proper test case
      exporterConfig = {
        enable = true;
      };
@ -411,14 +413,14 @@ let
        configuration = {
          monitoringInterval = "2s";
          mailCheckTimeout = "10s";
-          servers = [ {
+          servers = [{
            name = "testserver";
            server = "localhost";
            port = 25;
            from = "mail-exporter@localhost";
            to = "mail-exporter@localhost";
            detectionDir = "/var/spool/mail/mail-exporter/new";
-          } ];
+          }];
        };
      };
      metricProvider = {
@ -520,9 +522,11 @@ let
        url = "http://localhost";
      };
      metricProvider = {
-        systemd.services.nc-pwfile = let
+        systemd.services.nc-pwfile =
+          let
            passfile = (pkgs.writeText "pwfile" "snakeoilpw");
-        in {
+          in
+          {
            requiredBy = [ "prometheus-nextcloud-exporter.service" ];
            before = [ "prometheus-nextcloud-exporter.service" ];
            serviceConfig.ExecStart = ''
@ -585,7 +589,7 @@ let
                syslog = {
                  listen_address = "udp://127.0.0.1:10000";
                  format = "rfc3164";
-                  tags = ["nginx"];
+                  tags = [ "nginx" ];
                };
              };
            }
@ -705,10 +709,10 @@ let
      exporterConfig = {
        enable = true;
        group = "openvpn";
-        statusPaths = ["/run/openvpn-test"];
+        statusPaths = [ "/run/openvpn-test" ];
      };
      metricProvider = {
-        users.groups.openvpn = {};
+        users.groups.openvpn = { };
        services.openvpn.servers.test = {
          config = ''
            dev tun
@ -828,8 +832,9 @@ let
      };
      metricProvider = {
        # Mock rtl_433 binary to return a dummy metric stream.
-        nixpkgs.overlays = [ (self: super: {
-          rtl_433 = self.runCommand "rtl_433" {} ''
+        nixpkgs.overlays = [
+          (self: super: {
+            rtl_433 = self.runCommand "rtl_433" { } ''
              mkdir -p "$out/bin"
              cat <<EOF > "$out/bin/rtl_433"
              #!/bin/sh
@ -840,7 +845,8 @@ let
              EOF
              chmod +x "$out/bin/rtl_433"
            '';
-        }) ];
+          })
+        ];
      };
      exporterTest = ''
        wait_for_unit("prometheus-rtl_433-exporter.service")
@ -856,7 +862,7 @@ let
    smokeping = {
      exporterConfig = {
        enable = true;
-        hosts = ["127.0.0.1"];
+        hosts = [ "127.0.0.1" ];
      };
      exporterTest = ''
        wait_for_unit("prometheus-smokeping-exporter.service")
@ -994,7 +1000,7 @@ let
    unifi-poller = {
      nodeName = "unifi_poller";
      exporterConfig.enable = true;
-      exporterConfig.controllers = [ { } ];
+      exporterConfig.controllers = [{ }];
      exporterTest = ''
        wait_for_unit("prometheus-unifi-poller-exporter.service")
        wait_for_open_port(9130)
@ -1004,6 +1010,29 @@ let
      '';
    };

+    unbound = {
+      exporterConfig = {
+        enable = true;
+        fetchType = "uds";
+        controlInterface = "/run/unbound/unbound.ctl";
+      };
+      metricProvider = {
+        services.unbound = {
+          enable = true;
+          localControlSocketPath = "/run/unbound/unbound.ctl";
+        };
+        systemd.services.prometheus-unbound-exporter.serviceConfig = {
+          SupplementaryGroups = [ "unbound" ];
+        };
+      };
+      exporterTest = ''
+        wait_for_unit("unbound.service")
+        wait_for_unit("prometheus-unbound-exporter.service")
+        wait_for_open_port(9167)
+        succeed("curl -sSf localhost:9167/metrics | grep -q 'unbound_up 1'")
+      '';
+    };
+
    varnish = {
      exporterConfig = {
        enable = true;
@ -1033,7 +1062,8 @@ let
      '';
    };

-    wireguard = let snakeoil = import ./wireguard/snakeoil-keys.nix; in {
+    wireguard = let snakeoil = import ./wireguard/snakeoil-keys.nix; in
+      {
        exporterConfig.enable = true;
        metricProvider = {
          networking.wireguard.interfaces.wg0 = {
@ -1060,15 +1090,18 @@ let
      };
  };
 in
-mapAttrs (exporter: testConfig: (makeTest (let
+mapAttrs
+  (exporter: testConfig: (makeTest (
+    let
      nodeName = testConfig.nodeName or exporter;

-in {
+    in
+    {
      name = "prometheus-${exporter}-exporter";

      nodes.${nodeName} = mkMerge [{
        services.prometheus.exporters.${exporter} = testConfig.exporterConfig;
-  } testConfig.metricProvider or {}];
+      } testConfig.metricProvider or { }];

      testScript = ''
        ${nodeName}.start()
@ -1083,4 +1116,6 @@ in {
      meta = with maintainers; {
        maintainers = [ willibutz elseym ];
      };
-}))) exporterTests
+    }
+  )))
+  exporterTests
--- a/pkgs/servers/monitoring/prometheus/unbound-exporter.nix
+++ b/pkgs/servers/monitoring/prometheus/unbound-exporter.nix
@ -0,0 +1,30 @@
+{ lib, rustPlatform, fetchFromGitHub, openssl, pkg-config, nixosTests }:
+
+rustPlatform.buildRustPackage rec {
+  pname = "unbound-telemetry";
+  version = "unstable-2021-03-17";
+
+  src = fetchFromGitHub {
+    owner = "svartalf";
+    repo = pname;
+    rev = "7f1b6d4e9e4b6a3216a78c23df745bcf8fc84021";
+    sha256 = "xCelL6WGaTRhDJkkUdpdwj1zcKKAU2dyUv3mHeI4oAw=";
+  };
+
+  cargoSha256 = "P3nAtYOuwNSLMP7q1L5zKTsZ6rJA/qL1mhVHzP3szi4=";
+
+  nativeBuildInputs = [ pkg-config ];
+
+  buildInputs = [ openssl ];
+
+  passthru.tests = {
+    inherit (nixosTests.prometheus-exporters) unbound;
+  };
+
+  meta = with lib; {
+    description = "Prometheus exporter for Unbound DNS resolver";
+    homepage = "https://github.com/svartalf/unbound-telemetry";
+    license = licenses.mit;
+    maintainers = with maintainers; [ SuperSandro2000 ];
+  };
+}
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@ -19184,6 +19184,7 @@ in
  prometheus-tor-exporter = callPackage ../servers/monitoring/prometheus/tor-exporter.nix { };
  prometheus-statsd-exporter = callPackage ../servers/monitoring/prometheus/statsd-exporter.nix { };
  prometheus-surfboard-exporter = callPackage ../servers/monitoring/prometheus/surfboard-exporter.nix { };
+  prometheus-unbound-exporter = callPackage ../servers/monitoring/prometheus/unbound-exporter.nix { };
  prometheus-unifi-exporter = callPackage ../servers/monitoring/prometheus/unifi-exporter { };
  prometheus-varnish-exporter = callPackage ../servers/monitoring/prometheus/varnish-exporter.nix { };
  prometheus-jmx-httpserver = callPackage ../servers/monitoring/prometheus/jmx-httpserver.nix {  };