SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 16:21:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

alloy: Refactor assertions

Browse source
This commit is contained in:
SebastianStork 2025-10-05 00:56:46 +02:00
parent 9f4b5b73ed
commit d5f3296bf0
1 changed files with 21 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

41
modules/system/services/alloy.nix
View file

@ -36,31 +36,32 @@ in
default = config.services.crowdsec.enable; default = config.services.crowdsec.enable;
}; };
}; };
logs.sshd = lib.mkEnableOption "" // { logs.openssh = lib.mkEnableOption "" // {
default = config.services.openssh.enable; default = config.services.openssh.enable;
}; };
}; };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
assertions = [ assertions =
{ let
assertion = cfg.collect.metrics.victorialogs -> config.services.victorialogs.enable; metricsAssertions =
message = "Collecting VictoriaLogs metrics requires the VictoriaLogs service to be enabled."; cfg.collect.metrics
} |> lib.attrNames
{ |> lib.filter (name: name != "system")
assertion = cfg.collect.metrics.caddy -> config.services.caddy.enable; |> lib.map (name: {
message = "Collecting Caddy metrics requires the Caddy service to be enabled."; assertion = cfg.collect.metrics.${name} -> config.services.${name}.enable;
} message = "Collecting ${name} metrics requires the ${name} service to be enabled.";
{ });
assertion = cfg.collect.metrics.crowdsec -> config.services.crowdsec.enable; logsAssertions =
message = "Collecting CrowdSec metrics requires the CrowdSec service to be enabled."; cfg.collect.logs
} |> lib.attrNames
{ |> lib.map (name: {
assertion = cfg.collect.logs.sshd -> config.services.openssh.enable; assertion = cfg.collect.logs.${name} -> config.services.${name}.enable;
message = "Collecting OpenSSH logs requires the OpenSSH service to be enabled."; message = "Collecting ${name} logs requires the ${name} service to be enabled.";
} });
]; in
metricsAssertions ++ logsAssertions;
meta = { meta = {
domains.list = [ cfg.domain ]; domains.list = [ cfg.domain ];
@ -158,7 +159,7 @@ in
''; '';
}; };
"alloy/sshd-logs.alloy" = { "alloy/sshd-logs.alloy" = {
enable = cfg.collect.logs.sshd; enable = cfg.collect.logs.openssh;
text = '' text = ''
loki.source.journal "sshd" { loki.source.journal "sshd" {
matches = "_SYSTEMD_UNIT=sshd.service" matches = "_SYSTEMD_UNIT=sshd.service"