;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2018 Sou Bunnbu ;;; Copyright © 2018, 2019 Gábor Boskovits ;;; Copyright © 2018, 2019, 2020 Oleg Pykhalov ;;; ;;; This file is part of GNU Guix. ;;; ;;; GNU Guix is free software; you can redistribute it and/or modify it ;;; under the terms of the GNU General Public License as published by ;;; the Free Software Foundation; either version 3 of the License, or (at ;;; your option) any later version. ;;; ;;; GNU Guix is distributed in the hope that it will be useful, but ;;; WITHOUT ANY WARRANTY; without even the implied warranty of ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;;; GNU General Public License for more details. ;;; ;;; You should have received a copy of the GNU General Public License ;;; along with GNU Guix. If not, see . (define-module (gnu services monitoring) #:use-module (gnu services) #:use-module (gnu services configuration) #:use-module (gnu services shepherd) #:use-module (gnu services web) #:use-module (gnu packages admin) #:use-module (gnu packages monitoring) #:use-module (gnu system shadow) #:use-module (guix gexp) #:use-module (guix packages) #:use-module (guix records) #:use-module (guix utils) #:use-module ((guix ui) #:select (display-hint G_)) #:use-module (ice-9 match) #:use-module (ice-9 rdelim) #:use-module (srfi srfi-26) #:use-module (srfi srfi-35) #:export (darkstat-configuration darkstat-service-type prometheus-node-exporter-configuration prometheus-node-exporter-configuration? prometheus-node-exporter-configuration-package prometheus-node-exporter-web-listen-address prometheus-node-exporter-service-type zabbix-server-configuration zabbix-server-service-type zabbix-ag;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014, 2015, 2016, 2020 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2014, 2015, 2018 Mark H Weaver <mhw@netris.org> ;;; Copyright © 2016 Jan Nieuwenhuizen <janneke@gnu.org> ;;; Copyright © 2016 Manolis Fragkiskos Ragkousis <manolis837@gmail.com> ;;; Copyright © 2019 Marius Bakke <mbakke@fastmail.com> ;;; Copyright © 2019 Carl Dong <contact@carldong.me> ;;; ;;; This file is part of GNU Guix. ;;; ;;; GNU Guix is free software; you can redistribute it and/or modify it ;;; under the terms of the GNU General Public License as published by ;;; the Free Software Foundation; either version 3 of the License, or (at ;;; your option) any later version. ;;; ;;; GNU Guix is distributed in the hope that it will be useful, but ;;; WITHOUT ANY WARRANTY; without even the implied warranty of ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ;;; GNU General Public License for more details. ;;; ;;; You should have received a copy of the GNU General Public License ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. (define-module (gnu build cross-toolchain) #:use-module (guix build utils) #:use-module (guix build gnu-build-system) #:use-module (srfi srfi-1) #:use-module (srfi srfi-26) #:use-module (ice-9 match) #:use-module (ice-9 ftw) #:export (cross-gcc-build-phases)) ;;; Commentary: ;;; ;;; This module provides tools to build a cross-compiler. ;;; ;;; Code: (define %gcc-include-paths ;; Environment variables for header search paths. ;; Note: See <http://bugs.gnu.org/22186> for why not 'CPATH'. '("C_INCLUDE_PATH" "CPLUS_INCLUDE_PATH" "OBJC_INCLUDE_PATH" "OBJCPLUS_INCLUDE_PATH")) (define %gcc-cross-include-paths ;; Search path for target headers when cross-compiling. (map (cut string-append "CROSS_" <>) %gcc-include-paths)) (define* (patch-genmultilib-shebang #:key inputs native-inputs #:allow-other-keys) "Patch-shebang in the gcc/genmultilib file doesn't work as it contains several scripts inside, each with a #!/bin/sh that needs patching." (substitute* "gcc/genmultilib" (("#!/bin/sh") (string-append "#!" (which "sh"))))) (define* (make-cross-binutils-visible #:key outputs inputs target #:allow-other-keys) "Create symlinks for 'as', 'nm', and 'ld' in the \"out\" output, under libexec/gcc, so that the cross-GCC can find them." (let* ((out (assoc-ref outputs "out")) (libexec (string-append out "/libexec/gcc/" target)) (binutils (string-append (assoc-ref inputs "binutils-cross") "/bin/" target "-")) (wrapper (string-append (assoc-ref inputs "ld-wrapper-cross") "/bin/" target "-ld"))) (for-each (lambda (file) (symlink (string-append binutils file) (string-append libexec "/" file))) '("as" "nm")) (symlink wrapper (string-append libexec "/ld")) #t)) (define* (set-cross-path #:key inputs #:allow-other-keys) "Add the cross kernel headers to CROSS_CPATH, and remove them from C_INCLUDE_PATH et al." (match (assoc-ref inputs "libc") ((? string? libc) (let ((kernel (assoc-ref inputs "xkernel-headers"))) (define (cross? x) ;; Return #t if X is a cross-libc or cross Linux. (or (string-prefix? libc x) (string-prefix? kernel x))) (let ((cpath (string-append libc "/include" ":" kernel "/include"))) (for-each (cut setenv <> cpath) %gcc-cross-include-paths)) (setenv "CROSS_LIBRARY_PATH" (string-append libc "/lib:" kernel "/lib")) ;for Hurd's libihash (for-each (lambda (var) (and=> (getenv var) (lambda (value) (let* ((path (search-path-as-string->list value)) (native-path (list->search-path-as-string (remove cross? path) ":"))) (setenv var native-path))))) (cons "LIBRARY_PATH" %gcc-include-paths)) #t)) (#f ;; We're building the sans-libc cross-compiler, so nothing to do. #t))) (define* (set-cross-path/mingw #:key inputs target #:allow-other-keys) "Add the cross MinGW headers to CROSS_C_*_INCLUDE_PATH, and remove them from C_*INCLUDE_PATH." (let ((libc (assoc-ref inputs "libc")) (gcc (assoc-ref inputs "gcc"))) (define (cross? x) (and libc (string-prefix? libc x))) (define (unpacked-mingw-dir) (match (scandir "." (lambda (name) (string-contains name "mingw-w64"))) ((mingw-dir) (string-append (getcwd) "/" mingw-dir "/mingw-w64-headers")))) (if libc (let ((cpath (string-append libc "/include" ":" libc "/" target "/include"))) (for-each (cut setenv <> cpath) %gcc-cross-include-paths)) ;; libc is false, so we are building xgcc-sans-libc. ;; Add essential headers from mingw-w64. (let ((mingw-source (assoc-ref inputs "mingw-source"))) (invoke "tar" "xvf" mingw-source) (let ((mingw-headers (unpacked-mingw-dir))) ;; We need _mingw.h which will gets built from _mingw.h.in by ;; mingw-w64's configure. We cannot configure mingw-w64 until we ;; have xgcc-sans-libc; substitute to the rescue. (copy-file (string-append mingw-headers "/crt/_mingw.h.in") (string-append mingw-headers "/crt/_mingw.h")) (substitute* (string-append mingw-headers "/crt/_mingw.h") (("@MINGW_HAS_SECURE_API@") "#define MINGW_HAS_SECURE_API 1") (("@DEFAULT_WIN32_WINNT@") "0x502") (("@DEFAULT_MSVCRT_VERSION@") "0x700")) (let ((cpath (string-append mingw-headers "/include" ":" mingw-headers "/crt" ":" mingw-headers "/defaults/include"))) (for-each (cut setenv <> cpath) (cons "CROSS_LIBRARY_PATH" %gcc-cross-include-paths)))))) (when libc (setenv "CROSS_LIBRARY_PATH" (string-append libc "/lib" ":" libc "/" target "/lib"))) (setenv "CPP" (string-append gcc "/bin/cpp")) (for-each (lambda (var) (and=> (getenv var) (lambda (value) (let* ((path (search-path-as-string->list value)) (native-path (list->search-path-as-string (remove cross? path) ":"))) (setenv var native-path))))) (cons "LIBRARY_PATH" %gcc-include-paths)) #t)) (define* (set-cross-path/avr #:key inputs #:allow-other-keys) (match (assoc-ref inputs "libc") ((? string? libc) (define (cross? x) ;; Return #t if X is a cross-libc. (string-prefix? libc x)) (let ((cpath (string-append libc "/avr/include"))) (for-each (cut setenv <> cpath) %gcc-cross-include-paths)) (setenv "CROSS_LIBRARY_PATH" (string-append libc "/avr/lib")) (for-each (lambda (var) (and=> (getenv var) (lambda (value) (let* ((path (search-path-as-string->list value)) (native-path (list->search-path-as-string (remove cross? path) ":"))) (setenv var native-path))))) (cons "LIBRARY_PATH" %gcc-include-paths))) ;; AVR sans-libc cross-compiler. (else #t))) (define (install-strip . _) "Install a stripped GCC." ;; Unlike our 'strip' phase, this will do the right thing for ;; cross-compilers. (invoke "make" "install-strip")) (define* (cross-gcc-build-phases target #:optional (phases %standard-phases)) "Modify PHASES to include everything needed to build a cross-GCC for TARGET, a target triplet." (modify-phases phases (add-after 'unpack 'patch-genmultilib-shebang patch-genmultilib-shebang) (add-before 'configure 'set-cross-path ;; This mingw32 target checking logic should match that of target-mingw? ;; in (guix utils), but (guix utils) is too large too copy over to the ;; build side entirely and for now we have no way to select variables to ;; copy over. See (gnu packages cross-base) for more details. (cond ((string-suffix? "-mingw32" target) (cut set-cross-path/mingw #:target target <...>)) ((string-prefix? "avr" target) set-cross-path/avr) (#t set-cross-path))) (add-after 'install 'make-cross-binutils-visible (cut make-cross-binutils-visible #:target target <...>)) (replace 'install install-strip))) ;;; cross-toolchain.scm ends here
generated by cgit
(zabbix-server-configuration-zabbix-server config) "/sbin/zabbix_server") "--config" #$(zabbix-server-config-file config) "--foreground") #:user #$(zabbix-server-configuration-user config) #:group #$(zabbix-server-configuration-group config) #:pid-file #$(zabbix-server-configuration-pid-file config) #:environment-variables (list "SSL_CERT_DIR=/run/current-system/profile\ /etc/ssl/certs" "SSL_CERT_FILE=/run/current-system/profile\ /etc/ssl/certs/ca-certificates.crt"))) (stop #~(make-kill-destructor))))) (define zabbix-server-service-type (service-type (name 'zabbix-server) (extensions (list (service-extension shepherd-root-service-type zabbix-server-shepherd-service) (service-extension account-service-type zabbix-server-account) (service-extension activation-service-type zabbix-server-activation))) (default-value (zabbix-server-configuration)))) (define (generate-zabbix-server-documentation) (generate-documentation `((zabbix-server-configuration ,zabbix-server-configuration-fields)) 'zabbix-server-configuration)) (define-configuration zabbix-agent-configuration (zabbix-agent (package zabbix-agentd) "The zabbix-agent package.") (user (string "zabbix") "User who will run the Zabbix agent.") (group (group "zabbix") "Group who will run the Zabbix agent.") (hostname (string "") "Unique, case sensitive hostname which is required for active checks and must match hostname as configured on the server.") (log-type (string "") "Specifies where log messages are written to: @itemize @item @code{system} - syslog. @item @code{file} - file specified with @code{log-file} parameter. @item @code{console} - standard output. @end itemize\n") (log-file (string "/var/log/zabbix/agent.log") "Log file name for @code{log-type} @code{file} parameter.") (pid-file (string "/var/run/zabbix/zabbix_agent.pid") "Name of PID file.") (server (list '("127.0.0.1")) "List of IP addresses, optionally in CIDR notation, or hostnames of Zabbix servers and Zabbix proxies. Incoming connections will be accepted only from the hosts listed here.") (server-active (list '("127.0.0.1")) "List of IP:port (or hostname:port) pairs of Zabbix servers and Zabbix proxies for active checks. If port is not specified, default port is used. If this parameter is not specified, active checks are disabled.") (extra-options (extra-options "") "Extra options will be appended to Zabbix server configuration file.") (include-files (include-files '()) "You may include individual files or all files in a directory in the configuration file.")) (define (zabbix-agent-account config) "Return the user accounts and user groups for CONFIG." (let ((zabbix-user "zabbix") (zabbix-group "zabbix")) (list (user-group (name zabbix-group) (system? #t)) (user-account (name zabbix-user) (system? #t) (group zabbix-group) (comment "zabbix privilege separation user") (home-directory (string-append "/var/run/" zabbix-user)) (shell (file-append shadow "/sbin/nologin")))))) (define (zabbix-agent-activation config) "Return the activation gexp for CONFIG." (with-imported-modules '((guix build utils)) #~(begin (use-modules (guix build utils) (ice-9 rdelim)) (let ((user (getpw #$(zabbix-agent-configuration-user config)))) (for-each (lambda (file) (let ((directory (dirname file))) (mkdir-p directory) (chown directory (passwd:uid user) (passwd:gid user)) (chmod directory #o755))) (list #$(zabbix-agent-configuration-log-file config) #$(zabbix-agent-configuration-pid-file config))))))) (define (zabbix-agent-config-file config) "Return the zabbix-agent configuration file corresponding to CONFIG." (computed-file "zabbix_agent.conf" #~(begin (call-with-output-file #$output (lambda (port) (display "# Generated by 'zabbix-agent-service'.\n" port) (display #$(with-output-to-string (lambda () (serialize-configuration config zabbix-agent-configuration-fields))) port) #t))))) (define (zabbix-agent-shepherd-service config) "Return a for Zabbix agent with CONFIG." (list (shepherd-service (provision '(zabbix-agent)) (documentation "Run Zabbix agent daemon.") (start #~(make-forkexec-constructor (list #$(file-append (zabbix-agent-configuration-zabbix-agent config) "/sbin/zabbix_agentd") "--config" #$(zabbix-agent-config-file config) "--foreground") #:user #$(zabbix-agent-configuration-user config) #:group #$(zabbix-agent-configuration-group config) #:pid-file #$(zabbix-agent-configuration-pid-file config) #:environment-variables (list "SSL_CERT_DIR=/run/current-system/profile\ /etc/ssl/certs" "SSL_CERT_FILE=/run/current-system/profile\ /etc/ssl/certs/ca-certificates.crt"))) (stop #~(make-kill-destructor))))) (define zabbix-agent-service-type (service-type (name 'zabbix-agent) (extensions (list (service-extension shepherd-root-service-type zabbix-agent-shepherd-service) (service-extension account-service-type zabbix-agent-account) (service-extension activation-service-type zabbix-agent-activation))) (default-value (zabbix-agent-configuration)))) (define (generate-zabbix-agent-documentation) (generate-documentation `((zabbix-agent-configuration ,zabbix-agent-configuration-fields)) 'zabbix-agent-configuration)) (define %zabbix-front-end-configuration-nginx (nginx-server-configuration (root #~(string-append #$zabbix-server:front-end "/share/zabbix/php")) (index '("index.php")) (locations (let ((php-location (nginx-php-location))) (list (nginx-location-configuration (inherit php-location) (body (append (nginx-location-configuration-body php-location) (list " fastcgi_param PHP_VALUE \"post_max_size = 16M max_execution_time = 300\"; "))))))) (listen '("80")))) (define-configuration zabbix-front-end-configuration ;; TODO: Specify zabbix front-end package. ;; (zabbix- ;; (package zabbix-front-end) ;; "The zabbix-front-end package.") (nginx (nginx-server-configuration-list (list %zabbix-front-end-configuration-nginx)) "NGINX configuration.") (db-host (string "localhost") "Database host name.") (db-port (number 5432) "Database port.") (db-name (string "zabbix") "Database name.") (db-user (string "zabbix") "Database user.") (db-password (string "") "Database password. Please, use @code{db-secret-file} instead.") (db-secret-file (string "") "Secret file which will be appended to @file{zabbix.conf.php} file. This file contains credentials for use by Zabbix front-end. You are expected to create it manually.") (zabbix-host (string "localhost") "Zabbix server hostname.") (zabbix-port (number 10051) "Zabbix server port.")) (define (zabbix-front-end-config config) (match-record config (%location db-host db-port db-name db-user db-password db-secret-file zabbix-host zabbix-port) (mixed-text-file "zabbix.conf.php" "\ string db-port) "'; $DB['DATABASE'] = '" db-name "'; $DB['USER'] = '" db-user "'; $DB['PASSWORD'] = '" (let ((file (location-file %location)) (line (location-line %location)) (column (location-column %location))) (if (string-null? db-password) (if (string-null? db-secret-file) (raise (make-compound-condition (condition (&message (message (format #f "no '~A' or '~A' field in your '~A' record" 'db-secret-file 'db-password 'zabbix-front-end-configuration)))) (condition (&error-location (location %location))))) (string-trim-both (with-input-from-file db-secret-file read-string))) (begin (display-hint (format #f (G_ "~a:~a:~a: ~a: Consider using @code{db-secret-file} instead of @code{db-password} for better security.") file line column 'zabbix-front-end-configuration)) db-password))) "'; // Schema name. Used for IBM DB2 and PostgreSQL. $DB['SCHEMA'] = ''; $ZBX_SERVER = '" zabbix-host "'; $ZBX_SERVER_PORT = '" (number->string zabbix-port) "'; $ZBX_SERVER_NAME = ''; $IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG; "))) (define %maintenance.inc.php ;; Empty php file to allow us move zabbix-frontend configs to ‘/etc/zabbix’ ;; directory. See ‘install-front-end’ phase in ;; (@ (gnu packages monitoring) zabbix-server) package. "\