clerie/nixos-exporter
1
0
Fork 0
Code Releases Activity

Compare commits

base: clerie:main
Branches Tags
clerie:main
clerie:v0.3.0 clerie:delte clerie:v0.2.0
..
compare: clerie:v0.2.0
Branches Tags
clerie:main
clerie:v0.3.0 clerie:delte clerie:v0.2.0

1 Commits
main ... v0.2.0

Author SHA1 Message Date
clerie
50f642de02 Beautify error handling 2023-03-23 18:43:09 +01:00
9 changed files with 157 additions and 378 deletions
Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -1,2 +1 @@
/target /target
result

2
Cargo.lock generated
View File

@@ -450,7 +450,7 @@ dependencies = [
[[package]] [[package]]
name = "nixos-exporter" name = "nixos-exporter"
version = "0.6.0" version = "0.1.0"
dependencies = [ dependencies = [
"axum", "axum",
"reqwest", "reqwest",

2
Cargo.toml
View File

@@ -1,6 +1,6 @@
[package] [package]
name = "nixos-exporter" name = "nixos-exporter"
version = "0.6.0" version = "0.2.0"
edition = "2021" edition = "2021"
[dependencies] [dependencies]

6
flake.lock generated
View File

@@ -2,11 +2,11 @@
"nodes": { "nodes": {
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1746461020, "lastModified": 1672350804,
"narHash": "sha256-7+pG1I9jvxNlmln4YgnlW4o+w0TZX24k688mibiFDUE=", "narHash": "sha256-jo6zkiCabUBn3ObuKXHGqqORUMH27gYDIFFfLq5P4wg=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "3730d8a308f94996a9ba7c7138ede69c1b9ac4ae", "rev": "677ed08a50931e38382dbef01cba08a8f7eac8f6",
"type": "github" "type": "github"
}, },
"original": { "original": {

154
flake.nix
View File

@@ -2,15 +2,15 @@
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
}; };
outputs = { self, nixpkgs, ... }: let outputs = { self, nixpkgs, ... }: {
forAllSystems = f: (nixpkgs.lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: let packages.x86_64-linux = let
pkgs = import nixpkgs { inherit system; }; pkgs = import nixpkgs {
in f { inherit pkgs system; } )); system = "x86_64-linux";
in { };
packages = forAllSystems ({ pkgs, system, ... }: { in {
nixos-exporter = pkgs.rustPlatform.buildRustPackage rec { nixos-exporter = pkgs.rustPlatform.buildRustPackage rec {
pname = "nixos-exporter"; pname = "nixos-exporter";
version = "0.6.0"; version = "0.1.0";
src = ./.; src = ./.;
@@ -25,144 +25,15 @@
cargoLock.lockFile = ./Cargo.lock; cargoLock.lockFile = ./Cargo.lock;
}; };
default = self.packages."${system}".nixos-exporter; default = self.packages.x86_64-linux.nixos-exporter;
}); };
apps = forAllSystems ({ pkgs, system, ... }: { apps.x86_64-linux = {
nixos-exporter = { nixos-exporter = {
type = "app"; type = "app";
program = self.packages."${system}".nixos-exporter + "/bin/nixos-exporter"; program = self.packages.x86_64-linux.nixos-exporter + "/bin/nixos-exporter";
};
nixos-validator = {
type = "app";
program = self.packages."${system}".nixos-exporter + "/bin/nixos-validator";
};
default = self.apps."${system}".nixos-exporter;
});
nixosModules = {
nixos-exporter = { config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.nixos-exporter;
in {
options = {
services.nixos-exporter = {
enable = mkEnableOption "Export NixOS status metrics";
listen = mkOption {
type = with types; nullOr str;
default = null;
description = "Interface for metrics";
example = "[::]:2345";
};
};
};
config = mkIf cfg.enable {
users.users."nixos-exporter" = {
isSystemUser = true;
group = "nixos-exporter";
};
users.groups."nixos-exporter" = {};
systemd.services."nixos-exporter" = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
Restart = "always";
PrivateTmp = true;
WorkingDirectory = "/tmp";
RuntimeDirectory = "nixos-exporter";
User = "nixos-exporter";
Group = "nixos-exporter";
ExecStart = ''
${self.packages."${config.nixpkgs.system}".nixos-exporter}/bin/nixos-exporter ${optionalString (cfg.listen != null) "--listen ${escapeShellArg cfg.listen}"}
'';
};
};
};
};
nixos-validator = { config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.nixos-validator;
in {
options = {
services.nixos-validator = {
enable = mkEnableOption "Validate NixOS metrics";
listen = mkOption {
type = with types; nullOr str;
default = null;
description = "Interface for metrics";
example = "[::]:2345";
};
prometheusUrl = mkOption {
type = types.str;
description = "Url for Prometheus";
example = "https://prometheus.monitoring.clerie.de";
};
prometheusQueryTagTemplate = mkOption {
type = with types; nullOr str;
default = null;
description = "Template for Prometheus Query";
example = "instance=\"{}\"";
};
hydraUrl = mkOption {
type = types.str;
description = "Url for Hydra";
example = "https://hydra.clerie.de";
};
hydraJobTemplate = mkOption {
type = with types; nullOr str;
default = null;
description = "Template for Hydra Job Url";
example = "nixfiles/nixfiles/nixosConfigurations.{}";
};
};
};
config = mkIf cfg.enable {
users.users."nixos-validator" = {
isSystemUser = true;
group = "nixos-validator";
};
users.groups."nixos-validator" = {};
systemd.services."nixos-validator" = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
Restart = "always";
PrivateTmp = true;
WorkingDirectory = "/tmp";
RuntimeDirectory = "nixos-validator";
User = "nixos-validator";
Group = "nixos-validator";
ExecStart = ''
${self.packages."${config.nixpkgs.system}".nixos-exporter}/bin/nixos-validator ${concatStringsSep " " [
(optionalString (cfg.listen != null) "--listen ${escapeShellArg cfg.listen}")
"--prometheus-url ${escapeShellArg cfg.prometheusUrl}"
(optionalString (cfg.prometheusQueryTagTemplate != null) "--prometheus-query-tag-template ${escapeShellArg cfg.prometheusQueryTagTemplate}")
"--hydra-url ${escapeShellArg cfg.hydraUrl}"
(optionalString (cfg.hydraJobTemplate != null) "--hydra-job-template ${escapeShellArg cfg.hydraJobTemplate}")
]}
'';
};
};
};
};
default = { ... }:
{
imports = [
self.nixosModules.nixos-exporter
self.nixosModules.nixos-validator
];
}; };
default = self.apps.x86_64-linux.nixos-exporter;
}; };
hydraJobs = { hydraJobs = {
@@ -171,3 +42,4 @@
}; };
}; };
} }

162
src/bin/nixos-validator.rs
View File

@@ -1,162 +0,0 @@
use axum::{
extract::{State, Query},
http::StatusCode,
response::IntoResponse,
routing::get,
Router,
};
use std::collections::HashMap;
use std::net::SocketAddr;
use std::str::FromStr;
use nixos_exporter::nixos::NixStorePath;
#[derive(Clone)]
struct AppState {
listen: String,
prometheus_url: String,
prometheus_query_tag_template: String,
hydra_url: String,
hydra_job_template: String,
}
impl AppState{
pub fn new() -> Self {
Self {
listen: String::from("[::]:9152"),
prometheus_url: String::from(""),
prometheus_query_tag_template: String::from("instance=\"{}\""),
hydra_url: String::from(""),
hydra_job_template: String::from("nixfiles/nixfiles/nixosConfigurations.{}"),
}
}
pub fn is_valid(self) -> bool {
let mut valid = true;
if self.prometheus_url == String::from("") {
println!("Prometheus url is not specified");
valid = false;
}
if self.hydra_url == String::from("") {
println!("Hydra url is not specified");
valid = false;
}
return valid;
}
}
#[tokio::main]
async fn main() {
let mut app_state = AppState::new();
let mut args = std::env::args();
let _name = args.next().unwrap();
loop {
let arg = if let Some(arg) = args.next() {
arg
} else {
break;
};
match arg.as_str() {
"--help" | "-h" => {
println!("Prometheus exporter for NixOS systems");
println!("Use --listen <addr:port> bind the web service.");
println!("Output will be on /metrics endpoint. HTTP 500 if something broke while scraping.");
std::process::exit(0);
}
"--listen" => {
app_state.listen = args.next().unwrap();
}
"--prometheus-url" => {
app_state.prometheus_url = args.next().unwrap();
}
"--prometheus-query-tag-template" => {
app_state.prometheus_query_tag_template = args.next().unwrap();
}
"--hydra-url" => {
app_state.hydra_url = args.next().unwrap();
}
"--hydra-job-template" => {
app_state.hydra_job_template = args.next().unwrap();
}
unknown => {
println!("unknown option: {}", unknown);
std::process::exit(1)
}
}
}
if !app_state.clone().is_valid() {
std::process::exit(1);
}
let app = Router::new();
let app = app.route("/metrics", get(check));
let app = app.with_state(app_state.clone());
let addr = SocketAddr::from_str(&app_state.listen.clone()).unwrap();
println!("listening on http://{}", addr);
axum::Server::bind(&addr)
.serve(app.into_make_service())
.await
.unwrap();
}
async fn check(State(app_state): State<AppState>, Query(params): Query<HashMap<String, String>>) -> Result<(StatusCode, impl IntoResponse), (StatusCode, impl IntoResponse)> {
let target = params.get("target")
.ok_or_else(|| (StatusCode::NOT_FOUND, "specify target"))?;
if target.contains("\"") {
return Err((StatusCode::INTERNAL_SERVER_ERROR, "Invalid target name"));
}
let client = reqwest::Client::new();
let prometheus_req = client.get(format!("{}/api/v1/query?query=nixos_current_system_hash{{{}}}", app_state.prometheus_url, app_state.prometheus_query_tag_template.clone().replace("{}", target)))
.header("Accept", "application/json")
.send().await
.map_err(|_err| (StatusCode::INTERNAL_SERVER_ERROR, "Promehteus can't get reached"))?;
if prometheus_req.status() != reqwest::StatusCode::OK {
return Err((StatusCode::NOT_FOUND, "Target does not exist in Hydra"));
}
let prometheus_body = prometheus_req.json::<serde_json::Value>().await
.map_err(|_err| (StatusCode::INTERNAL_SERVER_ERROR, "Invalid response from Prometheus"))?;
let current_system_hash = prometheus_body["data"]["result"][0]["metric"]["hash"].as_str()
.ok_or_else(|| (StatusCode::NOT_FOUND, "No current metric found in Prometheus"))?;
let hydra_req = client.get(format!("{}/job/{}/latest", app_state.hydra_url, app_state.hydra_job_template.clone().replace("{}", target)))
.header("Accept", "application/json")
.send().await
.map_err(|_err| (StatusCode::INTERNAL_SERVER_ERROR, "Hydra can't get reached"))?;
if hydra_req.status() != reqwest::StatusCode::OK {
return Err((StatusCode::NOT_FOUND, "Target does not exist in Hydra"));
}
let hydra_body = hydra_req.json::<serde_json::Value>().await
.map_err(|_err| (StatusCode::INTERNAL_SERVER_ERROR, "Invalid response from Hydra"))?;
let nix_store_path = hydra_body["buildoutputs"]["out"]["path"].as_str()
.ok_or_else(|| (StatusCode::INTERNAL_SERVER_ERROR, "No buildoutput found in Hydra"))?;
let hydra_system_hash = NixStorePath::from_path_buf(std::path::PathBuf::from(nix_store_path))
.map_err(|_err| (StatusCode::INTERNAL_SERVER_ERROR, "Invalid store path returned by Hydra"))?
.hash;
let mut status = "0";
if current_system_hash == hydra_system_hash {
status = "1";
}
return Ok((
StatusCode::OK,
format!("nixos_current_system_is_sync{{}} {}\n", status)
));
}

1
src/lib.rs
View File

@@ -1 +0,0 @@
pub mod nixos;

167
src/main.rs
View File

@@ -1,4 +1,5 @@
use axum::{ use axum::{
extract::{State, Query},
http::StatusCode, http::StatusCode,
response::IntoResponse, response::IntoResponse,
routing::get, routing::get,
@@ -9,31 +10,71 @@ use std::collections::HashMap;
use std::net::SocketAddr; use std::net::SocketAddr;
use std::str::FromStr; use std::str::FromStr;
use nixos_exporter::nixos::NixStorePath; #[derive(Clone, PartialEq)]
enum OperationMode {
None,
Exporter,
Validator,
}
#[derive(Clone)] #[derive(Clone)]
struct AppState { struct AppState {
listen: String, listen: String,
operationmode: OperationMode,
prometheus_url: String,
prometheus_query_tag_template: String,
hydra_url: String,
hydra_job_template: String,
} }
impl AppState{ impl AppState{
pub fn new() -> Self { pub fn new() -> Self {
Self { Self {
listen: String::from("[::]:9152"), listen: String::from("[::]:9152"),
operationmode: OperationMode::None,
prometheus_url: String::from(""),
prometheus_query_tag_template: String::from("instance=\"{}\""),
hydra_url: String::from(""),
hydra_job_template: String::from("nixfiles/nixfiles/nixosConfigurations.{}"),
} }
} }
pub fn is_valid(self) -> bool { pub fn is_valid(self) -> bool {
return true; let mut valid = true;
if self.operationmode == OperationMode::None {
println!("operationmode is not set");
valid = false;
}
if self.prometheus_url == String::from("") && self.operationmode == OperationMode::Validator {
println!("Prometheus url is not specified");
valid = false;
}
if self.hydra_url == String::from("") && self.operationmode == OperationMode::Validator {
println!("Hydra url is not specified");
valid = false;
}
return valid;
} }
} }
fn parse_nix_store_path(path: std::path::PathBuf) -> Result<(String, String), String> {
let (hash, name) = path.file_name()
.ok_or_else(String::default)?
.to_str()
.ok_or_else(String::default)?
.split_once("-")
.ok_or_else(String::default)?;
return Ok((hash.to_string(), name.to_string()));
}
#[tokio::main] #[tokio::main]
async fn main() { async fn main() {
let mut app_state = AppState::new(); let mut app_state = AppState::new();
let mut args = std::env::args(); let mut args = std::env::args();
let _name = args.next().unwrap(); let name = args.next().unwrap();
loop { loop {
let arg = if let Some(arg) = args.next() { let arg = if let Some(arg) = args.next() {
arg arg
@@ -51,6 +92,24 @@ async fn main() {
"--listen" => { "--listen" => {
app_state.listen = args.next().unwrap(); app_state.listen = args.next().unwrap();
} }
"--prometheus-url" => {
app_state.prometheus_url = args.next().unwrap();
}
"--prometheus-query-tag-template" => {
app_state.prometheus_query_tag_template = args.next().unwrap();
}
"--hydra-url" => {
app_state.hydra_url = args.next().unwrap();
}
"--hydra-job-template" => {
app_state.hydra_job_template = args.next().unwrap();
}
"exporter" => {
app_state.operationmode = OperationMode::Exporter;
}
"validator" => {
app_state.operationmode = OperationMode::Validator;
}
unknown => { unknown => {
println!("unknown option: {}", unknown); println!("unknown option: {}", unknown);
std::process::exit(1) std::process::exit(1)
@@ -62,8 +121,18 @@ async fn main() {
std::process::exit(1); std::process::exit(1);
} }
let app = Router::new(); let mut app = Router::new();
let app = app.route("/metrics", get(metrics)); if app_state.operationmode == OperationMode::Exporter {
println!("Running NixOS Exporter in Exporter mode");
app = app.route("/metrics", get(metrics));
} else if app_state.operationmode == OperationMode::Validator {
println!("Running NixOS Exporter in Validator mode");
app = app.route("/metrics", get(check));
} else {
println!("Run mode not specified, do {} --help", name);
std::process::exit(1);
};
let app = app.with_state(app_state.clone()); let app = app.with_state(app_state.clone());
let addr = SocketAddr::from_str(&app_state.listen.clone()).unwrap(); let addr = SocketAddr::from_str(&app_state.listen.clone()).unwrap();
@@ -74,32 +143,74 @@ async fn main() {
.unwrap(); .unwrap();
} }
fn get_current_system() -> Result<(String, String), String> {
let symlink = std::fs::read_link("/run/current-system").map_err(|err| err.to_string())?;
let (hash, name) = parse_nix_store_path(symlink)?;
Ok((String::from(hash), String::from(name)))
}
async fn metrics() -> Result<(StatusCode, impl IntoResponse), (StatusCode, impl IntoResponse)> { async fn metrics() -> Result<(StatusCode, impl IntoResponse), (StatusCode, impl IntoResponse)> {
let nix_store_paths = HashMap::from([ let (hash, name) = get_current_system().map_err(|_err| (StatusCode::INTERNAL_SERVER_ERROR, ""))?;
("current_system", NixStorePath::from_str_symlink("/run/current-system")
.map_err(|err| (StatusCode::INTERNAL_SERVER_ERROR, err))?),
("current_system_kernel", NixStorePath::from_str_symlink("/run/current-system/kernel")
.map_err(|err| (StatusCode::INTERNAL_SERVER_ERROR, err))?),
("booted_system", NixStorePath::from_str_symlink("/run/booted-system")
.map_err(|err| (StatusCode::INTERNAL_SERVER_ERROR, err))?),
("booted_system_kernel", NixStorePath::from_str_symlink("/run/booted-system/kernel")
.map_err(|err| (StatusCode::INTERNAL_SERVER_ERROR, err))?),
]);
let mut out = String::new();
for (infix, nix_store_path) in nix_store_paths.iter() {
out.push_str(nix_store_path.clone().to_prometheus_metric(infix.to_string())
.map_err(|err| (StatusCode::INTERNAL_SERVER_ERROR, err))?.as_str());
}
out.push_str(format!("nixos_current_system_kernel_is_booted_system_kernel{{}} {}", (
nix_store_paths.get("current_system_kernel").ok_or_else(|| (StatusCode::INTERNAL_SERVER_ERROR, String::from("")))?.hash
== nix_store_paths.get("booted_system_kernel").ok_or_else(|| (StatusCode::INTERNAL_SERVER_ERROR, String::from("")))?.hash
) as i32).as_str()
);
return Ok(( return Ok((
StatusCode::OK, StatusCode::OK,
out, format!("nixos_current_system_hash{{hash=\"{}\"}} 1\nnixos_current_system_name{{name=\"{}\"}} 1\n", hash, name)
));
}
async fn check(State(app_state): State<AppState>, Query(params): Query<HashMap<String, String>>) -> Result<(StatusCode, impl IntoResponse), (StatusCode, impl IntoResponse)> {
let target = params.get("target")
.ok_or_else(|| (StatusCode::NOT_FOUND, "specify target"))?;
if target.contains("\"") {
return Err((StatusCode::INTERNAL_SERVER_ERROR, "Invalid target name"));
}
let client = reqwest::Client::new();
let prometheus_req = client.get(format!("{}/api/v1/query?query=nixos_nixos_current_system_hash{{{}}}", app_state.prometheus_url, app_state.prometheus_query_tag_template.clone().replace("{}", target)))
.header("Accept", "application/json")
.send().await
.map_err(|_err| (StatusCode::INTERNAL_SERVER_ERROR, "Promehteus can't get reached"))?;
if prometheus_req.status() != reqwest::StatusCode::OK {
return Err((StatusCode::NOT_FOUND, "Target does not exist in Hydra"));
}
let prometheus_body = prometheus_req.json::<serde_json::Value>().await
.map_err(|_err| (StatusCode::INTERNAL_SERVER_ERROR, "Invalid response from Hydra"))?;
let current_system_hash = prometheus_body["data"]["result"][0]["metric"]["hash"].as_str()
.ok_or_else(|| (StatusCode::INTERNAL_SERVER_ERROR, "No buildoutput found in Hydra"))?;
let hydra_req = client.get(format!("{}/job/{}/latest", app_state.hydra_url, app_state.hydra_job_template.clone().replace("{}", target)))
.header("Accept", "application/json")
.send().await
.map_err(|_err| (StatusCode::INTERNAL_SERVER_ERROR, "Hydra can't get reached"))?;
if hydra_req.status() != reqwest::StatusCode::OK {
return Err((StatusCode::NOT_FOUND, "Target does not exist in Hydra"));
}
let hydra_body = hydra_req.json::<serde_json::Value>().await
.map_err(|_err| (StatusCode::INTERNAL_SERVER_ERROR, "Invalid response from Hydra"))?;
let nix_store_path = hydra_body["buildoutputs"]["out"]["path"].as_str()
.ok_or_else(|| (StatusCode::INTERNAL_SERVER_ERROR, "No buildoutput found in Hydra"))?;
let (hydra_system_hash, _) = parse_nix_store_path(std::path::PathBuf::from(nix_store_path))
.map_err(|_err| (StatusCode::INTERNAL_SERVER_ERROR, "Invalid store path returned by Hydra"))?;
let mut status = "0";
if current_system_hash == hydra_system_hash {
status = "1";
}
return Ok((
StatusCode::OK,
format!("nixos_current_system_valid{{{}}} {}\n", app_state.prometheus_query_tag_template.clone().replace("{}", target), status)
)); ));
} }

40
src/nixos.rs
View File

@@ -1,40 +0,0 @@
use std::path::PathBuf;
#[derive(Clone)]
pub struct NixStorePath {
pub hash: String,
pub name: String,
}
impl NixStorePath {
pub fn from_str_symlink(path: &str) -> Result<Self, String> {
Ok(Self::from_path_buf_symlink(PathBuf::from(path))?)
}
pub fn from_path_buf_symlink(path: PathBuf) -> Result<Self, String> {
Ok(Self::from_path_buf(path.read_link().map_err(|err| err.to_string())?)?)
}
pub fn from_path_buf(path: PathBuf) -> Result<Self, String> {
let store_path_name = path.iter().nth(3)
.ok_or_else(|| String::from("Can't read store path name"))?
.to_str()
.ok_or_else(|| String::from("Failed converting store path name to string"))?
.to_string();
Ok(Self::from_store_path_name(store_path_name)?)
}
pub fn from_store_path_name(store_path_name: String) -> Result<Self, String> {
let (hash, name) = store_path_name
.split_once("-")
.ok_or_else(|| String::from("Failed splitting store path name for hash and name"))?;
Ok(Self {
hash: hash.to_string(),
name: name.to_string(),
})
}
pub fn to_prometheus_metric(self, infix: String) -> Result<String, String> {
return Ok(format!("nixos_{}_hash{{hash=\"{}\"}} 1\nnixos_{}_name{{name=\"{}\"}} 1\n", infix, self.hash, infix, self.name));
}
}