Skip to content

Instantly share code, notes, and snippets.

@mbakke

mbakke/zac.scm

Last active February 23, 2025 09:56
Show Gist options
  • Save mbakke/bae11462a5a9c84ea27218f340d14999 to your computer and use it in GitHub Desktop.
Save mbakke/bae11462a5a9c84ea27218f340d14999 to your computer and use it in GitHub Desktop.
Download ZIP
zabbix-auto-config config
Raw
zac.scm
(use-modules (gnu) (gnu system nss)
(guix packages)
(guix utils)
(gnu services shepherd)
(uio services monitoring))
(use-package-modules databases monitoring)
(use-service-modules databases monitoring networking web)
(define %zac-configuration-directory
(local-file "zac-config" #:recursive? #t))
(define %timezone "Europe/Oslo")
(define create-databases-script
(with-imported-modules '((guix build utils))
(program-file
"create-databases"
#~(begin
(use-modules ((guix build utils)))
(setenv "PATH" "/run/setuid-programs:/run/current-system/profile/bin")
;; It is possible this service gets started twice. That does not work
;; well, so stop early in that case.
(if (file-exists? "/tmp/create-databases.done")
(exit)
(call-with-output-file "/tmp/create-databases.done"
(const #t)))
;; Add password authentication. Do not do this with actual secrets
;; because this information ends up world-readable in the store).
(invoke "sudo" "-u" "postgres" "psql" "-c"
"ALTER ROLE zabbix WITH PASSWORD 'zabbix';")
(invoke "sudo" "-u" "postgres" "psql" "-c"
"ALTER ROLE \"zabbix-auto-config\" WITH PASSWORD 'zac';")
;; Create initial schemas.
(for-each (lambda (schema)
(invoke "sudo" "-u" "zabbix" "psql"
"-f" (string-append #$zabbix-server:schema
"/database/postgresql/"
schema ".sql")
"zabbix"))
'("schema" "images" "data"))
(invoke "sudo" "-u" "zabbix-auto-config" "psql" "zabbix-auto-config"
"-c" "CREATE TABLE IF NOT EXISTS HOSTS ( data jsonb ); \
CREATE TABLE IF NOT EXISTS hosts_source ( data jsonb );")))))
(define %create-databases-service
(simple-service 'create-databases shepherd-root-service-type
(list (shepherd-service
(provision '(create-databases))
(requirement '(postgres-roles))
(start #~(make-forkexec-constructor
(list #$create-databases-script)
#:log-file "/var/log/create-databases.log"))
(stop #~(const #t))
(respawn? #f)
(one-shot? #t)))))
(define postgresql/fixed
(package/inherit postgresql-13
(arguments
(substitute-keyword-arguments (package-arguments postgresql-13)
((#:phases phases)
`(modify-phases ,phases
(add-after 'unpack 'use-/var/run
(lambda _
;; Mimic Guix commit 86cf4c0396 which is not on master yet,
;; but some services have been updated for it...
(substitute* "src/include/pg_config_manual.h"
(("DEFAULT_PGSOCKET_DIR[^\n]*")
"DEFAULT_PGSOCKET_DIR \"/var/run/postgresql\""))))))))))
(operating-system
(host-name "bar")
(timezone %timezone)
(locale "nb_NO.utf8")
(kernel-arguments (cons "console=ttyS0" %default-kernel-arguments))
(bootloader (bootloader-configuration
(bootloader grub-bootloader)
(target "/dev/sda")))
(file-systems (cons (file-system
(device "/dev/sda1")
(mount-point "/")
(type "ext4"))
%base-file-systems))
(users %base-user-accounts)
;; Install zac and zabbix-cli to the system profile for easy testing.
(packages (append (map specification->package
'("zabbix-auto-config" "zabbix-cli"))
%base-packages))
(services
(append (list (service dhcp-client-service-type)
(service postgresql-service-type
(postgresql-configuration
(postgresql postgresql/fixed)))
(service postgresql-role-service-type)
%create-databases-service
(service php-fpm-service-type
(php-fpm-configuration
(timezone %timezone)))
(service zabbix-front-end-service-type
(zabbix-front-end-configuration
(db-password "zabbix")))
(service zabbix-server-service-type
(zabbix-server-configuration
(db-password "zabbix")))
(service zabbix-agent-service-type)
(service zabbix-auto-config-service-type
(zabbix-auto-config-configuration
(requirement '(networking create-databases))
(directory %zac-configuration-directory))))
%base-services)))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment