qbit/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/netbird: fix port conflict on metrics endpoint

Browse Source
This commit is contained in:
TheRealGramdalf 2024-11-18 22:38:40 +00:00
parent 76e882d4e7
commit bfc160a84c
3 changed files with 65 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/doc/manual/release-notes/rl-2411.section.md
View File

@ -36,6 +36,8 @@
- `authelia` has been upgraded to version 4.38. This version brings several features and improvements which are detailed in the [release blog post](https://www.authelia.com/blog/4.38-release-notes/). - `authelia` has been upgraded to version 4.38. This version brings several features and improvements which are detailed in the [release blog post](https://www.authelia.com/blog/4.38-release-notes/).
This release also deprecates some configuration keys which are likely to be removed in version 5.0.0. This release also deprecates some configuration keys which are likely to be removed in version 5.0.0.
- `netbird` has been updated to 0.31.1. This adds a built-in relay server which is not yet supported by the NixOS module, as well as a metrics endpoint for both the management and signal services. The default metrics port for the `signal` service has been changed from `9090` to `9091` to prevent a port conflict with the management server. This can be changed with their respective `metricsPort` as needed. Refer to the [release notes](https://github.com/netbirdio/netbird/releases/tag/v0.31.1) and [this pull request](https://github.com/NixOS/nixpkgs/pull/354032#issuecomment-2480925927) for more information.
- `compressDrv` can compress selected files in a derivation. `compressDrvWeb` compresses files for common web server usage (`.gz` with `zopfli`, `.br` with `brotli`). - `compressDrv` can compress selected files in a derivation. `compressDrvWeb` compresses files for common web server usage (`.gz` with `zopfli`, `.br` with `brotli`).
- [`hardware.display`](#opt-hardware.display.edid.enable) is a new module implementing workarounds for misbehaving monitors - [`hardware.display`](#opt-hardware.display.edid.enable) is a new module implementing workarounds for misbehaving monitors

16
nixos/modules/services/networking/netbird/management.nix
View File

@ -196,6 +196,12 @@ in
description = "Internal port of the management server."; description = "Internal port of the management server.";
}; };
metricsPort = mkOption {
type = port;
default = 9090;
description = "Internal port of the metrics server.";
};
extraOptions = mkOption { extraOptions = mkOption {
type = listOf str; type = listOf str;
default = [ ]; default = [ ];
@ -360,6 +366,13 @@ in
} }
]; ];
assertions = [
{
assertion = cfg.port != cfg.metricsPort;
message = "The primary listen port cannot be the same as the listen port for the metrics endpoint";
}
];
systemd.services.netbird-management = { systemd.services.netbird-management = {
description = "The management server for Netbird, a wireguard VPN"; description = "The management server for Netbird, a wireguard VPN";
documentation = [ "https://netbird.io/docs/" ]; documentation = [ "https://netbird.io/docs/" ];
@ -387,6 +400,9 @@ in
# Port to listen on # Port to listen on
"--port" "--port"
cfg.port cfg.port
# Port the internal prometheus server listens on
"--metrics-port"
cfg.metricsPort
# Log to stdout # Log to stdout
"--log-file" "--log-file"
"console" "console"

39
nixos/modules/services/networking/netbird/signal.nix
View File

@ -15,7 +15,12 @@ let
mkOption mkOption
; ;
inherit (lib.types) enum port str; inherit (lib.types)
listOf
enum
port
str
;
inherit (utils) escapeSystemdExecArgs; inherit (utils) escapeSystemdExecArgs;
@ -41,6 +46,20 @@ in
description = "Internal port of the signal server."; description = "Internal port of the signal server.";
}; };
metricsPort = mkOption {
type = port;
default = 9091;
description = "Internal port of the metrics server.";
};
extraOptions = mkOption {
type = listOf str;
default = [ ];
description = ''
Additional options given to netbird-signal as commandline arguments.
'';
};
logLevel = mkOption { logLevel = mkOption {
type = enum [ type = enum [
"ERROR" "ERROR"
@ -54,24 +73,38 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
assertions = [
{
assertion = cfg.port != cfg.metricsPort;
message = "The primary listen port cannot be the same as the listen port for the metrics endpoint";
}
];
systemd.services.netbird-signal = { systemd.services.netbird-signal = {
after = [ "network.target" ]; after = [ "network.target" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {
ExecStart = escapeSystemdExecArgs [ ExecStart = escapeSystemdExecArgs (
[
(getExe' cfg.package "netbird-signal") (getExe' cfg.package "netbird-signal")
"run" "run"
# Port to listen on # Port to listen on
"--port" "--port"
cfg.port cfg.port
# Port the internal prometheus server listens on
"--metrics-port"
cfg.metricsPort
# Log to stdout # Log to stdout
"--log-file" "--log-file"
"console" "console"
# Log level # Log level
"--log-level" "--log-level"
cfg.logLevel cfg.logLevel
]; ]
++ cfg.extraOptions
);
Restart = "always"; Restart = "always";
RuntimeDirectory = "netbird-mgmt"; RuntimeDirectory = "netbird-mgmt";