talexander/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

nixos/prometheus-exporters/fastly: fix secret handling (#370898)

Browse Source
This commit is contained in:
Martin Weinelt 2025-01-04 18:00:17 +01:00 committed by GitHub
commit a1945f760a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
nixos/modules/services/monitoring/prometheus/exporters/fastly.nix
View File

@ -31,18 +31,17 @@ in
''; '';
}; };
tokenPath = mkOption { environmentFile = mkOption {
type = path; type = path;
description = '' description = ''
A run-time path to the token file, which is supposed to be provisioned An environment file containg at least the FASTLY_API_TOKEN= environment
outside of Nix store. variable.
''; '';
}; };
}; };
serviceOpts = { serviceOpts = {
serviceConfig = { serviceConfig = {
LoadCredential = "fastly-api-token:${cfg.tokenPath}"; EnvironmentFile = cfg.environmentFile;
Environment = [ "FASTLY_API_TOKEN=%d/fastly-api-token" ];
ExecStart = escapeSystemdExecArgs ( ExecStart = escapeSystemdExecArgs (
[ [
(getExe pkgs.prometheus-fastly-exporter) (getExe pkgs.prometheus-fastly-exporter)

2
nixos/tests/prometheus-exporters.nix
View File

@ -399,7 +399,7 @@ let
fastly = { fastly = {
exporterConfig = { exporterConfig = {
enable = true; enable = true;
tokenPath = pkgs.writeText "token" "abc123"; environmentFile = pkgs.writeText "fastly-exporter-env" "FASTLY_API_TOKEN=abc123";
}; };
exporterTest = '' exporterTest = ''