summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--doc/guix.texi75
-rw-r--r--gnu/services/monitoring.scm148
-rw-r--r--gnu/tests/monitoring.scm49
3 files changed, 270 insertions, 2 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index 7304cf5f13..338ff45c39 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -16906,6 +16906,81 @@ Defaults to @samp{()}.
 
 @c %end of fragment
 
+@subsubheading Zabbix front-end
+@cindex zabbix zabbix-front-end
+
+This service provides a WEB interface to Zabbix server.
+
+@c %start of fragment
+
+Available @code{zabbix-front-end-configuration} fields are:
+
+@deftypevr {@code{zabbix-front-end-configuration} parameter} nginx-server-configuration-list nginx
+NGINX configuration.
+
+@end deftypevr
+
+@deftypevr {@code{zabbix-front-end-configuration} parameter} string db-host
+Database host name.
+
+Defaults to @samp{"localhost"}.
+
+@end deftypevr
+
+@deftypevr {@code{zabbix-front-end-configuration} parameter} number db-port
+Database port.
+
+Defaults to @samp{5432}.
+
+@end deftypevr
+
+@deftypevr {@code{zabbix-front-end-configuration} parameter} string db-name
+Database name.
+
+Defaults to @samp{"zabbix"}.
+
+@end deftypevr
+
+@deftypevr {@code{zabbix-front-end-configuration} parameter} string db-user
+Database user.
+
+Defaults to @samp{"zabbix"}.
+
+@end deftypevr
+
+@deftypevr {@code{zabbix-front-end-configuration} parameter} string db-password
+Database password.  Please, use @code{db-secret-file} instead.
+
+Defaults to @samp{""}.
+
+@end deftypevr
+
+@deftypevr {@code{zabbix-front-end-configuration} parameter} string db-secret-file
+Secret file which will be appended to @file{zabbix.conf.php} file.  This
+file contains credentials for use by Zabbix front-end.  You are expected
+to create it manually.
+
+Defaults to @samp{""}.
+
+@end deftypevr
+
+@deftypevr {@code{zabbix-front-end-configuration} parameter} string zabbix-host
+Zabbix server hostname.
+
+Defaults to @samp{"localhost"}.
+
+@end deftypevr
+
+@deftypevr {@code{zabbix-front-end-configuration} parameter} number zabbix-port
+Zabbix server port.
+
+Defaults to @samp{10051}.
+
+@end deftypevr
+
+
+@c %end of fragment
+
 @node Kerberos Services
 @subsubsection Kerberos Services
 @cindex Kerberos
diff --git a/gnu/services/monitoring.scm b/gnu/services/monitoring.scm
index 323c0ace56..18413096e4 100644
--- a/gnu/services/monitoring.scm
+++ b/gnu/services/monitoring.scm
@@ -22,6 +22,7 @@
   #:use-module (gnu services)
   #:use-module (gnu services configuration)
   #:use-module (gnu services shepherd)
+  #:use-module (gnu services web)
   #:use-module (gnu packages admin)
   #:use-module (gnu packages monitoring)
   #:use-module (gnu system shadow)
@@ -29,6 +30,7 @@
   #:use-module (guix packages)
   #:use-module (guix records)
   #:use-module (ice-9 match)
+  #:use-module (ice-9 rdelim)
   #:use-module (srfi srfi-26)
   #:export (darkstat-configuration
             prometheus-node-exporter-configuration
@@ -38,7 +40,10 @@
             zabbix-server-configuration
             zabbix-server-service-type
             zabbix-agent-configuration
-            zabbix-agent-service-type))
+            zabbix-agent-service-type
+            zabbix-front-end-configuration
+            zabbix-front-end-service-type
+            %zabbix-front-end-configuration-nginx))
 
 
 ;;;
@@ -179,6 +184,12 @@ prometheus.")
 (define (serialize-extra-options field-name val)
   (if (null? val) "" (display val)))
 
+(define (nginx-server-configuration-list? val)
+  (and (list? val) (and-map nginx-server-configuration? val)))
+
+(define (serialize-nginx-server-configuration-list field-name val)
+  "")
+
 (define-configuration zabbix-server-configuration
   (zabbix-server
    (package zabbix-server)
@@ -356,7 +367,7 @@ the hosts listed here.")
 proxies for active checks.  If port is not specified, default port is used.
 If this parameter is not specified, active checks are disabled.")
   (extra-options
-   (string "")
+   (extra-options "")
    "Extra options will be appended to Zabbix server configuration file.")
   (include-files
    (include-files '())
@@ -445,3 +456,136 @@ configuration file."))
    `((zabbix-agent-configuration
       ,zabbix-agent-configuration-fields))
    'zabbix-agent-configuration))
+
+(define %zabbix-front-end-configuration-nginx
+  (nginx-server-configuration
+   (root #~(string-append #$zabbix-server:front-end "/share/zabbix/php"))
+   (index '("index.php"))
+   (locations
+    (let ((php-location (nginx-php-location)))
+      (list (nginx-location-configuration
+             (inherit php-location)
+             (body (append (nginx-location-configuration-body php-location)
+                           (list "
+fastcgi_param PHP_VALUE \"post_max_size = 16M
+                          max_execution_time = 300\";
+")))))))))
+
+(define-configuration zabbix-front-end-configuration
+  ;; TODO: Specify zabbix front-end package.
+  ;; (zabbix-
+  ;;  (package zabbix-front-end)
+  ;;  "The zabbix-front-end package.")
+  (nginx
+   (nginx-server-configuration-list
+    (list %zabbix-front-end-configuration-nginx))
+   "NGINX configuration.")
+  (db-host
+   (string "localhost")
+   "Database host name.")
+  (db-port
+   (number 5432)
+   "Database port.")
+  (db-name
+   (string "zabbix")
+   "Database name.")
+  (db-user
+   (string "zabbix")
+   "Database user.")
+  (db-password
+   (string "")
+   "Database password.  Please, use @code{db-secret-file} instead.")
+  (db-secret-file
+   (string "")
+   "Secret file which will be appended to @file{zabbix.conf.php} file.  This
+file contains credentials for use by Zabbix front-end.  You are expected to
+create it manually.")
+  (zabbix-host
+   (string "localhost")
+   "Zabbix server hostname.")
+  (zabbix-port
+   (number 10051)
+   "Zabbix server port."))
+
+(define zabbix-front-end-config
+  (match-lambda
+    (($ <zabbix-front-end-configuration>
+        _ db-host db-port db-name db-user db-password db-secret-file
+        zabbix-host zabbix-port)
+     (mixed-text-file "zabbix.conf.php"
+                      "\
+<?php
+// Zabbix GUI configuration file.
+global $DB;
+
+$DB['TYPE']     = 'POSTGRESQL';
+$DB['SERVER']   = '" db-host "';
+$DB['PORT']     = '" (number->string db-port) "';
+$DB['DATABASE'] = '" db-name "';
+$DB['USER']     = '" db-user "';
+$DB['PASSWORD'] = '" (if (string-null? db-password)
+                         (if (string-null? db-secret-file)
+                             (display "Provide a `db-secret-file' \
+or `db-password' field.
+"
+                                      (current-error-port))
+                             (string-trim-both
+                              (with-input-from-file db-secret-file
+                                read-string)))
+                         (begin
+                           (display "
+Hint: Consider use `db-secret-file' instead of `db-password' and unset
+`db-password' for security in `zabbix-front-end-configuration'.
+")
+                           db-password)) "';
+
+// Schema name. Used for IBM DB2 and PostgreSQL.
+$DB['SCHEMA'] = '';
+
+$ZBX_SERVER      = '" zabbix-host "';
+$ZBX_SERVER_PORT = '" (number->string zabbix-port) "';
+$ZBX_SERVER_NAME = '';
+
+$IMAGE_FORMAT_DEFAULT = IMAGE_FORMAT_PNG;
+"))))
+
+(define %maintenance.inc.php
+  ;; Empty php file to allow us move zabbix-frontend configs to ‘/etc/zabbix’
+  ;; directory.  See ‘install-front-end’ phase in
+  ;; (@ (gnu packages monitoring) zabbix-server) package.
+    "\
+<?php
+")
+
+(define (zabbix-front-end-activation config)
+  "Return the activation gexp for CONFIG."
+  #~(begin
+      (use-modules (guix build utils))
+      (mkdir-p "/etc/zabbix")
+      (call-with-output-file "/etc/zabbix/maintenance.inc.php"
+            (lambda (port)
+              (display #$%maintenance.inc.php port)))
+      (copy-file #$(zabbix-front-end-config config)
+                 "/etc/zabbix/zabbix.conf.php")))
+
+(define zabbix-front-end-service-type
+  (service-type
+   (name 'zabbix-front-end)
+   (extensions
+    (list (service-extension activation-service-type
+                             zabbix-front-end-activation)
+          (service-extension nginx-service-type
+                             zabbix-front-end-configuration-nginx)
+          ;; Make sure php-fpm is instantiated.
+          (service-extension php-fpm-service-type
+                             (const #t))))
+   (default-value (zabbix-front-end-configuration))
+   (description
+    "Run the zabbix-front-end web interface, which allows users to interact
+with Zabbix server.")))
+
+(define (generate-zabbix-front-end-documentation)
+  (generate-documentation
+   `((zabbix-front-end-configuration
+      ,zabbix-front-end-configuration-fields))
+   'zabbix-front-end-configuration))
diff --git a/gnu/tests/monitoring.scm b/gnu/tests/monitoring.scm
index 76a2d3e946..ab72682aed 100644
--- a/gnu/tests/monitoring.scm
+++ b/gnu/tests/monitoring.scm
@@ -20,11 +20,13 @@
 (define-module (gnu tests monitoring)
   #:use-module (gnu packages databases)
   #:use-module (gnu packages monitoring)
+  #:use-module (gnu packages php)
   #:use-module (gnu services)
   #:use-module (gnu services monitoring)
   #:use-module (gnu services networking)
   #:use-module (gnu services databases)
   #:use-module (gnu services shepherd)
+  #:use-module (gnu services web)
   #:use-module (gnu system vm)
   #:use-module (gnu system)
   #:use-module (gnu tests)
@@ -249,6 +251,44 @@ zabbix||{}
              '(file-exists? "/var/run/zabbix/zabbix_agent.pid")
              marionette))
 
+          ;; Wait for php-fpm to be up and running.
+          (test-assert "php-fpm running"
+            (marionette-eval
+             '(begin
+                (use-modules (gnu services herd))
+                (start-service 'php-fpm))
+             marionette))
+
+          ;; Wait for nginx to be up and running.
+          (test-assert "nginx running"
+            (marionette-eval
+             '(begin
+                (use-modules (gnu services herd))
+                (start-service 'nginx))
+             marionette))
+
+          ;; Make sure the PID file is created.
+          (test-assert "nginx PID file"
+            (marionette-eval
+             '(file-exists? "/var/run/nginx/pid")
+             marionette))
+
+          ;; Make sure we can access pages that correspond to our repository.
+          (letrec-syntax ((test-url
+                           (syntax-rules ()
+                             ((_ path code)
+                              (test-equal (string-append "GET " path)
+                                code
+                                (let-values (((response body)
+                                              (http-get (string-append
+                                                         "http://localhost:8080"
+                                                         path))))
+                                  (response-code response))))
+                             ((_ path)
+                              (test-url path 200)))))
+            (test-url "/")
+            (test-url "/does-not-exist" 404))
+
           (test-end)
 
           (exit (= (test-runner-fail-count (test-runner-current)) 0)))))
@@ -261,6 +301,15 @@ zabbix||{}
          (simple-operating-system
           (service dhcp-client-service-type)
           (postgresql-service)
+          (service zabbix-front-end-service-type
+                   (zabbix-front-end-configuration
+                    (db-password "zabbix")))
+
+          (service php-fpm-service-type
+                   (php-fpm-configuration
+                    (timezone "Europe/Paris")
+                    (php php-with-bcmath)))
+
           (service zabbix-server-service-type
                    (zabbix-server-configuration
                     (db-password "zabbix")