mirror/NetAlertX
1
0
Fork 0
mirror of https://github.com/jokob-sk/NetAlertX.git synced 2026-02-08 22:11:17 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
NetAlertX/install/nix/flake.nix
jokob-sk 76d37edc63 jokob-sk/netalertx -> netalertx/netalertx 
Signed-off-by: jokob-sk <jokob.sk@gmail.com>
2026-02-04 21:21:05 +11:00

95 lines
3.1 KiB
Nix
Raw Permalink Blame History

{
description = "NixOS module for NetAlertX network monitoring";
outputs = { self }: {
nixosModules.default = { config, lib, ... }:
with lib;
let
cfg = config.services.netalertx;
in {
options.services.netalertx = {
enable = mkEnableOption "netalertx";
port = mkOption {
type = types.port;
default = 20211;
description = "Port to listen on for web gui";
};
graphqlPort = mkOption {
type = types.port;
default = 20212;
description = "Port to listen on for GraphQL requests";
};
puid = mkOption {
type = types.int;
default = 20211;
description = "PUID to run the app";
};
pgid = mkOption {
type = types.int;
default = 20211;
description = "PGID to run the app";
};
imageTag = mkOption {
type = types.str;
default = "26.1.17";
description = "Image tag to run";
};
backendApiUrl = mkOption {
type = types.str;
default = "http://localhost:${toString cfg.graphqlPort}";
description = "URL to use when accessing GraphQL server";
};
};
config = mkIf cfg.enable {
users.users.netalertx = {
isSystemUser = true;
group = "netalertx";
uid = cfg.puid;
};
users.groups.netalertx = {
gid = cfg.pgid;
};
systemd.tmpfiles.rules = [
"d /var/lib/netalertx 0755 ${toString cfg.puid} ${toString cfg.pgid} -"
"d /var/lib/netalertx/db 0755 ${toString cfg.puid} ${toString cfg.pgid} -"
"d /var/lib/netalertx/config 0755 ${toString cfg.puid} ${toString cfg.pgid} -"
];
virtualisation.oci-containers = {
containers = {
netalertx = {
image = "ghcr.io/netalertx/netalertx:${cfg.imageTag}";
autoStart = true;
extraOptions = [
"--network=host"
"--cap-drop=ALL"
"--cap-add=NET_ADMIN"
"--cap-add=NET_RAW"
"--cap-add=NET_BIND_SERVICE"
"--cap-add=CHOWN"
"--cap-add=SETUID"
"--cap-add=SETGID"
"--read-only"
"--tmpfs=/tmp"
];
volumes = [
"/var/lib/netalertx:/data"
"/etc/localtime:/etc/localtime:ro"
];
environment = {
PUID = toString cfg.puid;
PGID = toString cfg.pgid;
LISTEN_ADDR = "0.0.0.0";
PORT = "${toString cfg.port}";
GRAPHQL_PORT = "${toString cfg.graphqlPort}";
APP_CONF_OVERRIDE = builtins.toJSON { BACKEND_API_URL = cfg.backendApiUrl; };
ALWAYS_FRESH_INSTALL = "false";
NETALERTX_DEBUG = "0";
};
};
};
};
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink