Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

nixos-healthchecks

nixos-healthchecks provide NixOS-Options to verify if your services are running correctly.

healthchecks.http.nextcloud = {
  url = "https://example.com/login";
  expectedContent = "Login";
};
services.nextcloud = { ... };

Than run

  nix run .#healthchecks

Installation

To use these options, add to your flake inputs:

nixos-healthchecks.url = "github:mrVanDalo/nixos-healthchecks";

and inside the mkFlake:

imports = [
  inputs.nixos-healthchecks.flakeModule
  inputs.nixos-healthchecks.nixosModules.default
];

Run nix flake lock and you're set.

Options

healthchecks.closed

Verify that specified ports are closed for specific network interfaces. Port verification is performed using rustscan, which checks if the ports are unreachable from the network.

Type: attribute set of (submodule)

Default: { }

Example:

{
  public = {
    host = "example.com";
    ports = {
      arr = [
        7878
        8989
        8686
      ];
      synthing-gui = [
        8384
      ];
    };
  };
}

Declared by:

healthchecks.closed.<name>.host

The target host address to scan with rustscan.

Type: string

Example: "example.com"

Declared by:

healthchecks.closed.<name>.ports

A mapping of service names to lists of port numbers that should be verified as closed. Each port in these lists will be checked to ensure it is not accessible.

Type: attribute set of list of signed integer

Default: { }

Example:

{
  ports = {
    arr = [
      7878
      8989
      8686
    ];
    synthing-gui = [
      8384
    ];
  };
}

Declared by:

healthchecks.config.max-jobs

How many test jobs should run at the same time

Type: signed integer

Default: 6

Declared by:

healthchecks.http

Run curl commands to verify if response code is as expected and expectedContent is part of the body.

Type: attribute set of (submodule)

Default: { }

Example:

{
  github = {
    expectedContent = "GitHub";
    url = "https://github.com";
  };
}

Declared by:

healthchecks.http.<name>.expectedContent

Expected string in the response body.

Type: null or string

Default: null

Declared by:

healthchecks.http.<name>.headers

HTTP Headers

Type: attribute set of string

Default: { }

Example:

{
  Host = "example.com";
}

Declared by:

healthchecks.http.<name>.notExpectedContent

Not expected string in the response body.

Type: null or string

Default: null

Declared by:

healthchecks.http.<name>.responseCode

Expected response code

Type: signed integer

Default: 200

Declared by:

healthchecks.http.<name>.url

URL to analyze.

Type: string

Declared by:

healthchecks.localCommands

Command to run on local machine to test remote server. exit code 0 will result in success all other exit codes will result in failure

Type: attribute set of absolute path

Default: { }

Example:

{
  ping-wireguard = pkgs.writers.writeBash "ping-wireguard" ''
    # ping this machine via wireguard network
    ping -c 1 -W 5 10.5.23.42
  '';
  ping-tinc = pkgs.writers.writeBash "ping-tinc" ''
    # ping this machine via tinc vpn
    ping -c 1 -W 5 10.5.23.42
  '';
};

Declared by: