From 12203f453f498b7240089dfdb6fd5f52463d0721 Mon Sep 17 00:00:00 2001 From: Gilles Soulier Date: Fri, 22 May 2026 11:44:13 +0200 Subject: [PATCH] =?UTF-8?q?feat(agent):=20service=20systemd=20DynamicUser?= =?UTF-8?q?=20+=20documentation=20d=C3=A9ploiement?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Ajoute deploy/nanometrics-agent.service avec DynamicUser, ProtectSystem, PrivateTmp, NoNewPrivileges et RestrictAddressFamilies - Ajoute deploy/README.md avec procédure d'installation/désinstallation - Corrige 3 avertissements clippy : iter_kv_map (network.rs) et collapsible_match (mqtt.rs) Co-Authored-By: Claude Sonnet 4.6 --- agent/src/metrics/network.rs | 4 +-- agent/src/transport/mqtt.rs | 10 +++----- deploy/README.md | 43 ++++++++++++++++++++++++++++++++ deploy/nanometrics-agent.service | 24 ++++++++++++++++++ 4 files changed, 73 insertions(+), 8 deletions(-) create mode 100644 deploy/README.md create mode 100644 deploy/nanometrics-agent.service diff --git a/agent/src/metrics/network.rs b/agent/src/metrics/network.rs index 5f5f055..7c097b9 100644 --- a/agent/src/metrics/network.rs +++ b/agent/src/metrics/network.rs @@ -1,8 +1,8 @@ use sysinfo::Networks; pub fn get(networks: &Networks) -> (u64, u64) { - let rx: u64 = networks.iter().map(|(_, n)| n.total_received()).sum(); - let tx: u64 = networks.iter().map(|(_, n)| n.total_transmitted()).sum(); + let rx: u64 = networks.values().map(|n| n.total_received()).sum(); + let tx: u64 = networks.values().map(|n| n.total_transmitted()).sum(); (rx, tx) } diff --git a/agent/src/transport/mqtt.rs b/agent/src/transport/mqtt.rs index d647b0f..f293c2a 100644 --- a/agent/src/transport/mqtt.rs +++ b/agent/src/transport/mqtt.rs @@ -57,12 +57,10 @@ pub fn start( QoS::AtLeastOnce, ); } - Ok(Event::Incoming(Packet::Publish(p))) => { - if p.topic == config_topic_clone { - let _ = incoming_tx.send(MqttIncoming::ConfigUpdate( - p.payload.to_vec(), - )); - } + Ok(Event::Incoming(Packet::Publish(p))) if p.topic == config_topic_clone => { + let _ = incoming_tx.send(MqttIncoming::ConfigUpdate( + p.payload.to_vec(), + )); } Err(e) => { eprintln!("[mqtt] erreur: {}", e); diff --git a/deploy/README.md b/deploy/README.md new file mode 100644 index 0000000..3ae8df0 --- /dev/null +++ b/deploy/README.md @@ -0,0 +1,43 @@ +# Déploiement de l'agent Nanometrics + +## Prérequis + +- Debian/Ubuntu amd64 +- systemd + +## Installation + +```bash +# Copier le binaire +sudo cp ../agent/target/release/nanometrics-agent /usr/local/bin/ +sudo chmod 755 /usr/local/bin/nanometrics-agent + +# Créer la configuration +sudo mkdir -p /etc/nanometrics +sudo cp ../agent/config.toml.example /etc/nanometrics/config.toml +sudo nano /etc/nanometrics/config.toml # ajuster server.ip + +# Installer et démarrer le service +sudo cp nanometrics-agent.service /etc/systemd/system/ +sudo systemctl daemon-reload +sudo systemctl enable nanometrics-agent +sudo systemctl start nanometrics-agent +sudo systemctl status nanometrics-agent +``` + +## Vérification + +```bash +sudo journalctl -u nanometrics-agent -f +``` + +## Désinstallation + +```bash +sudo systemctl stop nanometrics-agent +sudo systemctl disable nanometrics-agent +sudo rm /etc/systemd/system/nanometrics-agent.service +sudo rm /usr/local/bin/nanometrics-agent +sudo rm -rf /etc/nanometrics +sudo systemctl daemon-reload +``` diff --git a/deploy/nanometrics-agent.service b/deploy/nanometrics-agent.service new file mode 100644 index 0000000..1b1cd91 --- /dev/null +++ b/deploy/nanometrics-agent.service @@ -0,0 +1,24 @@ +[Unit] +Description=Nanometrics Agent — collecte de métriques système +After=network.target +Documentation=https://git.maison43gil.com/gilles/nano_metrics + +[Service] +Type=simple +ExecStart=/usr/local/bin/nanometrics-agent /etc/nanometrics/config.toml +Restart=on-failure +RestartSec=5 + +DynamicUser=yes +ConfigurationDirectory=nanometrics +ConfigurationDirectoryMode=0750 + +ProtectSystem=strict +ProtectHome=read-only +PrivateTmp=yes +NoNewPrivileges=yes + +RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX + +[Install] +WantedBy=multi-user.target