Add two complementary features to reduce remote revision cache staleness:
1. Smart local cache: When current system revision matches cached remote
revision, force an immediate cache refresh to check for newer revisions.
2. NATS integration: Share cache updates across hosts via NATS pub/sub.
Hosts publish revision updates when they fetch new data, and subscribe
to receive updates from other hosts. Features include:
- Auto-reconnect with infinite retries
- Graceful fallback when NATS unavailable
- Filtering by flake URL and hostname
New CLI flags:
--flake.nats.enable
--flake.nats.url
--flake.nats.subject
--flake.nats.credentials-file
New NixOS module options under services.prometheus.exporters.nixos.flake.nats
Bumps version to 0.3.0.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The flake collector needs Unix domain sockets to communicate with the
nix daemon. The RestrictAddressFamilies hardening was blocking this.
Also trim trailing newlines from stderr in error messages.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
When running nix flake metadata, nix and git need writable cache
directories. System service users have home set to /var/empty which
is read-only, causing "cannot create directories" errors.
Add StateDirectory and set HOME/XDG_CACHE_HOME environment variables
to /var/lib/nixos-exporter when flake collector is enabled.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The systemd service runs in a sandboxed environment without the usual
PATH. Add nix and git to the service path when flake collector is
enabled so it can run `nix flake metadata` on git+https:// URLs.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
