loki #23
8 changed files with 57 additions and 29 deletions
Binary file not shown.
|
@ -133,6 +133,7 @@
|
||||||
usersPath = ./users;
|
usersPath = ./users;
|
||||||
hostsPath = ./hosts;
|
hostsPath = ./hosts;
|
||||||
packagesPath = ./packages;
|
packagesPath = ./packages;
|
||||||
|
sharedPath = ./shared;
|
||||||
} // specialArgs;
|
} // specialArgs;
|
||||||
|
|
||||||
modules =
|
modules =
|
||||||
|
|
|
@ -1,17 +1,5 @@
|
||||||
{ config, ... }:
|
{ sharedPath, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
services.prometheus.exporters.node = {
|
imports = [ (sharedPath + "/prometheus/node.nix") ];
|
||||||
enable = true;
|
|
||||||
port = 40000;
|
|
||||||
# https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/exporters.nix
|
|
||||||
enabledCollectors = [ "systemd" ];
|
|
||||||
# /nix/store/zgsw0yx18v10xa58psanfabmg95nl2bb-node_exporter-1.8.1/bin/node_exporter --help
|
|
||||||
extraFlags = [ "--collector.ethtool" "--collector.softirqs" "--collector.tcpstat" "--collector.wifi" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [
|
|
||||||
config.services.prometheus.exporters.node.port
|
|
||||||
];
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ config, ... }:
|
{ config, sharedPath, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
nodeExporterPort = 40000;
|
nodeExporterPort = 40000;
|
||||||
|
@ -10,26 +10,14 @@ let
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
imports = [ (sharedPath + "/prometheus/node.nix") ];
|
||||||
|
|
||||||
age.secrets.prometheus-basicauth-password = {
|
age.secrets.prometheus-basicauth-password = {
|
||||||
file = ./prometheus-basicauth-password.age;
|
file = ./prometheus-basicauth-password.age;
|
||||||
owner = "prometheus";
|
owner = "prometheus";
|
||||||
group = "prometheus";
|
group = "prometheus";
|
||||||
};
|
};
|
||||||
|
|
||||||
services.prometheus.exporters.node = {
|
|
||||||
enable = true;
|
|
||||||
port = nodeExporterPort;
|
|
||||||
# https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/exporters.nix
|
|
||||||
enabledCollectors = [ "systemd" ];
|
|
||||||
# /nix/store/zgsw0yx18v10xa58psanfabmg95nl2bb-node_exporter-1.8.1/bin/node_exporter --help
|
|
||||||
extraFlags = [
|
|
||||||
"--collector.ethtool"
|
|
||||||
"--collector.softirqs"
|
|
||||||
"--collector.tcpstat"
|
|
||||||
"--collector.wifi"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
# https://wiki.nixos.org/wiki/Prometheus
|
# https://wiki.nixos.org/wiki/Prometheus
|
||||||
# https://nixos.org/manual/nixos/stable/#module-services-prometheus-exporters-configuration
|
# https://nixos.org/manual/nixos/stable/#module-services-prometheus-exporters-configuration
|
||||||
# https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/default.nix
|
# https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/default.nix
|
||||||
|
@ -41,6 +29,7 @@ in
|
||||||
scrapeConfigs = [
|
scrapeConfigs = [
|
||||||
{
|
{
|
||||||
job_name = "node_dev";
|
job_name = "node_dev";
|
||||||
|
inherit basic_auth;
|
||||||
static_configs = [
|
static_configs = [
|
||||||
{
|
{
|
||||||
targets = [
|
targets = [
|
||||||
|
|
15
shared/prometheus/nginx.nix
Normal file
15
shared/prometheus/nginx.nix
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [ ./web-config.nix ];
|
||||||
|
|
||||||
|
services.prometheus.exporters.nginx = {
|
||||||
|
enable = true;
|
||||||
|
port = 40001;
|
||||||
|
sslVerify = true;
|
||||||
|
openFirewall = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.statusPage = true;
|
||||||
|
|
||||||
|
}
|
18
shared/prometheus/node.nix
Normal file
18
shared/prometheus/node.nix
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports = [ ./web-config.nix ];
|
||||||
|
|
||||||
|
services.prometheus.exporters.node = {
|
||||||
|
enable = true;
|
||||||
|
port = 40000;
|
||||||
|
openFirewall = true;
|
||||||
|
enabledCollectors = [ "systemd" ];
|
||||||
|
extraFlags = [
|
||||||
|
"--collector.ethtool"
|
||||||
|
"--collector.softirqs"
|
||||||
|
"--collector.tcpstat"
|
||||||
|
"--collector.wifi"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
}
|
17
shared/prometheus/web-config.nix
Normal file
17
shared/prometheus/web-config.nix
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
{ config, lib, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
webConfigFileFlag = "--web.config.file=${config.age.secrets.prometheus-web-config.path}";
|
||||||
|
extraFlags = lib.mkAfter [webConfigFileFlag];
|
||||||
|
in
|
||||||
|
{
|
||||||
|
age.secrets.prometheus-web-config = {
|
||||||
|
file = ./web-config.yml.age;
|
||||||
|
mode = "444";
|
||||||
|
};
|
||||||
|
|
||||||
|
services.prometheus.exporters = {
|
||||||
|
node = { inherit extraFlags; };
|
||||||
|
nginx = { inherit extraFlags; };
|
||||||
|
};
|
||||||
|
}
|
BIN
shared/prometheus/web-config.yml.age
Normal file
BIN
shared/prometheus/web-config.yml.age
Normal file
Binary file not shown.
Loading…
Add table
Reference in a new issue