mynix/system
1
1
Fork 0
Code Issues Pull requests Activity

loki #23

Merged
pleshevskiy merged 2 commits from loki into main 2025-02-04 23:35:48 +03:00
Conversation 0 Commits 2 Files changed 14 +57 -29
8 changed files with 57 additions and 29 deletions
Showing only changes of commit 89e8823e63 - Show all commits

BIN
.agenix_config.nix
View file

Binary file not shown.

1
flake.nix
View file

@ -133,6 +133,7 @@
usersPath = ./users; usersPath = ./users;
hostsPath = ./hosts; hostsPath = ./hosts;
packagesPath = ./packages; packagesPath = ./packages;
sharedPath = ./shared;
} // specialArgs; } // specialArgs;
modules = modules =

16
hosts/istal/services/prometheus.nix
View file

@ -1,17 +1,5 @@
{ config, ... }: { sharedPath, ... }:
{ {
services.prometheus.exporters.node = { imports = [ (sharedPath + "/prometheus/node.nix") ];
enable = true;
port = 40000;
# https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/exporters.nix
enabledCollectors = [ "systemd" ];
# /nix/store/zgsw0yx18v10xa58psanfabmg95nl2bb-node_exporter-1.8.1/bin/node_exporter --help
extraFlags = [ "--collector.ethtool" "--collector.softirqs" "--collector.tcpstat" "--collector.wifi" ];
};
networking.firewall.allowedTCPPorts = [
config.services.prometheus.exporters.node.port
];
} }

19
hosts/tatos/services/prometheus.nix
View file

@ -1,4 +1,4 @@
{ config, ... }: { config, sharedPath, ... }:
let let
nodeExporterPort = 40000; nodeExporterPort = 40000;
@ -10,26 +10,14 @@ let
}; };
in in
{ {
imports = [ (sharedPath + "/prometheus/node.nix") ];
age.secrets.prometheus-basicauth-password = { age.secrets.prometheus-basicauth-password = {
file = ./prometheus-basicauth-password.age; file = ./prometheus-basicauth-password.age;
owner = "prometheus"; owner = "prometheus";
group = "prometheus"; group = "prometheus";
}; };
services.prometheus.exporters.node = {
enable = true;
port = nodeExporterPort;
# https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/exporters.nix
enabledCollectors = [ "systemd" ];
# /nix/store/zgsw0yx18v10xa58psanfabmg95nl2bb-node_exporter-1.8.1/bin/node_exporter --help
extraFlags = [
"--collector.ethtool"
"--collector.softirqs"
"--collector.tcpstat"
"--collector.wifi"
];
};
# https://wiki.nixos.org/wiki/Prometheus # https://wiki.nixos.org/wiki/Prometheus
# https://nixos.org/manual/nixos/stable/#module-services-prometheus-exporters-configuration # https://nixos.org/manual/nixos/stable/#module-services-prometheus-exporters-configuration
# https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/default.nix # https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/default.nix
@ -41,6 +29,7 @@ in
scrapeConfigs = [ scrapeConfigs = [
{ {
job_name = "node_dev"; job_name = "node_dev";
inherit basic_auth;
static_configs = [ static_configs = [
{ {
targets = [ targets = [

15
shared/prometheus/nginx.nix Normal file
View file

@ -0,0 +1,15 @@
{ ... }:
{
imports = [ ./web-config.nix ];
services.prometheus.exporters.nginx = {
enable = true;
port = 40001;
sslVerify = true;
openFirewall = true;
};
services.nginx.statusPage = true;
}

18
shared/prometheus/node.nix Normal file
View file

@ -0,0 +1,18 @@
{ ... }:
{
imports = [ ./web-config.nix ];
services.prometheus.exporters.node = {
enable = true;
port = 40000;
openFirewall = true;
enabledCollectors = [ "systemd" ];
extraFlags = [
"--collector.ethtool"
"--collector.softirqs"
"--collector.tcpstat"
"--collector.wifi"
];
};
}

17
shared/prometheus/web-config.nix Normal file
View file

@ -0,0 +1,17 @@
{ config, lib, ... }:
let
webConfigFileFlag = "--web.config.file=${config.age.secrets.prometheus-web-config.path}";
extraFlags = lib.mkAfter [webConfigFileFlag];
in
{
age.secrets.prometheus-web-config = {
file = ./web-config.yml.age;
mode = "444";
};
services.prometheus.exporters = {
node = { inherit extraFlags; };
nginx = { inherit extraFlags; };
};
}

BIN
shared/prometheus/web-config.yml.age Normal file
View file

Binary file not shown.