diff options
| author | Max Audron <audron@cocaine.farm> | 2025-08-01 00:47:20 +0200 |
|---|---|---|
| committer | Max Audron <audron@cocaine.farm> | 2025-08-01 00:47:20 +0200 |
| commit | 4e6b076f1e629670229e6e3c53e43f818f4f2d62 (patch) | |
| tree | f960e0cf45d2f00d5128d10db8ef73164eb11dbd /modules | |
| parent | update garage to 2.0 (diff) | |
more monitoring & scrape config shortcuts
Diffstat (limited to '')
| -rw-r--r-- | modules/bgp/default.nix | 6 | ||||
| -rw-r--r-- | modules/monitoring/default.nix | 70 | ||||
| -rw-r--r-- | modules/monitoring/node-exporter.nix | 12 | ||||
| -rw-r--r-- | modules/postgresql/default.nix | 2 | ||||
| -rw-r--r-- | modules/powerdns/default.nix | 6 | ||||
| -rw-r--r-- | modules/zfs/default.nix | 10 |
6 files changed, 40 insertions, 66 deletions
diff --git a/modules/bgp/default.nix b/modules/bgp/default.nix index 5a726b6..c551ee8 100644 --- a/modules/bgp/default.nix +++ b/modules/bgp/default.nix @@ -86,4 +86,10 @@ ! ''; }; + + services.prometheus.exporters.frr = { + enable = false; + enabledCollectors = [ "BGP" ]; + disabledCollectors = [ "OSPFv4" "BFD" "Route" ]; + }; } diff --git a/modules/monitoring/default.nix b/modules/monitoring/default.nix index 05ca338..afcffa5 100644 --- a/modules/monitoring/default.nix +++ b/modules/monitoring/default.nix @@ -1,7 +1,9 @@ { self, config, lib, pkgs, ... }: with self.lib.nginx; -{ +with self.lib.mon; +let exp = config.services.prometheus.exporters; +in { services.prometheus = { enable = true; enableReload = true; @@ -10,70 +12,32 @@ with self.lib.nginx; listenAddress = "10.10.0.1"; webExternalUrl = "https://prometheus.vapor.systems"; - exporters = { - postgres = { - enable = true; - }; - }; - globalConfig = { scrape_interval = "10s"; }; scrapeConfigs = [ - { - job_name = "node"; - static_configs = [ - { targets = [ "ettves:${toString config.services.prometheus.exporters.node.port}" ]; } - { targets = [ "phaenn:${toString config.services.prometheus.exporters.node.port}" ]; } - ]; - } - { - job_name = "zfs"; - static_configs = [ - { targets = [ "ettves:${toString config.services.prometheus.exporters.zfs.port}" ]; } - { targets = [ "phaenn:${toString config.services.prometheus.exporters.zfs.port}" ]; } - ]; - } - { - job_name = "smartctl"; - static_configs = [ - { targets = [ "ettves:${toString config.services.prometheus.exporters.smartctl.port}" ]; } - { targets = [ "phaenn:${toString config.services.prometheus.exporters.smartctl.port}" ]; } - ]; - } - { - job_name = "postgres"; - static_configs = [ - { targets = [ "ettves:${toString config.services.prometheus.exporters.postgres.port}" ]; } - ]; - } - { - job_name = "nginx"; - static_configs = [ - { targets = [ "ettves:${toString config.services.prometheus.exporters.nginx.port}" ]; } - { targets = [ "phaenn:${toString config.services.prometheus.exporters.nginx.port}" ]; } - ]; - } - { - job_name = "quassel"; - static_configs = [ - { targets = [ "localhost:${toString config.services.quassel.settings.metrics.port}" ]; } - ]; - } + (mkScrapeConfig "node" [ "ettves" "phaenn" "fra01" "nyc01" "sin01" ] exp.node.port) + (mkScrapeConfig "zfs" [ "ettves" "phaenn" ] exp.zfs.port) + (mkScrapeConfig "smartctl" [ "ettves" "phaenn" ] exp.smartctl.port) + (mkScrapeConfig "nginx" [ "ettves" "phaenn" "fra01" "nyc01" "sin01" ] exp.nginx.port) + + (mkScrapeConfig "postgres" [ "ettves" ] exp.postgres.port) + (mkScrapeConfig "quassel" [ "localhost" ] config.services.quassel.settings.metrics.port) + { job_name = "authentik"; static_configs = [ - { targets = [ "ettves:9300" ]; } - { targets = [ "ettves:9303" ]; } - { targets = [ "ettves:9304" ]; } + { targets = [ "ettves:9300" "ettves:9303" "ettves:9304" ]; } ]; + relabel_configs = relabelConfig; } + + (mkScrapeConfig "garage" [ "fra01" "nyc01" "sin01" ] 3903) + (mkScrapeConfig "pdns" [ "ettves" "fra01" "nyc01" "sin01" ] 8081) ]; }; - services.nginx.statusPage = true; - services.udev.extraRules = '' SUBSYSTEM=="nvme", KERNEL=="nvme[0-9]*", GROUP="disk" ''; @@ -87,7 +51,7 @@ with self.lib.nginx; services.nginx = { enable = true; virtualHosts = { - "prometheus.vapor.systems" = (proxyDomain "vapor.systems" "http://10.10.0.1:9090/"); + "prometheus.vapor.systems" = (proxyDomainAuth "vapor.systems" "http://10.10.0.1:9090/"); }; }; } diff --git a/modules/monitoring/node-exporter.nix b/modules/monitoring/node-exporter.nix index 1b7481d..7508953 100644 --- a/modules/monitoring/node-exporter.nix +++ b/modules/monitoring/node-exporter.nix @@ -9,23 +9,11 @@ with self.lib.nginx; enabledCollectors = [ "systemd" ]; }; - zfs = { - enable = true; - }; - nginx = { enable = true; }; - - smartctl = { - enable = true; - }; }; }; services.nginx.statusPage = true; - - services.udev.extraRules = '' - SUBSYSTEM=="nvme", KERNEL=="nvme[0-9]*", GROUP="disk" - ''; } diff --git a/modules/postgresql/default.nix b/modules/postgresql/default.nix index 0e6d372..20c1906 100644 --- a/modules/postgresql/default.nix +++ b/modules/postgresql/default.nix @@ -29,4 +29,6 @@ listen_addresses = lib.mkForce "127.0.0.1,10.10.0.1,::1"; }; }; + + services.prometheus.exporters.postgres.enable = true; } diff --git a/modules/powerdns/default.nix b/modules/powerdns/default.nix index 5a920ec..cce4abb 100644 --- a/modules/powerdns/default.nix +++ b/modules/powerdns/default.nix @@ -19,7 +19,7 @@ let local-address = 0.0.0.0 [::] primary = yes webserver = yes - webserver-address = 10.10.0.1 + webserver-address = 0.0.0.0 webserver-allow-from = 10.0.0.0/8,127.0.0.0/8 api-key = $PDNS_API_KEY ''; @@ -44,6 +44,10 @@ let secondary = yes allow-notify-from = 10.10.0.1/32 + + webserver = yes + webserver-address = 0.0.0.0 + webserver-allow-from = 10.0.0.0/8,127.0.0.0/8 ''; in { diff --git a/modules/zfs/default.nix b/modules/zfs/default.nix index 75018ea..ac28159 100644 --- a/modules/zfs/default.nix +++ b/modules/zfs/default.nix @@ -15,6 +15,16 @@ autoScrub.pools = [ "rpool" ]; }; + services.prometheus.exporters = { + zfs.enable = true; + smartctl.enable = true; + }; + + # For allowing smartctl prometheus exporter access to nvme disks + services.udev.extraRules = '' + SUBSYSTEM=="nvme", KERNEL=="nvme[0-9]*", GROUP="disk" + ''; + fileSystems = { "/" = { device = "rpool/root"; |