RGBCube/ncc
1
Fork 0
mirror of https://github.com/RGBCube/ncc synced 2025-07-30 11:37:44 +00:00
Code Issues Activity

Scrape prometheus exporters over tailscale

Browse source
This commit is contained in:
RGBCube 2024-05-11 23:43:06 +03:00
parent 685a6482ff
commit 9fac8ab7e4
No known key found for this signature in database
8 changed files with 51 additions and 115 deletions
Download patch file Download diff file Expand all files Collapse all files

26
hosts/cube/nextcloud/default.nix
View file

@ -5,8 +5,6 @@ let
fqdn = "cloud.${domain}"; fqdn = "cloud.${domain}";
prometheusPort = 9060;
nextcloudPackage = pkgs.nextcloud28; nextcloudPackage = pkgs.nextcloud28;
in systemConfiguration { in systemConfiguration {
secrets.nextcloudPassword = { secrets.nextcloudPassword = {
@ -18,26 +16,12 @@ in systemConfiguration {
owner = "nextcloud-exporter"; owner = "nextcloud-exporter";
}; };
services.prometheus = { services.prometheus.exporters.nextcloud = enabled {
exporters.nextcloud = enabled { listenAddress = "[::]";
listenAddress = "[::1]";
port = prometheusPort;
username = "admin"; username = "admin";
url = "https://${fqdn}"; url = "https://${fqdn}";
passwordFile = config.secrets.nextcloudExporterPassword.path; passwordFile = config.secrets.nextcloudExporterPassword.path;
};
scrapeConfigs = [{
job_name = "nextcloud";
static_configs = [{
labels.job = "nextcloud";
targets = [
"[::1]:${toString prometheusPort}"
];
}];
}];
}; };
services.postgresql = { services.postgresql = {

20
hosts/cube/nginx.nix
View file

@ -1,27 +1,13 @@
{ lib, pkgs, ... }: with lib; { lib, pkgs, ... }: with lib;
let systemConfiguration {
prometheusPort = 9030;
in systemConfiguration {
networking.firewall = { networking.firewall = {
allowedTCPPorts = [ 443 80 ]; allowedTCPPorts = [ 443 80 ];
allowedUDPPorts = [ 443 ]; allowedUDPPorts = [ 443 ];
}; };
services.prometheus = { services.prometheus.exporters.nginx = enabled {
exporters.nginx = enabled { listenAddress = "[::]";
listenAddress = "[::1]";
port = prometheusPort;
};
scrapeConfigs = [{
job_name = "nginx";
static_configs = [{
labels.job = "nginx";
targets = [ "[::1]:${toString prometheusPort}" ];
}];
}];
}; };
services.nginx = enabled { services.nginx = enabled {

22
hosts/cube/postgresql.nix
View file

@ -1,23 +1,9 @@
{ lib, pkgs, ... }: with lib; merge { lib, pkgs, ... }: with lib; merge
(let (systemConfiguration {
prometheusPort = 9020; services.prometheus.exporters.postgres = enabled {
in systemConfiguration { listenAddress = "[::]";
services.prometheus = { runAsLocalSuperUser = true;
exporters.postgres = enabled {
listenAddress = "[::1]";
port = prometheusPort;
runAsLocalSuperUser = true;
};
scrapeConfigs = [{
job_name = "postgres";
static_configs = [{
labels.job = "postgres";
targets = [ "[::1]:${toString prometheusPort}" ];
}];
}];
}; };
services.postgresql = enabled { services.postgresql = enabled {

37
hosts/cube/prometheus.nix
View file

@ -1,15 +1,11 @@
{ lib, ... }: with lib; { self, config, lib, ... }: with lib;
let systemConfiguration {
port = 9000;
nodeExporterPort = 9010;
in systemConfiguration {
services.grafana.provision.datasources.settings = { services.grafana.provision.datasources.settings = {
datasources = [{ datasources = [{
name = "Prometheus"; name = "Prometheus";
type = "prometheus"; type = "prometheus";
url = "http://[::1]:${toString port}"; url = "http://[::1]:${toString config.services.prometheus.port}";
orgId = 1; orgId = 1;
}]; }];
@ -21,23 +17,20 @@ in systemConfiguration {
}; };
services.prometheus = enabled { services.prometheus = enabled {
inherit port; listenAddress = "[::]";
retentionTime = "1w"; retentionTime = "1w";
exporters.node = enabled { scrapeConfigs = with lib; let
enabledCollectors = [ "processes" "systemd" ]; configToScrapeConfig = name: { config, ... }: pipe config.services.prometheus.exporters [
listenAddress = "[::1]"; (filterAttrs (_: value: value.enable or false))
port = nodeExporterPort; (mapAttrsToList (expName: expConfig: {
}; job_name = "${expName}-${name}";
scrapeConfigs = [{ static_configs = [{
job_name = "node"; targets = [ "${name}:${toString expConfig.port}" ];
}];
static_configs = [{ }))
labels.job = "node"; ];
targets = [ "[::1]:${toString nodeExporterPort}" ]; in flatten (mapAttrsToList configToScrapeConfig self.nixosConfigurations);
}];
}];
}; };
} }

20
hosts/disk/mail/default.nix
View file

@ -4,27 +4,11 @@ let
inherit (config.networking) domain; inherit (config.networking) domain;
fqdn = "mail.${domain}"; fqdn = "mail.${domain}";
prometheusPort = 9040;
in systemConfiguration { in systemConfiguration {
secrets.mailPassword.file = ./password.hash.age; secrets.mailPassword.file = ./password.hash.age;
services.prometheus = { services.prometheus.exporters.postfix = enabled {
exporters.postfix = enabled { listenAddress = "[::]";
listenAddress = "[::1]";
port = prometheusPort;
};
scrapeConfigs = [{
job_name = "postfix";
static_configs = [{
labels.job = "postfix";
targets = [
"[::1]:${toString prometheusPort}"
];
}];
}];
}; };
mailserver = enabled { mailserver = enabled {

19
modules/endlessh-go.nix
View file

@ -2,24 +2,9 @@
let let
fakeSSHPort = 22; fakeSSHPort = 22;
prometheusPort = 9050;
in serverSystemConfiguration { in serverSystemConfiguration {
services.prometheus = { services.prometheus.exporters.endlessh-go = enabled {
exporters.endlessh-go = enabled { listenAddress = "[::]";
listenAddress = "[::1]";
port = prometheusPort;
};
scrapeConfigs = [{
job_name = "endlessh-go";
static_configs = [{
labels.job = "endlessh-go";
targets = [
"[::1]:${toString prometheusPort}"
];
}];
}];
}; };
# `services.endlessh-go.openFirewall` exposes both the Prometheus # `services.endlessh-go.openFirewall` exposes both the Prometheus

8
modules/node-exporter.nix Normal file
View file

@ -0,0 +1,8 @@
{ lib, ... }: with lib;
serverSystemConfiguration {
services.prometheus.exporters.node = enabled {
enabledCollectors = [ "processes" "systemd" ];
listenAddress = "[::]";
};
}

14
options/endlessh-go-exporter-alias.nix
View file

@ -5,8 +5,18 @@
# This works, however. # This works, however.
{ config, lib, ... }: { { config, lib, ... }: {
options.services.prometheus.exporters.endlessh-go = lib.mkOption { options.services.prometheus.exporters.endlessh-go = {
default = {}; enable = lib.mkEnableOption (lib.mdDoc "Prometheus integration");
listenAddress = lib.mkOption {
type = lib.types.str;
default = "0.0.0.0";
};
port = lib.mkOption {
type = lib.types.port;
default = 2112;
};
}; };
config.services.endlessh-go.prometheus = config.services.prometheus.exporters.endlessh-go; config.services.endlessh-go.prometheus = config.services.prometheus.exporters.endlessh-go;