RGBCube/ncc
1
Fork 0
mirror of https://github.com/RGBCube/ncc synced 2025-07-30 11:37:44 +00:00
Code Issues Activity

Scrape prometheus exporters over tailscale

Browse source
This commit is contained in:
RGBCube 2024-05-11 23:43:06 +03:00
parent 685a6482ff
commit 9fac8ab7e4
No known key found for this signature in database
8 changed files with 51 additions and 115 deletions
Download patch file Download diff file Expand all files Collapse all files

20
hosts/cube/nextcloud/default.nix
View file

@ -5,8 +5,6 @@ let
fqdn = "cloud.${domain}";
prometheusPort = 9060;
nextcloudPackage = pkgs.nextcloud28;
in systemConfiguration {
secrets.nextcloudPassword = {
@ -18,28 +16,14 @@ in systemConfiguration {
owner = "nextcloud-exporter";
};
services.prometheus = {
exporters.nextcloud = enabled {
listenAddress = "[::1]";
port = prometheusPort;
services.prometheus.exporters.nextcloud = enabled {
listenAddress = "[::]";
username = "admin";
url = "https://${fqdn}";
passwordFile = config.secrets.nextcloudExporterPassword.path;
};
scrapeConfigs = [{
job_name = "nextcloud";
static_configs = [{
labels.job = "nextcloud";
targets = [
"[::1]:${toString prometheusPort}"
];
}];
}];
};
services.postgresql = {
ensureDatabases = [ "nextcloud" ];
ensureUsers = [{

20
hosts/cube/nginx.nix
View file

@ -1,27 +1,13 @@
{ lib, pkgs, ... }: with lib;
let
prometheusPort = 9030;
in systemConfiguration {
systemConfiguration {
networking.firewall = {
allowedTCPPorts = [ 443 80 ];
allowedUDPPorts = [ 443 ];
};
services.prometheus = {
exporters.nginx = enabled {
listenAddress = "[::1]";
port = prometheusPort;
};
scrapeConfigs = [{
job_name = "nginx";
static_configs = [{
labels.job = "nginx";
targets = [ "[::1]:${toString prometheusPort}" ];
}];
}];
services.prometheus.exporters.nginx = enabled {
listenAddress = "[::]";
};
services.nginx = enabled {

20
hosts/cube/postgresql.nix
View file

@ -1,25 +1,11 @@
{ lib, pkgs, ... }: with lib; merge
(let
prometheusPort = 9020;
in systemConfiguration {
services.prometheus = {
exporters.postgres = enabled {
listenAddress = "[::1]";
port = prometheusPort;
(systemConfiguration {
services.prometheus.exporters.postgres = enabled {
listenAddress = "[::]";
runAsLocalSuperUser = true;
};
scrapeConfigs = [{
job_name = "postgres";
static_configs = [{
labels.job = "postgres";
targets = [ "[::1]:${toString prometheusPort}" ];
}];
}];
};
services.postgresql = enabled {
package = pkgs.postgresql_14;

33
hosts/cube/prometheus.nix
View file

@ -1,15 +1,11 @@
{ lib, ... }: with lib;
{ self, config, lib, ... }: with lib;
let
port = 9000;
nodeExporterPort = 9010;
in systemConfiguration {
systemConfiguration {
services.grafana.provision.datasources.settings = {
datasources = [{
name = "Prometheus";
type = "prometheus";
url = "http://[::1]:${toString port}";
url = "http://[::1]:${toString config.services.prometheus.port}";
orgId = 1;
}];
@ -21,23 +17,20 @@ in systemConfiguration {
};
services.prometheus = enabled {
inherit port;
listenAddress = "[::]";
retentionTime = "1w";
exporters.node = enabled {
enabledCollectors = [ "processes" "systemd" ];
listenAddress = "[::1]";
port = nodeExporterPort;
};
scrapeConfigs = [{
job_name = "node";
scrapeConfigs = with lib; let
configToScrapeConfig = name: { config, ... }: pipe config.services.prometheus.exporters [
(filterAttrs (_: value: value.enable or false))
(mapAttrsToList (expName: expConfig: {
job_name = "${expName}-${name}";
static_configs = [{
labels.job = "node";
targets = [ "[::1]:${toString nodeExporterPort}" ];
}];
targets = [ "${name}:${toString expConfig.port}" ];
}];
}))
];
in flatten (mapAttrsToList configToScrapeConfig self.nixosConfigurations);
};
}

20
hosts/disk/mail/default.nix
View file

@ -4,27 +4,11 @@ let
inherit (config.networking) domain;
fqdn = "mail.${domain}";
prometheusPort = 9040;
in systemConfiguration {
secrets.mailPassword.file = ./password.hash.age;
services.prometheus = {
exporters.postfix = enabled {
listenAddress = "[::1]";
port = prometheusPort;
};
scrapeConfigs = [{
job_name = "postfix";
static_configs = [{
labels.job = "postfix";
targets = [
"[::1]:${toString prometheusPort}"
];
}];
}];
services.prometheus.exporters.postfix = enabled {
listenAddress = "[::]";
};
mailserver = enabled {

19
modules/endlessh-go.nix
View file

@ -2,24 +2,9 @@
let
fakeSSHPort = 22;
prometheusPort = 9050;
in serverSystemConfiguration {
services.prometheus = {
exporters.endlessh-go = enabled {
listenAddress = "[::1]";
port = prometheusPort;
};
scrapeConfigs = [{
job_name = "endlessh-go";
static_configs = [{
labels.job = "endlessh-go";
targets = [
"[::1]:${toString prometheusPort}"
];
}];
}];
services.prometheus.exporters.endlessh-go = enabled {
listenAddress = "[::]";
};
# `services.endlessh-go.openFirewall` exposes both the Prometheus

8
modules/node-exporter.nix Normal file
View file

@ -0,0 +1,8 @@
{ lib, ... }: with lib;
serverSystemConfiguration {
services.prometheus.exporters.node = enabled {
enabledCollectors = [ "processes" "systemd" ];
listenAddress = "[::]";
};
}

14
options/endlessh-go-exporter-alias.nix
View file

@ -5,8 +5,18 @@
# This works, however.
{ config, lib, ... }: {
options.services.prometheus.exporters.endlessh-go = lib.mkOption {
default = {};
options.services.prometheus.exporters.endlessh-go = {
enable = lib.mkEnableOption (lib.mdDoc "Prometheus integration");
listenAddress = lib.mkOption {
type = lib.types.str;
default = "0.0.0.0";
};
port = lib.mkOption {
type = lib.types.port;
default = 2112;
};
};
config.services.endlessh-go.prometheus = config.services.prometheus.exporters.endlessh-go;