parent
a156d1ba1e
commit
152bc676fc
GPG key ID:
54E2C71918E93B74
2 changed files with 40 additions and 11 deletions
|
|
@ -342,6 +342,12 @@ in {
|
|||
};
|
||||
|
||||
config = lib.mkIf cfg.server.enable {
|
||||
# logging
|
||||
services.prometheus.exporters.bind = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
# services.skynet.backup.normal.backups = ["/etc/skynet/dns"];
|
||||
|
||||
# open the firewall for this
|
||||
|
|
@ -386,6 +392,10 @@ in {
|
|||
# need to take a look at https://nixos.org/manual/nixos/unstable/#module-security-acme-config-dns
|
||||
extraConfig = ''
|
||||
include "/run/agenix/dns_dnskeys";
|
||||
|
||||
statistics-channels {
|
||||
inet 127.0.0.1 port 8053 allow { 127.0.0.1; };
|
||||
};
|
||||
'';
|
||||
|
||||
# piles of no valid RRSIG resolving 'com/DS/IN' errors
|
||||
|
|
|
|||
|
|
@ -7,6 +7,25 @@
|
|||
with lib; let
|
||||
name = "prometheus";
|
||||
cfg = config.services.skynet."${name}";
|
||||
|
||||
# dont have to worry about any external addresses for this
|
||||
# create a list of either "ip@port" or ""
|
||||
# the ""s then get filtered out by filter_empty
|
||||
exporters = {
|
||||
dns = (
|
||||
lib.attrsets.mapAttrsToList (
|
||||
key: value:
|
||||
if value.config.services.skynet.dns.server.enable
|
||||
then "${value.config.deployment.targetHost}:${toString value.config.services.prometheus.exporters.bind.port}"
|
||||
else ""
|
||||
)
|
||||
nodes
|
||||
);
|
||||
node = lib.attrsets.mapAttrsToList (key: value: "${value.config.deployment.targetHost}:${toString config.services.prometheus.exporters.node.port}") nodes;
|
||||
};
|
||||
|
||||
# clears any invalid entries
|
||||
filter_empty = inputs: (builtins.filter (value: value != "") inputs);
|
||||
in {
|
||||
imports = [];
|
||||
|
||||
|
|
@ -19,7 +38,7 @@ in {
|
|||
default = 9001;
|
||||
};
|
||||
|
||||
other_nodes = mkOption {
|
||||
external.node = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
description = ''
|
||||
|
|
@ -27,24 +46,16 @@ in {
|
|||
'';
|
||||
};
|
||||
};
|
||||
|
||||
port_collecter = mkOption {
|
||||
type = types.port;
|
||||
default = 9002;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkMerge [
|
||||
{
|
||||
services.prometheus.exporters.node = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
# most collectors are on by default see https://github.com/prometheus/node_exporter for more options
|
||||
enabledCollectors = ["systemd"];
|
||||
port = cfg.port_collecter;
|
||||
};
|
||||
|
||||
# make sure the port is open
|
||||
networking.firewall.allowedTCPPorts = [cfg.port_collecter];
|
||||
}
|
||||
(mkIf cfg.server.enable {
|
||||
services.prometheus = {
|
||||
|
|
@ -55,7 +66,15 @@ in {
|
|||
job_name = "node_exporter";
|
||||
static_configs = [
|
||||
{
|
||||
targets = (lib.attrsets.mapAttrsToList (key: value: "${value.config.deployment.targetHost}:${toString cfg.port_collecter}") nodes) ++ cfg.server.other_nodes;
|
||||
targets = filter_empty (exporters.node ++ cfg.server.external.node);
|
||||
}
|
||||
];
|
||||
}
|
||||
{
|
||||
job_name = "bind";
|
||||
static_configs = [
|
||||
{
|
||||
targets = filter_empty exporters.dns;
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue