Merge branch 'prometheus2' into 'main'

Add prometheus

See merge request compsoc1/skynet/nixos!33
This commit is contained in:
silver 2024-05-23 21:52:09 +00:00
commit 694cbb2f0b
7 changed files with 150 additions and 11 deletions

View file

@ -24,6 +24,16 @@ in {
type = types.str;
};
};
datasource = {
name = mkOption {
type = types.str;
};
url = mkOption {
type = types.str;
};
};
};
config = mkIf cfg.enable {
@ -39,11 +49,31 @@ in {
"${name}.skynet.ie"
];
age.secrets.grafana_pw = {
file = ../secrets/grafana/pw.age;
owner = "grafana";
group = "grafana";
};
services.grafana = {
enable = true;
domain = "${name}.skynet.ie";
port = port;
addr = cfg.host.ip;
settings.security.admin_password = "$__file{${config.age.secrets.grafana_pw.path}}";
provision = {
enable = true;
datasources.settings.datasources = [
{
name = "Prometheus";
type = "prometheus";
url = "http://localhost:${toString config.services.skynet.prometheus.server.port}";
isDefault = true;
editable = true;
}
];
};
};
services.nginx.virtualHosts = {

View file

@ -0,0 +1,75 @@
{
nodes,
lib,
config,
...
}:
with lib; let
name = "prometheus";
cfg = config.services.skynet."${name}";
in {
imports = [];
options.services.skynet."${name}" = {
server = {
enable = mkEnableOption "Prometheus Server";
host = {
ip = mkOption {
type = types.str;
};
name = mkOption {
type = types.str;
};
};
port = mkOption {
type = types.port;
default = 9001;
};
other_nodes = mkOption {
type = types.listOf types.str;
default = [];
description = ''
To add other nodes outside of nix, specify ip and port that server should listen to here
'';
};
};
port_collecter = mkOption {
type = types.port;
default = 9002;
};
};
config = mkMerge [
{
services.prometheus.exporters.node = {
enable = true;
# most collectors are on by default see https://github.com/prometheus/node_exporter for more options
enabledCollectors = ["systemd"];
port = cfg.port_collecter;
};
# make sure the port is open
networking.firewall.allowedTCPPorts = [cfg.port_collecter];
}
(mkIf cfg.server.enable {
services.prometheus = {
enable = true;
port = cfg.server.port;
scrapeConfigs = [
{
job_name = "node_exporter";
static_configs = [
{
targets = (lib.attrsets.mapAttrsToList (key: value: "${value.config.deployment.targetHost}:${toString cfg.port_collecter}") nodes) ++ cfg.server.other_nodes;
}
];
}
];
};
})
];
}

View file

@ -29,6 +29,9 @@ in {
# every server will need the config to backup to
../applications/restic.nix
# every server will be monitored for grafana
../applications/prometheus.nix
];
options.skynet = {

View file

@ -9,6 +9,7 @@ Role: LDAP Server
Notes:
*/
{
config,
pkgs,
lib,
nodes,
@ -25,6 +26,8 @@ in {
../applications/discord.nix
../applications/bitwarden/vaultwarden.nix
../applications/bitwarden/bitwarden_sync.nix
../applications/grafana.nix
../applications/prometheus.nix
];
deployment = {
@ -72,6 +75,24 @@ in {
services.skynet_vaultwarden = {
enable = true;
host = {
ip = ip_pub;
name = name;
};
};
services.skynet.prometheus = {
server = {
enable = true;
host = {
ip = ip_pub;
name = name;
};
};
};
services.skynet.grafana = {
enable = true;
host = {
ip = ip_pub;
name = name;

View file

@ -25,7 +25,6 @@ Notes:
groups_trusted = map (x: "@${x}") groups;
in {
imports = [
../applications/grafana.nix
];
deployment = {
@ -50,15 +49,6 @@ in {
sudo_groups = groups;
};
services.skynet.grafana = {
enable = true;
host = {
ip = ip_pub;
name = name;
};
};
skynet_dns.records = [
{
record = name;

13
secrets/grafana/pw.age Normal file
View file

@ -0,0 +1,13 @@
age-encryption.org/v1
-> ssh-ed25519 V1pwNA ly/9CnXtgQlXTbKcK+gD+v0Ck7rmGtNrA/S9XfBdg3s
6skVNVJTgCf/EWlDbH6urfr4CUibVH/N+HcfIYPkzTo
-> ssh-ed25519 4PzZog 7+Fc9ec8zvlKP6VGKJa3MRN6p9bUrA07/BlL8rSnp3w
YgALG1b8QOmMqWuqr9iVxAal9cWFf8me0KT1Mg0onko
-> ssh-ed25519 5Nd93w /lx/evI9jsXzHMxXYQMoavWucTMiGMXwxACpjXYFZlU
nVWhQydOO8eaTYcR66u1MeH/glmwTDJnJM0I9tXUvV0
-> ssh-ed25519 q8eJgg wYOxbUUXrTgY9XkUz02qtW8TaYJfNej9VBdwvfUWrT8
/47DLKQGt1M3fJWDHo2Eg2ij4jCGd17ieYZ8gA/uYjY
-> ssh-ed25519 IzAMqA FfUA/kyLBOFIHFUO+PSsdTwaRjGvfsq7OTMXYo7/WjM
jEn8y+mncrOPmDzvsK90X2D/m8ZxmuIL8H0h27YP3hM
--- ibLXLaT49j/Mb8CwbcL+Gjwy5GJ5YDX31JQFqfOIXRw
ºôag9Ò a“Yâ«Ò<C2AB>öä”<C3A4>GADóðgûÅi°^ýUaß± YÏã@4><01> ¬óÐàò£Ý*‚Š?úÉ„5»F-íã8Ã

View file

@ -69,6 +69,10 @@ let
wheatly
];
grafana = [
kitt
];
# these need dns stuff
webservers =
[
@ -150,4 +154,7 @@ in {
"bitwarden/id.age".publicKeys = users ++ bitwarden;
"bitwarden/secret.age".publicKeys = users ++ bitwarden;
"bitwarden/details.age".publicKeys = users ++ bitwarden;
# grafana
"grafana/pw.age".publicKeys = users ++ grafana;
}