1
0
Fork 0
forked from pub-solar/infra

Put modules into uniform folders

This commit is contained in:
Pablo Ovelleiro Corral 2024-04-28 19:05:12 +02:00
parent 477e419312
commit 512ab12de1
Signed by untrusted user: pinpox
GPG key ID: 29E9A6ED72CCB334
44 changed files with 128 additions and 48 deletions

View file

@ -42,7 +42,6 @@
./logins
./lib
./overlays
./modules
./hosts
];
@ -85,9 +84,20 @@
{
inherit username;
checks = builtins.mapAttrs (
system: deployLib: deployLib.deployChecks self.deploy
) inputs.deploy-rs.lib;
nixosModules = builtins.listToAttrs (
map
(x: {
name = x;
value = import (./modules + "/${x}");
})
(builtins.attrNames (builtins.readDir ./modules))
);
checks = builtins.mapAttrs
(
system: deployLib: deployLib.deployChecks self.deploy
)
inputs.deploy-rs.lib;
formatter."x86_64-linux" = inputs.unstable.legacyPackages."x86_64-linux".nixfmt-rfc-style;

View file

@ -1,44 +0,0 @@
{ self, ... }:
{
flake = {
nixosModules = rec {
core = import ./core;
unlock-zfs-on-boot = import ./unlock-zfs-on-boot.nix;
docker = import ./docker.nix;
caddy = import ./apps/caddy.nix;
collabora = import ./apps/collabora.nix;
coturn = import ./apps/coturn.nix;
drone = import ./apps/drone.nix;
forgejo-actions-runner = import ./apps/forgejo/forgejo-actions-runner.nix;
forgejo = import ./apps/forgejo/forgejo.nix;
grafana = import ./apps/grafana/grafana.nix;
keycloak = import ./apps/keycloak.nix;
loki = import ./apps/loki.nix;
mailman = import ./apps/mailman.nix;
mastodon = import ./apps/mastodon/mastodon.nix;
nginx-mastodon = import ./apps/mastodon/nginx-mastodon.nix;
nginx-mastodon-files = import ./apps/mastodon/nginx-mastodon-files.nix;
matrix = import ./apps/matrix/synapse.nix;
nginx-matrix = import ./apps/matrix/nginx-matrix.nix;
matrix-telegram = import ./apps/matrix/mautrix-telegram.nix;
matrix-irc = import ./apps/matrix/irc.nix;
mediawiki = import ./apps/mediawiki.nix;
nextcloud = import ./apps/nextcloud/nextcloud.nix;
nginx-website-miom = import ./apps/nginx-website-miom.nix;
nginx-website = import ./apps/nginx-website.nix;
nginx = import ./apps/nginx.nix;
obs-portal = import ./apps/obs-portal.nix;
opensearch = import ./apps/opensearch.nix;
owncast = import ./apps/owncast.nix;
postgresql = import ./apps/postgresql.nix;
prometheus = import ./apps/prometheus/prometheus.nix;
prometheus-exporters = import ./apps/prometheus/prometheus-exporters.nix;
nginx-prometheus-exporters = import ./apps/prometheus/nginx-prometheus-exporters.nix;
promtail = import ./apps/promtail.nix;
searx = import ./apps/searx.nix;
tmate = import ./apps/tmate.nix;
};
};
}

View file

Before

Width:  |  Height:  |  Size: 29 KiB

After

Width:  |  Height:  |  Size: 29 KiB

View file

Before

Width:  |  Height:  |  Size: 8.7 KiB

After

Width:  |  Height:  |  Size: 8.7 KiB

View file

@ -0,0 +1,32 @@
{ config, flake, lib, ... }:
let
# Find element in list config.services.matrix-synapse.settings.listeners
# that sets type = "metrics"
listenerWithMetrics = lib.findFirst
(listener:
listener.type == "metrics")
(throw "Found no matrix-synapse.settings.listeners.*.type containing string metrics")
config.services.matrix-synapse.settings.listeners
;
synapseMetricsPort = "${toString listenerWithMetrics.port}";
in
{
age.secrets.nachtigall-metrics-nginx-basic-auth = {
file = "${flake.self}/secrets/nachtigall-metrics-nginx-basic-auth.age";
mode = "600";
owner = "nginx";
};
services.nginx.virtualHosts = {
"nachtigall.pub.solar" = {
enableACME = true;
addSSL = true;
basicAuthFile = "${config.age.secrets.nachtigall-metrics-nginx-basic-auth.path}";
locations."/metrics" = {
proxyPass = "http://127.0.0.1:${toString(config.services.prometheus.exporters.node.port)}";
};
locations."/_synapse/metrics" = {
proxyPass = "http://127.0.0.1:${synapseMetricsPort}";
};
};
};
}

View file

@ -0,0 +1,13 @@
{ config
, ...
}: {
services.prometheus = {
exporters = {
node = {
enable = true;
enabledCollectors = [ "systemd" ];
port = 9002;
};
};
};
}

View file

@ -0,0 +1,69 @@
{ config
, lib
, pkgs
, flake
, ...
}: {
age.secrets.nachtigall-metrics-prometheus-basic-auth-password = {
file = "${flake.self}/secrets/nachtigall-metrics-prometheus-basic-auth-password.age";
mode = "600";
owner = "prometheus";
};
services.prometheus = {
enable = true;
port = 9001;
exporters = {
node = {
enable = true;
enabledCollectors = [ "systemd" ];
port = 9002;
};
};
globalConfig = {
scrape_interval = "10s";
scrape_timeout = "9s";
};
scrapeConfigs = [
{
job_name = "node-exporter-http";
static_configs = [{
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ];
labels = {
instance = "flora-6";
};
}];
}
{
job_name = "node-exporter-https";
scheme = "https";
metrics_path = "/metrics";
basic_auth = {
username = "hakkonaut";
password_file = "${config.age.secrets.nachtigall-metrics-prometheus-basic-auth-password.path}";
};
static_configs = [{
targets = [ "nachtigall.pub.solar" ];
labels = {
instance = "nachtigall";
};
}];
}
{
job_name = "matrix-synapse";
scheme = "https";
metrics_path = "/_synapse/metrics";
basic_auth = {
username = "hakkonaut";
password_file = "${config.age.secrets.nachtigall-metrics-prometheus-basic-auth-password.path}";
};
static_configs = [{
targets = [ "nachtigall.pub.solar" ];
labels = {
instance = "nachtigall";
};
}];
}
];
};
}