forked from pub-solar/infra
Merge pull request 'feat(matrix-synapse): enable metrics' (#100) from feat/synapse-metrics into main
Reviewed-on: pub-solar/infra#100 Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
This commit is contained in:
commit
b2e845876a
|
@ -26,7 +26,7 @@
|
|||
};
|
||||
scrapeConfigs = [
|
||||
{
|
||||
job_name = "http-targets";
|
||||
job_name = "node-exporter-http";
|
||||
static_configs = [{
|
||||
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ];
|
||||
labels = {
|
||||
|
@ -35,7 +35,7 @@
|
|||
}];
|
||||
}
|
||||
{
|
||||
job_name = "https-targets";
|
||||
job_name = "node-exporter-https";
|
||||
scheme = "https";
|
||||
metrics_path = "/metrics";
|
||||
basic_auth = {
|
||||
|
@ -49,6 +49,21 @@
|
|||
};
|
||||
}];
|
||||
}
|
||||
{
|
||||
job_name = "matrix-synapse";
|
||||
scheme = "https";
|
||||
metrics_path = "/_synapse/metrics";
|
||||
basic_auth = {
|
||||
username = "hakkonaut";
|
||||
password_file = "${config.age.secrets.nachtigall-metrics-prometheus-basic-auth-password.path}";
|
||||
};
|
||||
static_configs = [{
|
||||
targets = [ "nachtigall.pub.solar" ];
|
||||
labels = {
|
||||
instance = "nachtigall";
|
||||
};
|
||||
}];
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,17 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
# Find element in list config.services.matrix-synapse.settings.listeners.*.resources
|
||||
# that sets names = "client"
|
||||
nameHasClient = name: name == "client";
|
||||
resourceHasClient = resource: builtins.any nameHasClient resource.names;
|
||||
listenerWithClient = lib.findFirst
|
||||
(listener:
|
||||
builtins.any resourceHasClient listener.resources)
|
||||
(throw "Found no matrix-synapse.settings.listeners.*.resources.*.names containing string client")
|
||||
config.services.matrix-synapse.settings.listeners
|
||||
;
|
||||
synapseClientPort = "${toString listenerWithClient.port}";
|
||||
in
|
||||
{
|
||||
systemd.services.matrix-appservice-irc.serviceConfig.SystemCallFilter = lib.mkForce [
|
||||
"@system-service @pkey"
|
||||
|
@ -13,7 +26,7 @@
|
|||
settings = {
|
||||
homeserver = {
|
||||
domain = "pub.solar";
|
||||
url = "http://127.0.0.1:${toString (builtins.map (listener: listener.port) config.services.matrix-synapse.settings.listeners)}";
|
||||
url = "http://127.0.0.1:${synapseClientPort}";
|
||||
media_url = "https://matrix.pub.solar";
|
||||
enablePresence = false;
|
||||
};
|
||||
|
|
|
@ -38,6 +38,45 @@ in
|
|||
allow_unsafe_locale = false;
|
||||
txn_limit = 0;
|
||||
};
|
||||
listeners = [
|
||||
{
|
||||
bind_addresses = [
|
||||
"127.0.0.1"
|
||||
];
|
||||
port = 8008;
|
||||
resources = [
|
||||
{
|
||||
compress = true;
|
||||
names = [
|
||||
"client"
|
||||
];
|
||||
}
|
||||
{
|
||||
compress = false;
|
||||
names = [
|
||||
"federation"
|
||||
];
|
||||
}
|
||||
];
|
||||
tls = false;
|
||||
type = "http";
|
||||
x_forwarded = true;
|
||||
}
|
||||
{
|
||||
bind_addresses = [
|
||||
"127.0.0.1"
|
||||
];
|
||||
port = 8012;
|
||||
resources = [
|
||||
{
|
||||
names = [
|
||||
"metrics"
|
||||
];
|
||||
}
|
||||
];
|
||||
type = "metrics";
|
||||
}
|
||||
];
|
||||
|
||||
account_threepid_delegates.msisdn = "";
|
||||
alias_creation_rules = [{
|
||||
|
@ -68,6 +107,7 @@ in
|
|||
encryption_enabled_by_default_for_room_type = "off";
|
||||
event_cache_size = "100K";
|
||||
federation_rr_transactions_per_room_per_second = 50;
|
||||
federation_client_minimum_tls_version = "1.2";
|
||||
forget_rooms_on_leave = true;
|
||||
include_profile_data_on_invite = true;
|
||||
instance_map = { };
|
||||
|
@ -162,6 +202,7 @@ in
|
|||
|
||||
stream_writers = { };
|
||||
trusted_key_servers = [{ server_name = "matrix.org"; }];
|
||||
suppress_key_server_warning = true;
|
||||
|
||||
turn_allow_guests = false;
|
||||
turn_uris = [
|
||||
|
@ -213,6 +254,8 @@ in
|
|||
];
|
||||
};
|
||||
|
||||
withJemalloc = true;
|
||||
|
||||
extraConfigFiles = [
|
||||
"/run/agenix/matrix-synapse-secret-config.yaml"
|
||||
|
||||
|
|
|
@ -88,10 +88,6 @@ in
|
|||
gzip_types text/plain application/json;
|
||||
'';
|
||||
locations = {
|
||||
# TODO: Configure metrics
|
||||
# "/metrics" = {
|
||||
# };
|
||||
|
||||
# For telegram
|
||||
"/c3c3f34b-29fb-5feb-86e5-98c75ec8214b" = {
|
||||
proxyPass = "http://127.0.0.1:8009";
|
||||
|
|
|
@ -1,5 +1,15 @@
|
|||
{ config, flake, ... }:
|
||||
|
||||
{ config, flake, lib, ... }:
|
||||
let
|
||||
# Find element in list config.services.matrix-synapse.settings.listeners
|
||||
# that sets type = "metrics"
|
||||
listenerWithMetrics = lib.findFirst
|
||||
(listener:
|
||||
listener.type == "metrics")
|
||||
(throw "Found no matrix-synapse.settings.listeners.*.type containing string metrics")
|
||||
config.services.matrix-synapse.settings.listeners
|
||||
;
|
||||
synapseMetricsPort = "${toString listenerWithMetrics.port}";
|
||||
in
|
||||
{
|
||||
age.secrets.nachtigall-metrics-nginx-basic-auth = {
|
||||
file = "${flake.self}/secrets/nachtigall-metrics-nginx-basic-auth.age";
|
||||
|
@ -14,6 +24,9 @@
|
|||
locations."/metrics" = {
|
||||
proxyPass = "http://127.0.0.1:${toString(config.services.prometheus.exporters.node.port)}";
|
||||
};
|
||||
locations."/_synapse/metrics" = {
|
||||
proxyPass = "http://127.0.0.1:${synapseMetricsPort}";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue