Merge pull request 'feat(matrix-synapse): enable metrics' (#100) from feat/synapse-metrics into main

Reviewed-on: pub-solar/infra#100
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
This commit is contained in:
teutat3s 2024-01-28 23:56:42 +00:00
commit b2e845876a
Signed by: pub.solar gitea
GPG key ID: F0332B04B7054873
5 changed files with 89 additions and 9 deletions

View file

@ -26,7 +26,7 @@
}; };
scrapeConfigs = [ scrapeConfigs = [
{ {
job_name = "http-targets"; job_name = "node-exporter-http";
static_configs = [{ static_configs = [{
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ]; targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ];
labels = { labels = {
@ -35,7 +35,7 @@
}]; }];
} }
{ {
job_name = "https-targets"; job_name = "node-exporter-https";
scheme = "https"; scheme = "https";
metrics_path = "/metrics"; metrics_path = "/metrics";
basic_auth = { basic_auth = {
@ -49,6 +49,21 @@
}; };
}]; }];
} }
{
job_name = "matrix-synapse";
scheme = "https";
metrics_path = "/_synapse/metrics";
basic_auth = {
username = "hakkonaut";
password_file = "${config.age.secrets.nachtigall-metrics-prometheus-basic-auth-password.path}";
};
static_configs = [{
targets = [ "nachtigall.pub.solar" ];
labels = {
instance = "nachtigall";
};
}];
}
]; ];
}; };
} }

View file

@ -1,4 +1,17 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let
# Find element in list config.services.matrix-synapse.settings.listeners.*.resources
# that sets names = "client"
nameHasClient = name: name == "client";
resourceHasClient = resource: builtins.any nameHasClient resource.names;
listenerWithClient = lib.findFirst
(listener:
builtins.any resourceHasClient listener.resources)
(throw "Found no matrix-synapse.settings.listeners.*.resources.*.names containing string client")
config.services.matrix-synapse.settings.listeners
;
synapseClientPort = "${toString listenerWithClient.port}";
in
{ {
systemd.services.matrix-appservice-irc.serviceConfig.SystemCallFilter = lib.mkForce [ systemd.services.matrix-appservice-irc.serviceConfig.SystemCallFilter = lib.mkForce [
"@system-service @pkey" "@system-service @pkey"
@ -13,7 +26,7 @@
settings = { settings = {
homeserver = { homeserver = {
domain = "pub.solar"; domain = "pub.solar";
url = "http://127.0.0.1:${toString (builtins.map (listener: listener.port) config.services.matrix-synapse.settings.listeners)}"; url = "http://127.0.0.1:${synapseClientPort}";
media_url = "https://matrix.pub.solar"; media_url = "https://matrix.pub.solar";
enablePresence = false; enablePresence = false;
}; };

View file

@ -38,6 +38,45 @@ in
allow_unsafe_locale = false; allow_unsafe_locale = false;
txn_limit = 0; txn_limit = 0;
}; };
listeners = [
{
bind_addresses = [
"127.0.0.1"
];
port = 8008;
resources = [
{
compress = true;
names = [
"client"
];
}
{
compress = false;
names = [
"federation"
];
}
];
tls = false;
type = "http";
x_forwarded = true;
}
{
bind_addresses = [
"127.0.0.1"
];
port = 8012;
resources = [
{
names = [
"metrics"
];
}
];
type = "metrics";
}
];
account_threepid_delegates.msisdn = ""; account_threepid_delegates.msisdn = "";
alias_creation_rules = [{ alias_creation_rules = [{
@ -68,6 +107,7 @@ in
encryption_enabled_by_default_for_room_type = "off"; encryption_enabled_by_default_for_room_type = "off";
event_cache_size = "100K"; event_cache_size = "100K";
federation_rr_transactions_per_room_per_second = 50; federation_rr_transactions_per_room_per_second = 50;
federation_client_minimum_tls_version = "1.2";
forget_rooms_on_leave = true; forget_rooms_on_leave = true;
include_profile_data_on_invite = true; include_profile_data_on_invite = true;
instance_map = { }; instance_map = { };
@ -162,6 +202,7 @@ in
stream_writers = { }; stream_writers = { };
trusted_key_servers = [{ server_name = "matrix.org"; }]; trusted_key_servers = [{ server_name = "matrix.org"; }];
suppress_key_server_warning = true;
turn_allow_guests = false; turn_allow_guests = false;
turn_uris = [ turn_uris = [
@ -213,6 +254,8 @@ in
]; ];
}; };
withJemalloc = true;
extraConfigFiles = [ extraConfigFiles = [
"/run/agenix/matrix-synapse-secret-config.yaml" "/run/agenix/matrix-synapse-secret-config.yaml"

View file

@ -88,10 +88,6 @@ in
gzip_types text/plain application/json; gzip_types text/plain application/json;
''; '';
locations = { locations = {
# TODO: Configure metrics
# "/metrics" = {
# };
# For telegram # For telegram
"/c3c3f34b-29fb-5feb-86e5-98c75ec8214b" = { "/c3c3f34b-29fb-5feb-86e5-98c75ec8214b" = {
proxyPass = "http://127.0.0.1:8009"; proxyPass = "http://127.0.0.1:8009";

View file

@ -1,5 +1,15 @@
{ config, flake, ... }: { config, flake, lib, ... }:
let
# Find element in list config.services.matrix-synapse.settings.listeners
# that sets type = "metrics"
listenerWithMetrics = lib.findFirst
(listener:
listener.type == "metrics")
(throw "Found no matrix-synapse.settings.listeners.*.type containing string metrics")
config.services.matrix-synapse.settings.listeners
;
synapseMetricsPort = "${toString listenerWithMetrics.port}";
in
{ {
age.secrets.nachtigall-metrics-nginx-basic-auth = { age.secrets.nachtigall-metrics-nginx-basic-auth = {
file = "${flake.self}/secrets/nachtigall-metrics-nginx-basic-auth.age"; file = "${flake.self}/secrets/nachtigall-metrics-nginx-basic-auth.age";
@ -14,6 +24,9 @@
locations."/metrics" = { locations."/metrics" = {
proxyPass = "http://127.0.0.1:${toString(config.services.prometheus.exporters.node.port)}"; proxyPass = "http://127.0.0.1:${toString(config.services.prometheus.exporters.node.port)}";
}; };
locations."/_synapse/metrics" = {
proxyPass = "http://127.0.0.1:${synapseMetricsPort}";
};
}; };
}; };
} }