forked from pub-solar/infra
teutat3s
b93608a8fa
configure wireguard to push logs to and scrape metrics from flora-6 open firewall for node-exporter port on wg-ssh interface
16 lines
322 B
Nix
16 lines
322 B
Nix
{ config, ... }:
|
|
{
|
|
# Only expose prometheus exporter port via wireguard interface
|
|
networking.firewall.interfaces.wg-ssh.allowedTCPPorts = [ 9002 ];
|
|
|
|
services.prometheus = {
|
|
exporters = {
|
|
node = {
|
|
enable = true;
|
|
enabledCollectors = [ "systemd" ];
|
|
port = 9002;
|
|
};
|
|
};
|
|
};
|
|
}
|