Benjamin Yule Bädorf
68278ad983
All checks were successful
Flake checks / Check (pull_request) Successful in 5m52s
This works towards having reusable modules * `config.pub-solar-os.networking.domain` is used for the main domain * `config.pub-solar-os.privacyPolicUrl` links towards the privacy policy * `config.pub-solar-os.imprintUrl` links towards the imprint * `config.pub-solar-os.auth.enable` enables the keycloak installation. This is needed because `config.pub-solar-os.auth` has to be available everywhere, but we do not want to install keycloak everywhere. * `config.pub-solar-os.auth.realm` sets the keycloak realm name
70 lines
1.8 KiB
Nix
70 lines
1.8 KiB
Nix
{ config
|
|
, lib
|
|
, pkgs
|
|
, flake
|
|
, ...
|
|
}: {
|
|
age.secrets.nachtigall-metrics-prometheus-basic-auth-password = {
|
|
file = "${flake.self}/secrets/nachtigall-metrics-prometheus-basic-auth-password.age";
|
|
mode = "600";
|
|
owner = "prometheus";
|
|
};
|
|
|
|
services.prometheus = {
|
|
enable = true;
|
|
port = 9001;
|
|
exporters = {
|
|
node = {
|
|
enable = true;
|
|
enabledCollectors = [ "systemd" ];
|
|
port = 9002;
|
|
};
|
|
};
|
|
globalConfig = {
|
|
scrape_interval = "10s";
|
|
scrape_timeout = "9s";
|
|
};
|
|
scrapeConfigs = [
|
|
{
|
|
job_name = "node-exporter-http";
|
|
static_configs = [{
|
|
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ];
|
|
labels = {
|
|
instance = "flora-6";
|
|
};
|
|
}];
|
|
}
|
|
{
|
|
job_name = "node-exporter-https";
|
|
scheme = "https";
|
|
metrics_path = "/metrics";
|
|
basic_auth = {
|
|
username = "hakkonaut";
|
|
password_file = "${config.age.secrets.nachtigall-metrics-prometheus-basic-auth-password.path}";
|
|
};
|
|
static_configs = [{
|
|
targets = [ "nachtigall.${config.pub-solar-os.networking.domain}" ];
|
|
labels = {
|
|
instance = "nachtigall";
|
|
};
|
|
}];
|
|
}
|
|
{
|
|
job_name = "matrix-synapse";
|
|
scheme = "https";
|
|
metrics_path = "/_synapse/metrics";
|
|
basic_auth = {
|
|
username = "hakkonaut";
|
|
password_file = "${config.age.secrets.nachtigall-metrics-prometheus-basic-auth-password.path}";
|
|
};
|
|
static_configs = [{
|
|
targets = [ "nachtigall.${config.pub-solar-os.networking.domain}" ];
|
|
labels = {
|
|
instance = "nachtigall";
|
|
};
|
|
}];
|
|
}
|
|
];
|
|
};
|
|
}
|