more metrics

2022-07-30 12:22:19 +02:00 · 2022-07-30 12:22:19 +02:00 · 0a5df1e33f
commit 0a5df1e33f
parent 0a496eb82f
6 changed files with 46 additions and 42 deletions
--- a/nixos/hosts/consul/configuration.nix
+++ b/nixos/hosts/consul/configuration.nix
@ -1,25 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system.  Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ config, pkgs, ... }:
-
-{
-  imports = [
-  ];
-
-  networking.hostName = "consul";
-
-  # This value determines the NixOS release from which the default
-  # settings for stateful data, like file locations and database versions
-  # on your system were taken. It‘s perfectly fine and recommended to leave
-  # this value at the release version of the first install of this system.
-  # Before changing this value read the documentation for this option
-  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "21.05"; # Did you read the comment?
-
-  # Additional packages
-  environment.systemPackages = with pkgs; [ ];
-
-  networking.firewall.allowedTCPPorts = [ ];
-}
--- a/nixos/hosts/nginx/configuration.nix
+++ b/nixos/hosts/nginx/configuration.nix
@ -41,6 +41,7 @@ in

  services.nginx = {
    enable = true;
+    statusPage = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;
    recommendedOptimisation = true;
@ -119,4 +120,11 @@ in
  security.acme.defaults.email = "victorheld12@gmail.com";
  security.acme.acceptTerms = true;
  security.acme.preliminarySelfsigned = true;
+
+  services.prometheus.exporters = {
+    nginx = {
+      enable = true;
+      openFirewall = true;
+    };
+  };
 }
--- a/nixos/hosts/victoriametrics/configuration.nix
+++ b/nixos/hosts/victoriametrics/configuration.nix
@ -37,11 +37,20 @@ in
    enable = true;
    openFirewall = true;
    prometheusConfig = {
-      global = { 
+      global = {
        scrape_interval = "1m";
        scrape_timeout = "30s";
      };
      scrape_configs = [
+        {
+          job_name = "nginx";
+          static_configs = [
+            {
+              targets = [ "nginx.olympus:9113" ];
+              labels.app = "nginx";
+            }
+          ];
+        }
        {
          job_name = "synapse";
          metrics_path = "/_synapse/metrics";
@ -50,6 +59,13 @@ in
            labels.app = "synapse";
          }];
        }
+        {
+          job_name = "wireguard";
+          static_configs = [{
+            targets = [ "wireguard.olympus:9586" ];
+            labels.app = "wireguard";
+          }];
+        }
      ];
    };
  };
--- a/nixos/hosts/wireguard/configuration.nix
+++ b/nixos/hosts/wireguard/configuration.nix
@ -22,7 +22,9 @@ let vs = config.vault-secrets.secrets; in

  environment.noXlibs = lib.mkForce false;

-  networking.firewall.allowedUDPPorts = [ config.networking.wireguard.interfaces.wg0.listenPort ];
+  networking.firewall.allowedUDPPorts = [
+    config.networking.wireguard.interfaces.wg0.listenPort
+  ];

  vault-secrets.secrets.wireguard = {
    services = [ "wireguard-wg0" ];
@ -34,6 +36,11 @@ let vs = config.vault-secrets.secrets; in
    externalInterface = "eth0";
  };

+  services.prometheus.exporters.wireguard = {
+    enable = true;
+    openFirewall = true;
+  };
+
  networking.wireguard.interfaces.wg0 = {
    ips = [ "10.100.0.1/24" ];
    listenPort = 51820;