more metrics

2022-07-30 12:22:19 +02:00 · 2022-07-30 12:22:19 +02:00 · ccfbd0b477
parent 0e203b6eca
commit ccfbd0b477
6 changed files with 46 additions and 42 deletions
--- a/flake.lock
+++ b/flake.lock
@ -10,11 +10,11 @@
        "utils": "utils"
      },
      "locked": {
-        "lastModified": 1658094154,
-        "narHash": "sha256-9g9hZ27VxPDqOM+v+JUVV5XkYCjnu7yWrOPV/zIgBYA=",
+        "lastModified": 1659157989,
+        "narHash": "sha256-XHyjblfOAhoHwIDfPxYqAbvYzCO0/XjntULV6Dmavo8=",
        "owner": "zhaofengli",
        "repo": "colmena",
-        "rev": "5d2f12851596678316ed1f0b53ff1ec624d5ebac",
+        "rev": "34bb2e46747e69c9a34f94583330ad9a9f5ad20a",
        "type": "github"
      },
      "original": {
@ -206,11 +206,11 @@
        "utils": "utils_3"
      },
      "locked": {
-        "lastModified": 1659059370,
-        "narHash": "sha256-JrD97kjloTgkuHRCHbvTCFJLnRQTICYwbR4QzXk6nnU=",
+        "lastModified": 1659144434,
+        "narHash": "sha256-FlfgEhzZTG39j+7IoDFFjED8asI3vWcOZSGmz5rpMdk=",
        "owner": "jyooru",
        "repo": "nix-minecraft-servers",
-        "rev": "927bd0ae6473b431ccab8aff20eb04eb4323d627",
+        "rev": "65702e6e4bd0d368b8a5f4efd8ea84c5ad9a604c",
        "type": "github"
      },
      "original": {
@ -257,11 +257,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1658985157,
-        "narHash": "sha256-f8JN0mQGSaEfw6HjMST0yViBTln/kzfTxe+qHutzvEI=",
+        "lastModified": 1659077768,
+        "narHash": "sha256-P0XIHBVty6WIuIrk2DZNvLcYev9956y1prT4zL212H8=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "bba87fc2a33618d86233fbdddc6b84971e6b5558",
+        "rev": "2a93ea177c3d7700b934bf95adfe00c435f696b8",
        "type": "github"
      },
      "original": {
--- a/hosts.nix
+++ b/hosts.nix
@ -60,11 +60,9 @@
    mac = "74:40:be:48:85:a4";
    nix = false;
  }
-  {
-    hostname = "consul";
-    ip = "10.42.42.14";
-    mac = "D6:DE:07:41:73:81";
-  }
+  # {
+  #   ip = "10.42.42.14";
+  # }
  {
    hostname = "dns-1";
    profile = "dns";
@ -83,7 +81,7 @@
    mac = "0A:06:5E:E7:9A:0C";
  }
  # {
-    # ip = "10.42.42.18";
+  #   ip = "10.42.42.18";
  # }
  {
    hostname = "victoriametrics";
--- a/nixos/hosts/consul/configuration.nix
+++ b/nixos/hosts/consul/configuration.nix
@ -1,25 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system.  Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ config, pkgs, ... }:
-
-{
-  imports = [
-  ];
-
-  networking.hostName = "consul";
-
-  # This value determines the NixOS release from which the default
-  # settings for stateful data, like file locations and database versions
-  # on your system were taken. It‘s perfectly fine and recommended to leave
-  # this value at the release version of the first install of this system.
-  # Before changing this value read the documentation for this option
-  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "21.05"; # Did you read the comment?
-
-  # Additional packages
-  environment.systemPackages = with pkgs; [ ];
-
-  networking.firewall.allowedTCPPorts = [ ];
-}
--- a/nixos/hosts/nginx/configuration.nix
+++ b/nixos/hosts/nginx/configuration.nix
@ -41,6 +41,7 @@ in

  services.nginx = {
    enable = true;
+    statusPage = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;
    recommendedOptimisation = true;
@ -119,4 +120,11 @@ in
  security.acme.defaults.email = "victorheld12@gmail.com";
  security.acme.acceptTerms = true;
  security.acme.preliminarySelfsigned = true;
+
+  services.prometheus.exporters = {
+    nginx = {
+      enable = true;
+      openFirewall = true;
+    };
+  };
 }
--- a/nixos/hosts/victoriametrics/configuration.nix
+++ b/nixos/hosts/victoriametrics/configuration.nix
@ -37,11 +37,20 @@ in
    enable = true;
    openFirewall = true;
    prometheusConfig = {
-      global = { 
+      global = {
        scrape_interval = "1m";
        scrape_timeout = "30s";
      };
      scrape_configs = [
+        {
+          job_name = "nginx";
+          static_configs = [
+            {
+              targets = [ "nginx.olympus:9113" ];
+              labels.app = "nginx";
+            }
+          ];
+        }
        {
          job_name = "synapse";
          metrics_path = "/_synapse/metrics";
@ -50,6 +59,13 @@ in
            labels.app = "synapse";
          }];
        }
+        {
+          job_name = "wireguard";
+          static_configs = [{
+            targets = [ "wireguard.olympus:9586" ];
+            labels.app = "wireguard";
+          }];
+        }
      ];
    };
  };
--- a/nixos/hosts/wireguard/configuration.nix
+++ b/nixos/hosts/wireguard/configuration.nix
@ -22,7 +22,9 @@ let vs = config.vault-secrets.secrets; in

  environment.noXlibs = lib.mkForce false;

-  networking.firewall.allowedUDPPorts = [ config.networking.wireguard.interfaces.wg0.listenPort ];
+  networking.firewall.allowedUDPPorts = [
+    config.networking.wireguard.interfaces.wg0.listenPort
+  ];

  vault-secrets.secrets.wireguard = {
    services = [ "wireguard-wg0" ];
@ -34,6 +36,11 @@ let vs = config.vault-secrets.secrets; in
    externalInterface = "eth0";
  };

+  services.prometheus.exporters.wireguard = {
+    enable = true;
+    openFirewall = true;
+  };
+
  networking.wireguard.interfaces.wg0 = {
    ips = [ "10.100.0.1/24" ];
    listenPort = 51820;