From ccfbd0b477a7ddca29ffbfd49690a31b992c23d1 Mon Sep 17 00:00:00 2001 From: Victor Date: Sat, 30 Jul 2022 12:22:19 +0200 Subject: [PATCH] more metrics --- flake.lock | 18 ++++++------- hosts.nix | 10 +++----- nixos/hosts/consul/configuration.nix | 25 ------------------- nixos/hosts/nginx/configuration.nix | 8 ++++++ nixos/hosts/victoriametrics/configuration.nix | 18 ++++++++++++- nixos/hosts/wireguard/configuration.nix | 9 ++++++- 6 files changed, 46 insertions(+), 42 deletions(-) delete mode 100644 nixos/hosts/consul/configuration.nix diff --git a/flake.lock b/flake.lock index 474ac5b..20c5d67 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1658094154, - "narHash": "sha256-9g9hZ27VxPDqOM+v+JUVV5XkYCjnu7yWrOPV/zIgBYA=", + "lastModified": 1659157989, + "narHash": "sha256-XHyjblfOAhoHwIDfPxYqAbvYzCO0/XjntULV6Dmavo8=", "owner": "zhaofengli", "repo": "colmena", - "rev": "5d2f12851596678316ed1f0b53ff1ec624d5ebac", + "rev": "34bb2e46747e69c9a34f94583330ad9a9f5ad20a", "type": "github" }, "original": { @@ -206,11 +206,11 @@ "utils": "utils_3" }, "locked": { - "lastModified": 1659059370, - "narHash": "sha256-JrD97kjloTgkuHRCHbvTCFJLnRQTICYwbR4QzXk6nnU=", + "lastModified": 1659144434, + "narHash": "sha256-FlfgEhzZTG39j+7IoDFFjED8asI3vWcOZSGmz5rpMdk=", "owner": "jyooru", "repo": "nix-minecraft-servers", - "rev": "927bd0ae6473b431ccab8aff20eb04eb4323d627", + "rev": "65702e6e4bd0d368b8a5f4efd8ea84c5ad9a604c", "type": "github" }, "original": { @@ -257,11 +257,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1658985157, - "narHash": "sha256-f8JN0mQGSaEfw6HjMST0yViBTln/kzfTxe+qHutzvEI=", + "lastModified": 1659077768, + "narHash": "sha256-P0XIHBVty6WIuIrk2DZNvLcYev9956y1prT4zL212H8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "bba87fc2a33618d86233fbdddc6b84971e6b5558", + "rev": "2a93ea177c3d7700b934bf95adfe00c435f696b8", "type": "github" }, "original": { diff --git a/hosts.nix b/hosts.nix index 3bc4bc3..02fb68f 100644 --- a/hosts.nix +++ b/hosts.nix @@ -60,11 +60,9 @@ mac = "74:40:be:48:85:a4"; nix = false; } - { - hostname = "consul"; - ip = "10.42.42.14"; - mac = "D6:DE:07:41:73:81"; - } + # { + # ip = "10.42.42.14"; + # } { hostname = "dns-1"; profile = "dns"; @@ -83,7 +81,7 @@ mac = "0A:06:5E:E7:9A:0C"; } # { - # ip = "10.42.42.18"; + # ip = "10.42.42.18"; # } { hostname = "victoriametrics"; diff --git a/nixos/hosts/consul/configuration.nix b/nixos/hosts/consul/configuration.nix deleted file mode 100644 index 949dfb7..0000000 --- a/nixos/hosts/consul/configuration.nix +++ /dev/null @@ -1,25 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: - -{ - imports = [ - ]; - - networking.hostName = "consul"; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.05"; # Did you read the comment? - - # Additional packages - environment.systemPackages = with pkgs; [ ]; - - networking.firewall.allowedTCPPorts = [ ]; -} diff --git a/nixos/hosts/nginx/configuration.nix b/nixos/hosts/nginx/configuration.nix index 0cd0c54..d8c5afe 100644 --- a/nixos/hosts/nginx/configuration.nix +++ b/nixos/hosts/nginx/configuration.nix @@ -41,6 +41,7 @@ in services.nginx = { enable = true; + statusPage = true; recommendedProxySettings = true; recommendedTlsSettings = true; recommendedOptimisation = true; @@ -119,4 +120,11 @@ in security.acme.defaults.email = "victorheld12@gmail.com"; security.acme.acceptTerms = true; security.acme.preliminarySelfsigned = true; + + services.prometheus.exporters = { + nginx = { + enable = true; + openFirewall = true; + }; + }; } diff --git a/nixos/hosts/victoriametrics/configuration.nix b/nixos/hosts/victoriametrics/configuration.nix index 22350d2..2a5372f 100644 --- a/nixos/hosts/victoriametrics/configuration.nix +++ b/nixos/hosts/victoriametrics/configuration.nix @@ -37,11 +37,20 @@ in enable = true; openFirewall = true; prometheusConfig = { - global = { + global = { scrape_interval = "1m"; scrape_timeout = "30s"; }; scrape_configs = [ + { + job_name = "nginx"; + static_configs = [ + { + targets = [ "nginx.olympus:9113" ]; + labels.app = "nginx"; + } + ]; + } { job_name = "synapse"; metrics_path = "/_synapse/metrics"; @@ -50,6 +59,13 @@ in labels.app = "synapse"; }]; } + { + job_name = "wireguard"; + static_configs = [{ + targets = [ "wireguard.olympus:9586" ]; + labels.app = "wireguard"; + }]; + } ]; }; }; diff --git a/nixos/hosts/wireguard/configuration.nix b/nixos/hosts/wireguard/configuration.nix index b83c498..27236a2 100644 --- a/nixos/hosts/wireguard/configuration.nix +++ b/nixos/hosts/wireguard/configuration.nix @@ -22,7 +22,9 @@ let vs = config.vault-secrets.secrets; in environment.noXlibs = lib.mkForce false; - networking.firewall.allowedUDPPorts = [ config.networking.wireguard.interfaces.wg0.listenPort ]; + networking.firewall.allowedUDPPorts = [ + config.networking.wireguard.interfaces.wg0.listenPort + ]; vault-secrets.secrets.wireguard = { services = [ "wireguard-wg0" ]; @@ -34,6 +36,11 @@ let vs = config.vault-secrets.secrets; in externalInterface = "eth0"; }; + services.prometheus.exporters.wireguard = { + enable = true; + openFirewall = true; + }; + networking.wireguard.interfaces.wg0 = { ips = [ "10.100.0.1/24" ]; listenPort = 51820;