swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat!: dynamically create hosts

Browse source 
This commit completely restructures the flake. Hosts are now seperate
from profile configuration files in hosts/[system]. Nixos and Darwin
configurations will be built when present in the respective folders in hosts/
This commit is contained in:
Swarsel 2024-12-10 22:47:11 +01:00
parent 7f1bd846c7
commit 3a272b1fe6
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
43 changed files with 205 additions and 245 deletions
Download patch file Download diff file Expand all files Collapse all files

160
profiles/server/common/nixos/monitoring.nix
View file

@ -1,160 +0,0 @@
{ self, lib, config, ... }:
{
config = lib.mkIf config.swarselsystems.server.monitoring {
sops.secrets = {
grafanaadminpass = {
owner = "grafana";
};
prometheusadminpass = {
owner = "grafana";
};
};
users.users.nextcloud-exporter = {
extraGroups = [ "nextcloud" ];
};
users.users.grafana = {
extraGroups = [ "users" ];
};
services.grafana = {
enable = true;
dataDir = "/Vault/data/grafana";
provision = {
enable = true;
datasources.settings = {
datasources = [
{
name = "prometheus";
type = "prometheus";
url = "https://status.swarsel.win/prometheus";
editable = false;
access = "proxy";
basicAuth = true;
basicAuthUser = "admin";
jsonData = {
httpMethod = "POST";
manageAlerts = true;
prometheusType = "Prometheus";
prometheusVersion = "> 2.50.x";
cacheLevel = "High";
disableRecordingRules = false;
incrementalQueryOverlapWindow = "10m";
};
secureJsonData = {
basicAuthPassword = "$__file{/run/secrets/prometheusadminpass}";
};
}
];
};
};
settings = {
security.admin_password = "$__file{/run/secrets/grafanaadminpass}";
server = {
http_port = 3000;
http_addr = "127.0.0.1";
protocol = "http";
domain = "status.swarsel.win";
};
};
};
services.prometheus = {
enable = true;
webExternalUrl = "https://status.swarsel.win/prometheus";
port = 9090;
listenAddress = "127.0.0.1";
globalConfig = {
scrape_interval = "10s";
};
webConfigFile = self + /programs/server/prometheus/web.config;
scrapeConfigs = [
{
job_name = "node";
static_configs = [{
targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ];
}];
}
{
job_name = "zfs";
static_configs = [{
targets = [ "localhost:${toString config.services.prometheus.exporters.zfs.port}" ];
}];
}
{
job_name = "nginx";
static_configs = [{
targets = [ "localhost:${toString config.services.prometheus.exporters.nginx.port}" ];
}];
}
{
job_name = "nextcloud";
static_configs = [{
targets = [ "localhost:${toString config.services.prometheus.exporters.nextcloud.port}" ];
}];
}
];
exporters = {
node = {
enable = true;
port = 9000;
enabledCollectors = [ "systemd" ];
extraFlags = [ "--collector.ethtool" "--collector.softirqs" "--collector.tcpstat" "--collector.wifi" ];
};
zfs = {
enable = true;
port = 9134;
pools = [
"Vault"
];
};
restic = {
enable = false;
port = 9753;
};
nginx = {
enable = true;
port = 9113;
sslVerify = false;
scrapeUri = "http://localhost/nginx_status";
};
nextcloud = lib.mkIf config.swarselsystems.server.nextcloud {
enable = true;
port = 9205;
url = "https://stash.swarsel.win/ocs/v2.php/apps/serverinfo/api/v1/info";
username = "admin";
passwordFile = config.sops.secrets.nextcloudadminpass.path;
};
};
};
services.nginx = {
virtualHosts = {
"status.swarsel.win" = {
enableACME = true;
forceSSL = true;
acmeRoot = null;
locations = {
"/" = {
proxyPass = "http://localhost:3000";
extraConfig = ''
client_max_body_size 0;
'';
};
"/prometheus" = {
proxyPass = "http://localhost:9090";
extraConfig = ''
client_max_body_size 0;
'';
};
};
};
};
};
};
}