]> Git — Sourcephile - sourcephile-nix.git/blob - hosts/losurdo/prometheus.nix
fail2ban: use a profile
[sourcephile-nix.git] / hosts / losurdo / prometheus.nix
1 { pkgs, lib, config, hostName, ... }:
2 let
3 inherit (config.services) prometheus;
4 listenAddress = "127.0.0.1";
5 in
6 {
7 services.prometheus = {
8 enable = true;
9 inherit listenAddress;
10 port = 9090;
11 extraFlags = [
12 "--storage.tsdb.retention.time 30d"
13 ];
14 exporters = {
15 apcupsd = {
16 enable = true;
17 inherit listenAddress;
18 };
19 node = {
20 enable = true;
21 inherit listenAddress;
22 #enabledCollectors = [ "wifi" ];
23 };
24 smokeping = {
25 #enable = true;
26 inherit listenAddress;
27 buckets = "0.0001,0.001,0.005,0.01,0.02,0.04,0.06,0.08,0.16,0.24,0.32,0.4,0.48,0.8,1.6,3.2,6.4";
28 hosts = [ "www.fdn.fr" "8.8.8.8" ];
29 pingInterval = "3s";
30 };
31 systemd = {
32 enable = true;
33 inherit listenAddress;
34 };
35 wireguard = {
36 #enable = true;
37 inherit listenAddress;
38 withRemoteIp = true;
39 };
40 };
41 scrapeConfigs = [
42 {
43 job_name = hostName;
44 static_configs = [
45 {
46 targets = [
47 "${listenAddress}:${toString prometheus.exporters.apcupsd.port}"
48 "${listenAddress}:${toString prometheus.exporters.node.port}"
49 #"[${listenAddress}:${toString prometheus.exporters.smokeping.port}"
50 "${listenAddress}:${toString prometheus.exporters.systemd.port}"
51 #"${listenAddress}:${toString prometheus.exporters.wireguard.port}"
52 ];
53 }
54 ];
55 }
56 ];
57 /*
58 alertmanagers = [
59 {
60 static_configs = [ { targets = [ "${listenAddress}:9093" ]; } ];
61 }
62 ];
63 alertmanager = {
64 enable = true;
65 inherit listenAddress;
66 configuration = {
67 global = {
68 "smtp_smarthost" = "localhost:25";
69 "smtp_require_tls" = false;
70 "smtp_from" = "alertmanager@${domain}";
71 };
72 route = {
73 "group_by" = [ "alertname" "alias" ];
74 "group_wait" = "30s";
75 "group_interval" = "2m";
76 "repeat_interval" = "12h";
77 "receiver" = "root";
78 };
79 receivers = [
80 {
81 "name" = "root";
82 "email_configs" = [
83 {
84 "to" = "root+alertmanager@${domain}";
85 "send_resolved" = true;
86 }
87 ];
88 }
89 ];
90 };
91 };
92 rules = [
93 ''
94 groups:
95 - name: custom_rules
96 rules:
97 - record: battery_percent
98 expr: 100 * battery_energy_now / battery_energy_full
99 - alert: battery_soon_out
100 expr: predict_linear(battery_percent[30m], 3600) <= 10
101 for: 5m
102 labels:
103 severity: warning
104 annotations:
105 summary: "Instance [{{ $labels.instance }}] battery about 1h left"
106 description: "[{{ $labels.instance }}] battery in 1h estimated to {{ $value }}%"
107 ''
108 ];
109 */
110 };
111 systemd.services.grafana = {
112 after = [ "wireguard-wg-intra.service" ];
113 requires = [ "wireguard-wg-intra.service" ];
114 };
115 services.grafana = {
116 enable = true;
117 settings = {
118 server.http_port = 3000;
119 setver.http_addr = "${hostName}.wg"; # listenAddress;
120 analytics.reporting_enabled = false;
121 analytics.check_for_updates = false;
122 analytics.check_for_plugin_updates = false;
123 };
124 };
125 # override systemd exporter execstart to enable option...
126 # FIXME: use extraFlags
127 systemd.services.prometheus-systemd-exporter.serviceConfig = {
128 ExecStart = lib.mkForce ''
129 ${pkgs.prometheus-systemd-exporter}/bin/systemd_exporter \
130 --web.listen-address=${listenAddress}:${toString prometheus.exporters.systemd.port} \
131 --systemd.collector.enable-ip-accounting \
132 --systemd.collector.enable-restart-count
133 '';
134 };
135 }