fw/nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added lots of sops

Browse source
This commit is contained in:
fwastring 2025-09-13 22:02:42 +02:00
parent 84bec55415
commit 01c04cd91c
25 changed files with 532 additions and 183 deletions
Download patch file Download diff file Expand all files Collapse all files

101
moduler/services/monitoring/default.nix
View file

@ -1,53 +1,115 @@
{
lib,
config,
pkgs,
...
}:
with lib;
let
in
{
options = {
grafana = {
enable = lib.mkEnableOption "enables grafana";
host = lib.mkDefault "127.0.0.1";
port = lib.mkDefault 2342;
domain = lib.mkOption {
type = lib.types.str;
enable = mkEnableOption "enables grafana";
port = lib.mkOption {
type = lib.types.int;
default = 2342;
description = "The port Grafana listens on.";
};
host = mkOption {
type = types.str;
defaultText = literalExpression "127.0.0.1";
description = "The hostname that Grafana binds to";
};
domain = mkOption {
type = types.str;
description = "Domain name for Grafana to be served on.";
};
};
alloy = {
enable = mkEnableOption "enables alloy";
configPath = lib.mkOption {
type = lib.types.path;
default = ./alloy.yaml;
description = "The path to the configPath.";
};
};
prometheus = {
enable = lib.mkEnableOption "enables prometheus";
port = lib.mkDefault 9001;
exporter = {
enable = lib.mkEnableOption "enables node exporter";
port = lib.mkDefault 9002;
enable = mkEnableOption "enables prometheus";
port = lib.mkOption {
type = lib.types.int;
default = 9001;
description = "The port Prometheus listens on.";
};
exporters = {
enable = mkEnableOption "enables node exporters";
port = lib.mkOption {
type = lib.types.int;
default = 9002;
description = "The port Prometheus node exporter listens on.";
};
};
};
loki = {
enable = mkEnableOption "enables prometheus";
configFile = lib.mkOption {
type = lib.types.path;
default = ./loki.yaml;
description = "The path to the configFile.";
};
dataDir = lib.mkOption {
type = lib.types.str;
default = "/var/loki";
description = "The path to the data directory.";
};
};
};
config = lib.mkMerge [
(lib.mkIf config.grafana.enable {
config = mkMerge [
(mkIf config.grafana.enable {
services.grafana = {
enable = true;
domain = config.grafana.domain;
port = config.grafana.port;
addr = config.grafana.host;
settings = {
server = {
domain = config.grafana.domain;
http_port = config.grafana.port;
http_addr = config.grafana.host;
};
};
};
# nginx reverse proxy
services.nginx.virtualHosts."${config.grafana.domain}" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://${config.grafana.host}:${toString config.grafana.port}";
proxyWebsockets = true;
extraConfig = "proxy_ssl_server_name on;" + "proxy_pass_header Authorization;";
};
};
})
(mkIf config.loki.enable {
networking.firewall.allowedTCPPorts = [ 3100 ];
services.loki = {
enable = true;
configFile = config.loki.configFile;
dataDir = config.loki.dataDir;
};
})
(mkIf config.alloy.enable {
services.alloy = {
enable = true;
configPath = config.alloy.configPath;
};
})
(lib.mkIf config.prometheus.enable {
(mkIf config.prometheus.enable {
services.prometheus = {
enable = true;
port = config.prometheus.port;
exporters = lib.mkIf config.prometheus.exporters {
exporters = mkIf config.prometheus.exporters.enable {
node = {
enable = true;
enabledCollectors = [ "systemd" ];
@ -56,7 +118,7 @@
};
scrapeConfigs = [
{
job_name = "chrysalis";
job_name = "desktop";
static_configs = [
{
targets = [ "${config.grafana.host}:${toString config.prometheus.exporters.port}" ];
@ -64,7 +126,6 @@
];
}
];
};
})
];