2019-07-06 02:10:46 +02:00
|
|
|
|
# Edit this configuration file to define what should be installed on
|
|
|
|
|
# your system. Help is available in the configuration.nix(5) man page
|
|
|
|
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
|
|
|
|
|
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
imports =
|
|
|
|
|
[ ../../../lib/lxc-container.nix
|
|
|
|
|
../../../lib/shared.nix
|
|
|
|
|
../../../lib/admins.nix
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
|
vim
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
networking = {
|
|
|
|
|
hostName = "prometheus";
|
|
|
|
|
firewall = {
|
|
|
|
|
allowedTCPPorts = [
|
|
|
|
|
22
|
|
|
|
|
80
|
|
|
|
|
443
|
|
|
|
|
9090
|
|
|
|
|
9091
|
|
|
|
|
9093
|
|
|
|
|
9094
|
|
|
|
|
];
|
|
|
|
|
enable = true;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.prometheus = {
|
|
|
|
|
enable = true;
|
|
|
|
|
|
|
|
|
|
alertmanager = {
|
|
|
|
|
enable = true;
|
|
|
|
|
openFirewall = true;
|
|
|
|
|
webExternalUrl = "http://prometheus.serv.zentralwerk.org/alertmanager/";
|
|
|
|
|
listenAddress = "0.0.0.0";
|
|
|
|
|
configuration = {
|
|
|
|
|
"global" = {
|
|
|
|
|
"smtp_smarthost" = "mail.serv.zentralwerk.org:587";
|
|
|
|
|
"smtp_from" = "alertmanager@prometheus.serv.zentralwerk.org";
|
|
|
|
|
};
|
|
|
|
|
"route" = {
|
|
|
|
|
"group_by" = [ "alertname" "alias" ];
|
|
|
|
|
"group_wait" = "30s";
|
|
|
|
|
"group_interval" = "2m";
|
|
|
|
|
"repeat_interval" = "4h";
|
|
|
|
|
"receiver" = "team-admins";
|
|
|
|
|
};
|
|
|
|
|
"receivers" = [
|
|
|
|
|
{
|
|
|
|
|
"name" = "team-admins";
|
|
|
|
|
# "email_configs" = [
|
|
|
|
|
# {
|
|
|
|
|
# "to" = "devnull@example.com";
|
|
|
|
|
# "send_resolved" = true;
|
|
|
|
|
# }
|
|
|
|
|
# ];
|
|
|
|
|
# "webhook_configs" = [
|
|
|
|
|
# {
|
|
|
|
|
# "url" = "https://example.com/prometheus-alerts";
|
|
|
|
|
# "send_resolved" = true;
|
|
|
|
|
# }
|
|
|
|
|
# ];
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2019-11-09 14:29:33 +01:00
|
|
|
|
# alertmanagerURL = [ "http://prometheus.serv.zentralwerk.org/alertmanager/" ];
|
2019-07-06 02:10:46 +02:00
|
|
|
|
|
|
|
|
|
pushgateway = {
|
|
|
|
|
enable = true;
|
|
|
|
|
web.external-url = "http://prometheus.serv.zentralwerk.org/push/";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
exporters.collectd.enable = true;
|
|
|
|
|
exporters.collectd.openFirewall = true;
|
|
|
|
|
|
|
|
|
|
exporters.nginx.enable = true;
|
2019-08-15 18:12:55 +02:00
|
|
|
|
exporters.nginx.openFirewall = true;
|
2019-07-06 02:10:46 +02:00
|
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.nginx = {
|
|
|
|
|
enable = true;
|
2019-11-09 14:39:50 +01:00
|
|
|
|
|
2019-07-06 02:10:46 +02:00
|
|
|
|
virtualHosts."prometheus.serv.zentralwerk.org" = {
|
2019-11-09 14:39:50 +01:00
|
|
|
|
# serverAliases = [ "registry.serv.zentralwerk.org" ];
|
2019-07-06 02:10:46 +02:00
|
|
|
|
enableACME = true;
|
2019-11-09 14:39:50 +01:00
|
|
|
|
onlySSL = true;
|
2019-07-06 02:10:46 +02:00
|
|
|
|
locations.".well-known/acme-challenge/" = {
|
2019-11-09 14:39:50 +01:00
|
|
|
|
root = "/var/lib/acme/acme-challenge/.well-known/acme-challenge/";
|
2019-07-06 02:10:46 +02:00
|
|
|
|
};
|
2019-11-09 14:39:50 +01:00
|
|
|
|
locations."/" = { proxyPass = "http://localhost:9090"; };
|
2019-07-06 02:10:46 +02:00
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
system.stateVersion = "19.03"; # Did you read the comment?
|
|
|
|
|
|
|
|
|
|
}
|