c3d2/nix-config
c3d2/nix-config
23
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity

prometheus: format

Browse Source
This commit is contained in:
Sandro - 2023-09-15 23:00:05 +02:00
parent 4f8e8119b8
commit 93d428d98d
Signed by: sandro
GPG Key ID: 3AF5A43A3EECC2E5
1 changed files with 44 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
hosts/prometheus/default.nix
View File

@ -69,7 +69,7 @@
) )
(builtins.attrNames zwNets.${net}.hosts4); (builtins.attrNames zwNets.${net}.hosts4);
in in
[ { [{
targets = fromNet "serv" (_: true); targets = fromNet "serv" (_: true);
labels.__meta_net = "net-serv"; labels.__meta_net = "net-serv";
} { } {
@ -93,7 +93,7 @@
# buzzrelay: buzzrelay # buzzrelay: buzzrelay
"relay.fedi.buzz" "relay.fedi.buzz"
]; ];
} ]; }];
}]; }];
exporters = { exporters = {
@ -111,33 +111,35 @@
webExternalUrl = "https://prometheus.serv.zentralwerk.org/"; webExternalUrl = "https://prometheus.serv.zentralwerk.org/";
}; };
services.alert2muc = { services = {
alert2muc = {
enable = true; enable = true;
configFile = config.sops.secrets."alert2muc/config".path; configFile = config.sops.secrets."alert2muc/config".path;
}; };
services.nginx = { nginx = {
enable = true; enable = true;
virtualHosts."prometheus.serv.zentralwerk.org" = { virtualHosts."prometheus.serv.zentralwerk.org" = {
# serverAliases = [ "registry.serv.zentralwerk.org" ]; # serverAliases = [ "registry.serv.zentralwerk.org" ];
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations = {
"/" = {
proxyPass = "http://localhost:${toString config.services.prometheus.port}"; proxyPass = "http://localhost:${toString config.services.prometheus.port}";
extraConfig = '' extraConfig = ''
auth_basic "Prometheus"; auth_basic "Prometheus";
auth_basic_user_file ${config.sops.secrets."nginx/httpAuth".path}; auth_basic_user_file ${config.sops.secrets."nginx/httpAuth".path};
''; '';
}; };
locations."/alertmanager" = { "/alertmanager" = {
proxyPass = "http://localhost:${toString config.services.prometheus.alertmanager.port}"; proxyPass = "http://localhost:${toString config.services.prometheus.alertmanager.port}";
extraConfig = '' extraConfig = ''
auth_basic "Prometheus"; auth_basic "Prometheus";
auth_basic_user_file ${config.sops.secrets."nginx/httpAuth".path}; auth_basic_user_file ${config.sops.secrets."nginx/httpAuth".path};
''; '';
}; };
locations."/alert2muc" = { "/alert2muc" = {
proxyPass = "http://localhost:9022"; proxyPass = "http://localhost:9022";
extraConfig = '' extraConfig = ''
rewrite ^/alert2muc/(.*) /$1 break; rewrite ^/alert2muc/(.*) /$1 break;
@ -145,12 +147,16 @@
}; };
}; };
}; };
};
};
sops = { sops = {
defaultSopsFile = ./secrets.yaml; defaultSopsFile = ./secrets.yaml;
secrets."nginx/httpAuth".owner = config.systemd.services.nginx.serviceConfig.User; secrets = {
secrets."alertmanager/xmpp-password".owner = config.systemd.services.prometheus-xmpp-alerts.serviceConfig.User; "nginx/httpAuth".owner = config.systemd.services.nginx.serviceConfig.User;
secrets."alert2muc/config".owner = config.services.alert2muc.user; "alertmanager/xmpp-password".owner = config.systemd.services.prometheus-xmpp-alerts.serviceConfig.User;
"alert2muc/config".owner = config.services.alert2muc.user;
};
}; };
system.stateVersion = "22.11"; system.stateVersion = "22.11";