prometheus: format
This commit is contained in:
parent
4f8e8119b8
commit
93d428d98d
|
@ -69,7 +69,7 @@
|
||||||
)
|
)
|
||||||
(builtins.attrNames zwNets.${net}.hosts4);
|
(builtins.attrNames zwNets.${net}.hosts4);
|
||||||
in
|
in
|
||||||
[ {
|
[{
|
||||||
targets = fromNet "serv" (_: true);
|
targets = fromNet "serv" (_: true);
|
||||||
labels.__meta_net = "net-serv";
|
labels.__meta_net = "net-serv";
|
||||||
} {
|
} {
|
||||||
|
@ -93,7 +93,7 @@
|
||||||
# buzzrelay: buzzrelay
|
# buzzrelay: buzzrelay
|
||||||
"relay.fedi.buzz"
|
"relay.fedi.buzz"
|
||||||
];
|
];
|
||||||
} ];
|
}];
|
||||||
}];
|
}];
|
||||||
|
|
||||||
exporters = {
|
exporters = {
|
||||||
|
@ -111,33 +111,35 @@
|
||||||
webExternalUrl = "https://prometheus.serv.zentralwerk.org/";
|
webExternalUrl = "https://prometheus.serv.zentralwerk.org/";
|
||||||
};
|
};
|
||||||
|
|
||||||
services.alert2muc = {
|
services = {
|
||||||
|
alert2muc = {
|
||||||
enable = true;
|
enable = true;
|
||||||
configFile = config.sops.secrets."alert2muc/config".path;
|
configFile = config.sops.secrets."alert2muc/config".path;
|
||||||
};
|
};
|
||||||
|
|
||||||
services.nginx = {
|
nginx = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
virtualHosts."prometheus.serv.zentralwerk.org" = {
|
virtualHosts."prometheus.serv.zentralwerk.org" = {
|
||||||
# serverAliases = [ "registry.serv.zentralwerk.org" ];
|
# serverAliases = [ "registry.serv.zentralwerk.org" ];
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
locations."/" = {
|
locations = {
|
||||||
|
"/" = {
|
||||||
proxyPass = "http://localhost:${toString config.services.prometheus.port}";
|
proxyPass = "http://localhost:${toString config.services.prometheus.port}";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
auth_basic "Prometheus";
|
auth_basic "Prometheus";
|
||||||
auth_basic_user_file ${config.sops.secrets."nginx/httpAuth".path};
|
auth_basic_user_file ${config.sops.secrets."nginx/httpAuth".path};
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
locations."/alertmanager" = {
|
"/alertmanager" = {
|
||||||
proxyPass = "http://localhost:${toString config.services.prometheus.alertmanager.port}";
|
proxyPass = "http://localhost:${toString config.services.prometheus.alertmanager.port}";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
auth_basic "Prometheus";
|
auth_basic "Prometheus";
|
||||||
auth_basic_user_file ${config.sops.secrets."nginx/httpAuth".path};
|
auth_basic_user_file ${config.sops.secrets."nginx/httpAuth".path};
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
locations."/alert2muc" = {
|
"/alert2muc" = {
|
||||||
proxyPass = "http://localhost:9022";
|
proxyPass = "http://localhost:9022";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
rewrite ^/alert2muc/(.*) /$1 break;
|
rewrite ^/alert2muc/(.*) /$1 break;
|
||||||
|
@ -145,12 +147,16 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
sops = {
|
sops = {
|
||||||
defaultSopsFile = ./secrets.yaml;
|
defaultSopsFile = ./secrets.yaml;
|
||||||
secrets."nginx/httpAuth".owner = config.systemd.services.nginx.serviceConfig.User;
|
secrets = {
|
||||||
secrets."alertmanager/xmpp-password".owner = config.systemd.services.prometheus-xmpp-alerts.serviceConfig.User;
|
"nginx/httpAuth".owner = config.systemd.services.nginx.serviceConfig.User;
|
||||||
secrets."alert2muc/config".owner = config.services.alert2muc.user;
|
"alertmanager/xmpp-password".owner = config.systemd.services.prometheus-xmpp-alerts.serviceConfig.User;
|
||||||
|
"alert2muc/config".owner = config.services.alert2muc.user;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
system.stateVersion = "22.11";
|
system.stateVersion = "22.11";
|
||||||
|
|
Loading…
Reference in New Issue
Block a user