diff --git a/flake.nix b/flake.nix index 8df2c96c..7ee9ac5d 100644 --- a/flake.nix +++ b/flake.nix @@ -253,9 +253,6 @@ c3d2-user-module.nixosModule nixos-modules.nixosModule ./config - ./modules/audio-server.nix - ./modules/c3d2.nix - ./modules/stats.nix ./modules/pi-sensors.nix ] ++ modules; }; @@ -761,7 +758,6 @@ ./modules/backup.nix ./modules/c3d2.nix ./modules/nncp.nix - ./modules/monitoring.nix ./modules/plume.nix ./modules/stats.nix ]; diff --git a/modules/monitoring.nix b/modules/monitoring.nix deleted file mode 100644 index dab2e961..00000000 --- a/modules/monitoring.nix +++ /dev/null @@ -1,43 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - services = lib.mkIf (pkgs.system != "riscv64-linux") { - nginx = { - enable = true; - virtualHosts."_" = { - listen = - let - port = 9100; - in - [ - { addr = "0.0.0.0"; inherit port; } - { addr = "[::]"; inherit port; } - ]; - locations."/metrics" = { - proxyPass = "http://127.0.0.1:${toString config.services.prometheus.exporters.node.port}/metrics"; - # ip ranges duplicated with matemat - extraConfig = '' - satisfy any; - allow 2a00:8180:2c00:200::/56; - allow 2a0f:5382:acab:1400::/56; - allow fd23:42:c3d2:500::/56; - allow 30c:c3d2:b946:76d0::/64; - allow ::1/128; - allow 172.22.99.0/24; - allow 172.20.72.0/21; - allow 127.0.0.0/8; - deny all; - ''; - }; - }; - }; - - prometheus.exporters.node = { - enable = true; - enabledCollectors = [ "ethtool" "systemd" ]; - listenAddress = "127.0.0.1"; - openFirewall = true; - port = 9101; - }; - }; -} diff --git a/modules/stats.nix b/modules/stats.nix index 22e66383..4cab78b0 100644 --- a/modules/stats.nix +++ b/modules/stats.nix @@ -1,4 +1,4 @@ -{ lib, config, ... }: +{ config, lib, pkgs, ... }: let cfg = config.c3d2.hq.statistics; @@ -14,60 +14,112 @@ in }; config = { - services.collectd = lib.mkIf cfg.enable { - enable = true; - extraConfig = '' - FQDNLookup false - Interval 10 - ''; - buildMinimalPackage = true; - plugins = { - logfile = '' - LogLevel info - File STDOUT - ''; - network = '' - Server "grafana.serv.zentralwerk.org" "25826" - ''; - memory = ""; - processes = ""; - disk = ""; - df = ""; - cpu = ""; - entropy = ""; - load = ""; - swap = ""; - cgroups = ""; - vmem = ""; - interface = ""; - } // lib.optionalAttrs isMetal { - sensors = ""; - cpufreq = ""; - irq = ""; - ipmi = ""; - thermal = ""; - } // lib.optionalAttrs config.services.nginx.enable { - nginx = '' - URL "http://localhost/nginx_status" - ''; - }; - }; - # Workaround for nixpkgs/master: - users.users.collectd = { - isSystemUser = true; - group = "collectd"; - }; - users.groups.collectd = {}; + services = lib.mkMerge [ + { + collectd = lib.mkIf cfg.enable { + enable = true; + extraConfig = '' + FQDNLookup false + Interval 10 + ''; + buildMinimalPackage = true; + plugins = { + logfile = '' + LogLevel info + File STDOUT + ''; + network = '' + Server "grafana.serv.zentralwerk.org" "25826" + ''; + memory = ""; + processes = ""; + disk = ""; + df = ""; + cpu = ""; + entropy = ""; + load = ""; + swap = ""; + cgroups = ""; + vmem = ""; + interface = ""; + } // lib.optionalAttrs isMetal { + sensors = ""; + cpufreq = ""; + irq = ""; + ipmi = ""; + thermal = ""; + } // lib.optionalAttrs config.services.nginx.enable { + nginx = '' + URL "http://localhost/nginx_status" + ''; + }; + }; - services.nginx = lib.mkIf config.services.nginx.enable { - virtualHosts.localhost.locations."/nginx_status".extraConfig = '' - stub_status; + services.nginx = lib.mkIf config.services.nginx.enable { + virtualHosts.localhost = { + listen = [ + { + addr = "127.0.0.1"; + port = 9101; + } + { + addr = "[::1]"; + port = 9101; + } + ]; + locations."/nginx_status".extraConfig = '' + stub_status; - access_log off; - allow 127.0.0.1; - allow ::1; - deny all; - ''; - }; + access_log off; + allow 127.0.0.1; + allow ::1; + deny all; + ''; + }; + }; + } + + { + services = lib.mkIf (pkgs.system != "riscv64-linux") { + nginx = { + enable = true; + virtualHosts."_" = { + listen = + let + port = 9100; + in + [ + { addr = "0.0.0.0"; inherit port; } + { addr = "[::]"; inherit port; } + ]; + locations."/metrics" = { + proxyPass = "http://127.0.0.1:${toString config.services.prometheus.exporters.node.port}/metrics"; + # ip ranges duplicated with matemat + extraConfig = '' + satisfy any; + allow 2a00:8180:2c00:200::/56; + allow 2a0f:5382:acab:1400::/56; + allow fd23:42:c3d2:500::/56; + allow 30c:c3d2:b946:76d0::/64; + allow ::1/128; + allow 172.22.99.0/24; + allow 172.20.72.0/21; + allow 127.0.0.0/8; + deny all; + ''; + }; + }; + }; + + prometheus.exporters.node = { + enable = true; + enabledCollectors = [ "ethtool" "systemd" ]; + listenAddress = "127.0.0.1"; + openFirewall = true; + port = 9101; + }; + }; + } + ]; }; }