From f83384f23e9d946d2e6d0daded629c89ef8c2814 Mon Sep 17 00:00:00 2001 From: Swarsel Date: Fri, 18 Oct 2024 22:03:17 +0200 Subject: [PATCH] feat: add initial prometheus on winters --- SwarselSystems.org | 43 ++++++++++++++++++++++----- profiles/server/common/monitoring.nix | 33 +++++++++++++++++--- 2 files changed, 64 insertions(+), 12 deletions(-) diff --git a/SwarselSystems.org b/SwarselSystems.org index e9f8795..498df0a 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -6576,8 +6576,8 @@ Also, the system state version is set here. No need to touch it. sops.secrets = { grafanaadminpass = { owner = "grafana"; - } - } + }; + }; users.users.grafana = { extraGroups = [ "users" ]; }; @@ -6587,8 +6587,29 @@ Also, the system state version is set here. No need to touch it. dataDir = "/Vault/data/grafana"; admin_password = "$__file{/run/secrets/grafanaadminpass}"; settings = { - http_port = 3000; - http_addr = "127.0.0.1"; + security.admin_password = "$__file{/run/secrets/grafanaadminpass}"; + server = { + http_port = 3000; + http_addr = "127.0.0.1"; + protocol = "https"; + domain = "status.swarsel.win"; + root_url = "%(protocol)s://%(domain)s:%(http_port)s/grafana/"; + }; + }; + }; + + services.prometheus = { + webExternalUrl = "https://status.swarsel.win/prometheus"; + port = 9090; + listenAddress = "127.0.0.1"; + exporters = { + zfs = { + enable = true; + port = 9134; + pools = [ + "Vault" + ]; + }; }; }; @@ -6599,11 +6620,17 @@ Also, the system state version is set here. No need to touch it. forceSSL = true; acmeRoot = null; locations = { - "/" = { - proxyPass = "http://localhost:3000/"; + "/grafana" = { + proxyPass = "http://localhost:3000/grafana/"; extraConfig = '' - client_max_body_size 0; - ''; + client_max_body_size 0; + ''; + }; + "/prometheus" = { + proxyPass = "http://localhost:9090/prometheus/"; + extraConfig = '' + client_max_body_size 0; + ''; }; }; }; diff --git a/profiles/server/common/monitoring.nix b/profiles/server/common/monitoring.nix index c651208..bd54bab 100644 --- a/profiles/server/common/monitoring.nix +++ b/profiles/server/common/monitoring.nix @@ -7,18 +7,37 @@ owner = "grafana"; }; }; - users.users.grafana = { - extraGroups = [ "users" ]; + users.users.grafana = { + extraGroups = [ "users" ]; }; services.grafana = { enable = true; dataDir = "/Vault/data/grafana"; + admin_password = "$__file{/run/secrets/grafanaadminpass}"; settings = { security.admin_password = "$__file{/run/secrets/grafanaadminpass}"; server = { http_port = 3000; http_addr = "127.0.0.1"; + protocol = "https"; + domain = "status.swarsel.win"; + root_url = "%(protocol)s://%(domain)s:%(http_port)s/grafana/"; + }; + }; + }; + + services.prometheus = { + webExternalUrl = "https://status.swarsel.win/prometheus"; + port = 9090; + listenAddress = "127.0.0.1"; + exporters = { + zfs = { + enable = true; + port = 9134; + pools = [ + "Vault" + ]; }; }; }; @@ -30,8 +49,14 @@ forceSSL = true; acmeRoot = null; locations = { - "/" = { - proxyPass = "http://localhost:3000/"; + "/grafana" = { + proxyPass = "http://localhost:3000/grafana/"; + extraConfig = '' + client_max_body_size 0; + ''; + }; + "/prometheus" = { + proxyPass = "http://localhost:9090/prometheus/"; extraConfig = '' client_max_body_size 0; '';