maralorn/nixos-config
1
0
Fork 0
Code Wiki Activity

Seperate monitoring config

Browse source
This commit is contained in:
Malte Brandy 2020-05-04 09:50:11 +02:00
parent e027cd4ddb
commit 0fdf6d1b55
No known key found for this signature in database
GPG key ID: 226A2D41EF5378C9
4 changed files with 170 additions and 160 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
system/monitoring/alertmanager.nix Normal file
View file

@ -0,0 +1,40 @@
{ ... }: {
services = {
nginx = {
virtualHosts."alerts.maralorn.de" = {
enableACME = true;
forceSSL = true;
locations."/" = { proxyPass = "http://localhost:9093"; };
};
};
prometheus = {
alertmanager = {
enable = true;
listenAddress = "0.0.0.0";
extraFlags = [ "--data.retention 7d" ];
configuration = {
"global" = {
"smtp_smarthost" = "hera.m-0.eu:587";
"smtp_from" = "alertmanager@m-0.eu";
"smtp_auth_username" = "alertmanager@m-0.eu";
"smtp_auth_password" = config.m-0.private.alertmanager-mail-pw;
};
"route" = {
"group_by" = [ "alertname" "alias" ];
"group_wait" = "5m";
"group_interval" = "30m";
"repeat_interval" = "7d";
"receiver" = "team-admins";
};
"receivers" = [{
"name" = "team-admins";
"email_configs" = [{
"to" = "monitoring@maralorn.de";
"send_resolved" = true;
}];
}];
};
};
};
};
}

161
system/monitoring/default.nix
View file

@ -1,160 +1 @@
{ config, ... }:
let
inherit (config.m-0) hosts;
inherit (config.m-0.private) monitoring-guest-pw monitoring-pw;
makeProbe = module: targets: {
job_name = "blackbox-${module}";
metrics_path = "/probe";
params = { module = [ module ]; };
static_configs = [{ inherit targets; }];
relabel_configs = [
{
source_labels = [ "__address__" ];
target_label = "__param_target";
}
{
source_labels = [ "__param_target" ];
target_label = "instance";
}
{
target_label = "__address__";
replacement = "localhost:9115";
} # The blackbox exporter's real hostname:port.
];
};
watchNixpkgsPackage = name: {
job_name = "nixpkgs-${name}";
metrics_path = "/job/${name}/prometheus";
scheme = "https";
scrape_interval = "1h";
static_configs = [{ targets = [ "hydra.nixos.org" ]; }];
};
watchNixpkgsHaskellPackage = name: [
(watchNixpkgsPackage
"nixpkgs/haskell-updates/haskellPackages.${name}.x86_64-linux")
(watchNixpkgsPackage
"nixos/release-20.03/nixpkgs.haskellPackages.${name}.x86_64-linux")
];
in {
services = {
nginx = {
enable = true;
virtualHosts."monitoring.maralorn.de" = {
enableACME = true;
basicAuth.maralorn = monitoring-pw;
basicAuth.guest = monitoring-guest-pw;
forceSSL = true;
locations."/" = { proxyPass = "http://localhost:9090"; };
};
virtualHosts."alerts.maralorn.de" = {
enableACME = true;
basicAuth.maralorn = monitoring-pw;
forceSSL = true;
locations."/" = { proxyPass = "http://localhost:9093"; };
};
virtualHosts."stats.maralorn.de" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://localhost:3000/";
};
};
grafana = {
enable = true;
auth.anonymous.enable = true;
users = {
allowOrgCreate = false;
allowSignUp = false;
};
provision = {
enable = true;
datasources = [{
access = "proxy";
name = "prometheus";
type = "prometheus";
url = "http://localhost:9090";
}];
dashboards = [{
name = "Static dashboards";
options.path = ./grafana-dashboards;
}];
};
};
prometheus = {
extraFlags =
[ "--query.lookback-delta=2h" "--storage.tsdb.retention.time 720d" ];
exporters = {
blackbox = {
enable = true;
configFile = ./blackbox_rules.yml;
};
};
alertmanager = {
enable = true;
listenAddress = "0.0.0.0";
configuration = {
"global" = {
"smtp_smarthost" = "hera.m-0.eu:587";
"smtp_from" = "alertmanager@m-0.eu";
"smtp_auth_username" = "alertmanager@m-0.eu";
"smtp_auth_password" = config.m-0.private.alertmanager-mail-pw;
};
"route" = {
"group_by" = [ "alertname" "alias" ];
"group_wait" = "5m";
"group_interval" = "30m";
"repeat_interval" = "7d";
"receiver" = "team-admins";
};
"receivers" = [{
"name" = "team-admins";
"email_configs" = [{
"to" = "monitoring@maralorn.de";
"send_resolved" = true;
}];
}];
};
};
enable = true;
ruleFiles = [ ./rules.yml ];
scrapeConfigs = [
(makeProbe "tcp_connect" [ "hera.m-0.eu:25" "hera.m-0.eu:80" ])
(makeProbe "tls_connect" [ "hera.m-0.eu:993" "hera.m-0.eu:443" ])
(makeProbe "smtp_starttls" [ "hera.m-0.eu:587" ])
(makeProbe "http" [ "http://localhost:9090" "http://localhost:9093" ])
(makeProbe "https" [
"https://blog.maralorn.de"
"https://www.mathechor.de"
"https://cloud.mathechor.de"
"https://cloud.maralorn.de"
"https://riot.maralorn.de"
"https://wiki.vocalensemble-darmstadt.de"
"https://cloud.vocalensemble-darmstadt.de"
"https://www.vocalensemble-darmstadt.de"
"https://matrix.maralorn.de"
])
{
job_name = "matrix";
metrics_path = "/_synapse/metrics";
static_configs = [{ targets = [ "localhost:9148" ]; }];
}
{
job_name = "nodes";
static_configs = map (entry: {
targets = [ entry.host ];
labels = { "name" = entry.name; };
}) config.m-0.monitoring;
}
(watchNixpkgsPackage
"nixpkgs/haskell-updates/haskellPackages.cabal-fmt.x86_64-linux")
] ++ (watchNixpkgsHaskellPackage "ghcide")
++ (watchNixpkgsHaskellPackage "brittany")
++ (watchNixpkgsHaskellPackage "releaser")
++ (watchNixpkgsHaskellPackage "hlint")
++ (watchNixpkgsHaskellPackage "relude")
++ (watchNixpkgsHaskellPackage "taskwarrior");
alertmanagers =
[{ static_configs = [{ targets = [ "localhost:9093" ]; }]; }];
};
};
}
{ ... }: { imports = [ ./alertmanager.nix ./grafana.nix ./prometheus.nix ]; }

32
system/monitoring/grafana.nix Normal file
View file

@ -0,0 +1,32 @@
{ ... }: {
services = {
nginx = {
virtualHosts."stats.maralorn.de" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://localhost:3000/";
};
};
grafana = {
enable = true;
auth.anonymous.enable = true;
users = {
allowOrgCreate = false;
allowSignUp = false;
};
provision = {
enable = true;
datasources = [{
access = "proxy";
name = "prometheus";
type = "prometheus";
url = "http://localhost:9090";
}];
dashboards = [{
name = "Static dashboards";
options.path = ./grafana-dashboards;
}];
};
};
};
}

97
system/monitoring/prometheus.nix Normal file
View file

@ -0,0 +1,97 @@
{ config, ... }:
let
makeProbe = module: targets: {
job_name = "blackbox-${module}";
metrics_path = "/probe";
params = { module = [ module ]; };
static_configs = [{ inherit targets; }];
relabel_configs = [
{
source_labels = [ "__address__" ];
target_label = "__param_target";
}
{
source_labels = [ "__param_target" ];
target_label = "instance";
}
{
target_label = "__address__";
replacement = "localhost:9115";
} # The blackbox exporter's real hostname:port.
];
};
watchNixpkgsPackage = name: {
job_name = "nixpkgs-${name}";
metrics_path = "/job/${name}/prometheus";
scheme = "https";
scrape_interval = "1h";
static_configs = [{ targets = [ "hydra.nixos.org" ]; }];
};
watchNixpkgsHaskellPackage = name: [
(watchNixpkgsPackage
"nixpkgs/haskell-updates/haskellPackages.${name}.x86_64-linux")
(watchNixpkgsPackage
"nixos/release-20.03/nixpkgs.haskellPackages.${name}.x86_64-linux")
];
in {
services = {
nginx = {
virtualHosts."monitoring.maralorn.de" = {
enableACME = true;
forceSSL = true;
locations."/" = { proxyPass = "http://localhost:9090"; };
};
};
prometheus = {
enable = true;
extraFlags =
[ "--query.lookback-delta 2h" "--storage.tsdb.retention.time 720d" ];
exporters = {
blackbox = {
enable = true;
configFile = ./blackbox_rules.yml;
};
};
ruleFiles = [ ./rules.yml ];
scrapeConfigs = [
(makeProbe "tcp_connect" [ "hera.m-0.eu:25" "hera.m-0.eu:80" ])
(makeProbe "tls_connect" [ "hera.m-0.eu:993" "hera.m-0.eu:443" ])
(makeProbe "smtp_starttls" [ "hera.m-0.eu:587" ])
(makeProbe "http" [ "http://localhost:9090" "http://localhost:9093" ])
(makeProbe "https" [
"https://blog.maralorn.de"
"https://www.mathechor.de"
"https://cloud.mathechor.de"
"https://cloud.maralorn.de"
"https://riot.maralorn.de"
"https://wiki.vocalensemble-darmstadt.de"
"https://cloud.vocalensemble-darmstadt.de"
"https://www.vocalensemble-darmstadt.de"
"https://matrix.maralorn.de"
])
{
job_name = "matrix";
metrics_path = "/_synapse/metrics";
static_configs = [{ targets = [ "localhost:9148" ]; }];
}
{
job_name = "nodes";
static_configs = map (entry: {
targets = [ entry.host ];
labels = { "name" = entry.name; };
}) config.m-0.monitoring;
}
(watchNixpkgsPackage
"nixpkgs/haskell-updates/haskellPackages.cabal-fmt.x86_64-linux")
] ++ (watchNixpkgsHaskellPackage "ghcide")
++ (watchNixpkgsHaskellPackage "brittany")
++ (watchNixpkgsHaskellPackage "releaser")
++ (watchNixpkgsHaskellPackage "hlint")
++ (watchNixpkgsHaskellPackage "relude")
++ (watchNixpkgsHaskellPackage "taskwarrior");
alertmanagers =
[{ static_configs = [{ targets = [ "localhost:9093" ]; }]; }];
};
};
}