xun/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

more metrics for prometheus

Browse source
This commit is contained in:
xunuwu 2025-06-19 04:48:05 +02:00
parent 2621dfa7f5
commit 71153b4e28
Signed by: xun
SSH key fingerprint: SHA256:Uot/1WoAjWAeqLOHA5vYy4phhVydsH7jCPmBjaPZfgI
6 changed files with 67 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

4
hosts/hopper/profiles/lab/caddy.nix
View file

@ -21,7 +21,9 @@ in {
services.caddy = { services.caddy = {
enable = true; enable = true;
globalConfig = '' globalConfig = ''
metrics metrics {
per_host
}
servers { servers {
trusted_proxies static 10.0.0.1 trusted_proxies static 10.0.0.1
} }

30
hosts/hopper/profiles/lab/prometheus.nix
View file

@ -10,9 +10,16 @@
scrapeConfigs = [ scrapeConfigs = [
{ {
job_name = "node"; job_name = "node";
static_configs = lib.singleton { static_configs = [
targets = ["127.0.0.1:${toString config.services.prometheus.exporters.node.port}"]; {
}; targets = ["127.0.0.1:9100"];
labels.alias = "hopper";
}
{
targets = ["rackserv:9100"];
labels.alias = "rackserv";
}
];
} }
{ {
job_name = "tailscale_client"; job_name = "tailscale_client";
@ -22,9 +29,16 @@
} }
{ {
job_name = "caddy"; job_name = "caddy";
static_configs = lib.singleton { static_configs = [
{
targets = ["${config.vpnNamespaces."wg".namespaceAddress}:2019"]; targets = ["${config.vpnNamespaces."wg".namespaceAddress}:2019"];
}; labels.alias = "hopper";
}
{
targets = ["rackserv:2019"];
labels.alias = "rackserv";
}
];
} }
{ {
job_name = "slskd"; job_name = "slskd";
@ -37,6 +51,12 @@
action = "drop"; action = "drop";
}; };
} }
{
job_name = "forgejo";
static_configs = lib.singleton {
targets = ["rackserv:9615"];
};
}
]; ];
}; };

1
hosts/rackserv/default.nix
View file

@ -14,6 +14,7 @@
./profiles/backups.nix ./profiles/backups.nix
./profiles/caddy.nix ./profiles/caddy.nix
./profiles/forgejo.nix ./profiles/forgejo.nix
./profiles/prometheus.nix
] ]
++ (with systemProfiles; [ ++ (with systemProfiles; [
core.security core.security

28
hosts/rackserv/profiles/caddy.nix
View file

@ -22,9 +22,20 @@ in {
}; };
}; };
# systemd.services.caddy.environment.CADDY_ADMIN = "${vars.tailnet.rackserv}:2019";
services.caddy = { services.caddy = {
enable = true; enable = true;
virtualHosts = { globalConfig = ''
metrics {
per_host
}
admin :2019 {
origins 127.0.0.1 100.64.0.0/10
}
'';
virtualHosts = let
forgejoPort = toString config.services.forgejo.settings.server.HTTP_PORT;
in {
misc = { misc = {
hostName = "${domain}"; hostName = "${domain}";
serverAliases = ["*.${domain}"]; serverAliases = ["*.${domain}"];
@ -37,12 +48,21 @@ in {
hostName = "git.${domain}"; hostName = "git.${domain}";
useACMEHost = domain; useACMEHost = domain;
extraConfig = '' extraConfig = ''
reverse_proxy localhost:${toString config.services.forgejo.settings.server.HTTP_PORT} respond /metrics 403
reverse_proxy localhost:${forgejoPort}
''; '';
}; };
other = { forgejoMetrics = {
hostName = ":9615";
extraConfig = '' extraConfig = ''
respond 404 @blocked {
not {
client_ip ${vars.tailnet.hopper}
path /metrics
}
}
respond @blocked 403
reverse_proxy localhost:${forgejoPort}
''; '';
}; };
}; };

5
hosts/rackserv/profiles/forgejo.nix
View file

@ -11,6 +11,11 @@
HTTP_PORT = 3000; HTTP_PORT = 3000;
HTTP_ADDR = "127.0.0.1"; HTTP_ADDR = "127.0.0.1";
}; };
metrics = {
ENABLED = true;
ENABLED_ISSUE_BY_LABEL = true;
ENABLED_ISSUE_BY_REPOSITORY = true;
};
service.DISABLE_REGISTRATION = true; service.DISABLE_REGISTRATION = true;
}; };
}; };

8
hosts/rackserv/profiles/prometheus.nix Normal file
View file

@ -0,0 +1,8 @@
{
services.prometheus.exporters = {
node = {
enable = true;
enabledCollectors = ["systemd"];
};
};
}