xun/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: xun:1e5b58bb318a4dd51036c2e16f96d5f7c898cce0
Branches Tags
xun:master
..
compare: xun:71153b4e28da5e524450dc9d8f44989953a71d34
Branches Tags
xun:master

2 commits
1e5b58bb31 ... 71153b4e28

Author SHA1 Message Date
xunuwu
71153b4e28
more metrics for prometheus 2025-06-19 14:49:41 +02:00
xunuwu
2621dfa7f5
remove stremio (switch to flatpak version for 5.0 beta) 2025-06-19 12:28:56 +02:00
10 changed files with 69 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

5
hosts/hopper/default.nix
View file

@ -45,6 +45,8 @@
nix.nix
nix.gc
services.flatpak
network.tailscale
network.avahi
network.networkd
@ -55,9 +57,6 @@
builtins.elem (lib.getName pkg) [
"nvidia-x11"
"nvidia-settings"
"stremio-shell"
"stremio-server"
];
};

1
hosts/hopper/home.nix
View file

@ -29,7 +29,6 @@
pwvucontrol
qpwgraph
stremio
moonlight-qt
];

4
hosts/hopper/profiles/lab/caddy.nix
View file

@ -21,7 +21,9 @@ in {
services.caddy = {
enable = true;
globalConfig = ''
metrics
metrics {
per_host
}
servers {
trusted_proxies static 10.0.0.1
}

32
hosts/hopper/profiles/lab/prometheus.nix
View file

@ -10,9 +10,16 @@
scrapeConfigs = [
{
job_name = "node";
static_configs = lib.singleton {
targets = ["127.0.0.1:${toString config.services.prometheus.exporters.node.port}"];
};
static_configs = [
{
targets = ["127.0.0.1:9100"];
labels.alias = "hopper";
}
{
targets = ["rackserv:9100"];
labels.alias = "rackserv";
}
];
}
{
job_name = "tailscale_client";
@ -22,9 +29,16 @@
}
{
job_name = "caddy";
static_configs = lib.singleton {
targets = ["${config.vpnNamespaces."wg".namespaceAddress}:2019"];
};
static_configs = [
{
targets = ["${config.vpnNamespaces."wg".namespaceAddress}:2019"];
labels.alias = "hopper";
}
{
targets = ["rackserv:2019"];
labels.alias = "rackserv";
}
];
}
{
job_name = "slskd";
@ -37,6 +51,12 @@
action = "drop";
};
}
{
job_name = "forgejo";
static_configs = lib.singleton {
targets = ["rackserv:9615"];
};
}
];
};

3
hosts/nixdesk/default.nix
View file

@ -118,9 +118,6 @@
"idea-ultimate"
"android-studio-stable"
"krunker"
"stremio-shell"
"stremio-server"
];
android_sdk.accept_license = true;
};

1
hosts/nixdesk/home.nix
View file

@ -144,7 +144,6 @@
picard
# media
stremio
feishin
foliate

1
hosts/rackserv/default.nix
View file

@ -14,6 +14,7 @@
./profiles/backups.nix
./profiles/caddy.nix
./profiles/forgejo.nix
./profiles/prometheus.nix
]
++ (with systemProfiles; [
core.security

28
hosts/rackserv/profiles/caddy.nix
View file

@ -22,9 +22,20 @@ in {
};
};
# systemd.services.caddy.environment.CADDY_ADMIN = "${vars.tailnet.rackserv}:2019";
services.caddy = {
enable = true;
virtualHosts = {
globalConfig = ''
metrics {
per_host
}
admin :2019 {
origins 127.0.0.1 100.64.0.0/10
}
'';
virtualHosts = let
forgejoPort = toString config.services.forgejo.settings.server.HTTP_PORT;
in {
misc = {
hostName = "${domain}";
serverAliases = ["*.${domain}"];
@ -37,12 +48,21 @@ in {
hostName = "git.${domain}";
useACMEHost = domain;
extraConfig = ''
reverse_proxy localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}
respond /metrics 403
reverse_proxy localhost:${forgejoPort}
'';
};
other = {
forgejoMetrics = {
hostName = ":9615";
extraConfig = ''
respond 404
@blocked {
not {
client_ip ${vars.tailnet.hopper}
path /metrics
}
}
respond @blocked 403
reverse_proxy localhost:${forgejoPort}
'';
};
};

5
hosts/rackserv/profiles/forgejo.nix
View file

@ -11,6 +11,11 @@
HTTP_PORT = 3000;
HTTP_ADDR = "127.0.0.1";
};
metrics = {
ENABLED = true;
ENABLED_ISSUE_BY_LABEL = true;
ENABLED_ISSUE_BY_REPOSITORY = true;
};
service.DISABLE_REGISTRATION = true;
};
};

8
hosts/rackserv/profiles/prometheus.nix Normal file
View file

@ -0,0 +1,8 @@
{
services.prometheus.exporters = {
node = {
enable = true;
enabledCollectors = ["systemd"];
};
};
}