111 lines
2.7 KiB
Nix
111 lines
2.7 KiB
Nix
|
{ config, lib, pkgs, ... }:
|
||
|
{
|
||
|
#prometheus
|
||
|
krebs.iptables = {
|
||
|
enable = true;
|
||
|
tables.filter.INPUT.rules = [
|
||
|
{ predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; } # nginx
|
||
|
# { predicate = "-i retiolum -p tcp --dport 3012"; target = "ACCEPT"; } # grafana
|
||
|
# { predicate = "-i retiolum -p tcp --dport 9093"; target = "ACCEPT"; } # alertmanager
|
||
|
# { predicate = "-i retiolum -p tcp --dport 9223"; target = "ACCEPT"; } # alertmanager
|
||
|
];
|
||
|
};
|
||
|
|
||
|
services.nginx = {
|
||
|
enable = true;
|
||
|
virtualHosts = {
|
||
|
"prometheus.lass.r" = {
|
||
|
locations."/".proxyPass = "http://localhost:9090";
|
||
|
};
|
||
|
"alert.lass.r" = {
|
||
|
locations."/".proxyPass = "http://localhost:9093";
|
||
|
};
|
||
|
"grafana.lass.r" = {
|
||
|
locations."/".proxyPass = "http://localhost:3012";
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
|
||
|
services.grafana = {
|
||
|
enable = true;
|
||
|
addr = "0.0.0.0";
|
||
|
port = 3012;
|
||
|
auth.anonymous = {
|
||
|
enable = true;
|
||
|
org_role = "Admin";
|
||
|
};
|
||
|
};
|
||
|
services.prometheus = {
|
||
|
enable = true;
|
||
|
ruleFiles = [
|
||
|
(pkgs.writeText "prometheus-rules.yml" (builtins.toJSON {
|
||
|
groups = [{
|
||
|
name = "alerting-rules";
|
||
|
rules = import ./alert-rules.nix { inherit lib; };
|
||
|
}];
|
||
|
}))
|
||
|
];
|
||
|
scrapeConfigs = [
|
||
|
{
|
||
|
job_name = "telegraf";
|
||
|
scrape_interval = "60s";
|
||
|
metrics_path = "/metrics";
|
||
|
static_configs = [
|
||
|
{
|
||
|
targets = [
|
||
|
"prism.r:9273"
|
||
|
"dishfire.r:9273"
|
||
|
"yellow.r:9273"
|
||
|
];
|
||
|
}
|
||
|
];
|
||
|
}
|
||
|
];
|
||
|
alertmanagers = [
|
||
|
{ scheme = "http";
|
||
|
path_prefix = "/";
|
||
|
static_configs = [ { targets = [ "localhost:9093" ]; } ];
|
||
|
}
|
||
|
];
|
||
|
alertmanager = {
|
||
|
enable = true;
|
||
|
webExternalUrl = "https://alert.lass.r";
|
||
|
listenAddress = "[::1]";
|
||
|
configuration = {
|
||
|
global = {
|
||
|
# The smarthost and SMTP sender used for mail notifications.
|
||
|
smtp_smarthost = "localhost:587";
|
||
|
smtp_from = "alertmanager@alert.lass.r";
|
||
|
# smtp_auth_username = "alertmanager@thalheim.io";
|
||
|
# smtp_auth_password = "$SMTP_PASSWORD";
|
||
|
};
|
||
|
route = {
|
||
|
receiver = "default";
|
||
|
routes = [
|
||
|
{
|
||
|
group_by = [ "host" ];
|
||
|
group_wait = "30s";
|
||
|
group_interval = "2m";
|
||
|
repeat_interval = "2h";
|
||
|
receiver = "all";
|
||
|
}
|
||
|
];
|
||
|
};
|
||
|
receivers = [
|
||
|
{
|
||
|
name = "all";
|
||
|
webhook_configs = [{
|
||
|
url = "http://127.0.0.1:9223/";
|
||
|
max_alerts = 5;
|
||
|
}];
|
||
|
}
|
||
|
{
|
||
|
name = "default";
|
||
|
}
|
||
|
];
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
|
||
|
}
|