l 2 monitoring: introduce {client,server}.nix
This commit is contained in:
parent
f0a345d79b
commit
1d2c058d78
32
lass/2configs/monitoring/client.nix
Normal file
32
lass/2configs/monitoring/client.nix
Normal file
@ -0,0 +1,32 @@
|
||||
{pkgs, config, ...}:
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
lass.telegraf = {
|
||||
enable = true;
|
||||
outputs = ''
|
||||
[outputs.influxdb]
|
||||
urls = ["http://prism:8086"]
|
||||
database = "all_data"
|
||||
user_agent = "telegraf"
|
||||
'';
|
||||
inputs = [
|
||||
''
|
||||
[cpu]
|
||||
percpu = false
|
||||
totalcpu = true
|
||||
drop = ["cpu_time"]
|
||||
''
|
||||
''
|
||||
[[inputs.mem]]
|
||||
''
|
||||
''
|
||||
[[inputs.ping]]
|
||||
urls = ["8.8.8.8"]
|
||||
''
|
||||
];
|
||||
};
|
||||
systemd.services.telegraf.path = with pkgs; [
|
||||
iputils
|
||||
lm_sensors
|
||||
];
|
||||
}
|
59
lass/2configs/monitoring/server.nix
Normal file
59
lass/2configs/monitoring/server.nix
Normal file
@ -0,0 +1,59 @@
|
||||
{pkgs, config, ...}:
|
||||
with import <stockholm/lib>;
|
||||
{
|
||||
services.influxdb = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
services.influxdb.extraConfig = {
|
||||
meta.hostname = config.krebs.build.host.name;
|
||||
# meta.logging-enabled = true;
|
||||
http.bind-address = ":8086";
|
||||
admin.bind-address = ":8083";
|
||||
monitoring = {
|
||||
enabled = false;
|
||||
# write-interval = "24h";
|
||||
};
|
||||
};
|
||||
|
||||
lass.kapacitor =
|
||||
let
|
||||
echoToIrc = pkgs.writeDash "echo_irc" ''
|
||||
set -euf
|
||||
data="$(${pkgs.jq}/bin/jq -r .message)"
|
||||
export LOGNAME=prism-alarm
|
||||
${pkgs.irc-announce}/bin/irc-announce \
|
||||
irc.freenode.org 6667 prism-alarm \#krebs-bots "$data" >/dev/null
|
||||
'';
|
||||
in {
|
||||
enable = true;
|
||||
alarms = {
|
||||
test2 = ''
|
||||
batch
|
||||
|query(${"'''"}
|
||||
SELECT mean("usage_user") AS mean
|
||||
FROM "${config.lass.kapacitor.check_db}"."default"."cpu"
|
||||
${"'''"})
|
||||
.every(3m)
|
||||
.period(1m)
|
||||
.groupBy('host')
|
||||
|alert()
|
||||
.crit(lambda: "mean" > 90)
|
||||
// Whenever we get an alert write it to a file.
|
||||
.log('/tmp/alerts.log')
|
||||
.exec('${echoToIrc}')
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
krebs.iptables.tables.filter.INPUT.rules = [
|
||||
{ predicate = "-p tcp -i retiolum --dport 8086"; target = "ACCEPT"; }
|
||||
{ predicate = "-p tcp -i retiolum --dport 3000"; target = "ACCEPT"; }
|
||||
];
|
||||
services.grafana = {
|
||||
enable = true;
|
||||
addr = "0.0.0.0";
|
||||
auth.anonymous.enable = true;
|
||||
security = import <secrets/grafana_security.nix>; # { AdminUser = ""; adminPassword = ""}
|
||||
};
|
||||
}
|
Loading…
Reference in New Issue
Block a user