add metrics server to semita

This commit is contained in:
Sam 2025-01-18 00:24:28 +00:00
parent b65fcf82d2
commit 34cc27cbc5
3 changed files with 46 additions and 10 deletions

View File

@ -175,6 +175,16 @@ in {
};
};
services.prometheus = {
exporters = {
node = {
enable = true;
enabledCollectors = ["systemd"];
openFirewall = true;
};
};
};
services.openssh = {
enable = true;
settings.PasswordAuthentication = false;

View File

@ -1,16 +1,16 @@
{
pkgs,
lib,
inputs,
configVars,
...
}: let
containerName = "metrics-server";
containerIp = configVars.networking.addresses.metrics-server.ip;
dockerContainerIp = configVars.networking.addresses.docker.ip;
semitaIp = configVars.networking.addresses.semita.ip;
gatewayIp = configVars.networking.addresses.gateway.ip;
metricsServerContainerData = configVars.locations.metricsServerContainerData;
pubKeys = lib.filesystem.listFilesRecursive ../../users/keys;
arion = inputs.arion;
in {
networking.nat.enable = true;
networking.nat.internalInterfaces = ["ve-+"];
@ -64,6 +64,7 @@ in {
enable = true;
allowedTCPPorts = [
config.services.prometheus.port
config.services.grafana.port
];
};
useHostResolvConf = lib.mkForce false;
@ -82,19 +83,34 @@ in {
services.prometheus = {
enable = true;
port = 9001;
scrapeConfigs = [
{
job_name = "node_exporter";
static_configs = [
{
targets = [
"${dockerContainerIp}:9100"
"${semitaIp}:9100"
];
}
];
}
];
};
services.grafana = {
enable = true;
domain = "grafana.hm";
port = 2342;
addr = "127.0.0.1";
addr = "0.0.0.0";
};
services.nginx.virtualHosts.${config.services.grafana.domain} = {
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.grafana.port}";
proxyWebsockets = true;
services.prometheus = {
exporters = {
node = {
enable = true;
enabledCollectors = ["systemd"];
port = 9002;
};
};
};

View File

@ -95,13 +95,23 @@ in {
dpi = 144;
upscaleDefaultCursor = true;
};
# enable oom killer when system ram drops below 5% free
# enable oom killer when system ram drops below 5% free
earlyoom = {
enable = true;
freeMemThreshold = 5; # <%5 free
};
};
services.prometheus = {
exporters = {
node = {
enable = true;
enabledCollectors = ["systemd"];
openFirewall = true;
};
};
};
system.services.nixosAutoUpgrade = {
enable = true;
persistent = true;