feat: add monitoring

2024-09-11 09:05:52 +02:00 · 2024-09-11 09:05:52 +02:00 · e493705ecd
commit e493705ecd
parent 74213eb2ac
2 changed files with 115 additions and 0 deletions
--- a/config/services/default.nix
+++ b/config/services/default.nix
@ -5,6 +5,7 @@
    ./containers.nix
    ./freshrss.nix
    ./minio.nix
+    ./monitoring.nix
    ./nextcloud.nix
    ./nginx.nix
    ./postgres.nix
--- a/config/services/monitoring.nix
+++ b/config/services/monitoring.nix
@ -0,0 +1,114 @@
+{config, ...}: {
+  services.grafana = {
+    enable = true;
+    settings = {
+      server = {
+        http_addr = "127.0.0.1";
+        http_port = 21983;
+        domain = "grafana.winston.sh";
+        serve_from_sub_path = true;
+      };
+    };
+
+    provision = {
+      enable = true;
+
+      datasources.settings.datasources = [
+        # "Built-in" datasources can be provisioned - c.f. https://grafana.com/docs/grafana/latest/administration/provisioning/#data-sources
+        {
+          name = "Prometheus";
+          type = "prometheus";
+          url = "http://${config.services.prometheus.listenAddress}:${toString config.services.prometheus.port}";
+        }
+      ];
+    };
+  };
+
+  services.nginx.statusPage = true;
+
+  services.prometheus = {
+    enable = true;
+    globalConfig.scrape_interval = "10s";
+    scrapeConfigs = [
+      {
+        job_name = "nginx";
+        static_configs = [
+          {
+            targets = ["localhost:${toString config.services.prometheus.exporters.nginx.port}"];
+          }
+        ];
+      }
+      {
+        job_name = "nginxlog";
+        static_configs = [
+          {
+            targets = ["localhost:${toString config.services.prometheus.exporters.nginxlog.port}"];
+          }
+        ];
+      }
+      {
+        job_name = "node";
+        static_configs = [
+          {
+            targets = ["localhost:${toString config.services.prometheus.exporters.node.port}"];
+          }
+        ];
+      }
+      # {
+      #   job_name = "minio";
+      #   static_configs = [
+      #     {
+      #       targets = ["localhost:${toString config.services.prometheus.exporters.minio.port}"];
+      #     }
+      #   ];
+      # }
+      # {
+      #   job_name = "postgres";
+      #   static_configs = [
+      #     {
+      #       targets = ["localhost:${toString config.services.prometheus.exporters.postgres.port}"];
+      #     }
+      #   ];
+      # }
+    ];
+
+    exporters = {
+      nginx.enable = true;
+      nginxlog = {
+        enable = true;
+        group = "nginx";
+        settings.namespaces = [
+          {
+            name = "filelogger";
+            format = "$remote_addr - $remote_user [$time_local] \"$request\" $status $body_bytes_sent \"$http_referer\" \"$http_user_agent\"";
+            source.files = ["/var/log/nginx/access.log"];
+          }
+        ];
+      };
+      # FIXME: set up auth!
+      # minio.enable = true;
+      # postgres = {
+      #   enable = true;
+      #   dataSourceName = "postgresql://localhost:5432/postgres?sslmode=disable";
+      # };
+    };
+
+    exporters.node = {
+      enable = true;
+      port = 9000;
+      enabledCollectors = ["processes" "systemd"];
+    };
+  };
+
+  services.nginx.virtualHosts.${config.services.grafana.settings.server.domain} = {
+    forceSSL = true;
+    enableACME = false;
+    useACMEHost = "winston.sh";
+
+    locations."/" = {
+      proxyPass = "http://${toString config.services.grafana.settings.server.http_addr}:${toString config.services.grafana.settings.server.http_port}";
+      proxyWebsockets = true;
+      recommendedProxySettings = true;
+    };
+  };
+}