Merge commit 'bc90ef66' into flakes

author: Gregor Kleen <gkleen@yggdrasil.li> 2024-08-08 14:36:50 +0200
committer: Gregor Kleen <gkleen@yggdrasil.li> 2024-08-08 14:36:50 +0200
commit: be06f04babc12fb60366c24a22561c1d46895c80 (patch)
tree: 8df057a3605a7272cb048043be7593b5c944a67c /hosts/vidhar/prometheus/default.nix
parent: a6754d729f2d16cfdcb3570891c038a14718de1f (diff)
parent: bc90ef66903e78713db1fd3a700785572b794cde (diff)
download: nixos-be06f04babc12fb60366c24a22561c1d46895c80.tar
nixos-be06f04babc12fb60366c24a22561c1d46895c80.tar.gz
nixos-be06f04babc12fb60366c24a22561c1d46895c80.tar.bz2
nixos-be06f04babc12fb60366c24a22561c1d46895c80.tar.xz
nixos-be06f04babc12fb60366c24a22561c1d46895c80.zip
1 files changed, 7 insertions, 53 deletions
diff --git a/hosts/vidhar/prometheus/default.nix b/hosts/vidhar/prometheus/default.nix
index 1e649824..3e938933 100644
--- a/hosts/vidhar/prometheus/default.nix
+++ b/hosts/vidhar/prometheus/default.nix
@@ -63,7 +63,7 @@ in {
        systemd = {
          enable = true;
          extraFlags = [
-            "--systemd.collector.unit-include=(dhcpcd-dsl|pppd-telekom|corerad|ndppd)\.service"
+            "--systemd.collector.unit-include=(dhcpcd-.*|pppd-telekom|corerad|ndppd)\.service"
            "--systemd.collector.enable-restart-count"
            "--systemd.collector.enable-ip-accounting"
          ];
@@ -144,17 +144,6 @@ in {
          ];
          scrape_interval = "15s";
        }
-        { job_name = "zte";
-          static_configs = [
-            { targets = ["localhost:9900"]; }
-          ];
-          relabel_configs = [
-            { replacement = "dsl01";
-              target_label = "instance";
-            }
-          ];
-          scrape_interval = "15s";
-        }
        { job_name = "unbound";
          static_configs = [
            { targets = ["localhost:${toString config.services.prometheus.exporters.unbound.port}"]; }
@@ -274,6 +263,9 @@ in {
                { record = "systemd_unit_runtime_seconds:resets_per_week";
                  expr = "resets(systemd_unit_runtime_seconds[1w])";
                }
+                { record = "systemd_unit_runtime_seconds:avg_resets_per_day";
+                  expr = "avg_over_time(systemd_unit_runtime_seconds:resets_per_day[1w])";
+                }
              ];
            }
            { name = "apcupsd-transfers";
@@ -290,6 +282,9 @@ in {
                { record = "apcupsd_last_transfer_on_battery_counter_seconds:resets_per_week";
                  expr = "resets(apcupsd_last_transfer_on_battery_counter_seconds[1w])";
                }
+                { record = "apcupsd_last_transfer_on_battery_counter_seconds:avg_resets_per_day";
+                  expr = "avg_over_time(apcupsd_last_transfer_on_battery_counter_seconds:resets_per_day[1w])";
+                }
              ];
            }
          ];
@@ -315,47 +310,6 @@ in {
      };
    };
-    systemd.services."prometheus-zte-exporter@dsl01.mgmt.yggdrasil" = {
-      wantedBy = [ "multi-user.target" ];
-      after = [ "network.target" ];
-      serviceConfig = {
-        Restart = "always";
-        PrivateTmp = true;
-        WorkingDirectory = "/tmp";
-        DynamicUser = true;
-        CapabilityBoundingSet = [""];
-        DeviceAllow = [""];
-        LockPersonality = true;
-        MemoryDenyWriteExecute = true;
-        NoNewPrivileges = true;
-        PrivateDevices = true;
-        ProtectClock = true;
-        ProtectControlGroups = true;
-        ProtectHome = true;
-        ProtectHostname = true;
-        ProtectKernelLogs = true;
-        ProtectKernelModules = true;
-        ProtectKernelTunables = true;
-        ProtectSystem = "strict";
-        RemoveIPC = true;
-        RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
-        RestrictNamespaces = true;
-        RestrictRealtime = true;
-        RestrictSUIDSGID = true;
-        SystemCallArchitectures = "native";
-        UMask = "0077";
-        Type = "simple";
-        ExecStart = "${pkgs.zte-prometheus-exporter}/bin/zte-prometheus-exporter";
-        Environment = "ZTE_BASEURL=http://%I ZTE_HOSTNAME=localhost ZTE_PORT=9900";
-        EnvironmentFile = config.sops.secrets."zte_dsl01.mgmt.yggdrasil".path;
-      };
-    };
-    sops.secrets."zte_dsl01.mgmt.yggdrasil" = {
-      format = "binary";
-      sopsFile = ./zte_dsl01.mgmt.yggdrasil;
-    };
    systemd.services."prometheus-nftables-exporter" = {
      wantedBy = [ "multi-user.target" ];
      after = [ "network.target" ];
author	Gregor Kleen <gkleen@yggdrasil.li>	2024-08-08 14:36:50 +0200
committer	Gregor Kleen <gkleen@yggdrasil.li>	2024-08-08 14:36:50 +0200
commit	be06f04babc12fb60366c24a22561c1d46895c80 (patch)
tree	8df057a3605a7272cb048043be7593b5c944a67c /hosts/vidhar/prometheus/default.nix
parent	a6754d729f2d16cfdcb3570891c038a14718de1f (diff)
parent	bc90ef66903e78713db1fd3a700785572b794cde (diff)
download	nixos-be06f04babc12fb60366c24a22561c1d46895c80.tar nixos-be06f04babc12fb60366c24a22561c1d46895c80.tar.gz nixos-be06f04babc12fb60366c24a22561c1d46895c80.tar.bz2 nixos-be06f04babc12fb60366c24a22561c1d46895c80.tar.xz nixos-be06f04babc12fb60366c24a22561c1d46895c80.zip

diff --git a/hosts/vidhar/prometheus/default.nix b/hosts/vidhar/prometheus/default.nix index 1e649824..3e938933 100644 --- a/hosts/vidhar/prometheus/default.nix +++ b/hosts/vidhar/prometheus/default.nix
@@ -63,7 +63,7 @@ in {
63	systemd = {	63	systemd = {
64	enable = true;	64	enable = true;
65	extraFlags = [	65	extraFlags = [
66	"--systemd.collector.unit-include=(dhcpcd-dsl\|pppd-telekom\|corerad\|ndppd)\.service"	66	"--systemd.collector.unit-include=(dhcpcd-.*\|pppd-telekom\|corerad\|ndppd)\.service"
67	"--systemd.collector.enable-restart-count"	67	"--systemd.collector.enable-restart-count"
68	"--systemd.collector.enable-ip-accounting"	68	"--systemd.collector.enable-ip-accounting"
69	];	69	];
@@ -144,17 +144,6 @@ in {
144	];	144	];
145	scrape_interval = "15s";	145	scrape_interval = "15s";
146	}	146	}
147	{ job_name = "zte";
148	static_configs = [
149	{ targets = ["localhost:9900"]; }
150	];
151	relabel_configs = [
152	{ replacement = "dsl01";
153	target_label = "instance";
154	}
155	];
156	scrape_interval = "15s";
157	}
158	{ job_name = "unbound";	147	{ job_name = "unbound";
159	static_configs = [	148	static_configs = [
160	{ targets = ["localhost:${toString config.services.prometheus.exporters.unbound.port}"]; }	149	{ targets = ["localhost:${toString config.services.prometheus.exporters.unbound.port}"]; }
@@ -274,6 +263,9 @@ in {
274	{ record = "systemd_unit_runtime_seconds:resets_per_week";	263	{ record = "systemd_unit_runtime_seconds:resets_per_week";
275	expr = "resets(systemd_unit_runtime_seconds[1w])";	264	expr = "resets(systemd_unit_runtime_seconds[1w])";
276	}	265	}
		266	{ record = "systemd_unit_runtime_seconds:avg_resets_per_day";
		267	expr = "avg_over_time(systemd_unit_runtime_seconds:resets_per_day[1w])";
		268	}
277	];	269	];
278	}	270	}
279	{ name = "apcupsd-transfers";	271	{ name = "apcupsd-transfers";
@@ -290,6 +282,9 @@ in {
290	{ record = "apcupsd_last_transfer_on_battery_counter_seconds:resets_per_week";	282	{ record = "apcupsd_last_transfer_on_battery_counter_seconds:resets_per_week";
291	expr = "resets(apcupsd_last_transfer_on_battery_counter_seconds[1w])";	283	expr = "resets(apcupsd_last_transfer_on_battery_counter_seconds[1w])";
292	}	284	}
		285	{ record = "apcupsd_last_transfer_on_battery_counter_seconds:avg_resets_per_day";
		286	expr = "avg_over_time(apcupsd_last_transfer_on_battery_counter_seconds:resets_per_day[1w])";
		287	}
293	];	288	];
294	}	289	}
295	];	290	];
@@ -315,47 +310,6 @@ in {
315	};	310	};
316	};	311	};
317		312
318	systemd.services."prometheus-zte-exporter@dsl01.mgmt.yggdrasil" = {
319	wantedBy = [ "multi-user.target" ];
320	after = [ "network.target" ];
321	serviceConfig = {
322	Restart = "always";
323	PrivateTmp = true;
324	WorkingDirectory = "/tmp";
325	DynamicUser = true;
326	CapabilityBoundingSet = [""];
327	DeviceAllow = [""];
328	LockPersonality = true;
329	MemoryDenyWriteExecute = true;
330	NoNewPrivileges = true;
331	PrivateDevices = true;
332	ProtectClock = true;
333	ProtectControlGroups = true;
334	ProtectHome = true;
335	ProtectHostname = true;
336	ProtectKernelLogs = true;
337	ProtectKernelModules = true;
338	ProtectKernelTunables = true;
339	ProtectSystem = "strict";
340	RemoveIPC = true;
341	RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
342	RestrictNamespaces = true;
343	RestrictRealtime = true;
344	RestrictSUIDSGID = true;
345	SystemCallArchitectures = "native";
346	UMask = "0077";
347
348	Type = "simple";
349	ExecStart = "${pkgs.zte-prometheus-exporter}/bin/zte-prometheus-exporter";
350	Environment = "ZTE_BASEURL=http://%I ZTE_HOSTNAME=localhost ZTE_PORT=9900";
351	EnvironmentFile = config.sops.secrets."zte_dsl01.mgmt.yggdrasil".path;
352	};
353	};
354	sops.secrets."zte_dsl01.mgmt.yggdrasil" = {
355	format = "binary";
356	sopsFile = ./zte_dsl01.mgmt.yggdrasil;
357	};
358
359	systemd.services."prometheus-nftables-exporter" = {	313	systemd.services."prometheus-nftables-exporter" = {
360	wantedBy = [ "multi-user.target" ];	314	wantedBy = [ "multi-user.target" ];
361	after = [ "network.target" ];	315	after = [ "network.target" ];