1 files changed, 1 insertions, 53 deletions
diff --git a/hosts/vidhar/prometheus/default.nix b/hosts/vidhar/prometheus/default.nix
index 1e649824..330026d7 100644
--- a/hosts/vidhar/prometheus/default.nix
+++ b/hosts/vidhar/prometheus/default.nix
@@ -63,7 +63,7 @@ in {
        systemd = {
          enable = true;
          extraFlags = [
-            "--systemd.collector.unit-include=(dhcpcd-dsl|pppd-telekom|corerad|ndppd)\.service"
+            "--systemd.collector.unit-include=(dhcpcd-.*|pppd-telekom|corerad|ndppd)\.service"
            "--systemd.collector.enable-restart-count"
            "--systemd.collector.enable-ip-accounting"
          ];
@@ -144,17 +144,6 @@ in {
          ];
          scrape_interval = "15s";
        }
-        { job_name = "zte";
-          static_configs = [
-            { targets = ["localhost:9900"]; }
-          ];
-          relabel_configs = [
-            { replacement = "dsl01";
-              target_label = "instance";
-            }
-          ];
-          scrape_interval = "15s";
-        }
        { job_name = "unbound";
          static_configs = [
            { targets = ["localhost:${toString config.services.prometheus.exporters.unbound.port}"]; }
@@ -315,47 +304,6 @@ in {
      };
    };
-    systemd.services."prometheus-zte-exporter@dsl01.mgmt.yggdrasil" = {
-      wantedBy = [ "multi-user.target" ];
-      after = [ "network.target" ];
-      serviceConfig = {
-        Restart = "always";
-        PrivateTmp = true;
-        WorkingDirectory = "/tmp";
-        DynamicUser = true;
-        CapabilityBoundingSet = [""];
-        DeviceAllow = [""];
-        LockPersonality = true;
-        MemoryDenyWriteExecute = true;
-        NoNewPrivileges = true;
-        PrivateDevices = true;
-        ProtectClock = true;
-        ProtectControlGroups = true;
-        ProtectHome = true;
-        ProtectHostname = true;
-        ProtectKernelLogs = true;
-        ProtectKernelModules = true;
-        ProtectKernelTunables = true;
-        ProtectSystem = "strict";
-        RemoveIPC = true;
-        RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
-        RestrictNamespaces = true;
-        RestrictRealtime = true;
-        RestrictSUIDSGID = true;
-        SystemCallArchitectures = "native";
-        UMask = "0077";
-        Type = "simple";
-        ExecStart = "${pkgs.zte-prometheus-exporter}/bin/zte-prometheus-exporter";
-        Environment = "ZTE_BASEURL=http://%I ZTE_HOSTNAME=localhost ZTE_PORT=9900";
-        EnvironmentFile = config.sops.secrets."zte_dsl01.mgmt.yggdrasil".path;
-      };
-    };
-    sops.secrets."zte_dsl01.mgmt.yggdrasil" = {
-      format = "binary";
-      sopsFile = ./zte_dsl01.mgmt.yggdrasil;
-    };
    systemd.services."prometheus-nftables-exporter" = {
      wantedBy = [ "multi-user.target" ];
      after = [ "network.target" ];

diff --git a/hosts/vidhar/prometheus/default.nix b/hosts/vidhar/prometheus/default.nix index 1e649824..330026d7 100644 --- a/hosts/vidhar/prometheus/default.nix +++ b/hosts/vidhar/prometheus/default.nix
@@ -63,7 +63,7 @@ in {
63	systemd = {	63	systemd = {
64	enable = true;	64	enable = true;
65	extraFlags = [	65	extraFlags = [
66	"--systemd.collector.unit-include=(dhcpcd-dsl\|pppd-telekom\|corerad\|ndppd)\.service"	66	"--systemd.collector.unit-include=(dhcpcd-.*\|pppd-telekom\|corerad\|ndppd)\.service"
67	"--systemd.collector.enable-restart-count"	67	"--systemd.collector.enable-restart-count"
68	"--systemd.collector.enable-ip-accounting"	68	"--systemd.collector.enable-ip-accounting"
69	];	69	];
@@ -144,17 +144,6 @@ in {
144	];	144	];
145	scrape_interval = "15s";	145	scrape_interval = "15s";
146	}	146	}
147	{ job_name = "zte";
148	static_configs = [
149	{ targets = ["localhost:9900"]; }
150	];
151	relabel_configs = [
152	{ replacement = "dsl01";
153	target_label = "instance";
154	}
155	];
156	scrape_interval = "15s";
157	}
158	{ job_name = "unbound";	147	{ job_name = "unbound";
159	static_configs = [	148	static_configs = [
160	{ targets = ["localhost:${toString config.services.prometheus.exporters.unbound.port}"]; }	149	{ targets = ["localhost:${toString config.services.prometheus.exporters.unbound.port}"]; }
@@ -315,47 +304,6 @@ in {
315	};	304	};
316	};	305	};
317		306
318	systemd.services."prometheus-zte-exporter@dsl01.mgmt.yggdrasil" = {
319	wantedBy = [ "multi-user.target" ];
320	after = [ "network.target" ];
321	serviceConfig = {
322	Restart = "always";
323	PrivateTmp = true;
324	WorkingDirectory = "/tmp";
325	DynamicUser = true;
326	CapabilityBoundingSet = [""];
327	DeviceAllow = [""];
328	LockPersonality = true;
329	MemoryDenyWriteExecute = true;
330	NoNewPrivileges = true;
331	PrivateDevices = true;
332	ProtectClock = true;
333	ProtectControlGroups = true;
334	ProtectHome = true;
335	ProtectHostname = true;
336	ProtectKernelLogs = true;
337	ProtectKernelModules = true;
338	ProtectKernelTunables = true;
339	ProtectSystem = "strict";
340	RemoveIPC = true;
341	RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
342	RestrictNamespaces = true;
343	RestrictRealtime = true;
344	RestrictSUIDSGID = true;
345	SystemCallArchitectures = "native";
346	UMask = "0077";
347
348	Type = "simple";
349	ExecStart = "${pkgs.zte-prometheus-exporter}/bin/zte-prometheus-exporter";
350	Environment = "ZTE_BASEURL=http://%I ZTE_HOSTNAME=localhost ZTE_PORT=9900";
351	EnvironmentFile = config.sops.secrets."zte_dsl01.mgmt.yggdrasil".path;
352	};
353	};
354	sops.secrets."zte_dsl01.mgmt.yggdrasil" = {
355	format = "binary";
356	sopsFile = ./zte_dsl01.mgmt.yggdrasil;
357	};
358
359	systemd.services."prometheus-nftables-exporter" = {	307	systemd.services."prometheus-nftables-exporter" = {
360	wantedBy = [ "multi-user.target" ];	308	wantedBy = [ "multi-user.target" ];
361	after = [ "network.target" ];	309	after = [ "network.target" ];