From 7b8d19d10892eddd7cdaa1e9384185a0a6d64dae Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Fri, 31 Dec 2021 16:42:08 +0100
Subject: vidhar: prometheus: snmp: ...

---
 hosts/vidhar/prometheus.nix | 166 --------------------------------------------
 1 file changed, 166 deletions(-)
 delete mode 100644 hosts/vidhar/prometheus.nix

(limited to 'hosts/vidhar/prometheus.nix')

diff --git a/hosts/vidhar/prometheus.nix b/hosts/vidhar/prometheus.nix
deleted file mode 100644
index 7c776c0f..00000000
--- a/hosts/vidhar/prometheus.nix
+++ /dev/null
@@ -1,166 +0,0 @@
-{ config, lib, pkgs, ... }:
-let
-  relabelHosts = [
-    { source_labels = ["__address__"];
-      target_label = "instance";
-      regex = "localhost(:[0-9]+)?";
-      replacement = "vidhar";
-    }
-    { source_labels = ["__address__"];
-      target_label = "instance";
-      regex = "10.141.1.2(:[0-9]+)?";
-      replacement = "switch01";
-    }
-  ];
-in {
-  config = {
-    services.prometheus = {
-      enable = true;
-
-      exporters = {
-        node.enable = true;
-        smartctl = {
-          enable = true;
-          devices = map (dev: "/dev/disk/by-path/${dev}") [
-            "pci-0000:00:1f.2-ata-1"
-            "pci-0000:00:1f.2-ata-3"
-            "pci-0000:00:1f.2-ata-4"
-            "pci-0000:00:1f.2-ata-5"
-            "pci-0000:00:1f.2-ata-6"
-            "pci-0000:02:00.0-nvme-1"
-            "pci-0000:05:00.0-sas-phy0-lun-0"
-            "pci-0000:05:00.0-sas-phy1-lun-0"
-            "pci-0000:06:00.0-nvme-1"
-          ];
-        };
-        snmp = {
-          enable = true;
-          configuration = {
-            default = { auth = { community = "public"; }; version = 2; };
-          };
-        };
-        unbound = {
-          enable = true;
-          controlInterface = "/run/unbound/unbound.ctl";
-          group = config.services.unbound.group;
-        };
-        wireguard.enable = true;
-      };
-
-      scrapeConfigs = [
-        { job_name = "prometheus";
-          static_configs = [
-            { targets = ["localhost:${toString config.services.prometheus.port}"]; }
-          ];
-          relabel_configs = relabelHosts;
-        }
-        { job_name = "node";
-          static_configs = [
-            { targets = ["localhost:${toString config.services.prometheus.exporters.node.port}"]; }
-          ];
-          relabel_configs = relabelHosts;
-        }
-        { job_name = "smartctl";
-          static_configs = [
-            { targets = ["localhost:${toString config.services.prometheus.exporters.smartctl.port}"]; }
-          ];
-          relabel_configs = relabelHosts;
-        }
-        { job_name = "snmp";
-          static_configs = [
-            { targets = ["10.141.1.2"]; }
-          ];
-          metrics_path = "/snmp";
-          relabel_configs = [
-            { source_labels = ["__address__"];
-              target_label = "__param_target";
-            }
-            { source_labels = ["__param_target"];
-              target_label = "instance";
-            }
-            { replacement = "localhost:${toString config.services.prometheus.exporters.snmp.port}";
-              target_label = "__address__";
-            }
-          ] ++ relabelHosts;
-        }
-        { job_name = "zte";
-          static_configs = [
-            { targets = ["localhost:9900"]; }
-          ];
-          relabel_configs = [
-            { replacement = "telekom";
-              target_label = "instance";
-            }
-          ];
-        }
-        { job_name = "unbound";
-          static_configs = [
-            { targets = ["localhost:${toString config.services.prometheus.exporters.unbound.port}"]; }
-          ];
-          relabel_configs = relabelHosts;
-        }
-        { job_name = "wireguard";
-          static_configs = [
-            { targets = ["localhost:${toString config.services.prometheus.exporters.wireguard.port}"]; }
-          ];
-          relabel_configs = relabelHosts;
-        }
-        { job_name = "corerad";
-          static_configs = [
-            { targets = ["localhost:9430"]; }
-          ];
-          relabel_configs = relabelHosts;
-        }
-      ];
-    };
-    users.users.${config.services.prometheus.exporters.unbound.user} = {
-      description = "Prometheus unbound exporter service user";
-      isSystemUser = true;
-      group = config.services.unbound.group;
-    };
-    systemd.services."prometheus-unbound-exporter".serviceConfig = {
-      DynamicUser = false;
-    };
-
-    systemd.services."prometheus-zte-exporter@10.141.1.3" = {
-      wantedBy = [ "multi-user.target" ];
-      after = [ "network.target" ];
-      serviceConfig = {
-        Restart = "always";
-        PrivateTmp = true;
-        WorkingDirectory = "/tmp";
-        DynamicUser = true;
-        CapabilityBoundingSet = [""];
-        DeviceAllow = [""];
-        LockPersonality = true;
-        MemoryDenyWriteExecute = true;
-        NoNewPrivileges = true;
-        PrivateDevices = true;
-        ProtectClock = true;
-        ProtectControlGroups = true;
-        ProtectHome = true;
-        ProtectHostname = true;
-        ProtectKernelLogs = true;
-        ProtectKernelModules = true;
-        ProtectKernelTunables = true;
-        ProtectSystem = "strict";
-        RemoveIPC = true;
-        RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
-        RestrictNamespaces = true;
-        RestrictRealtime = true;
-        RestrictSUIDSGID = true;
-        SystemCallArchitectures = "native";
-        UMask = "0077";
-
-        Type = "simple";
-        ExecStart = "${pkgs.zte-prometheus-exporter}/bin/zte-prometheus-exporter";
-        Environment = "ZTE_BASEURL=http://%I ZTE_HOSTNAME=localhost ZTE_PORT=9900";
-        EnvironmentFile = config.sops.secrets."zte_10.141.1.3".path;
-      };
-    };
-    sops.secrets."zte_10.141.1.3" = {
-      format = "binary";
-      sopsFile = ./zte_10.141.1.3;
-    };
-  };
-}
-- 
cgit v1.2.3