From 91e315c97b43389ff332399a92c3ebedb57cef7b Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Fri, 31 Dec 2021 22:54:43 +0100 Subject: vidhar: prometheus: ... --- hosts/vidhar/prometheus.nix | 165 ------------------------------------ hosts/vidhar/prometheus/default.nix | 8 +- 2 files changed, 3 insertions(+), 170 deletions(-) delete mode 100644 hosts/vidhar/prometheus.nix (limited to 'hosts/vidhar') diff --git a/hosts/vidhar/prometheus.nix b/hosts/vidhar/prometheus.nix deleted file mode 100644 index 017097ad..00000000 --- a/hosts/vidhar/prometheus.nix +++ /dev/null @@ -1,165 +0,0 @@ -{ config, lib, pkgs, ... }: -let - relabelHosts = [ - { source_labels = ["__address__"]; - target_label = "instance"; - regex = "localhost(:[0-9]+)?"; - replacement = "vidhar"; - } - { source_labels = ["__address__"]; - target_label = "instance"; - regex = "10.141.1.2(:[0-9]+)?"; - replacement = "switch01"; - } - ]; -in { - config = { - services.prometheus = { - enable = true; - - exporters = { - node.enable = true; - smartctl = { - enable = true; - devices = map (dev: "/dev/disk/by-path/${dev}") [ - "pci-0000:00:1f.2-ata-1" - "pci-0000:00:1f.2-ata-3" - "pci-0000:00:1f.2-ata-4" - "pci-0000:00:1f.2-ata-5" - "pci-0000:00:1f.2-ata-6" - "pci-0000:02:00.0-nvme-1" - "pci-0000:05:00.0-sas-phy0-lun-0" - "pci-0000:05:00.0-sas-phy1-lun-0" - "pci-0000:06:00.0-nvme-1" - ]; - }; - snmp = { - enable = true; - configurationPath = ./snmp.yml; - }; - unbound = { - enable = true; - controlInterface = "/run/unbound/unbound.ctl"; - group = config.services.unbound.group; - }; - wireguard.enable = true; - }; - - scrapeConfigs = [ - { job_name = "prometheus"; - static_configs = [ - { targets = ["localhost:${toString config.services.prometheus.port}"]; } - ]; - relabel_configs = relabelHosts; - } - { job_name = "node"; - static_configs = [ - { targets = ["localhost:${toString config.services.prometheus.exporters.node.port}"]; } - ]; - relabel_configs = relabelHosts; - } - { job_name = "smartctl"; - static_configs = [ - { targets = ["localhost:${toString config.services.prometheus.exporters.smartctl.port}"]; } - ]; - relabel_configs = relabelHosts; - } - { job_name = "snmp"; - static_configs = [ - { targets = ["10.141.1.2"]; } - ]; - metrics_path = "/snmp"; - params = { - module = ["if_mib"]; - }; - relabel_configs = [ - { source_labels = ["__address__"]; - target_label = "__param_target"; - } - ] ++ relabelHosts ++ - [ { replacement = "localhost:${toString config.services.prometheus.exporters.snmp.port}"; - target_label = "__address__"; - } - ]; - } - { job_name = "zte"; - static_configs = [ - { targets = ["localhost:9900"]; } - ]; - relabel_configs = [ - { replacement = "telekom"; - target_label = "instance"; - } - ]; - } - { job_name = "unbound"; - static_configs = [ - { targets = ["localhost:${toString config.services.prometheus.exporters.unbound.port}"]; } - ]; - relabel_configs = relabelHosts; - } - { job_name = "wireguard"; - static_configs = [ - { targets = ["localhost:${toString config.services.prometheus.exporters.wireguard.port}"]; } - ]; - relabel_configs = relabelHosts; - } - { job_name = "corerad"; - static_configs = [ - { targets = ["localhost:9430"]; } - ]; - relabel_configs = relabelHosts; - } - ]; - }; - users.users.${config.services.prometheus.exporters.unbound.user} = { - description = "Prometheus unbound exporter service user"; - isSystemUser = true; - group = config.services.unbound.group; - }; - systemd.services."prometheus-unbound-exporter".serviceConfig = { - DynamicUser = false; - }; - - systemd.services."prometheus-zte-exporter@10.141.1.3" = { - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - serviceConfig = { - Restart = "always"; - PrivateTmp = true; - WorkingDirectory = "/tmp"; - DynamicUser = true; - CapabilityBoundingSet = [""]; - DeviceAllow = [""]; - LockPersonality = true; - MemoryDenyWriteExecute = true; - NoNewPrivileges = true; - PrivateDevices = true; - ProtectClock = true; - ProtectControlGroups = true; - ProtectHome = true; - ProtectHostname = true; - ProtectKernelLogs = true; - ProtectKernelModules = true; - ProtectKernelTunables = true; - ProtectSystem = "strict"; - RemoveIPC = true; - RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; - RestrictNamespaces = true; - RestrictRealtime = true; - RestrictSUIDSGID = true; - SystemCallArchitectures = "native"; - UMask = "0077"; - - Type = "simple"; - ExecStart = "${pkgs.zte-prometheus-exporter}/bin/zte-prometheus-exporter"; - Environment = "ZTE_BASEURL=http://%I ZTE_HOSTNAME=localhost ZTE_PORT=9900"; - EnvironmentFile = config.sops.secrets."zte_10.141.1.3".path; - }; - }; - sops.secrets."zte_10.141.1.3" = { - format = "binary"; - sopsFile = ./zte_10.141.1.3; - }; - }; -} diff --git a/hosts/vidhar/prometheus/default.nix b/hosts/vidhar/prometheus/default.nix index cb7567c9..017097ad 100644 --- a/hosts/vidhar/prometheus/default.nix +++ b/hosts/vidhar/prometheus/default.nix @@ -76,13 +76,11 @@ in { { source_labels = ["__address__"]; target_label = "__param_target"; } - { source_labels = ["__param_target"]; - target_label = "instance"; - } - { replacement = "localhost:${toString config.services.prometheus.exporters.snmp.port}"; + ] ++ relabelHosts ++ + [ { replacement = "localhost:${toString config.services.prometheus.exporters.snmp.port}"; target_label = "__address__"; } - ] ++ relabelHosts; + ]; } { job_name = "zte"; static_configs = [ -- cgit v1.2.3