yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Files
2d22eecd32c53155fd83d92d6375235c16f9bb03
clan-core/clanServices/monitoring/telegraf.nix
Qubasa 7811a56d2b clanServices: telegraf -> add basic auth 
treefmt
2025-08-15 18:02:31 +07:00

86 lines
2.5 KiB
Nix
Raw Blame History

{
roles.telegraf.perInstance =
{ settings, ... }:
{
nixosModule =
{
config,
pkgs,
lib,
...
}:
{
networking.firewall.interfaces = lib.mkIf (settings.allowAllInterfaces == false) (
builtins.listToAttrs (
map (name: {
inherit name;
value.allowedTCPPorts = [ 9273 ];
}) settings.interfaces
)
);
networking.firewall.allowedTCPPorts = lib.mkIf (settings.allowAllInterfaces == true) [ 9273 ];
clan.core.vars.generators."telegraf-password" = {
files.telegraf-password.neededFor = "users";
files.telegraf-password.restartUnits = [ "telegraf.service" ];
runtimeInputs = [
pkgs.coreutils
pkgs.xkcdpass
pkgs.mkpasswd
];
script = ''
PASSWORD=$(xkcdpass --numwords 4 --delimiter - --count 1 | tr -d "\n")
echo "BASIC_AUTH_PWD=$PASSWORD" > "$out"/telegraf-password
'';
};
services.telegraf = {
enable = true;
environmentFiles = [
(builtins.toString
config.clan.core.vars.generators."telegraf-password".files.telegraf-password.path
)
];
extraConfig = {
agent.interval = "60s";
inputs = {
diskio = { };
kernel_vmstat = { };
system = { };
mem = { };
systemd_units = { };
swap = { };
exec =
let
currentSystemScript = pkgs.writeShellScript "current-system" ''
printf "current_system,path=%s present=0\n" $(readlink /run/current-system)
'';
in
[
{
# Expose the path to current-system as metric. We use
# this to check if the machine is up-to-date.
commands = [ currentSystemScript ];
data_format = "influx";
}
];
};
outputs.prometheus_client = {
listen = ":9273";
metric_version = 2;
basic_username = "prometheus";
basic_password = "$${BASIC_AUTH_PWD}";
};
};
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink