yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Files
decb91a529cc768a913f50d7e2c123d080478ec5
clan-core/clanServices/monitoring/prometheus.nix
pinpox decb91a529 clanServices/monitoring: add prometheus role
2025-10-26 12:09:05 +01:00

66 lines
1.7 KiB
Nix
Raw Blame History

{
roles.prometheus.perInstance =
{
settings,
instanceName,
roles,
...
}:
{
nixosModule =
{
config,
lib,
# pkgs,
...
}:
{
systemd.services.prometheus = {
serviceConfig = {
LoadCredential = "password:${config.clan.core.vars.generators.prometheus.files.password.path}";
BindReadOnlyPaths = "%d/password:/etc/prometheus/password";
};
};
services.prometheus = {
enable = true;
# TODO what do we set here? do we even need something?
# TODO this should be a export
# "https://prometheus.${config.clan.core.settings.tld}";
webExternalUrl = settings.webExternalUrl;
extraFlags = [ "--storage.tsdb.retention.time=30d" ];
scrapeConfigs = [
{
job_name = "telegraf";
scrape_interval = "60s";
metrics_path = "/metrics";
basic_auth.username = "prometheus";
basic_auth.password_file = "/etc/prometheus/password";
static_configs = [
{
# Scrape all machines with the `telegraf` role
# https://prometheus:<password>@<host>.<tld>:9273/metrics
# scheme = "https";
# scheme = "http";
targets = map (m: "${m}.${config.clan.core.settings.tld}:9273") (
lib.attrNames roles.telegraf.machines
);
labels.type = instanceName;
}
];
}
];
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink