From 1dfba9663a397ac0c25d8432ff6906779b3702a1 Mon Sep 17 00:00:00 2001
From: clerie <git@clerie.de>
Date: Mon, 2 Jan 2023 21:43:43 +0100
Subject: [PATCH] activate NixOS monitoring in prometheus

---
 hosts/mail-1/configuration.nix       |  1 +
 hosts/monitoring-3/configuration.nix | 16 ++++++++++++++++
 modules/monitoring/default.nix       | 11 ++++++++++-
 3 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/hosts/mail-1/configuration.nix b/hosts/mail-1/configuration.nix
index ede0fc7..8756e7a 100644
--- a/hosts/mail-1/configuration.nix
+++ b/hosts/mail-1/configuration.nix
@@ -12,5 +12,6 @@
     enable = true;
     id = "208";
     pubkey = "s2GT9iYQmuiwkZ04KzSqqlIEbUJ6CT6i4htCjWYt2xs=";
+    nixos = false;
   };
 }
diff --git a/hosts/monitoring-3/configuration.nix b/hosts/monitoring-3/configuration.nix
index 4ce1595..0956bf9 100644
--- a/hosts/monitoring-3/configuration.nix
+++ b/hosts/monitoring-3/configuration.nix
@@ -23,6 +23,13 @@ let
     "${host.config.networking.hostName}.mon.clerie.de:9100")
     monitoringHosts;
 
+  nixosMonitoringTargets = mapAttrsToList (name: host:
+    "${host.config.networking.hostName}.mon.clerie.de:9152")
+    (filterAttrs (name: host:
+    # assume this is a NixOS system if not specified
+    attrByPath ["clerie" "monitoring" "nixos"] true host.config)
+    monitoringHosts);
+
   birdMonitoringTargets = mapAttrsToList (name: host:
     "${host.config.networking.hostName}.mon.clerie.de:9324")
     (filterAttrs (name: host:
@@ -149,6 +156,15 @@ in {
           }
         ];
       }
+      {
+        job_name = "nixos-exporter";
+        scrape_interval = "1m";
+        static_configs = [
+          {
+            targets = nixosMonitoringTargets;
+          }
+        ];
+      }
       {
         job_name = "bird-exporter";
         scrape_interval = "20s";
diff --git a/modules/monitoring/default.nix b/modules/monitoring/default.nix
index c6d4c40..d028bb0 100644
--- a/modules/monitoring/default.nix
+++ b/modules/monitoring/default.nix
@@ -23,6 +23,11 @@ in
       };
       bird = mkEnableOption "Monitor bird";
       blackbox = mkEnableOption "Monitor blackbox";
+      nixos = mkOption {
+        type = types.bool;
+        default = true;
+        description = "Monitor NixOS";
+      };
     };
   };
 
@@ -95,9 +100,13 @@ in
         User = "nixos-exporter";
         Group = "nixos-exporter";
         ExecStart = ''
-          ${pkgs.nixos-exporter}/bin/nixos-exporter
+          ${pkgs.nixos-exporter}/bin/nixos-exporter --listen [::]:9152
         '';
       };
     };
+
+    networking.firewall.extraCommands = ''
+      ip46tables -A nixos-fw -i wg-monitoring -p tcp -m tcp --dport 9152 -m comment --comment nixos-exporter -j nixos-fw-accept
+    '';
   };
 }