1
0
vcp-bula-nixfiles/hosts/monitoring/configuration.nix

380 lines
9.8 KiB
Nix
Raw Normal View History

2022-07-10 13:25:53 +02:00
{ config, pkgs, lib, ... }:
with lib;
{
imports =
[
./hardware-configuration.nix
];
2022-07-11 22:37:26 +02:00
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
2022-07-10 13:25:53 +02:00
networking.hostName = "monitoring";
networking.useDHCP = false;
2022-07-11 22:37:26 +02:00
networking.interfaces.ens18.ipv4.addresses = [
{address = "10.42.10.7"; prefixLength = 24; }
];
networking.interfaces.ens18.ipv6.addresses = [
{address = "2a01:4f8:1c0c:8221::7"; prefixLength = 64; }
{address = "2a01:4f8:1c0c:8221::1984"; prefixLength = 64; }
];
2022-07-10 13:25:53 +02:00
networking.defaultGateway = { address = "10.42.10.1"; interface = "ens18"; };
networking.defaultGateway6 = { address = "2a01:4f8:1c0c:8221::1"; interface = "ens18"; };
2022-07-12 01:40:18 +02:00
2022-07-24 16:52:54 +02:00
environment = {
etc = {
"snmp-exporter/snmp.yml".source = ./snmp.yml;
};
};
2022-07-23 18:21:30 +02:00
services.influxdb2.enable = true;
2022-07-20 20:35:32 +02:00
2022-07-24 16:52:54 +02:00
services.prometheus.exporters = {
blackbox = {
enable = true;
listenAddress = "[::1]";
port = 9115;
configFile = ./blackbox.yml;
};
snmp = {
enable = true;
port= 9116;
listenAddress = "[::1]";
configurationPath = "/etc/snmp-exporter/snmp.yml";
};
2022-07-12 01:40:18 +02:00
};
2022-07-10 13:25:53 +02:00
services.prometheus.exporters.node.enable = true;
systemd.services.waldbrandgefahrenstufen-exporter = {
description = "Waldbrandgefahrenstufen Exporter";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
DynamicUser = "yes";
};
script = "${pkgs.python3}/bin/python ${./waldbrandgefahrenstufen-exporter.py}";
};
2022-07-10 13:25:53 +02:00
services.prometheus.alertmanager = {
enable = true;
listenAddress = "[::1]";
port = 9093;
2022-07-11 22:37:26 +02:00
configuration = {
route = {
receiver = "default";
group_by = [ "instance" ];
};
receivers = [
{
name = "default";
}
];
};
2022-07-10 13:25:53 +02:00
};
services.prometheus = {
enable = true;
2022-07-24 16:54:14 +02:00
retentionTime = "90d";
2022-07-10 13:25:53 +02:00
listenAddress = "[::1]";
scrapeConfigs = [
{
job_name = "prometheus";
scrape_interval = "20s";
scheme = "http";
static_configs = [
{
targets = [
"[::1]:9090"
];
}
];
}
{
job_name = "node-exporter";
scrape_interval = "20s";
static_configs = [
{
targets = [
"[::1]:9100"
"radius.bula22.de:9100"
"router.bula22.de:9100"
2022-07-10 13:25:53 +02:00
];
}
];
}
2022-07-12 01:40:18 +02:00
{
job_name = "blackbox_icmp6";
2022-07-12 01:58:11 +02:00
scrape_interval = "20s";
2022-07-12 01:40:18 +02:00
metrics_path = "/probe";
params = {
module = [ "icmp6" ];
};
static_configs = [
{
targets = [
# Internet Probes
"clerie.de"
# Vlan Probes
"gw.services.net.bula22.de"
"gw.technik-iot.net.bula22.de"
"gw.technik.net.bula22.de"
"gw.hospital.net.bula22.de"
"gw.zoll.net.bula22.de"
"gw.leitstelle.net.bula22.de"
"gw.verwaltung.net.bula22.de"
"gw.yolo.net.bula22.de"
"gw.infojurte.net.bula22.de"
"gw.international.net.bula22.de"
"gw.programmtresen.net.bula22.de"
"gw.open-office.net.bula22.de"
# Service Probes
"router.bula22.de"
"radius.bula22.de"
"yate.bula22.de"
"monitoring.bula22.de"
"dns.bula22.de"
"yate-dialup.bula22.de"
"nerd.bula22.de"
"pre-router.bula22.de"
"nixdeploy.bula22.de"
# External Service Probes
"vcp-bula-mon.bula22.de"
"vcp-bula-telko.bula22.de"
];
labels = {
"module" = "icmp6";
};
}
];
relabel_configs = [
{
source_labels = [ "__address__" ];
target_label = "__param_target";
}
{
source_labels = [ "__param_target" ];
target_label = "instance";
}
{
target_label = "__address__";
replacement = "[::1]:9115";
}
];
}
{
job_name = "blackbox_icmp4";
scrape_interval = "20s";
metrics_path = "/probe";
params = {
module = [ "icmp4" ];
2022-07-12 01:40:18 +02:00
};
static_configs = [
{
targets = [
# Internet Probes
"clerie.de"
"vcp.de"
"bundeslager.vcp.de"
# Vlan Probes
"gw.services.net.bula22.de"
"gw.management.net.bula22.de"
"gw.technik-iot.net.bula22.de"
"gw.technik.net.bula22.de"
"gw.hospital.net.bula22.de"
"gw.zoll.net.bula22.de"
"gw.leitstelle.net.bula22.de"
"gw.verwaltung.net.bula22.de"
"gw.yolo.net.bula22.de"
"gw.infojurte.net.bula22.de"
"gw.international.net.bula22.de"
"gw.programmtresen.net.bula22.de"
"gw.open-office.net.bula22.de"
# Management Probes
"wlan-controller.bula22.de"
"sw-zentral-1.bula22.de"
"sw-zentral-2.bula22.de"
"sw-verwaltung.bula22.de"
"sw-zoll-container.bula22.de"
"sw-zoll-zelt.bula22.de"
"sw-programmtresen.bula22.de"
"sw-international.bula22.de"
"sw-leitstelle.bula22.de"
"sw-infojurte.bula22.de"
"sw-technik-zelt.bula22.de"
"sw-technik-container.bula22.de"
"sw-hospital.bula22.de"
"sw-fuf.bula22.de"
"sw-waschhaus.bula22.de"
"sw-buehne.bula22.de"
"sw-trabantenstadt.bula22.de"
# Service Probes
"router.bula22.de"
"radius.bula22.de"
"yate.bula22.de"
"monitoring.bula22.de"
"dns.bula22.de"
2022-07-17 23:30:07 +02:00
"yate-dialup.bula22.de"
2022-07-12 01:40:18 +02:00
"nerd.bula22.de"
"pre-router.bula22.de"
"nixdeploy.bula22.de"
"omm.bula22.de"
"webcam.bula22.de"
2022-07-12 01:40:18 +02:00
];
labels = {
"module" = "icmp4";
};
2022-07-12 01:40:18 +02:00
}
];
relabel_configs = [
{
source_labels = [ "__address__" ];
target_label = "__param_target";
}
{
source_labels = [ "__param_target" ];
target_label = "instance";
}
{
target_label = "__address__";
replacement = "[::1]:9115";
}
];
}
2022-07-16 19:34:10 +02:00
{
job_name = "dns";
scrape_interval = "5s";
static_configs = [
{
targets = [
"dns.bula22.de:9253"
"dns.bula22.de:9353"
];
}
];
}
{
job_name = "waldbrandgefahrenstufen";
scrape_interval = "1h";
static_configs = [
{
targets = [
"[::1]:9242"
];
}
];
}
2022-07-24 16:52:54 +02:00
{
job_name = "snmp";
scrape_interval = "120s";
scrape_timeout = "40s";
metrics_path = "/snmp";
params = {
module = [
"if_mib"
];
};
2022-07-24 16:52:54 +02:00
static_configs = [
{
targets = [
"sw-zentral-1.bula22.de"
"sw-zentral-2.bula22.de"
"sw-verwaltung.bula22.de"
"sw-zoll-container.bula22.de"
"sw-zoll-zelt.bula22.de"
"sw-programmtresen.bula22.de"
"sw-international.bula22.de"
"sw-leitstelle.bula22.de"
"sw-infojurte.bula22.de"
"sw-technik-zelt.bula22.de"
"sw-technik-container.bula22.de"
"sw-hospital.bula22.de"
"sw-fuf.bula22.de"
"sw-waschhaus.bula22.de"
"sw-buehne.bula22.de"
"sw-trabantenstadt.bula22.de"
2022-07-24 16:52:54 +02:00
];
}
];
relabel_configs = [
{
source_labels = [ "__address__" ];
target_label = "__param_target";
}
{
source_labels = [ "__param_target" ];
target_label = "instance";
}
{
target_label = "__address__";
replacement = "[::1]:9116";
}
];
2022-07-24 16:52:54 +02:00
}
2022-07-10 13:25:53 +02:00
];
alertmanagers = [
{
static_configs = [ {
targets = [
"[::1]:9093"
];
} ];
}
];
2022-07-11 22:37:26 +02:00
rules = [ (readFile ./alertmanager-rules.yml) ];
2022-07-10 13:25:53 +02:00
};
systemd.services.prometheus-snmp-exporter.restartTriggers = [
config.environment.etc."snmp-exporter/snmp.yml".source
];
2022-07-10 13:25:53 +02:00
services.grafana = {
enable = true;
domain = "grafana.bula22.de";
rootUrl = "https://grafana.bula22.de";
port = 3001;
addr = "::1";
auth.anonymous.enable = true;
provision = {
enable = true;
datasources = [
{
type = "prometheus";
name = "Prometheus";
url = "http://[::1]:9090";
isDefault = true;
}
];
2022-07-11 22:37:26 +02:00
dashboards = [];
2022-07-10 13:25:53 +02:00
};
};
services.nginx = {
enable = true;
virtualHosts = {
"prometheus.bula22.de" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://[::1]:9090/";
};
"grafana.bula22.de" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://[::1]:3001/";
};
2022-07-23 18:21:30 +02:00
"influxdb.bula22.de" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://[::1]:8086/";
};
2022-07-10 13:25:53 +02:00
};
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
2022-07-11 22:37:26 +02:00
system.stateVersion = "22.05";
2022-07-10 13:25:53 +02:00
}