From 2fc8d83da2a8206aaa0624641a5ad50c7be2216e Mon Sep 17 00:00:00 2001
From: clerie <git@clerie.de>
Date: Sun, 10 Jul 2022 13:25:53 +0200
Subject: [PATCH] Bootstrap monitoring server config

---
 hosts/monitoring/configuration.nix | 106 +++++++++++++++++++++++++++++
 1 file changed, 106 insertions(+)
 create mode 100644 hosts/monitoring/configuration.nix

diff --git a/hosts/monitoring/configuration.nix b/hosts/monitoring/configuration.nix
new file mode 100644
index 0000000..879cb3d
--- /dev/null
+++ b/hosts/monitoring/configuration.nix
@@ -0,0 +1,106 @@
+{ config, pkgs, lib, ... }:
+with lib;
+
+{
+  imports =
+    [
+      ./hardware-configuration.nix
+    ];
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  boot.loader.grub.device = "/dev/sda";
+  networking.hostName = "monitoring";
+  networking.useDHCP = false;
+  networking.interfaces.ens18.ipv4.addresses = [ { address = ""; prefixLength = 24; } ];
+  networking.interfaces.ens18.ipv6.addresses = [ { address = ""; prefixLength = 64; } ];
+  networking.defaultGateway = { address = "10.42.10.1"; interface = "ens18"; };
+  networking.defaultGateway6 = { address = "2a01:4f8:1c0c:8221::1"; interface = "ens18"; };
+  networking.nameservers = [ "2a01:4f8:1c0c:8221::1" "10.42.10.1" ];
+  services.prometheus.exporters.node.enable = true;
+  services.prometheus.alertmanager = {
+    enable = true;
+    listenAddress = "[::1]";
+    port = 9093;
+    configuration = {};
+  };
+  services.prometheus = {
+    enable = true;
+    listenAddress = "[::1]";
+    scrapeConfigs = [
+      {
+        job_name = "prometheus";
+        scrape_interval = "20s";
+        scheme = "http";
+        static_configs = [
+          {
+            targets = [
+              "[::1]:9090"
+            ];
+          }
+        ];
+      }
+      {
+        job_name = "node-exporter";
+        scrape_interval = "20s";
+        static_configs = [
+          {
+            targets = [
+              "[::1]:9100"
+            ];
+          }
+        ];
+      }
+    ];
+    alertmanagers = [
+      {
+        static_configs = [ {
+          targets = [
+            "[::1]:9093"
+          ];
+        } ];
+      }
+    ];
+    rules = [ (readFile ./rules.yml) ];
+  };
+  services.grafana = {
+    enable  = true;
+    domain  = "grafana.bula22.de";
+    rootUrl = "https://grafana.bula22.de";
+    port    = 3001;
+    addr = "::1";
+    auth.anonymous.enable = true;
+    provision = {
+      enable = true;
+      datasources = [
+        {
+          type = "prometheus";
+          name = "Prometheus";
+          url = "http://[::1]:9090";
+          isDefault = true;
+        }
+      ];
+      dashboards = [
+        {
+          options.path = ./dashboards;
+        }
+      ];
+    };
+  };
+  services.nginx = {
+    enable = true;
+    virtualHosts = {
+      "prometheus.bula22.de" = {
+        enableACME = true;
+        forceSSL   = true;
+        locations."/".proxyPass = "http://[::1]:9090/";
+      };
+      "grafana.bula22.de" = {
+        enableACME = true;
+        forceSSL   = true;
+        locations."/".proxyPass = "http://[::1]:3001/";
+      };
+    };
+  };
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  system.stateVersion = "";
+}