tlaternet/tlaternet-server
1
0
Fork 0
Code Issues10 Pull requests Releases Activity

treewide: Use nixfmt for formatting

Browse source
This commit is contained in:
Tristan Daniël Maat 2024-08-18 20:41:20 +02:00
parent 3a591863b0
commit 04f7a7ef1d
Signed by: tlater
GPG key ID: 49670FD774E43268
27 changed files with 496 additions and 466 deletions
configuration/services/metrics
exporters.nixoptions.nixvictoriametrics.nix

50
configuration/services/metrics/exporters.nix
View file

@ -1,7 +1,8 @@
{ config
, pkgs
, lib
, ...
{
config,
pkgs,
lib,
...
}:
let
yaml = pkgs.formats.yaml { };
@ -20,9 +21,7 @@ in
"tlater.com"
];
in
[
"--config=${yaml.generate "domains.yml" conf}"
];
[ "--config=${yaml.generate "domains.yml" conf}" ];
};
# System statistics
@ -51,26 +50,21 @@ in
listenAddress = "127.0.0.1";
group = "nginx";
settings.namespaces =
lib.mapAttrsToList
(name: virtualHost: {
inherit name;
metrics_override.prefix = "nginxlog";
namespace_label = "vhost";
settings.namespaces = lib.mapAttrsToList (name: virtualHost: {
inherit name;
metrics_override.prefix = "nginxlog";
namespace_label = "vhost";
format = lib.concatStringsSep " " [
"$remote_addr - $remote_user [$time_local]"
''"$request" $status $body_bytes_sent''
''"$http_referer" "$http_user_agent"''
''rt=$request_time uct="$upstream_connect_time"''
''uht="$upstream_header_time" urt="$upstream_response_time"''
];
format = lib.concatStringsSep " " [
"$remote_addr - $remote_user [$time_local]"
''"$request" $status $body_bytes_sent''
''"$http_referer" "$http_user_agent"''
''rt=$request_time uct="$upstream_connect_time"''
''uht="$upstream_header_time" urt="$upstream_response_time"''
];
source.files = [
"/var/log/nginx/${name}/access.log"
];
})
config.services.nginx.virtualHosts;
source.files = [ "/var/log/nginx/${name}/access.log" ];
}) config.services.nginx.virtualHosts;
};
};
@ -86,7 +80,11 @@ in
requires = [ "fail2ban.service" ];
serviceConfig = {
Group = "fail2ban";
RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ];
RestrictAddressFamilies = [
"AF_UNIX"
"AF_INET"
"AF_INET6"
];
ExecStart = lib.concatStringsSep " " [
"${pkgs.local.prometheus-fail2ban-exporter}/bin/fail2ban-prometheus-exporter"
"--collector.f2b.socket=/var/run/fail2ban/fail2ban.sock"

218
configuration/services/metrics/options.nix
View file

@ -1,7 +1,8 @@
{ pkgs
, config
, lib
, ...
{
pkgs,
config,
lib,
...
}:
let
inherit (lib) types mkOption mkDefault;
@ -11,87 +12,94 @@ in
options = {
services.prometheus = {
extraExporters = mkOption {
type = types.attrsOf (types.submodule {
options = {
port = mkOption {
type = types.int;
description = "The port on which this exporter listens.";
type = types.attrsOf (
types.submodule {
options = {
port = mkOption {
type = types.int;
description = "The port on which this exporter listens.";
};
listenAddress = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Address to listen on.";
};
serviceOpts = mkOption {
type = types.attrs;
description = "An attrset to be merged with the exporter's systemd service.";
};
};
listenAddress = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Address to listen on.";
};
serviceOpts = mkOption {
type = types.attrs;
description = "An attrset to be merged with the exporter's systemd service.";
};
};
});
}
);
};
};
services.victoriametrics.scrapeConfigs = mkOption {
type = types.attrsOf (types.submodule ({ name
, self
, ...
}: {
options = {
job_name = mkOption {
type = types.str;
default = name;
};
extraSettings = mkOption {
type = types.anything;
description = ''
Other settings to set for this scrape config.
'';
default = { };
};
targets = mkOption {
type = types.listOf types.str;
description = lib.mdDoc ''
Addresses scrape targets for this config listen on.
Shortcut for `static_configs = lib.singleton {targets = [<targets>];}`
'';
default = [ ];
};
static_configs = mkOption {
default = [ ];
type = types.listOf (types.submodule {
options = {
targets = mkOption {
type = types.listOf types.str;
description = lib.mdDoc ''
The addresses scrape targets for this config listen on.
Must in `listenAddress:port` format.
'';
};
labels = mkOption {
type = types.attrsOf types.str;
description = lib.mdDoc ''
Labels to apply to all targets defined for this static config.
'';
default = { };
};
type = types.attrsOf (
types.submodule (
{ name, self, ... }:
{
options = {
job_name = mkOption {
type = types.str;
default = name;
};
});
};
};
}));
extraSettings = mkOption {
type = types.anything;
description = ''
Other settings to set for this scrape config.
'';
default = { };
};
targets = mkOption {
type = types.listOf types.str;
description = lib.mdDoc ''
Addresses scrape targets for this config listen on.
Shortcut for `static_configs = lib.singleton {targets = [<targets>];}`
'';
default = [ ];
};
static_configs = mkOption {
default = [ ];
type = types.listOf (
types.submodule {
options = {
targets = mkOption {
type = types.listOf types.str;
description = lib.mdDoc ''
The addresses scrape targets for this config listen on.
Must in `listenAddress:port` format.
'';
};
labels = mkOption {
type = types.attrsOf types.str;
description = lib.mdDoc ''
Labels to apply to all targets defined for this static config.
'';
default = { };
};
};
}
);
};
};
}
)
);
};
};
config = {
systemd.services = lib.mkMerge [
(lib.mapAttrs'
(name: exporter:
lib.nameValuePair "prometheus-${name}-exporter" (lib.mkMerge [
(lib.mapAttrs' (
name: exporter:
lib.nameValuePair "prometheus-${name}-exporter" (
lib.mkMerge [
{
# Shamelessly copied from upstream because the upstream
# module is an intractable mess
@ -117,7 +125,10 @@ in
serviceConfig.ProtectKernelTunables = true;
serviceConfig.ProtectSystem = mkDefault "strict";
serviceConfig.RemoveIPC = true;
serviceConfig.RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
serviceConfig.RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
];
serviceConfig.RestrictNamespaces = true;
serviceConfig.RestrictRealtime = true;
serviceConfig.RestrictSUIDSGID = true;
@ -125,8 +136,9 @@ in
serviceConfig.UMask = "0077";
}
exporter.serviceOpts
]))
config.services.prometheus.extraExporters)
]
)
) config.services.prometheus.extraExporters)
{
vmagent-scrape-exporters =
@ -134,24 +146,25 @@ in
listenAddress = config.services.victoriametrics.listenAddress;
vmAddr = (lib.optionalString (lib.hasPrefix ":" listenAddress) "127.0.0.1") + listenAddress;
promscrape = yaml.generate "prometheus.yml" {
scrape_configs = lib.mapAttrsToList
(_: scrape:
lib.recursiveUpdate
{
inherit (scrape) job_name;
static_configs =
scrape.static_configs
++ lib.optional (scrape.targets != [ ]) { targets = scrape.targets; };
}
scrape.extraSettings)
config.services.victoriametrics.scrapeConfigs;
scrape_configs = lib.mapAttrsToList (
_: scrape:
lib.recursiveUpdate {
inherit (scrape) job_name;
static_configs =
scrape.static_configs
++ lib.optional (scrape.targets != [ ]) { targets = scrape.targets; };
} scrape.extraSettings
) config.services.victoriametrics.scrapeConfigs;
};
in
{
enable = true;
path = [ pkgs.victoriametrics ];
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "victoriametrics.service" ];
after = [
"network.target"
"victoriametrics.service"
];
serviceConfig = {
ExecStart = [
(lib.concatStringsSep " " [
@ -180,7 +193,10 @@ in
ProtectKernelTunables = true;
ProtectSystem = "strict";
RemoveIPC = true;
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
];
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
@ -195,19 +211,15 @@ in
services.victoriametrics.scrapeConfigs =
let
allExporters =
lib.mapAttrs
(name: exporter: {
inherit (exporter) listenAddress port;
})
((lib.filterAttrs (_: exporter: builtins.isAttrs exporter && exporter.enable)
config.services.prometheus.exporters)
// config.services.prometheus.extraExporters);
allExporters = lib.mapAttrs (name: exporter: { inherit (exporter) listenAddress port; }) (
(lib.filterAttrs (
_: exporter: builtins.isAttrs exporter && exporter.enable
) config.services.prometheus.exporters)
// config.services.prometheus.extraExporters
);
in
lib.mapAttrs
(_: exporter: {
targets = [ "${exporter.listenAddress}:${toString exporter.port}" ];
})
allExporters;
lib.mapAttrs (_: exporter: {
targets = [ "${exporter.listenAddress}:${toString exporter.port}" ];
}) allExporters;
};
}

7
configuration/services/metrics/victoriametrics.nix
View file

@ -1,9 +1,8 @@
{ config, ... }: {
{ config, ... }:
{
config.services.victoriametrics = {
enable = true;
extraOptions = [
"-storage.minFreeDiskSpaceBytes=5GB"
];
extraOptions = [ "-storage.minFreeDiskSpaceBytes=5GB" ];
scrapeConfigs = {
forgejo = {