lass/2configs/monitoring/prometheus.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110

{ config, lib, pkgs, ... }:
{
  #prometheus
  krebs.iptables = {
    enable = true;
    tables.filter.INPUT.rules = [
      { predicate = "-i retiolum -p tcp --dport 80"; target = "ACCEPT"; } # nginx
      # { predicate = "-i retiolum -p tcp --dport 3012"; target = "ACCEPT"; } # grafana
      # { predicate = "-i retiolum -p tcp --dport 9093"; target = "ACCEPT"; } # alertmanager
      # { predicate = "-i retiolum -p tcp --dport 9223"; target = "ACCEPT"; } # alertmanager
    ];
  };

  services.nginx = {
    enable = true;
    virtualHosts = {
      "prometheus.lass.r" = {
        locations."/".proxyPass = "http://localhost:9090";
      };
      "alert.lass.r" = {
        locations."/".proxyPass = "http://localhost:9093";
      };
      "grafana.lass.r" = {
        locations."/".proxyPass = "http://localhost:3012";
      };
    };
  };

  services.grafana = {
    enable = true;
    addr = "0.0.0.0";
    port = 3012;
    auth.anonymous = {
      enable = true;
      org_role = "Admin";
    };
  };
  services.prometheus = {
    enable = true;
    ruleFiles = [
      (pkgs.writeText "prometheus-rules.yml" (builtins.toJSON {
        groups = [{
          name = "alerting-rules";
          rules = import ./alert-rules.nix { inherit lib; };
        }];
      }))
    ];
    scrapeConfigs = [
      {
        job_name = "telegraf";
        scrape_interval = "60s";
        metrics_path = "/metrics";
        static_configs = [
          {
            targets = [
              "prism.r:9273"
              "dishfire.r:9273"
              "yellow.r:9273"
            ];
          }
        ];
      }
    ];
    alertmanagers = [
      { scheme = "http";
        path_prefix = "/";
        static_configs = [ { targets = [ "localhost:9093" ]; } ];
      }
    ];
    alertmanager = {
      enable = true;
      webExternalUrl = "https://alert.lass.r";
      listenAddress = "[::1]";
      configuration = {
        global = {
          # The smarthost and SMTP sender used for mail notifications.
          smtp_smarthost = "localhost:587";
          smtp_from = "alertmanager@alert.lass.r";
          # smtp_auth_username = "alertmanager@thalheim.io";
          # smtp_auth_password = "$SMTP_PASSWORD";
        };
        route = {
          receiver = "default";
          routes = [
            {
              group_by = [ "host" ];
              group_wait = "30s";
              group_interval = "2m";
              repeat_interval = "2h";
              receiver = "all";
            }
          ];
        };
        receivers = [
          {
            name = "all";
            webhook_configs = [{
              url = "http://127.0.0.1:9223/";
              max_alerts = 5;
            }];
          }
          {
            name = "default";
          }
        ];
      };
    };
  };

}