summaryrefslogtreecommitdiffstats
path: root/makefu/2configs/stats/server.nix
blob: 679bfd65ce4ff913ceab41dbfc23bf32c68e1fc0 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
{pkgs, config, ...}:

with import <stockholm/lib>;
let
  irc-server = "irc.r";
  irc-nick = "m-alarm";
  collectd-port = 25826;
  influx-port = 8086;
  grafana-port = 3000;
  db = "collectd_db";
  logging-interface = config.makefu.server.primary-itf;
in {
  services.grafana.enable = true;
  services.grafana.addr = "0.0.0.0";

  services.influxdb.enable = true;
  systemd.services.influxdb.serviceConfig.LimitNOFILE = 8192;

  # redirect grafana to stats.makefu.r
  services.nginx.enable = true;
  services.nginx.virtualHosts."stats.makefu.r".locations."/".proxyPass = "http://localhost:3000";
  # forward these via nginx
  services.influxdb.extraConfig = {
    meta.hostname = config.krebs.build.host.name;
    # meta.logging-enabled = true;
    logging.level = "info";
    http.log-enabled = true;
    http.write-tracing = false;
    http.suppress-write-log = true;
    data.trace-logging-enabled = false;
    data.query-log-enabled = false;
    reporting-disabled = true;

    http.bind-address = ":${toString influx-port}";
    admin.bind-address = ":8083";
    monitoring = {
      enabled = false;
      # write-interval = "24h";
    };
    collectd = [{
      enabled = true;
      typesdb = "${pkgs.collectd}/share/collectd/types.db";
      database = db;
      bind-address = ":${toString collectd-port}";
    }];
  };

  networking.firewall.extraCommands = ''
    iptables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
    iptables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
    iptables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
    #iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
    #iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
    #iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT

    ip6tables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
    ip6tables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
    ip6tables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
    #ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
    #ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
    #ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
  '';
  state = [ "/var/lib/grafana/data/grafana.db" ];
}