hscloud/bgpwtf/machines/modules/prometheus.nix

58 lines
1.5 KiB
Nix
Raw Permalink Normal View History

# Prometheus configuration for a BIRD-enabled router.
{ config, pkgs, lib, ... }:
with lib;
let
nodeExporterPort = 9100;
birdExporterPort = 9101;
birdExporter = pkgs.buildGoModule rec {
pname = "bird-exporter";
version = "1.2.6";
src = pkgs.fetchFromGitHub {
owner = "czerwonk";
repo = "bird_exporter";
rev = version;
sha256 = "1yqizzlvwyxlrd2priqd1jx9s87yvsypqkmk81dacm1ra4xrs0nd";
};
vendorSha256 = "0wczj3g0c917hwjkz23xg5blb4z5a04v3wbx6kg0wfyb09c9bwx3";
};
in {
systemd.services.bird_exporter = {
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${birdExporter}/bin/bird_exporter -format.new=true -bird.v2=true -web.listen-address=127.0.0.1:${toString birdExporterPort}";
Restart = "always";
RestartSec = "60";
};
};
services.prometheus.exporters.node = {
enable = true;
listenAddress = "127.0.0.1";
port = nodeExporterPort;
};
services.nginx.enable = true;
services.nginx.virtualHosts."${config.networking.hostName}.${config.networking.domain}" = let
allowMonitoring = ''
allow 209.250.231.127; # monitoring.hackerspace.pl
deny all;
'';
in {
locations."/metrics-node" = {
proxyPass = "http://127.0.0.1:${toString nodeExporterPort}/metrics";
extraConfig = allowMonitoring;
};
locations."/metrics-bird" = {
proxyPass = "http://127.0.0.1:${toString birdExporterPort}/metrics";
extraConfig = allowMonitoring;
};
};
}