2017-01-09 16:02:02 +01:00
|
|
|
{pkgs, config, ...}:
|
|
|
|
|
2023-07-02 16:05:52 +02:00
|
|
|
with pkgs.stockholm.lib;
|
2017-01-09 16:02:02 +01:00
|
|
|
let
|
2018-09-17 01:11:57 +02:00
|
|
|
irc-server = "irc.r";
|
2017-09-29 21:34:38 +02:00
|
|
|
irc-nick = "m-alarm";
|
2017-01-09 16:03:36 +01:00
|
|
|
collectd-port = 25826;
|
|
|
|
influx-port = 8086;
|
2018-09-17 01:11:57 +02:00
|
|
|
grafana-port = 3000;
|
2017-03-01 15:46:23 +01:00
|
|
|
db = "collectd_db";
|
|
|
|
logging-interface = config.makefu.server.primary-itf;
|
2017-01-09 16:02:02 +01:00
|
|
|
in {
|
2017-01-09 16:03:36 +01:00
|
|
|
services.grafana.enable = true;
|
2017-01-09 16:02:02 +01:00
|
|
|
services.grafana.addr = "0.0.0.0";
|
|
|
|
|
|
|
|
services.influxdb.enable = true;
|
2021-10-01 18:53:03 +02:00
|
|
|
systemd.services.influxdb.serviceConfig.LimitNOFILE = 8192;
|
|
|
|
|
2017-05-24 10:49:34 +02:00
|
|
|
# redirect grafana to stats.makefu.r
|
|
|
|
services.nginx.enable = true;
|
|
|
|
services.nginx.virtualHosts."stats.makefu.r".locations."/".proxyPass = "http://localhost:3000";
|
2017-01-09 16:02:02 +01:00
|
|
|
# forward these via nginx
|
|
|
|
services.influxdb.extraConfig = {
|
|
|
|
meta.hostname = config.krebs.build.host.name;
|
|
|
|
# meta.logging-enabled = true;
|
2018-12-13 01:52:24 +01:00
|
|
|
logging.level = "info";
|
|
|
|
http.log-enabled = true;
|
2022-11-01 11:39:56 +01:00
|
|
|
http.flux-enabled = true;
|
2018-12-13 01:52:24 +01:00
|
|
|
http.write-tracing = false;
|
|
|
|
http.suppress-write-log = true;
|
|
|
|
data.trace-logging-enabled = false;
|
|
|
|
data.query-log-enabled = false;
|
2021-03-12 20:29:35 +01:00
|
|
|
reporting-disabled = true;
|
2018-12-13 01:52:24 +01:00
|
|
|
|
2017-01-09 16:02:02 +01:00
|
|
|
http.bind-address = ":${toString influx-port}";
|
|
|
|
admin.bind-address = ":8083";
|
|
|
|
monitoring = {
|
|
|
|
enabled = false;
|
|
|
|
# write-interval = "24h";
|
|
|
|
};
|
2017-01-09 16:03:36 +01:00
|
|
|
collectd = [{
|
2017-01-09 16:02:02 +01:00
|
|
|
enabled = true;
|
|
|
|
typesdb = "${pkgs.collectd}/share/collectd/types.db";
|
2017-03-01 15:46:23 +01:00
|
|
|
database = db;
|
2017-08-06 16:42:52 +02:00
|
|
|
bind-address = ":${toString collectd-port}";
|
2017-01-09 16:02:02 +01:00
|
|
|
}];
|
|
|
|
};
|
2017-02-03 20:45:27 +01:00
|
|
|
|
2017-01-09 16:02:02 +01:00
|
|
|
networking.firewall.extraCommands = ''
|
|
|
|
iptables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
|
|
|
|
iptables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
|
|
|
|
iptables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
|
2018-09-17 01:11:57 +02:00
|
|
|
#iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
|
|
|
|
#iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
|
|
|
|
#iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
|
2017-04-19 10:05:39 +02:00
|
|
|
|
|
|
|
ip6tables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
|
|
|
|
ip6tables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
|
|
|
|
ip6tables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
|
2018-09-17 01:11:57 +02:00
|
|
|
#ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
|
|
|
|
#ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
|
|
|
|
#ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
|
2017-01-09 16:02:02 +01:00
|
|
|
'';
|
2018-09-17 01:11:57 +02:00
|
|
|
state = [ "/var/lib/grafana/data/grafana.db" ];
|
2017-01-09 16:02:02 +01:00
|
|
|
}
|