nixos-config/2configs/stats/server.nix

95 lines
3.4 KiB
Nix
Raw Normal View History

2017-01-09 16:02:02 +01:00
{pkgs, config, ...}:
with import <stockholm/lib>;
let
2018-09-17 01:11:57 +02:00
irc-server = "irc.r";
irc-nick = "m-alarm";
2017-01-09 16:03:36 +01:00
collectd-port = 25826;
influx-port = 8086;
2018-09-17 01:11:57 +02:00
grafana-port = 3000;
db = "collectd_db";
logging-interface = config.makefu.server.primary-itf;
2017-01-09 16:02:02 +01:00
in {
2017-01-09 16:03:36 +01:00
services.grafana.enable = true;
2017-01-09 16:02:02 +01:00
services.grafana.addr = "0.0.0.0";
services.influxdb.enable = true;
# redirect grafana to stats.makefu.r
services.nginx.enable = true;
services.nginx.virtualHosts."stats.makefu.r".locations."/".proxyPass = "http://localhost:3000";
2017-01-09 16:02:02 +01:00
# forward these via nginx
services.influxdb.extraConfig = {
meta.hostname = config.krebs.build.host.name;
# meta.logging-enabled = true;
logging.level = "info";
http.log-enabled = true;
http.write-tracing = false;
http.suppress-write-log = true;
data.trace-logging-enabled = false;
data.query-log-enabled = false;
2017-01-09 16:02:02 +01:00
http.bind-address = ":${toString influx-port}";
admin.bind-address = ":8083";
monitoring = {
enabled = false;
# write-interval = "24h";
};
2017-01-09 16:03:36 +01:00
collectd = [{
2017-01-09 16:02:02 +01:00
enabled = true;
typesdb = "${pkgs.collectd}/share/collectd/types.db";
database = db;
2017-08-06 16:42:52 +02:00
bind-address = ":${toString collectd-port}";
2017-01-09 16:02:02 +01:00
}];
};
krebs.kapacitor =
2017-02-03 20:45:27 +01:00
let
echoToIrc = pkgs.writeDash "echo_irc" ''
set -euf
data="$(${pkgs.jq}/bin/jq -r .message)"
export LOGNAME=${irc-nick}
2017-02-03 20:45:27 +01:00
${pkgs.irc-announce}/bin/irc-announce \
${irc-server} 6667 ${irc-nick} \#noise "$data" >/dev/null
2017-02-03 20:45:27 +01:00
'';
in {
enable = true;
alarms = {
cpu_deadman.database = db;
cpu_deadman.text = ''
2017-02-03 20:45:27 +01:00
var data = batch
2017-02-05 22:34:16 +01:00
|query(${"'''"}
2017-02-03 20:45:27 +01:00
SELECT mean("value") AS mean
FROM "collectd_db"."default"."cpu_value"
WHERE "type_instance" = 'idle' AND "type" = 'percent' fill(0)
2017-02-05 22:34:16 +01:00
${"'''"})
2017-02-03 20:45:27 +01:00
.period(10m)
.every(1m)
.groupBy('host')
data |alert()
.crit(lambda: "mean" < 50)
.stateChangesOnly()
.exec('${echoToIrc}')
data |deadman(1.0,5m)
.stateChangesOnly()
.exec('${echoToIrc}')
'';
};
};
2017-01-09 16:02:02 +01:00
networking.firewall.extraCommands = ''
iptables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
iptables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
iptables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
2018-09-17 01:11:57 +02:00
#iptables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
#iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
#iptables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
ip6tables -A INPUT -i retiolum -p udp --dport ${toString collectd-port} -j ACCEPT
ip6tables -A INPUT -i retiolum -p tcp --dport ${toString influx-port} -j ACCEPT
ip6tables -A INPUT -i retiolum -p tcp --dport ${toString grafana-port} -j ACCEPT
2018-09-17 01:11:57 +02:00
#ip6tables -A INPUT -i ${logging-interface} -p udp --dport ${toString collectd-port} -j ACCEPT
#ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString influx-port} -j ACCEPT
#ip6tables -A INPUT -i ${logging-interface} -p tcp --dport ${toString grafana-port} -j ACCEPT
2017-01-09 16:02:02 +01:00
'';
2018-09-17 01:11:57 +02:00
state = [ "/var/lib/grafana/data/grafana.db" ];
2017-01-09 16:02:02 +01:00
}