2017-01-30 22:56:43 +01:00
|
|
|
{pkgs, config, ...}:
|
|
|
|
with import <stockholm/lib>;
|
|
|
|
{
|
2017-02-05 00:25:39 +01:00
|
|
|
services.influxdb.enable = true;
|
2017-01-30 22:56:43 +01:00
|
|
|
|
|
|
|
services.influxdb.extraConfig = {
|
|
|
|
meta.hostname = config.krebs.build.host.name;
|
|
|
|
# meta.logging-enabled = true;
|
|
|
|
http.bind-address = ":8086";
|
|
|
|
admin.bind-address = ":8083";
|
|
|
|
monitoring = {
|
|
|
|
enabled = false;
|
|
|
|
# write-interval = "24h";
|
|
|
|
};
|
2017-02-03 00:23:00 +01:00
|
|
|
collectd = [{
|
|
|
|
enabled = true;
|
|
|
|
typesdb = "${pkgs.collectd}/share/collectd/types.db";
|
|
|
|
database = "collectd_db";
|
|
|
|
port = 25826;
|
|
|
|
}];
|
2017-01-30 22:56:43 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
lass.kapacitor =
|
|
|
|
let
|
|
|
|
echoToIrc = pkgs.writeDash "echo_irc" ''
|
|
|
|
set -euf
|
|
|
|
data="$(${pkgs.jq}/bin/jq -r .message)"
|
|
|
|
export LOGNAME=prism-alarm
|
|
|
|
${pkgs.irc-announce}/bin/irc-announce \
|
2017-02-05 00:25:39 +01:00
|
|
|
ni.r 6667 prism-alarm \#retiolum "$data" >/dev/null
|
2017-01-30 22:56:43 +01:00
|
|
|
'';
|
|
|
|
in {
|
|
|
|
enable = true;
|
2017-02-05 00:25:39 +01:00
|
|
|
check_db = "telegraf_db";
|
2017-01-30 22:56:43 +01:00
|
|
|
alarms = {
|
2017-02-05 00:25:39 +01:00
|
|
|
cpu = ''
|
|
|
|
var data = batch
|
2017-01-30 22:56:43 +01:00
|
|
|
|query(${"'''"}
|
|
|
|
SELECT mean("usage_user") AS mean
|
|
|
|
FROM "${config.lass.kapacitor.check_db}"."default"."cpu"
|
|
|
|
${"'''"})
|
2017-02-05 00:25:39 +01:00
|
|
|
.period(10m)
|
|
|
|
.every(1m)
|
|
|
|
.groupBy('host')
|
|
|
|
data |alert()
|
|
|
|
.crit(lambda: "mean" > 90)
|
|
|
|
.exec('${echoToIrc}')
|
|
|
|
data |deadman(1.0,5m)
|
|
|
|
.stateChangesOnly()
|
|
|
|
.exec('${echoToIrc}')
|
|
|
|
'';
|
|
|
|
ram = ''
|
|
|
|
var data = batch
|
|
|
|
|query(${"'''"}
|
|
|
|
SELECT mean("used_percent") AS mean
|
|
|
|
FROM "${config.lass.kapacitor.check_db}"."default"."mem"
|
|
|
|
${"'''"})
|
|
|
|
.period(10m)
|
|
|
|
.every(1m)
|
2017-01-30 22:56:43 +01:00
|
|
|
.groupBy('host')
|
2017-02-05 00:25:39 +01:00
|
|
|
data |alert()
|
|
|
|
.crit(lambda: "mean" > 90)
|
2017-01-30 22:56:43 +01:00
|
|
|
.exec('${echoToIrc}')
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
krebs.iptables.tables.filter.INPUT.rules = [
|
|
|
|
{ predicate = "-p tcp -i retiolum --dport 8086"; target = "ACCEPT"; }
|
|
|
|
{ predicate = "-p tcp -i retiolum --dport 3000"; target = "ACCEPT"; }
|
2017-02-03 00:23:00 +01:00
|
|
|
{ predicate = "-p udp -i retiolum --dport 25826"; target = "ACCEPT"; }
|
2017-01-30 22:56:43 +01:00
|
|
|
];
|
|
|
|
services.grafana = {
|
|
|
|
enable = true;
|
|
|
|
addr = "0.0.0.0";
|
|
|
|
auth.anonymous.enable = true;
|
|
|
|
security = import <secrets/grafana_security.nix>; # { AdminUser = ""; adminPassword = ""}
|
|
|
|
};
|
|
|
|
}
|