summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/makefu/default.nix1
-rw-r--r--makefu/0tests/data/secrets/mediawikibot-config.json1
-rw-r--r--makefu/1systems/gum/config.nix1
-rw-r--r--makefu/2configs/nix-community/supervision.nix82
4 files changed, 85 insertions, 0 deletions
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 30d90bf2b..03431ce5f 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -233,6 +233,7 @@ in {
"wiki.gum.r"
"wiki.makefu.r"
"warrior.gum.r"
+ "rss.makefu.r"
"sick.makefu.r"
"dl.gum.r"
"dl.makefu.r"
diff --git a/makefu/0tests/data/secrets/mediawikibot-config.json b/makefu/0tests/data/secrets/mediawikibot-config.json
new file mode 100644
index 000000000..0967ef424
--- /dev/null
+++ b/makefu/0tests/data/secrets/mediawikibot-config.json
@@ -0,0 +1 @@
+{}
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index adf025fd3..2a1d39c04 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -24,6 +24,7 @@ in {
<stockholm/makefu/2configs/nur.nix>
<stockholm/makefu/2configs/support-nixos.nix>
<stockholm/makefu/2configs/nix-community/mediawiki-matrix-bot.nix>
+ <stockholm/makefu/2configs/nix-community/supervision.nix>
<stockholm/makefu/2configs/home-manager>
<stockholm/makefu/2configs/home-manager/cli.nix>
# <stockholm/makefu/2configs/stats/client.nix>
diff --git a/makefu/2configs/nix-community/supervision.nix b/makefu/2configs/nix-community/supervision.nix
new file mode 100644
index 000000000..f648b9c17
--- /dev/null
+++ b/makefu/2configs/nix-community/supervision.nix
@@ -0,0 +1,82 @@
+{ config, lib, pkgs, ... }:
+let
+ isVM = lib.any (mod: mod == "xen-blkfront" || mod == "virtio_console") config.boot.initrd.kernelModules;
+ port = "9273";
+in {
+
+ networking.firewall.extraCommands = ''
+ iptables -A INPUT -i retiolum -p tcp --dport ${port} -j ACCEPT
+ '';
+
+ services.telegraf = {
+ enable = true;
+ extraConfig = {
+ agent.interval = "60s";
+ inputs = {
+ prometheus.metric_version = 2;
+ kernel_vmstat = { };
+ smart = lib.mkIf (!isVM) {
+ path = pkgs.writeShellScript "smartctl" ''
+ exec /run/wrappers/bin/sudo ${pkgs.smartmontools}/bin/smartctl "$@"
+ '';
+ };
+ system = { };
+ mem = { };
+ file = [{
+ data_format = "influx";
+ file_tag = "name";
+ files = [ "/var/log/telegraf/*" ];
+ }] ++ lib.optional (lib.any (fs: fs == "ext4") config.boot.supportedFilesystems) {
+ name_override = "ext4_errors";
+ files = [ "/sys/fs/ext4/*/errors_count" ];
+ data_format = "value";
+ };
+ exec = lib.optionalAttrs (lib.any (fs: fs == "zfs") config.boot.supportedFilesystems) {
+ ## Commands array
+ commands = [
+ (pkgs.writeScript "zpool-health" ''
+ #!${pkgs.gawk}/bin/awk -f
+ BEGIN {
+ while ("${pkgs.zfs}/bin/zpool status" | getline) {
+ if ($1 ~ /pool:/) { printf "zpool_status,name=%s ", $2 }
+ if ($1 ~ /state:/) { printf " state=\"%s\",", $2 }
+ if ($1 ~ /errors:/) {
+ if (index($2, "No")) printf "errors=0i\n"; else printf "errors=%di\n", $2
+ }
+ }
+ }
+ '')
+ ];
+ data_format = "influx";
+ };
+ systemd_units = { };
+ swap = { };
+ disk.tagdrop = {
+ fstype = [ "tmpfs" "ramfs" "devtmpfs" "devfs" "iso9660" "overlay" "aufs" "squashfs" ];
+ device = [ "rpc_pipefs" "lxcfs" "nsfs" "borgfs" ];
+ };
+ diskio = { };
+ };
+ outputs.prometheus_client = {
+ listen = ":${port}";
+ metric_version = 2;
+ };
+ };
+ };
+
+ security.sudo.extraRules = lib.mkIf (!isVM) [{
+ users = [ "telegraf" ];
+ commands = [{
+ command = "${pkgs.smartmontools}/bin/smartctl";
+ options = [ "NOPASSWD" ];
+ }];
+ }];
+ # avoid logging sudo use
+ security.sudo.configFile = ''
+ Defaults:telegraf !syslog,!pam_session
+ '';
+ # create dummy file to avoid telegraf errors
+ systemd.tmpfiles.rules = [
+ "f /var/log/telegraf/dummy 0444 root root - -"
+ ];
+}