From 05381eb02e1b39b3a371b4d530c20ea1201aeaae Mon Sep 17 00:00:00 2001
From: makefu <github@syntax-fehler.de>
Date: Sun, 5 Sep 2021 20:42:42 +0200
Subject: ma gum: add supervision

---
 makefu/1systems/gum/config.nix                |  1 +
 makefu/2configs/nix-community/supervision.nix | 82 +++++++++++++++++++++++++++
 2 files changed, 83 insertions(+)
 create mode 100644 makefu/2configs/nix-community/supervision.nix

diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index adf025fd3..2a1d39c04 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -24,6 +24,7 @@ in {
       <stockholm/makefu/2configs/nur.nix>
       <stockholm/makefu/2configs/support-nixos.nix>
       <stockholm/makefu/2configs/nix-community/mediawiki-matrix-bot.nix>
+      <stockholm/makefu/2configs/nix-community/supervision.nix>
       <stockholm/makefu/2configs/home-manager>
       <stockholm/makefu/2configs/home-manager/cli.nix>
       # <stockholm/makefu/2configs/stats/client.nix>
diff --git a/makefu/2configs/nix-community/supervision.nix b/makefu/2configs/nix-community/supervision.nix
new file mode 100644
index 000000000..f648b9c17
--- /dev/null
+++ b/makefu/2configs/nix-community/supervision.nix
@@ -0,0 +1,82 @@
+{ config, lib, pkgs, ... }:
+let
+  isVM = lib.any (mod: mod == "xen-blkfront" || mod == "virtio_console") config.boot.initrd.kernelModules;
+  port = "9273";
+in {
+
+  networking.firewall.extraCommands = ''
+    iptables -A INPUT -i retiolum -p tcp --dport ${port} -j ACCEPT
+  '';
+
+  services.telegraf = {
+    enable = true;
+    extraConfig = {
+      agent.interval = "60s";
+      inputs = {
+        prometheus.metric_version = 2;
+        kernel_vmstat = { };
+        smart = lib.mkIf (!isVM) {
+          path = pkgs.writeShellScript "smartctl" ''
+            exec /run/wrappers/bin/sudo ${pkgs.smartmontools}/bin/smartctl "$@"
+          '';
+        };
+        system = { };
+        mem = { };
+        file = [{
+          data_format = "influx";
+          file_tag = "name";
+          files = [ "/var/log/telegraf/*" ];
+        }] ++ lib.optional (lib.any (fs: fs == "ext4") config.boot.supportedFilesystems) {
+          name_override = "ext4_errors";
+          files = [ "/sys/fs/ext4/*/errors_count" ];
+          data_format = "value";
+        };
+        exec = lib.optionalAttrs (lib.any (fs: fs == "zfs") config.boot.supportedFilesystems) {
+          ## Commands array
+          commands = [
+            (pkgs.writeScript "zpool-health" ''
+              #!${pkgs.gawk}/bin/awk -f
+              BEGIN {
+                while ("${pkgs.zfs}/bin/zpool status" | getline) {
+                  if ($1 ~ /pool:/) { printf "zpool_status,name=%s ", $2 }
+                  if ($1 ~ /state:/) { printf " state=\"%s\",", $2 }
+                  if ($1 ~ /errors:/) {
+                    if (index($2, "No")) printf "errors=0i\n"; else printf "errors=%di\n", $2
+                  }
+                }
+              }
+            '')
+          ];
+          data_format = "influx";
+        };
+        systemd_units = { };
+        swap = { };
+        disk.tagdrop = {
+          fstype = [ "tmpfs" "ramfs" "devtmpfs" "devfs" "iso9660" "overlay" "aufs" "squashfs" ];
+          device = [ "rpc_pipefs" "lxcfs" "nsfs" "borgfs" ];
+        };
+        diskio = { };
+      };
+      outputs.prometheus_client = {
+        listen = ":${port}";
+        metric_version = 2;
+      };
+    };
+  };
+
+  security.sudo.extraRules = lib.mkIf (!isVM) [{
+    users = [ "telegraf" ];
+    commands = [{
+      command = "${pkgs.smartmontools}/bin/smartctl";
+      options = [ "NOPASSWD" ];
+    }];
+  }];
+  # avoid logging sudo use
+  security.sudo.configFile = ''
+    Defaults:telegraf !syslog,!pam_session
+  '';
+  # create dummy file to avoid telegraf errors
+  systemd.tmpfiles.rules = [
+    "f /var/log/telegraf/dummy 0444 root root - -"
+  ];
+}
-- 
cgit v1.2.3