1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
{ nodes, config, lib, pkgs, ... }:
{
dns.zones."ctu.cx".subdomains.prometheus.CNAME = [ "${config.networking.fqdn}." ];
systemd.services.prometheus.onFailure = [ "email-notify@%i.service" ];
services = {
prometheus = {
enable = true;
webExternalUrl = "https://prometheus.${config.networking.domain}/";
listenAddress = "[::1]";
port = 9090;
scrapeConfigs = [
{
job_name = "node-exporter";
scrape_interval = "30s";
scheme = "https";
metrics_path = "/node-exporter";
static_configs = [{
targets = (lib.mapAttrsToList (
name: host: lib.mkIf (
host.config.services.prometheus.exporters.node.enable == true &&
host.config.networking.hostName != "" &&
host.config.networking.domain != ""
) host.config.networking.fqdn
) nodes);
}];
}
{
job_name = "systemd-exporter";
scrape_interval = "30s";
scheme = "https";
metrics_path = "/systemd-exporter";
static_configs = [{
targets = (lib.mapAttrsToList (
name: host: lib.mkIf (
host.config.services.prometheus.exporters.node.enable == true &&
host.config.networking.hostName != "" &&
host.config.networking.domain != ""
) host.config.networking.fqdn
) nodes);
}];
}
{
job_name = "scaphandre-exporter";
scrape_interval = "30s";
scheme = "https";
metrics_path = "/scaphandre-exporter";
static_configs = [{
targets = (lib.mapAttrsToList (
name: host: lib.mkIf (
host.config.services.prometheus.exporters.scaphandre.enable == true &&
host.config.networking.hostName != "" &&
host.config.networking.domain != ""
) host.config.networking.fqdn
) nodes);
}];
}
];
};
nginx = {
enable = true;
virtualHosts."prometheus.${config.networking.domain}" = {
enableACME = true;
forceSSL = true;
kTLS = true;
locations."/".proxyPass = "http://[::1]:${toString config.services.prometheus.port}/";
};
};
};
}