pazpi/nix
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

Add LibreNMS service

Browse source
This commit is contained in:
pazpi 2026-01-19 12:35:13 +01:00
parent f20c086d6f
commit c0f26a47f2
10 changed files with 151 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
hosts/caddy/default.nix
View file

@ -127,6 +127,12 @@ in
domain = p.domains.public; domain = p.domains.public;
host = p.hosts.portainer; host = p.hosts.portainer;
}; };
librenms.proxy = {
enable = true;
domain = p.domains.public;
host = p.hosts.librenms;
};
}; };
networking = { networking = {

9
hosts/hosts.nix
View file

@ -195,6 +195,15 @@
]; ];
}; };
librenms = {
module = ./librenms;
tags = [
"lxc"
"bacco"
"librenms"
];
};
# Special hosts (non-LXC or local deployment) # Special hosts (non-LXC or local deployment)
# deadbeef = { # deadbeef = {
# module = ./deadbeef; # module = ./deadbeef;

33
hosts/librenms/default.nix Normal file
View file

@ -0,0 +1,33 @@
{
config,
pkgs,
lib,
...
}:
let
p = import ../parameters.nix;
in
{
my = {
utils = {
commons.enable = true;
lxc-standard.enable = true;
};
monitoring.librenms = {
enable = true;
hostname = p.hosts.librenms;
settings = {
"snmp.community" = [ "public" "homelab" ];
};
};
virtualisation.proxmox.enable = true;
};
# Extra packages
environment.systemPackages = with pkgs; [ ];
system.stateVersion = "25.11";
}

1
hosts/parameters.nix
View file

@ -32,6 +32,7 @@ in
forgejo-runner = "forgejo-runner.${private-domain}"; forgejo-runner = "forgejo-runner.${private-domain}";
n8n = "n8n.${private-domain}"; n8n = "n8n.${private-domain}";
ilpost-podcast = "ilpost-podcast.${private-domain}"; ilpost-podcast = "ilpost-podcast.${private-domain}";
librenms = "librenms.${private-domain}";
}; };
email = "davide@${public-domain}"; email = "davide@${public-domain}";
} }

1
modules/monitoring/default.nix
View file

@ -1,6 +1,7 @@
{ {
imports = [ imports = [
./grafana.nix ./grafana.nix
./librenms.nix
./loki.nix ./loki.nix
./prometheus.nix ./prometheus.nix
./uptime-kuma.nix ./uptime-kuma.nix

89
modules/monitoring/librenms.nix Normal file
View file

@ -0,0 +1,89 @@
{
lib,
config,
pkgs,
...
}:
let
cfg = config.my.monitoring.librenms;
in
{
options.my.monitoring.librenms = {
enable = lib.mkEnableOption "Enable LibreNMS module";
hostname = lib.mkOption {
default = "librenms.home";
type = lib.types.str;
description = ''
The hostname for LibreNMS
'';
};
settings = lib.mkOption {
type = lib.types.submodule {
freeformType = (pkgs.formats.json { }).type;
};
default = { };
description = ''
LibreNMS configuration settings (maps to config.php)
'';
};
proxy = {
enable = lib.mkEnableOption "Set the proxy entry for this service";
domain = lib.mkOption {
default = "example.com";
type = lib.types.str;
description = ''
The domain where Caddy is reachable
'';
};
subdomain = lib.mkOption {
default = "librenms";
type = lib.types.str;
description = ''
The subdomain where LibreNMS is reachable
'';
};
host = lib.mkOption {
default = "localhost";
type = lib.types.str;
description = ''
Host name where the service is running
'';
};
};
};
config = lib.mkMerge [
(lib.mkIf cfg.enable {
services.librenms = {
enable = true;
hostname = cfg.hostname;
database = {
createLocally = true;
socket = "/run/mysqld/mysqld.sock";
};
settings = cfg.settings;
};
networking.firewall.allowedTCPPorts = [ 80 ];
})
(lib.mkIf cfg.proxy.enable {
services.caddy = with cfg.proxy; {
virtualHosts."${subdomain}.${domain}".extraConfig = ''
reverse_proxy http://${host}:80
import cloudflare_${domain}
'';
};
})
];
}

9
modules/utils/lxc-standard.nix
View file

@ -9,6 +9,8 @@ in
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
age.secrets.snmpd-config.file = ../../secrets/snmpd-config.age;
# Enable SSH # Enable SSH
services.openssh = { services.openssh = {
enable = true; enable = true;
@ -30,6 +32,13 @@ in
}; };
}; };
# SNMP
services.snmpd = {
enable = true;
openFirewall = true;
configFile = config.age.secrets.snmpd-config.path;
};
networking.nameservers = [ "192.168.1.2" ]; networking.nameservers = [ "192.168.1.2" ];
}; };

1
secrets.nix
View file

@ -31,6 +31,7 @@ let
machines.firefly-iii machines.firefly-iii
]; ];
forgejo-runner-token = [ machines.forgejo-runner ]; forgejo-runner-token = [ machines.forgejo-runner ];
snmpd-config = builtins.attrValues machines;
}; };
in in
builtins.listToAttrs ( builtins.listToAttrs (

BIN
secrets/snmpd-config.age Normal file
View file

Binary file not shown.

2
ssh-keys.nix
View file

@ -24,6 +24,7 @@ rec {
forgejo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO0MTOCgMoAFjYDEq1gU+XBSUNNcJenoHXagOgFuP1ZN"; forgejo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO0MTOCgMoAFjYDEq1gU+XBSUNNcJenoHXagOgFuP1ZN";
forgejo-runner = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFR3nkxurUTV2BYv+gLmgyCywPeVaWQxAIHomTNp3R85"; forgejo-runner = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFR3nkxurUTV2BYv+gLmgyCywPeVaWQxAIHomTNp3R85";
n8n = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP18IdsIxK7EdIOLSONJ4NA6AfLnM/3NkR3+OCDvJWXJ"; n8n = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP18IdsIxK7EdIOLSONJ4NA6AfLnM/3NkR3+OCDvJWXJ";
librenms = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM/dmfOVzj37ZYwLTs+jjQUQYRIgvW3NrtBDsr8rllss";
}; };
# Machines able to provisioning other machines # Machines able to provisioning other machines
@ -43,6 +44,7 @@ rec {
machines.arr machines.arr
machines.auth machines.auth
machines.caddy machines.caddy
machines.librenms
machines.metrics machines.metrics
machines.shadowsocks machines.shadowsocks
]; ];