118 lines
3 KiB
Nix
118 lines
3 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.my.monitoring.prometheus;
|
|
|
|
in
|
|
{
|
|
options.my.monitoring.prometheus = {
|
|
enable = lib.mkEnableOption "Enable prometheus as a data scraper";
|
|
|
|
proxy = {
|
|
enable = lib.mkEnableOption "Set the proxy entry for this service";
|
|
|
|
domain = lib.mkOption {
|
|
default = "example.com";
|
|
type = lib.types.str;
|
|
description = ''
|
|
The domain where Caddy is reachable
|
|
'';
|
|
};
|
|
|
|
subdomain = lib.mkOption {
|
|
default = "prometheus";
|
|
type = lib.types.str;
|
|
description = ''
|
|
The subdomain where Prometheus is reachable
|
|
'';
|
|
};
|
|
|
|
host = lib.mkOption {
|
|
default = "localhost";
|
|
type = lib.types.str;
|
|
description = ''
|
|
Host name where the Prometheus is running
|
|
'';
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
config = lib.mkMerge [
|
|
(lib.mkIf cfg.enable {
|
|
|
|
age.secrets.searx-prometheus-secret = {
|
|
file = ../../secrets/searx-prometheus-secret.age;
|
|
owner = config.users.users."prometheus".name;
|
|
group = config.users.groups."prometheus".name;
|
|
mode = "0644";
|
|
};
|
|
|
|
services.prometheus = {
|
|
enable = true;
|
|
scrapeConfigs = [
|
|
{
|
|
job_name = "download-mgr-stack";
|
|
static_configs = [
|
|
{
|
|
targets = [
|
|
"localhost:${toString config.services.prometheus.exporters.exportarr-prowlarr.port}"
|
|
"localhost:${toString config.services.prometheus.exporters.exportarr-radarr.port}"
|
|
"localhost:${toString config.services.prometheus.exporters.exportarr-sonarr.port}"
|
|
"localhost:${toString config.services.prometheus.exporters.exportarr-lidarr.port}"
|
|
"localhost:${toString config.services.prometheus.exporters.exportarr-readarr.port}"
|
|
];
|
|
}
|
|
];
|
|
}
|
|
{
|
|
job_name = "caddy";
|
|
static_configs = [ { targets = [ "caddy.internal:2024" ]; } ];
|
|
}
|
|
{
|
|
job_name = "searxng";
|
|
static_configs = [ { targets = [ "caddy.internal:8080" ]; } ];
|
|
basic_auth = {
|
|
username = "searxng";
|
|
password_file = config.age.secrets.searx-prometheus-secret.path;
|
|
};
|
|
}
|
|
];
|
|
};
|
|
|
|
services.grafana = {
|
|
provision.datasources.settings = {
|
|
datasources = [
|
|
{
|
|
name = "Prometheus localhost";
|
|
url = "http://localhost:9090";
|
|
type = "prometheus";
|
|
isDefault = true;
|
|
}
|
|
];
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ 9090 ];
|
|
|
|
})
|
|
|
|
(lib.mkIf cfg.proxy.enable {
|
|
services.caddy = with cfg.proxy; {
|
|
virtualHosts."${subdomain}.${domain}".extraConfig = ''
|
|
reverse_proxy http://${host}:9090
|
|
import cloudflare_${domain}
|
|
'';
|
|
};
|
|
})
|
|
];
|
|
|
|
}
|