diff --git a/nixos/components/network/tinc/private.nix b/nixos/components/network/tinc/private.nix index 892a071..9b2d057 100644 --- a/nixos/components/network/tinc/private.nix +++ b/nixos/components/network/tinc/private.nix @@ -19,6 +19,8 @@ let "transmission2.robi" = hosts.robi; "loki.robi" = hosts.robi; "loki.pepe" = hosts.pepe; + "grafana.pepe" = hosts.pepe; + "prometheus.pepe" = hosts.pepe; "tts.pepe" = hosts.pepe; }; network = "private"; diff --git a/nixos/machines/pepe/configuration.nix b/nixos/machines/pepe/configuration.nix index eb75846..86824ad 100644 --- a/nixos/machines/pepe/configuration.nix +++ b/nixos/machines/pepe/configuration.nix @@ -24,7 +24,10 @@ ./wireguard.nix #./tts.nix - #./loki.nix + ./loki.nix + ./loki-promtail.nix + ./prometheus.nix + ./grafana.nix ]; diff --git a/nixos/machines/pepe/grafana.nix b/nixos/machines/pepe/grafana.nix new file mode 100644 index 0000000..6c5d7ac --- /dev/null +++ b/nixos/machines/pepe/grafana.nix @@ -0,0 +1,22 @@ +{ config, ... }: +{ + + services.nginx.virtualHosts.${config.services.grafana.domain} = { + extraConfig = '' + allow ${config.tinc.private.subnet}; + deny all; + ''; + locations."/" = { + proxyPass = "http://localhost:${toString config.services.grafana.port}"; + proxyWebsockets = true; + }; + }; + + services.grafana = { + enable = true; + domain = "grafana.pepe.private"; + port = 2342; + addr = "localhost"; + }; + +} diff --git a/nixos/machines/pepe/loki-promtail.nix b/nixos/machines/pepe/loki-promtail.nix index 1333110..56bb507 100644 --- a/nixos/machines/pepe/loki-promtail.nix +++ b/nixos/machines/pepe/loki-promtail.nix @@ -1,6 +1,35 @@ +{ config, ... }: { services.promtail = { enable = true; - configuration = { }; + configuration = { + server = { + http_listen_port = 28183; + grpc_listen_port = 0; + }; + positions.filename = "/tmp/positions.yaml"; + clients = [ + { url = "http://127.0.0.1:3100/loki/api/v1/push"; } + ]; + + scrape_configs = [ + { + job_name = "journal"; + journal = { + max_age = "12h"; + labels = { + job = "systemd-journal"; + host = config.networking.hostName; + }; + }; + relabel_configs = [{ + source_labels = [ "__journal__systemd_unit" ]; + target_label = "unit"; + }]; + } + ]; + + }; + }; } diff --git a/nixos/machines/pepe/loki.nix b/nixos/machines/pepe/loki.nix index d6ed161..c0eba2c 100644 --- a/nixos/machines/pepe/loki.nix +++ b/nixos/machines/pepe/loki.nix @@ -4,7 +4,10 @@ services.loki = { enable = true; configuration = { - server.http_listen_port = 3100; + server = { + http_listen_port = 3100; + log_level = "warn"; + }; auth_enabled = false; ingester = { diff --git a/nixos/machines/pepe/prometheus.nix b/nixos/machines/pepe/prometheus.nix new file mode 100644 index 0000000..7478bce --- /dev/null +++ b/nixos/machines/pepe/prometheus.nix @@ -0,0 +1,54 @@ +{ config, pkgs, lib, ... }: { + + services.nginx = { + enable = true; + statusPage = true; + virtualHosts = { + "prometheus.pepe.private" = { + extraConfig = '' + allow ${config.tinc.private.subnet}; + deny all; + ''; + locations."/" = { proxyPass = "http://localhost:${toString config.services.prometheus.port}"; }; + }; + }; + }; + + services.prometheus = { + enable = true; + # keep data for 30 days + extraFlags = [ "--storage.tsdb.retention.time=30d" ]; + + exporters = { + node = { + enable = true; + enabledCollectors = [ "systemd" ]; + port = 9002; + }; + }; + + scrapeConfigs = [ + { + job_name = "netdata"; + metrics_path = "/api/v1/allmetrics"; + params.format = [ "prometheus" ]; + scrape_interval = "5s"; + static_configs = [ + { + targets = [ "localhost:19999" ]; + labels = { + service = "netdata"; + server = "pepe"; + }; + } + ]; + } + { + job_name = "systemd"; + static_configs = [{ + targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; + }]; + } + ]; + }; +} diff --git a/nixos/machines/pepe/zigbee2mqtt.nix b/nixos/machines/pepe/zigbee2mqtt.nix index e873256..d368e06 100644 --- a/nixos/machines/pepe/zigbee2mqtt.nix +++ b/nixos/machines/pepe/zigbee2mqtt.nix @@ -20,7 +20,7 @@ homeassistant = true; # allow new devices to join - permit_join = true; + permit_join = false; # MQTT settings mqtt = { @@ -44,11 +44,14 @@ # you own network key, # 16 numbers between 0 and 255 # see https://www.zigbee2mqtt.io/how_tos/how_to_secure_network.html - advanced.network_key = import "${private_assets}/zigbee/networkKey.nix"; - advanced.log_output = [ "console" ]; - advanced.pan_id = 1337; - # add last seen information - advanced.last_seen = "ISO_8601_local"; + advanced = { + network_key = import "${private_assets}/zigbee/networkKey.nix"; + log_output = [ "console" ]; + log_level = "warn"; + pan_id = 1337; + # add last seen information + last_seen = "ISO_8601_local"; + }; # configure web ui frontend.port = 9666; diff --git a/nixos/system/all/nginx-landingpage.nix b/nixos/system/all/nginx-landingpage.nix index 22fb117..1801bbb 100644 --- a/nixos/system/all/nginx-landingpage.nix +++ b/nixos/system/all/nginx-landingpage.nix @@ -25,10 +25,7 @@ href = "http://${host}:19999/"; image = "https://media.giphy.com/media/BkjdN6MQCDPaw/giphy.gif"; }) - (map (name: { inherit name; }) [ - "robi" - "pepe" - ]); + (map (name: { inherit name; }) [ "robi" "pepe" "sterni" ]); } { text = "Home"; @@ -48,6 +45,23 @@ href = "http://pepe:8096/"; image = "https://media.giphy.com/media/fyLi0OuWysotq/giphy.gif"; } + + { + label = "pepe - logs"; + href = "http://grafana.pepe.private/explore"; + image = "https://raw.githubusercontent.com/cncf/landscape/master/hosted_logos/grafana-loki.svg"; + } + { + label = "pepe - grafana"; + href = "http://http://grafana.pepe.private/"; + image = "https://www.vectorlogo.zone/logos/grafana/grafana-icon.svg"; + } + { + label = "pepe - prometheus"; + href = "http://prometheus.pepe.private/"; + image = "https://www.vectorlogo.zone/logos/prometheusio/prometheusio-icon.svg"; + } + ]; } {