self-hosting/modules/monitoring-exporters.nix

{ config, lib, ... }:
let
  cfg = config.custom.services.monitoring-exporters;
in
{
  options.custom.services.monitoring-exporters = {
    enable = lib.mkEnableOption "monitoring-exporters";
  };

  config = lib.mkIf cfg.enable {
    services.prometheus = {
      exporters = {
        node = {
          enable = true;
          enabledCollectors = [
            "systemd"
            "processes"
          ];
        };
        dmarc = {
          enable = true;
          debug = true;
          imap = {
            host = "mail.banditlair.com";
            username = "paultrial@banditlair.com";
            passwordFile = "/run/credentials/prometheus-dmarc-exporter.service/password";
          };
          folders = {
            inbox = "dmarc_reports";
            done = "Archives.dmarc_report_processed";
            error = "Archives.dmarc_report_error";
          };
        };
      };
    };

    systemd.services.prometheus-dmarc-exporter.serviceConfig.LoadCredential = "password:${config.sops.secrets.dmarcExporterPassword.path}";

    services.promtail = {
      enable = true;
      configuration = {
        server = {
          http_listen_port = 3101;
          grpc_listen_port = 0;
        };
        clients = [ { url = "http://127.0.0.1:3100/loki/api/v1/push"; } ];
        scrape_configs = [
          {
            job_name = "journal";
            journal = {
              max_age = "12h";
              labels = {
                job = "systemd-journal";
                host = "${config.networking.hostName}";
              };
            };
            relabel_configs = [
              {
                source_labels = [ "__journal__systemd_unit" ];
                target_label = "unit";
              }
            ];
          }
          (lib.mkIf config.services.nginx.enable {
            job_name = "nginx";
            static_configs = [
              {
                targets = [ "localhost" ];
                labels = {
                  job = "nginx";
                  host = "${config.networking.hostName}";
                  __path__ = "/var/log/nginx/*.log";
                };
              }
            ];
          })
        ];
      };
    };

    systemd.services.promtail.serviceConfig = {
      ReadOnlyPaths = lib.mkIf config.services.nginx.enable "/var/log/nginx";
      SupplementaryGroups = lib.mkIf config.services.nginx.enable [ "nginx" ];
    };
  };
}
Add monitoring and metrics 2022-09-15 21:42:58 +02:00			`{ config, lib, ... }:`
Move Grafana to hel1 2024-12-11 05:02:44 +01:00			`let`
			`cfg = config.custom.services.monitoring-exporters;`
			`in`
			`{`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`options.custom.services.monitoring-exporters = {`
			`enable = lib.mkEnableOption "monitoring-exporters";`
Add monitoring and metrics 2022-09-15 21:42:58 +02:00			`};`

Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`config = lib.mkIf cfg.enable {`
			`services.prometheus = {`
			`exporters = {`
			`node = {`
			`enable = true;`
Move Grafana to hel1 2024-12-11 05:02:44 +01:00			`enabledCollectors = [`
			`"systemd"`
			`"processes"`
			`];`
			`};`
			`dmarc = {`
			`enable = true;`
			`debug = true;`
			`imap = {`
			`host = "mail.banditlair.com";`
			`username = "paultrial@banditlair.com";`
			`passwordFile = "/run/credentials/prometheus-dmarc-exporter.service/password";`
			`};`
			`folders = {`
			`inbox = "dmarc_reports";`
			`done = "Archives.dmarc_report_processed";`
			`error = "Archives.dmarc_report_error";`
			`};`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`};`
Add monitoring and metrics 2022-09-15 21:42:58 +02:00			`};`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`};`

Move Grafana to hel1 2024-12-11 05:02:44 +01:00			`systemd.services.prometheus-dmarc-exporter.serviceConfig.LoadCredential = "password:${config.sops.secrets.dmarcExporterPassword.path}";`

Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`services.promtail = {`
			`enable = true;`
			`configuration = {`
			`server = {`
			`http_listen_port = 3101;`
			`grpc_listen_port = 0;`
			`};`
Move Grafana to hel1 2024-12-11 05:02:44 +01:00			`clients = [ { url = "http://127.0.0.1:3100/loki/api/v1/push"; } ];`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`scrape_configs = [`
			`{`
			`job_name = "journal";`
			`journal = {`
			`max_age = "12h";`
			`labels = {`
			`job = "systemd-journal";`
			`host = "${config.networking.hostName}";`
			`};`
Add monitoring and metrics 2022-09-15 21:42:58 +02:00			`};`
Move Grafana to hel1 2024-12-11 05:02:44 +01:00			`relabel_configs = [`
			`{`
			`source_labels = [ "__journal__systemd_unit" ];`
			`target_label = "unit";`
			`}`
			`];`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`}`
			`(lib.mkIf config.services.nginx.enable {`
			`job_name = "nginx";`
Move Grafana to hel1 2024-12-11 05:02:44 +01:00			`static_configs = [`
			`{`
			`targets = [ "localhost" ];`
			`labels = {`
			`job = "nginx";`
			`host = "${config.networking.hostName}";`
			`__path__ = "/var/log/nginx/*.log";`
			`};`
			`}`
			`];`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`})`
			`];`
			`};`
Add monitoring and metrics 2022-09-15 21:42:58 +02:00			`};`

Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`systemd.services.promtail.serviceConfig = {`
			`ReadOnlyPaths = lib.mkIf config.services.nginx.enable "/var/log/nginx";`
			`SupplementaryGroups = lib.mkIf config.services.nginx.enable [ "nginx" ];`
			`};`
Add monitoring and metrics 2022-09-15 21:42:58 +02:00			`};`
			`}`