self-hosting/modules/monit.nix

{ config, lib, pkgs, ... }:
with lib;
let
  cfg = config.custom.services.monit;
in
{
  options.custom.services.monit = {
    enable = mkEnableOption "monit";

    additionalConfig = mkOption {
      type = types.lines;
      default = "";
    };
  };

  config = {

    sops.secrets = {
      monitMailserverConfig = {
        owner = config.services.borgbackup.jobs.data.user;
        key = "monit/mailserver_config";
      };
    };

    services.monit = {
      enable = true;
      config = ''
        set daemon 30
          with start delay 90

        set httpd
          port 2812
          use address 127.0.0.1
          allow localhost

        set ssl {
          verify     : enable,
        }

        include ${config.sops.secrets.monitMailserverConfig.path}

        set mail-format { from: monit@banditlair.com }
        set alert alerts@banditlair.com with reminder on 120 cycles

        check program failed-units with path "${pkgs.systemd}/bin/systemctl --failed"
          if content != "0 loaded units listed" then alert

        check system $HOST
          if cpu usage > 95% for 10 cycles then alert
          if memory usage > 75% for 5 times within 15 cycles then alert
          if swap usage > 25% then alert

        check filesystem root with path /
          if SPACE usage > 90% then alert

        check file daily-backup-done with path /nix/var/data/backup/backup-ok
          if changed timestamp then alert
          if timestamp > 26 hours then alert
        
        ${cfg.additionalConfig}
      '';
    };
  };
}
Configure Monit on all hosts 2021-12-27 05:28:51 +01:00			`{ config, lib, pkgs, ... }:`
			`with lib;`
			`let`
Start migrating config to NixOS modules 2022-09-16 01:29:46 +02:00			`cfg = config.custom.services.monit;`
Configure Monit on all hosts 2021-12-27 05:28:51 +01:00			`in`
			`{`
Start migrating config to NixOS modules 2022-09-16 01:29:46 +02:00			`options.custom.services.monit = {`
			`enable = mkEnableOption "monit";`

Configure Monit on all hosts 2021-12-27 05:28:51 +01:00			`additionalConfig = mkOption {`
			`type = types.lines;`
			`default = "";`
			`};`
			`};`

			`config = {`

			`sops.secrets = {`
			`monitMailserverConfig = {`
			`owner = config.services.borgbackup.jobs.data.user;`
			`key = "monit/mailserver_config";`
			`};`
			`};`

			`services.monit = {`
			`enable = true;`
			`config = ''`
			`set daemon 30`
			`with start delay 90`

			`set httpd`
			`port 2812`
			`use address 127.0.0.1`
			`allow localhost`

			`set ssl {`
			`verify : enable,`
			`}`

			`include ${config.sops.secrets.monitMailserverConfig.path}`

			`set mail-format { from: monit@banditlair.com }`
Watch raid status with Monit 2022-09-09 04:53:16 +02:00			`set alert alerts@banditlair.com with reminder on 120 cycles`
Configure Monit on all hosts 2021-12-27 05:28:51 +01:00
Fix typo 2022-11-30 10:11:37 +01:00			`check program failed-units with path "${pkgs.systemd}/bin/systemctl --failed"`
Monitor all failed units 2022-11-07 03:45:17 +01:00			`if content != "0 loaded units listed" then alert`

Configure Monit on all hosts 2021-12-27 05:28:51 +01:00			`check system $HOST`
			`if cpu usage > 95% for 10 cycles then alert`
Watch raid status with Monit 2022-09-09 04:53:16 +02:00			`if memory usage > 75% for 5 times within 15 cycles then alert`
Configure Monit on all hosts 2021-12-27 05:28:51 +01:00			`if swap usage > 25% then alert`

			`check filesystem root with path /`
			`if SPACE usage > 90% then alert`

			`check file daily-backup-done with path /nix/var/data/backup/backup-ok`
			`if changed timestamp then alert`
Watch raid status with Monit 2022-09-09 04:53:16 +02:00			`if timestamp > 26 hours then alert`
Configure Monit on all hosts 2021-12-27 05:28:51 +01:00
			`${cfg.additionalConfig}`
			`'';`
			`};`
			`};`
			`}`