phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2025-12-25 13:46:59 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add monitoring and metrics

Browse source
This commit is contained in:
Paul-Henri Froidmont 2022-09-15 21:42:58 +02:00
parent 308f0da79f
commit c1211cb4e5
Signed by: phfroidmont
GPG key ID: BE948AFD7E7873BE
9 changed files with 4079 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
profiles/backend.nix
View file

@ -13,6 +13,7 @@
../modules/dokuwiki.nix
../modules/website-marie.nix
../modules/roundcube.nix
../modules/monitoring-exporters.nix
];
sops.secrets = {
@ -67,5 +68,6 @@
networking.firewall.allowedTCPPorts = [ 80 443 64738 ];
networking.firewall.allowedUDPPorts = [ 64738 ];
networking.firewall.interfaces."enp7s0".allowedTCPPorts = [ config.services.prometheus.exporters.node.port ];
}

4
profiles/db.nix
View file

@ -7,9 +7,10 @@
../modules/postgresql.nix
../modules/custom-backup-job.nix
../modules/custom-monit.nix
../modules/monitoring-exporters.nix
];
networking.firewall.interfaces."enp7s0".allowedTCPPorts = [ 5432 ];
networking.firewall.interfaces."enp7s0".allowedTCPPorts = [ config.services.prometheus.exporters.node.port config.services.postgresql.port ];
sops.secrets = {
borgSshKey = {
@ -30,5 +31,4 @@
sshKey = config.sops.secrets.borgSshKey.path;
};
networking.firewall.interfaces."ens10".allowedTCPPorts = [ 80 ];
}

3
profiles/storage.nix
View file

@ -15,6 +15,8 @@
../modules/jitsi.nix
../modules/gitlab-runner.nix
../modules/binary-cache.nix
../modules/grafana.nix
../modules/monitoring-exporters.nix
];
sops.secrets = {
@ -25,6 +27,7 @@
};
networking.firewall.allowedTCPPorts = [ 80 443 18080 ];
networking.firewall.interfaces.vlan4001.allowedTCPPorts = [ config.services.loki.configuration.server.http_listen_port ];
networking.nat.enable = true;
networking.nat.internalInterfaces = [ "ve-+" ];