From 26c9fd5f6e6871056144ee9b7d14984f63c5d3a4 Mon Sep 17 00:00:00 2001 From: nhnn Date: Sun, 9 Jun 2024 21:04:14 +0300 Subject: [PATCH 1/3] feat: add prometheus monitoring service --- .../monitoring/config-paths-needed.json | 3 ++ sp-modules/monitoring/flake.nix | 9 ++++++ sp-modules/monitoring/module.nix | 31 +++++++++++++++++++ 3 files changed, 43 insertions(+) create mode 100644 sp-modules/monitoring/config-paths-needed.json create mode 100644 sp-modules/monitoring/flake.nix create mode 100644 sp-modules/monitoring/module.nix diff --git a/sp-modules/monitoring/config-paths-needed.json b/sp-modules/monitoring/config-paths-needed.json new file mode 100644 index 0000000..91fb203 --- /dev/null +++ b/sp-modules/monitoring/config-paths-needed.json @@ -0,0 +1,3 @@ +[ + [ "selfprivacy", "modules", "monitoring" ] +] diff --git a/sp-modules/monitoring/flake.nix b/sp-modules/monitoring/flake.nix new file mode 100644 index 0000000..b6b3f77 --- /dev/null +++ b/sp-modules/monitoring/flake.nix @@ -0,0 +1,9 @@ +{ + description = "PoC SP module for Prometheus-based monitoring"; + + outputs = { self }: { + nixosModules.default = import ./module.nix; + configPathsNeeded = + builtins.fromJSON (builtins.readFile ./config-paths-needed.json); + }; +} diff --git a/sp-modules/monitoring/module.nix b/sp-modules/monitoring/module.nix new file mode 100644 index 0000000..9d44610 --- /dev/null +++ b/sp-modules/monitoring/module.nix @@ -0,0 +1,31 @@ +{config, lib, ...}: let + cfg = config.selfprivacy.modules.monitoring; +in { + options.selfprivacy.modules.monitoring = { + enable = lib.mkOption { + default = false; + type = lib.types.bool; + }; + }; + config = lib.mkIf cfg.enable { + services.prometheus = { + enable = true; + port = 9001; + exporters = { + node = { + enable = true; + enabledCollectors = [ "systemd" ]; + port = 9002; + }; + }; + scrapeConfigs = [ + { + job_name = "node-exporter"; + static_configs = [{ + targets = [ "127.0.0.1:9002" ]; + }]; + } + ]; + }; + }; +} \ No newline at end of file From bf8ee7705a3b0b7af953c3ad2a3cd2a281eb5520 Mon Sep 17 00:00:00 2001 From: nhnn Date: Mon, 17 Jun 2024 21:42:49 +0300 Subject: [PATCH 2/3] fix: ensure that prometheus listens only on 127.0.0.1 --- sp-modules/monitoring/module.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/sp-modules/monitoring/module.nix b/sp-modules/monitoring/module.nix index 9d44610..3fe9002 100644 --- a/sp-modules/monitoring/module.nix +++ b/sp-modules/monitoring/module.nix @@ -11,6 +11,7 @@ in { services.prometheus = { enable = true; port = 9001; + listenAddress = "127.0.0.1"; exporters = { node = { enable = true; From 7cb625ba0cc3472c01b9ca9ce7d072461dea336d Mon Sep 17 00:00:00 2001 From: nhnn Date: Tue, 18 Jun 2024 21:30:02 +0300 Subject: [PATCH 3/3] fix: ensure that node-exporter listens on 127.0.0.1 --- sp-modules/monitoring/module.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/sp-modules/monitoring/module.nix b/sp-modules/monitoring/module.nix index 3fe9002..90bf806 100644 --- a/sp-modules/monitoring/module.nix +++ b/sp-modules/monitoring/module.nix @@ -17,6 +17,7 @@ in { enable = true; enabledCollectors = [ "systemd" ]; port = 9002; + listenAddress = "127.0.0.1"; }; }; scrapeConfigs = [