modules/foundation/monitoring.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

{ me, config, lib, ... }:

let
  inherit (lib) mkOption mkEnableOption types;

  cfg = config.foundation.monitoring;

  victoriaDefaultPort = 8428;
  nodeExporterPort = 9001;
in
{
  imports = [ ../../services/monitoring/wrapper.nix ];

  options.foundation.monitoring = {
    server = {
      enable = mkEnableOption "monitoring server";

      hosts = mkOption {
        type = with types; listOf (submodule {
          options = {
            name = mkOption { type = str; };
            ip = mkOption { type = str; };
          };
        });
        default = [ ];
      };
    };

    client = {
      enable = mkEnableOption "monitoring client";
    };
  };

  config = lib.mkMerge [
    (lib.mkIf cfg.server.enable {
      foundation.internal.monitoringService = true;

      services.vmagent = {
        enable = true;
        remoteWrite.url = "http://${me.tailscale.ip}:${toString victoriaDefaultPort}/api/v1/write";

        prometheusConfig = {
          global = {
            scrape_interval = "15s";
          };

          scrape_configs = map ({ name, ip, ... }: {
            job_name = "${name}-node";
            static_configs = [{
              targets = [ "${ip}:9001" ];
              labels = { type = "node"; host = name; };
            }];
          }) cfg.server.hosts;
        };
      };
    })

    (lib.mkIf (cfg.client.enable || cfg.server.enable) {
      services.prometheus.exporters.node = {
        enable = true;
        openFirewall = false;
        listenAddress = me.tailscale.ip;
        port = nodeExporterPort;
      };
    })
  ];
}