Add Ansible playbook to configure PiKVM

Add Nix shell to flake Monitor PiKVM with Prometheus Serve Prometheus on /
2024-08-30 17:49:11 +02:00 · 2024-08-30 17:49:11 +02:00 · b139f3d469
commit b139f3d469
parent 04439a9ee5
14 changed files with 82 additions and 18 deletions
--- a/nixos-modules/monitoring/default.nix
+++ b/nixos-modules/monitoring/default.nix
@ -23,7 +23,6 @@ in

    services.prometheus = {
      enable = cfg.server.enable;
-      webExternalUrl = "/prometheus";

      exporters = {
        node = {
@ -32,14 +31,34 @@ in
      };

      scrapeConfigs = lib.mkIf cfg.server.enable (
-        lib.attrsets.mapAttrsToList
-          (name: machine: {
-            job_name = name;
+        let
+          generated = lib.attrsets.mapAttrsToList
+            (name: machine: {
+              job_name = name;
+              static_configs = [{
+                targets = [ "${name}.dmz:${toString config.services.prometheus.exporters.node.port}" ];
+              }];
+            })
+            machines;
+
+          pikvm = {
+            job_name = "pikvm";
+            metrics_path = "/api/export/prometheus/metrics";
+            scheme = "https";
+            tls_config.insecure_skip_verify = true;
+
+            # We don't care about security here, it's behind a VPN.
+            basic_auth = {
+              username = "admin";
+              password = "admin";
+            };
+
            static_configs = [{
-              targets = [ "${name}.dmz:${toString config.services.prometheus.exporters.node.port}" ];
+              targets = [ "pikvm.dmz" ];
            }];
-          })
-          machines
+          };
+        in
+        generated ++ [ pikvm ]
      );
    };

@ -47,7 +66,7 @@ in
      enable = true;

      virtualHosts."${config.networking.fqdn}" = {
-        locations."/prometheus/" = {
+        locations."/" = {
          proxyPass = "http://127.0.0.1:${toString config.services.prometheus.port}";
          recommendedProxySettings = true;
        };