home/nixos-servers
home/nixos-servers
Archived
2
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

reorganize

Browse source
This commit is contained in:
Pim Kunis 2024-04-13 16:37:18 +02:00
parent 6b9fffb022
commit c8023afceb
42 changed files with 207 additions and 204 deletions
Download patch file Download diff file Expand all files Collapse all files

112
nixos-modules/monitoring/default.nix Normal file
View file

@ -0,0 +1,112 @@
{ lib, pkgs, nixpkgs-unstable, config, machines, ... }:
let
cfg = config.lab.monitoring;
in
{
imports = [
"${nixpkgs-unstable}/nixos/modules/services/monitoring/gatus.nix"
./gatus-endpoints.nix
];
options = {
lab.monitoring = {
enable = lib.mkOption {
default = true;
type = lib.types.bool;
};
server.enable = lib.mkOption {
default = false;
type = lib.types.bool;
};
};
};
config = lib.mkIf cfg.enable {
networking.firewall.allowedTCPPorts = [ config.services.prometheus.exporters.node.port ]
++ lib.lists.optionals cfg.server.enable [ 80 ];
services.prometheus = {
enable = cfg.server.enable;
webExternalUrl = "/prometheus";
exporters = {
node = {
enable = true;
};
};
scrapeConfigs = lib.mkIf cfg.server.enable (
lib.attrsets.mapAttrsToList
(name: machine: {
job_name = name;
static_configs = [{
targets = [ "${name}.dmz:${toString config.services.prometheus.exporters.node.port}" ];
}];
})
machines
);
};
services.gatus = lib.mkIf cfg.server.enable {
enable = true;
package = pkgs.unstable.gatus;
settings = {
storage = {
type = "sqlite";
path = "/srv/gatus/gatus.db";
};
alerting.email = {
from = "gatus@kun.is";
host = "mail.smtp2go.com";
port = 2525;
to = "pim@kunis.nl";
client.insecure = true;
default-alert = {
enabled = true;
failure-threshold = 2;
success-threshold = 1;
send-on-resolved = true;
};
};
};
};
users = {
users.gatus = {
isSystemUser = true;
group = "gatus";
};
groups.gatus = { };
};
system.activationScripts = lib.mkIf cfg.server.enable {
gatus = ''
mkdir -p /srv/gatus
chown gatus:gatus /srv/gatus
'';
};
services.nginx = lib.mkIf cfg.server.enable {
enable = true;
virtualHosts."${config.networking.fqdn}" = {
locations = {
"/" = {
proxyPass = "http://127.0.0.1:${toString config.services.gatus.settings.web.port}";
recommendedProxySettings = true;
};
"/prometheus/" = {
proxyPass = "http://127.0.0.1:${toString config.services.prometheus.port}";
recommendedProxySettings = true;
};
};
};
};
};
}

230
nixos-modules/monitoring/gatus-endpoints.nix Normal file
View file

@ -0,0 +1,230 @@
{ lib, config, machines, ... }:
let
cfg = config.lab.monitoring;
status = code: "[STATUS] == ${toString code}";
bodyContains = text: "[BODY] == pat(*${text}*)";
maxResponseTime = ms: "[RESPONSE_TIME] < ${toString ms}";
machineEndpoints = lib.attrsets.mapAttrsToList
(name: machine: {
name = "Host ${name}";
url = "icmp://${name}.dmz";
conditions = [ "[RESPONSE_TIME] < 10" ];
})
machines;
otherEndpoints = [
{
name = "Forgejo";
url = "https://git.kun.is";
conditions = [
(status 200)
(bodyContains "Forgejo: Beyond coding. We forge.")
(maxResponseTime 750)
];
}
{
name = "Nextcloud";
url = "https://cloud.kun.is/status.php";
conditions = [
(status 200)
"[BODY].installed == true"
"[BODY].maintenance == false"
"[BODY].needsDbUpgrade == false"
(maxResponseTime 2000)
];
}
{
name = "Paperless-ngx";
url = "https://paperless.kun.is/accounts/login/";
conditions = [
(status 200)
(bodyContains "Please sign in.")
(maxResponseTime 750)
];
}
{
name = "Radicale";
url = "https://dav.kun.is/.web/";
conditions = [
(status 200)
(bodyContains "Login")
(maxResponseTime 750)
];
}
{
name = "FreshRSS";
url = "https://rss.kun.is/i/";
conditions = [
(status 200)
(bodyContains "Login")
(maxResponseTime 750)
];
}
{
name = "KitchenOwl";
url = "https://boodschappen.kun.is/signin";
conditions = [
(status 200)
(bodyContains "<title>KitchenOwl</title>")
(maxResponseTime 750)
];
}
{
name = "HedgeDoc";
url = "https://md.kun.is/";
conditions = [
(status 200)
(bodyContains "The best platform to write and share markdown.")
(maxResponseTime 750)
];
}
{
name = "Cyberchef";
url = "https://cyberchef.kun.is/";
conditions = [
(status 200)
(bodyContains "CyberChef - The Cyber Swiss Army Knife")
(maxResponseTime 750)
];
}
{
name = "Pi-hole";
url = "https://pihole.kun.is:444/admin/login.php";
conditions = [
(status 200)
(bodyContains "Log in")
(maxResponseTime 750)
];
}
{
name = "Inbucket";
url = "https://inbucket.kun.is:444/";
conditions = [
(status 200)
(bodyContains "<title>Inbucket</title>")
(maxResponseTime 750)
];
}
{
name = "kms";
url = "tcp://kms.kun.is:1688";
conditions = [
"[CONNECTED] == true"
];
}
{
name = "Bazarr";
url = "https://bazarr.kun.is:444/system/status";
conditions = [
(status 200)
(bodyContains "<title>Bazarr</title>")
(maxResponseTime 750)
];
}
{
name = "Sonarr";
url = "https://sonarr.kun.is:444/system/status";
conditions = [
(status 200)
(bodyContains "<title>Sonarr</title>")
(maxResponseTime 750)
];
}
{
name = "Radarr";
url = "https://radarr.kun.is:444/system/status";
conditions = [
(status 200)
(bodyContains "<title>Radarr</title>")
(maxResponseTime 750)
];
}
{
name = "Jellyfin";
url = "https://media.kun.is/web/index.html#!/login.html?";
conditions = [
(status 200)
(bodyContains "<title>Jellyfin</title>")
(maxResponseTime 750)
];
}
{
name = "Jellyseerr";
url = "https://jellyseerr.kun.is:444/login";
conditions = [
(status 200)
(bodyContains "Sign in to continue")
(maxResponseTime 750)
];
}
{
name = "Prowlarr";
url = "https://prowlarr.kun.is:444/system/status";
conditions = [
(status 200)
(bodyContains "<title>Prowlarr</title>")
(maxResponseTime 750)
];
}
{
name = "Transmission";
url = "https://transmission.kun.is:444/transmission/web/";
conditions = [
(status 200)
(bodyContains "Transmission Web Interface")
(maxResponseTime 750)
];
}
{
name = "Syncthing";
url = "https://sync.kun.is:444/";
conditions = [
(status 401)
(maxResponseTime 750)
];
}
{
name = "Traefik";
url = "https://traefik.kun.is:444/dashboard/#/";
conditions = [
(status 200)
(bodyContains "<title>Traefik</title>")
(maxResponseTime 750)
];
}
{
name = "BIND";
url = "192.168.30.7";
dns = {
query-type = "SOA";
query-name = "kun.is";
};
conditions = [
"[DNS_RCODE] == NOERROR"
];
}
{
name = "Pi-hole DNS";
url = "192.168.30.8";
dns = {
query-type = "SOA";
query-name = "kun.is";
};
conditions = [
"[DNS_RCODE] == NOERROR"
];
}
];
in
{
config = lib.mkIf cfg.server.enable {
services.gatus.settings.endpoints = map
(endpoint: endpoint // {
interval = "5m";
alerts = [{ type = "email"; }];
})
(machineEndpoints ++ otherEndpoints);
};
}