old
1{
2 lib,
3 config,
4 ...
5}:
6# let
7# isSecret = v: lib.isAttrs v && v ? "secretName";
8# hosts = config.modules.my-hosts;
9# managedHosts = lib.filterAttrs (name: host: !builtins.isNull host.network.ipv4) hosts;
10# in
11lib.mkMerge [
12 {
13 services.victoriametrics = {
14 enable = true;
15 listenAddress = "127.0.0.1:9020";
16 checkConfig = false; # Disable it because env `CREDENTIALS_DIRECTORY` not loaded in check
17
18 extraOptions = [
19 # Allowed percent of system memory VictoriaMetrics caches may occupy.
20 "-memory.allowedPercent=30"
21 ];
22
23 prometheusConfig.scrape_configs = [
24 {
25 job_name = "node-exporter-local";
26 scrape_interval = "30s";
27 metrics_path = "/metrics";
28 static_configs = [
29 {
30 # All my NixOS hosts.
31 targets = ["127.0.0.1:${builtins.toString config.services.prometheus.exporters.node.port}"];
32 labels.type = "node";
33 labels.host = "pardofelis";
34 }
35 ];
36 }
37 {
38 job_name = "gotosocial-trinnon";
39 scrape_interval = "30s";
40 metrics_path = "/metrics";
41 scheme = "https";
42 basic_auth = {
43 username = config.services.gotosocial.settings.metrics-auth-username;
44 password_file = "%{CREDENTIALS_DIRECTORY}/GTS_AUTH_PASSWD";
45 };
46 static_configs = [
47 {
48 targets = ["trin.one"];
49 labels.type = "gotosocial";
50 labels.host = "pardofelis";
51 }
52 ];
53 }
54 ];
55 };
56
57 systemd.services.victoriametrics.serviceConfig = {
58 LoadCredential = "GTS_AUTH_PASSWD:${config.sops.secrets.gotosocial-metrics-password.path}";
59 };
60 }
61 # TODO: Complete below before I have another remote host running NixOS
62 # (
63 # lib.concatMapAttrs
64 # (host: cfg: let
65 # templateName = "prometheus-node-exporter-${host}.json";
66 # nodeExporterPort = builtins.toString config.services.prometheus.exporters.node.port;
67 # in {
68 # services.victoriametrics.prometheusConfig.scrape_configs = [
69 # {
70 # job_name = "node-exporter-${host}";
71 # scrape_interval = "30s";
72 # metrics_path = "/metrics";
73 # static_configs = lib.mkIf (!isSecret cfg.network.ipv4) [
74 # {
75 # targets = ["${cfg.network.ipv4}:${nodeExporterPort}"];
76 # labels.type = "node";
77 # labels.host = host;
78 # }
79 # ];
80 # file_sd_configs = lib.mkIf (isSecret cfg.network.ipv4) [
81 # {files = config.sops.templates.${templateName}.path;}
82 # ];
83 # }
84 # ];
85 # sops.templates.${templateName} = lib.mkIf (isSecret cfg.network.ipv4) {
86 # content = ''
87 # [${builtins.toJSON {
88 # targets = ["${config.sops.placeholder."${host}-ipv4"}:${nodeExporterPort}"];
89 # labels.type = "node";
90 # labels.host = host;
91 # }}]
92 # '';
93 # user = "root";
94 # group = "victoriametrics";
95 # mode = "0440";
96 # };
97 # })
98 # managedHosts
99 # )
100]