services: setup grafana + prometheus

This commit is contained in:
Antoine Martin 2021-01-27 20:55:16 +01:00
parent d1aeab79b1
commit 279cb1f31c
2 changed files with 13774 additions and 6 deletions

View file

@ -95,18 +95,85 @@
programs.fish.enable = true; programs.fish.enable = true;
# List services that you want to enable: # List services that you want to enable:
services.grafana = {
enable = true;
domain = "monitoring-test.alarsyo.net";
port = 3000;
addr = "127.0.0.1";
provision = {
enable = true;
datasources = [
{
name = "Prometheus";
type = "prometheus";
url = "http://localhost:${toString config.services.prometheus.port}";
}
];
dashboards = [
{
name = "Node Exporter";
options.path = ./grafana-dashboards;
disableDeletion = true;
}
];
};
};
services.prometheus = {
enable = true;
port = 9090;
listenAddress = "127.0.0.1";
exporters = {
node = {
enable = true;
enabledCollectors = [ "systemd" ];
port = 9100;
};
};
scrapeConfigs = [
{
job_name = config.networking.hostName;
static_configs = [{
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ];
}];
}
];
};
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts.${config.services.grafana.domain} = {
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.grafana.port}";
proxyWebsockets = true;
};
forceSSL = true;
enableACME = true;
};
};
security.acme.acceptTerms = true;
security.acme.email = "antoine97.martin@gmail.com";
networking.firewall.allowedTCPPorts = [ 80 443 ];
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
services.openssh.enable = true; services.openssh.enable = true;
services.openssh.permitRootLogin = "no"; services.openssh.permitRootLogin = "no";
services.openssh.passwordAuthentication = false; services.openssh.passwordAuthentication = false;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# This value determines the NixOS release from which the default # This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions # settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave # on your system were taken. Its perfectly fine and recommended to leave

File diff suppressed because it is too large Load diff