systems/makanek/monitoring/default.nix

{
  lib,
  config,
  pkgs,
  ...
}: let
  lokiConfig = import ./loki.nix;
  blackboxConfig = import ./blackbox.nix;
  inherit (import ../../../lib) restic;
in {
  services.grafana = {
    enable = true;
    settings = {
      server = {
        domain = "grafana.kmein.r";
        http_port = 9444;
        http_addr = "127.0.0.1";
      };
      dashboards.default_home_dashboard_path = toString ./grafana-dashboards/niveum.json;
      security = {
        admin_user = "admin";
        admin_password = "$__file{${config.age.secrets.grafana-password-admin.path}}";
      };
    };
    provision = {
      enable = true;
      dashboards.settings.providers = [
        {
          name = "dashboards";
          type = "file";
          options.path = ./grafana-dashboards;
        }
      ];
      datasources.settings.datasources = builtins.fromJSON (builtins.readFile ./grafana-datasources.json);
    };
  };

  services.nginx.virtualHosts = {
    ${config.services.grafana.settings.server.domain} = {
      locations."/" = {
        proxyPass = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}";
        proxyWebsockets = true;
      };
    };
    ${lib.removePrefix "http://" config.services.prometheus.alertmanager.webExternalUrl} = {
      locations."/" = {
        proxyPass = "http://127.0.0.1:${toString config.services.prometheus.alertmanager.port}";
        proxyWebsockets = true;
      };
    };
    ${lib.removePrefix "http://" config.services.prometheus.webExternalUrl} = {
      locations."/" = {
        proxyPass = "http://127.0.0.1:${toString config.services.prometheus.port}";
        proxyWebsockets = true;
      };
    };
  };

  services.prometheus.webExternalUrl = "http://prometheus.kmein.r";

  niveum.passport.services = [
    {
      title = "Prometheus";
      link = config.services.prometheus.webExternalUrl;
      description = "collects metrics from devices in the <i>niveum</i> network, blackbox monitors some websites.";
    }
    {
      title = "Loki";
      description = "aggregates logs of the <i>niveum</i> network.";
    }
    {
      title = "Grafana";
      link = "http://${config.services.grafana.settings.server.domain}";
      description = "displays metrics from devices in the <i>niveum</i> network.";
    }
    {
      title = "Alertmanager";
      link = config.services.prometheus.alertmanager.webExternalUrl;
      description = "notifies me when something goes wrong.";
    }
  ];

  services.prometheus.rules = let
    diskFreeThreshold = 10;
  in [
    (builtins.toJSON {
      groups = [
        {
          name = "niveum";
          rules = [
            {
              alert = "ServiceDown";
              expr = ''node_systemd_unit_state{state="failed"} == 1'';
              annotations = {
                summary = "{{$labels.name}} failed on {{$labels.job}}";
              };
            }
            {
              alert = "RootPartitionFull";
              for = "10m";
              expr = ''(node_filesystem_free_bytes{mountpoint="/"} * 100) / node_filesystem_size_bytes{mountpoint="/"} < ${toString diskFreeThreshold}'';
              annotations = {
                summary = ''{{ $labels.job }} running out of space: {{ $value | printf "%.2f" }}% < ${toString diskFreeThreshold}%'';
              };
            }
            {
              alert = "RootPartitionFullWeek";
              for = "1h";
              expr =
                ''node_filesystem_free_bytes{mountpoint="/"} ''
                + ''and predict_linear(node_filesystem_free_bytes{mountpoint="/"}[2d], 7*24*3600) <= 0'';
              annotations = {
                summary = "{{$labels.job}} running out of space in 7 days";
              };
            }
            {
              alert = "HighLoad";
              expr = ''node_load15 / on(job) count(node_cpu_seconds_total{mode="system"}) by (job) >= 1.0'';
              for = "10m";
              annotations = {
                summary = "{{$labels.job}} running on high load: {{$value}}";
              };
            }
            {
              alert = "HighRAM";
              expr = "node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes < node_memory_MemTotal_bytes * 0.1";
              for = "1h";
              annotations.summary = "{{$labels.job}} using lots of RAM";
            }
            {
              alert = "UptimeMonster";
              expr = "time() - node_boot_time_seconds > 2592000";
              annotations.summary = "uptime monster {{$labels.job}} up for more than 30 days";
            }
            {
              alert = "HostDown";
              expr = ''up == 0'';
              for = "5m";
              annotations = {
                summary = "{{ $labels.job }} seeming down since 5 minutes";
              };
            }
            {
              alert = "Reboot";
              expr = "time() - node_boot_time_seconds < 300";
              annotations.summary = "{{$labels.job}} rebooted";
            }
            {
              alert = "ProbeFailed";
              expr = "probe_success == 0";
              for = "5m";
              annotations.summary = "HTTP probe failed for {{$labels.instance}}";
            }
            {
              alert = "SlowProbe";
              expr = "avg_over_time(probe_http_duration_seconds[1m]) > 1";
              for = "5m";
              annotations.summary = "HTTP probe slow for {{$labels.instance}}";
            }
            {
              alert = "HttpStatusCode";
              expr = "probe_http_status_code != 0 AND (probe_http_status_code <= 199 OR probe_http_status_code >= 400)";
              for = "5m";
              annotations.summary = "status code {{$value}} for {{$labels.instance}}";
            }
            {
              alert = "SslExpirySoon";
              expr = "probe_ssl_earliest_cert_expiry - time() < 86400 * 30";
              for = "5m";
              annotations.summary = "SSL certificate for {{$labels.instance}} expires in 30 days";
            }
            {
              alert = "SslExpiry";
              expr = "probe_ssl_earliest_cert_expiry - time()  <= 0";
              for = "5m";
              annotations.summary = "SSL certificate for {{$labels.instance}} has expired";
            }
          ];
        }
      ];
    })
  ];

  services.prometheus.alertmanager = {
    enable = true;
    listenAddress = "localhost";
    webExternalUrl = "http://alertmanager.kmein.r";
    environmentFile = config.age.secrets.alertmanager-token-reporters.path;
    configuration = {
      route = {
        group_wait = "30s";
        repeat_interval = "24h";
        receiver = "all";
      };
      receivers = [
        {
          name = "all";
          telegram_configs = [
            {
              bot_token = "$TELEGRAM_TOKEN";
              chat_id = 18980945;
              parse_mode = "";
              api_url = "https://api.telegram.org";
              send_resolved = true;
              message = ''
                {{range .Alerts -}}
                {{ .Status }}: {{ index .Annotations "summary" }}
                {{end -}}
              '';
            }
          ];
          email_configs = let
            inherit (import ../../../lib) kieran;
            inherit (import ../../../lib/email.nix {inherit lib;}) cock;
            cockConfig = {
              send_resolved = true;
              to = kieran.email;
              from = cock.user;
              smarthost = "${cock.smtp}:587";
              auth_username = cock.user;
              auth_identity = cock.user;
              auth_password = "$EMAIL_PASSWORD";
            };
          in [
          ];
        }
      ];
    };
  };

  age.secrets = {
    email-password-cock = {
      file = ../../../secrets/email-password-cock.age;
      owner = "grafana";
      group = "grafana";
      mode = "440";
    };
    grafana-password-admin = {
      file = ../../../secrets/grafana-password-admin.age;
      owner = "grafana";
      group = "grafana";
      mode = "440";
    };
    alertmanager-token-reporters = {
      file = ../../../secrets/alertmanager-token-reporters.age;
      owner = "prometheus";
      group = "prometheus";
      mode = "440";
    };
    home-assistant-token = {
      file = ../../../secrets/home-assistant-token.age;
      owner = "prometheus";
      group = "prometheus";
      mode = "440";
    };
  };

  services.prometheus.alertmanagers = [
    {
      scheme = "http";
      path_prefix = "/";
      static_configs = [{targets = ["localhost:${toString config.services.prometheus.alertmanager.port}"];}];
    }
  ];

  services.prometheus.scrapeConfigs = [
    {
      job_name = "makanek";
      static_configs = [
        {
          targets = [
            "127.0.0.1:${toString config.services.prometheus.exporters.node.port}"
          ];
        }
      ];
    }
    {
      scrape_interval = "5m";
      job_name = "blackbox";
      metrics_path = "/probe";
      params.module = ["http_2xx"];
      relabel_configs = [
        {
          source_labels = ["__address__"];
          target_label = "__param_target";
        }
        {
          source_labels = ["__param_target"];
          target_label = "instance";
        }
        {
          replacement = "127.0.0.1:${toString config.services.prometheus.exporters.blackbox.port}";
          target_label = "__address__";
        }
      ];
      static_configs = [
        {
          targets = [
            "alew.hu-berlin.de"
            "pad.kmein.de"
            "code.kmein.de"
            "radio.kmein.de"
            "tarot.kmein.de"
            "cloud.kmein.de"
            "grafana.kmein.r"
            # "names.kmein.r"
            "rrm.r"
            "graph.r"
          ];
        }
      ];
    }
    {
      job_name = "zaatar";
      static_configs = [
        {
          targets = [
            "zaatar.r:${toString config.services.prometheus.exporters.node.port}"
            "zaatar.r:${toString restic.port}"
          ];
        }
      ];
    }
    {
      job_name = "home_assistant";
      scrape_interval = "60s";
      metrics_path = "/api/prometheus";
      scheme = "http";
      static_configs = [{targets = ["zaatar.r:8123"];}];
      bearer_token_file = config.age.secrets.home-assistant-token.path;
    }
    {
      job_name = "ful";
      static_configs = [
        {
          targets = [
            "ful.r:${toString config.services.prometheus.exporters.node.port}"
          ];
        }
      ];
    }
  ];

  services.prometheus.exporters.blackbox = {
    enable = true;
    configFile = (pkgs.formats.yaml {}).generate "blackbox.yaml" blackboxConfig;
  };

  networking.firewall.allowedTCPPorts = [
    lokiConfig.server.http_listen_port
  ];

  services.loki = {
    enable = true;
    configFile = (pkgs.formats.yaml {}).generate "loki.yaml" lokiConfig;
  };
}
chore: format with alejandra 2022-03-10 21:52:12 +01:00			`{`
			`lib,`
			`config,`
			`pkgs,`
			`...`
			`}: let`
feat: monitoring 2021-09-18 23:54:12 +02:00			`lokiConfig = import ./loki.nix;`
feat(monitoring): probe alew.hu-berlin.de 2021-12-13 17:29:09 +01:00			`blackboxConfig = import ./blackbox.nix;`
feat: convert to flake feat(zaatar): convert to flake feat(tahina, tabula): convert to flake feat(makanek): convert to flake feat(manakish, zaatar): convert to flake feat(ci): build flake systems fix: ci build feat: secrets via submodule foo foo foo 2023-02-22 10:02:55 +01:00			`inherit (import ../../../lib) restic;`
chore: format with alejandra 2022-03-10 21:52:12 +01:00			`in {`
feat: monitoring 2021-09-18 23:54:12 +02:00			`services.grafana = {`
			`enable = true;`
feat(grafana): provision 2023-02-08 09:26:36 +01:00			`settings = {`
			`server = {`
			`domain = "grafana.kmein.r";`
			`http_port = 9444;`
			`http_addr = "127.0.0.1";`
			`};`
			`dashboards.default_home_dashboard_path = toString ./grafana-dashboards/niveum.json;`
			`security = {`
			`admin_user = "admin";`
feat: convert to flake feat(zaatar): convert to flake feat(tahina, tabula): convert to flake feat(makanek): convert to flake feat(manakish, zaatar): convert to flake feat(ci): build flake systems fix: ci build feat: secrets via submodule foo foo foo 2023-02-22 10:02:55 +01:00			`admin_password = "$__file{${config.age.secrets.grafana-password-admin.path}}";`
feat(grafana): provision 2023-02-08 09:26:36 +01:00			`};`
			`};`
			`provision = {`
			`enable = true;`
			`dashboards.settings.providers = [`
			`{`
			`name = "dashboards";`
			`type = "file";`
			`options.path = ./grafana-dashboards;`
			`}`
			`];`
			`datasources.settings.datasources = builtins.fromJSON (builtins.readFile ./grafana-datasources.json);`
feat: update to 22.11 2022-12-01 13:39:16 +01:00			`};`
feat: monitoring 2021-09-18 23:54:12 +02:00			`};`

feat(alertmanager): report via email like a professional, allow http access 2022-12-01 17:05:02 +01:00			`services.nginx.virtualHosts = {`
			`${config.services.grafana.settings.server.domain} = {`
			`locations."/" = {`
			`proxyPass = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}";`
			`proxyWebsockets = true;`
			`};`
			`};`
feat(alertmanager): access via http 2022-12-01 18:25:03 +01:00			`${lib.removePrefix "http://" config.services.prometheus.alertmanager.webExternalUrl} = {`
feat(alertmanager): report via email like a professional, allow http access 2022-12-01 17:05:02 +01:00			`locations."/" = {`
			`proxyPass = "http://127.0.0.1:${toString config.services.prometheus.alertmanager.port}";`
			`proxyWebsockets = true;`
			`};`
feat: monitoring 2021-09-18 23:54:12 +02:00			`};`
feat(prometheus): make reachable via http 2022-12-01 19:58:59 +01:00			`${lib.removePrefix "http://" config.services.prometheus.webExternalUrl} = {`
			`locations."/" = {`
			`proxyPass = "http://127.0.0.1:${toString config.services.prometheus.port}";`
			`proxyWebsockets = true;`
			`};`
			`};`
feat: monitoring 2021-09-18 23:54:12 +02:00			`};`

feat(prometheus): make reachable via http 2022-12-01 19:58:59 +01:00			`services.prometheus.webExternalUrl = "http://prometheus.kmein.r";`

feat(passport): init for makanek 2022-05-22 11:47:59 +02:00			`niveum.passport.services = [`
			`{`
			`title = "Prometheus";`
feat(prometheus): make reachable via http 2022-12-01 19:58:59 +01:00			`link = config.services.prometheus.webExternalUrl;`
feat(passport): init for makanek 2022-05-22 11:47:59 +02:00			`description = "collects metrics from devices in the <i>niveum</i> network, blackbox monitors some websites.";`
			`}`
			`{`
			`title = "Loki";`
			`description = "aggregates logs of the <i>niveum</i> network.";`
			`}`
			`{`
			`title = "Grafana";`
feat(alertmanager): access via http 2022-12-01 18:25:03 +01:00			`link = "http://${config.services.grafana.settings.server.domain}";`
feat(passport): init for makanek 2022-05-22 11:47:59 +02:00			`description = "displays metrics from devices in the <i>niveum</i> network.";`
			`}`
			`{`
feat(alertmanager): access via http 2022-12-01 18:25:03 +01:00			`title = "Alertmanager";`
			`link = config.services.prometheus.alertmanager.webExternalUrl;`
feat(passport): init for makanek 2022-05-22 11:47:59 +02:00			`description = "notifies me when something goes wrong.";`
			`}`
			`];`

chore: format with alejandra 2022-03-10 21:52:12 +01:00			`services.prometheus.rules = let`
			`diskFreeThreshold = 10;`
			`in [`
			`(builtins.toJSON {`
			`groups = [`
feat: monitoring 2021-09-18 23:54:12 +02:00			`{`
chore: format with alejandra 2022-03-10 21:52:12 +01:00			`name = "niveum";`
			`rules = [`
			`{`
			`alert = "ServiceDown";`
			`expr = ''node_systemd_unit_state{state="failed"} == 1'';`
			`annotations = {`
			`summary = "{{$labels.name}} failed on {{$labels.job}}";`
			`};`
			`}`
			`{`
			`alert = "RootPartitionFull";`
			`for = "10m";`
			`expr = ''(node_filesystem_free_bytes{mountpoint="/"} * 100) / node_filesystem_size_bytes{mountpoint="/"} < ${toString diskFreeThreshold}'';`
			`annotations = {`
			`summary = ''{{ $labels.job }} running out of space: {{ $value \| printf "%.2f" }}% < ${toString diskFreeThreshold}%'';`
			`};`
			`}`
			`{`
			`alert = "RootPartitionFullWeek";`
			`for = "1h";`
			`expr =`
			`''node_filesystem_free_bytes{mountpoint="/"} ''`
			`+ ''and predict_linear(node_filesystem_free_bytes{mountpoint="/"}[2d], 7243600) <= 0'';`
			`annotations = {`
			`summary = "{{$labels.job}} running out of space in 7 days";`
			`};`
			`}`
			`{`
			`alert = "HighLoad";`
			`expr = ''node_load15 / on(job) count(node_cpu_seconds_total{mode="system"}) by (job) >= 1.0'';`
			`for = "10m";`
			`annotations = {`
			`summary = "{{$labels.job}} running on high load: {{$value}}";`
			`};`
			`}`
			`{`
			`alert = "HighRAM";`
			`expr = "node_memory_MemFree_bytes + node_memory_Buffers_bytes + node_memory_Cached_bytes < node_memory_MemTotal_bytes * 0.1";`
			`for = "1h";`
			`annotations.summary = "{{$labels.job}} using lots of RAM";`
			`}`
			`{`
			`alert = "UptimeMonster";`
			`expr = "time() - node_boot_time_seconds > 2592000";`
			`annotations.summary = "uptime monster {{$labels.job}} up for more than 30 days";`
			`}`
			`{`
			`alert = "HostDown";`
			`expr = ''up == 0'';`
			`for = "5m";`
			`annotations = {`
			`summary = "{{ $labels.job }} seeming down since 5 minutes";`
			`};`
			`}`
			`{`
			`alert = "Reboot";`
			`expr = "time() - node_boot_time_seconds < 300";`
			`annotations.summary = "{{$labels.job}} rebooted";`
			`}`
			`{`
			`alert = "ProbeFailed";`
			`expr = "probe_success == 0";`
			`for = "5m";`
			`annotations.summary = "HTTP probe failed for {{$labels.instance}}";`
			`}`
			`{`
			`alert = "SlowProbe";`
			`expr = "avg_over_time(probe_http_duration_seconds[1m]) > 1";`
			`for = "5m";`
			`annotations.summary = "HTTP probe slow for {{$labels.instance}}";`
			`}`
			`{`
			`alert = "HttpStatusCode";`
			`expr = "probe_http_status_code != 0 AND (probe_http_status_code <= 199 OR probe_http_status_code >= 400)";`
			`for = "5m";`
			`annotations.summary = "status code {{$value}} for {{$labels.instance}}";`
			`}`
			`{`
			`alert = "SslExpirySoon";`
			`expr = "probe_ssl_earliest_cert_expiry - time() < 86400 * 30";`
			`for = "5m";`
			`annotations.summary = "SSL certificate for {{$labels.instance}} expires in 30 days";`
			`}`
			`{`
			`alert = "SslExpiry";`
			`expr = "probe_ssl_earliest_cert_expiry - time() <= 0";`
			`for = "5m";`
			`annotations.summary = "SSL certificate for {{$labels.instance}} has expired";`
			`}`
			`];`
feat(monitoring): probe alew.hu-berlin.de 2021-12-13 17:29:09 +01:00			`}`
feat: monitoring 2021-09-18 23:54:12 +02:00			`];`
chore: format with alejandra 2022-03-10 21:52:12 +01:00			`})`
			`];`
feat: monitoring 2021-09-18 23:54:12 +02:00
			`services.prometheus.alertmanager = {`
			`enable = true;`
			`listenAddress = "localhost";`
feat(alertmanager): access via http 2022-12-01 18:25:03 +01:00			`webExternalUrl = "http://alertmanager.kmein.r";`
feat: convert to flake feat(zaatar): convert to flake feat(tahina, tabula): convert to flake feat(makanek): convert to flake feat(manakish, zaatar): convert to flake feat(ci): build flake systems fix: ci build feat: secrets via submodule foo foo foo 2023-02-22 10:02:55 +01:00			`environmentFile = config.age.secrets.alertmanager-token-reporters.path;`
feat: monitoring 2021-09-18 23:54:12 +02:00			`configuration = {`
			`route = {`
			`group_wait = "30s";`
feat(alertmanager): report via email like a professional, allow http access 2022-12-01 17:05:02 +01:00			`repeat_interval = "24h";`
feat(alertmanager): send telegram and email with more info 2022-12-02 17:32:40 +01:00			`receiver = "all";`
feat: monitoring 2021-09-18 23:54:12 +02:00			`};`
chore: format with alejandra 2022-03-10 21:52:12 +01:00			`receivers = [`
			`{`
feat(alertmanager): send telegram and email with more info 2022-12-02 17:32:40 +01:00			`name = "all";`
feat(alertmanager): send telegram and email notifications 2022-12-03 08:26:50 +01:00			`telegram_configs = [`
			`{`
feat: convert to flake feat(zaatar): convert to flake feat(tahina, tabula): convert to flake feat(makanek): convert to flake feat(manakish, zaatar): convert to flake feat(ci): build flake systems fix: ci build feat: secrets via submodule foo foo foo 2023-02-22 10:02:55 +01:00			`bot_token = "$TELEGRAM_TOKEN";`
feat(alertmanager): send telegram and email notifications 2022-12-03 08:26:50 +01:00			`chat_id = 18980945;`
			`parse_mode = "";`
			`api_url = "https://api.telegram.org";`
			`send_resolved = true;`
			`message = ''`
			`{{range .Alerts -}}`
			`{{ .Status }}: {{ index .Annotations "summary" }}`
			`{{end -}}`
			`'';`
			`}`
			`];`
feat(alertmanager): report via email like a professional, allow http access 2022-12-01 17:05:02 +01:00			`email_configs = let`
feat: convert to flake feat(zaatar): convert to flake feat(tahina, tabula): convert to flake feat(makanek): convert to flake feat(manakish, zaatar): convert to flake feat(ci): build flake systems fix: ci build feat: secrets via submodule foo foo foo 2023-02-22 10:02:55 +01:00			`inherit (import ../../../lib) kieran;`
			`inherit (import ../../../lib/email.nix {inherit lib;}) cock;`
feat(makanek): disable email alerts 2023-04-15 11:59:43 +02:00			`cockConfig = {`
chore: format with alejandra 2022-03-10 21:52:12 +01:00			`send_resolved = true;`
feat(alertmanager): report via email like a professional, allow http access 2022-12-01 17:05:02 +01:00			`to = kieran.email;`
			`from = cock.user;`
			`smarthost = "${cock.smtp}:587";`
			`auth_username = cock.user;`
			`auth_identity = cock.user;`
feat: convert to flake feat(zaatar): convert to flake feat(tahina, tabula): convert to flake feat(makanek): convert to flake feat(manakish, zaatar): convert to flake feat(ci): build flake systems fix: ci build feat: secrets via submodule foo foo foo 2023-02-22 10:02:55 +01:00			`auth_password = "$EMAIL_PASSWORD";`
feat(makanek): disable email alerts 2023-04-15 11:59:43 +02:00			`};`
			`in [`
chore: format with alejandra 2022-03-10 21:52:12 +01:00			`];`
			`}`
			`];`
feat: monitoring 2021-09-18 23:54:12 +02:00			`};`
			`};`

feat: convert to flake feat(zaatar): convert to flake feat(tahina, tabula): convert to flake feat(makanek): convert to flake feat(manakish, zaatar): convert to flake feat(ci): build flake systems fix: ci build feat: secrets via submodule foo foo foo 2023-02-22 10:02:55 +01:00			`age.secrets = {`
			`email-password-cock = {`
Revert "chore: get secrets via input, mock for CI" This reverts commit 3138fd23ef855a5925eb370bf0c976316c6c96b4. 2023-07-04 16:28:26 +02:00			`file = ../../../secrets/email-password-cock.age;`
feat: convert to flake feat(zaatar): convert to flake feat(tahina, tabula): convert to flake feat(makanek): convert to flake feat(manakish, zaatar): convert to flake feat(ci): build flake systems fix: ci build feat: secrets via submodule foo foo foo 2023-02-22 10:02:55 +01:00			`owner = "grafana";`
			`group = "grafana";`
			`mode = "440";`
			`};`
			`grafana-password-admin = {`
Revert "chore: get secrets via input, mock for CI" This reverts commit 3138fd23ef855a5925eb370bf0c976316c6c96b4. 2023-07-04 16:28:26 +02:00			`file = ../../../secrets/grafana-password-admin.age;`
feat: convert to flake feat(zaatar): convert to flake feat(tahina, tabula): convert to flake feat(makanek): convert to flake feat(manakish, zaatar): convert to flake feat(ci): build flake systems fix: ci build feat: secrets via submodule foo foo foo 2023-02-22 10:02:55 +01:00			`owner = "grafana";`
			`group = "grafana";`
			`mode = "440";`
			`};`
			`alertmanager-token-reporters = {`
Revert "chore: get secrets via input, mock for CI" This reverts commit 3138fd23ef855a5925eb370bf0c976316c6c96b4. 2023-07-04 16:28:26 +02:00			`file = ../../../secrets/alertmanager-token-reporters.age;`
feat: convert to flake feat(zaatar): convert to flake feat(tahina, tabula): convert to flake feat(makanek): convert to flake feat(manakish, zaatar): convert to flake feat(ci): build flake systems fix: ci build feat: secrets via submodule foo foo foo 2023-02-22 10:02:55 +01:00			`owner = "prometheus";`
			`group = "prometheus";`
			`mode = "440";`
			`};`
feat(prometheus): scrape home assistant 2023-07-12 15:03:05 +02:00			`home-assistant-token = {`
			`file = ../../../secrets/home-assistant-token.age;`
			`owner = "prometheus";`
			`group = "prometheus";`
			`mode = "440";`
			`};`
feat: convert to flake feat(zaatar): convert to flake feat(tahina, tabula): convert to flake feat(makanek): convert to flake feat(manakish, zaatar): convert to flake feat(ci): build flake systems fix: ci build feat: secrets via submodule foo foo foo 2023-02-22 10:02:55 +01:00			`};`

chore: format with alejandra 2022-03-10 21:52:12 +01:00			`services.prometheus.alertmanagers = [`
			`{`
			`scheme = "http";`
			`path_prefix = "/";`
feat(alertmanager): report via email like a professional, allow http access 2022-12-01 17:05:02 +01:00			`static_configs = [{targets = ["localhost:${toString config.services.prometheus.alertmanager.port}"];}];`
chore: format with alejandra 2022-03-10 21:52:12 +01:00			`}`
			`];`
Revert "feat(alertmanager): alert via irc" This reverts commit 630d99e191612d0065f4826f64d9d31abd0509c4. 2022-01-27 17:17:43 +01:00
feat: monitoring 2021-09-18 23:54:12 +02:00			`services.prometheus.scrapeConfigs = [`
			`{`
			`job_name = "makanek";`
chore: format with alejandra 2022-03-10 21:52:12 +01:00			`static_configs = [`
			`{`
			`targets = [`
			`"127.0.0.1:${toString config.services.prometheus.exporters.node.port}"`
			`];`
			`}`
			`];`
feat: monitoring 2021-09-18 23:54:12 +02:00			`}`
feat(monitoring): probe alew.hu-berlin.de 2021-12-13 17:29:09 +01:00			`{`
fix(monitoring): probe alew.hu-berlin.de every 5 min 2021-12-14 00:13:25 +01:00			`scrape_interval = "5m";`
feat(monitoring): probe alew.hu-berlin.de 2021-12-13 17:29:09 +01:00			`job_name = "blackbox";`
			`metrics_path = "/probe";`
chore: format with alejandra 2022-03-10 21:52:12 +01:00			`params.module = ["http_2xx"];`
feat(monitoring): probe alew.hu-berlin.de 2021-12-13 17:29:09 +01:00			`relabel_configs = [`
chore: format with alejandra 2022-03-10 21:52:12 +01:00			`{`
			`source_labels = ["__address__"];`
			`target_label = "__param_target";`
			`}`
			`{`
			`source_labels = ["__param_target"];`
			`target_label = "instance";`
			`}`
			`{`
			`replacement = "127.0.0.1:${toString config.services.prometheus.exporters.blackbox.port}";`
			`target_label = "__address__";`
			`}`
			`];`
			`static_configs = [`
			`{`
			`targets = [`
			`"alew.hu-berlin.de"`
			`"pad.kmein.de"`
			`"code.kmein.de"`
			`"radio.kmein.de"`
			`"tarot.kmein.de"`
feat(nextcloud): change domain 2023-07-16 08:20:47 +02:00			`"cloud.kmein.de"`
chore: format with alejandra 2022-03-10 21:52:12 +01:00			`"grafana.kmein.r"`
fix: do not monitor http://names.kmein.r/ 2022-04-24 17:24:58 +02:00			`# "names.kmein.r"`
chore: format with alejandra 2022-03-10 21:52:12 +01:00			`"rrm.r"`
			`"graph.r"`
			`];`
			`}`
feat(monitoring): probe alew.hu-berlin.de 2021-12-13 17:29:09 +01:00			`];`
			`}`
feat: monitoring 2021-09-18 23:54:12 +02:00			`{`
			`job_name = "zaatar";`
chore: format with alejandra 2022-03-10 21:52:12 +01:00			`static_configs = [`
			`{`
			`targets = [`
			`"zaatar.r:${toString config.services.prometheus.exporters.node.port}"`
			`"zaatar.r:${toString restic.port}"`
			`];`
			`}`
			`];`
feat: monitoring 2021-09-18 23:54:12 +02:00			`}`
feat(prometheus): scrape home assistant 2023-07-12 15:03:05 +02:00			`{`
			`job_name = "home_assistant";`
			`scrape_interval = "60s";`
			`metrics_path = "/api/prometheus";`
			`scheme = "http";`
			`static_configs = [{targets = ["zaatar.r:8123"];}];`
			`bearer_token_file = config.age.secrets.home-assistant-token.path;`
			`}`
feat(ful): monitoring 2022-09-26 09:30:28 +02:00			`{`
			`job_name = "ful";`
			`static_configs = [`
			`{`
			`targets = [`
			`"ful.r:${toString config.services.prometheus.exporters.node.port}"`
			`];`
			`}`
			`];`
			`}`
feat: monitoring 2021-09-18 23:54:12 +02:00			`];`

feat(monitoring): probe alew.hu-berlin.de 2021-12-13 17:29:09 +01:00			`services.prometheus.exporters.blackbox = {`
			`enable = true;`
			`configFile = (pkgs.formats.yaml {}).generate "blackbox.yaml" blackboxConfig;`
			`};`

feat(monitoring): add more rules, run grafana in retiolum 2021-09-19 12:03:52 +02:00			`networking.firewall.allowedTCPPorts = [`
			`lokiConfig.server.http_listen_port`
			`];`
feat: monitoring 2021-09-18 23:54:12 +02:00
			`services.loki = {`
			`enable = true;`
			`configFile = (pkgs.formats.yaml {}).generate "loki.yaml" lokiConfig;`
			`};`
			`}`