diff options
| -rw-r--r-- | makefu/1systems/gum/config.nix | 1 | ||||
| -rw-r--r-- | makefu/2configs/nix-community/supervision.nix | 82 |
2 files changed, 83 insertions, 0 deletions
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index adf025fd3..2a1d39c04 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -24,6 +24,7 @@ in { <stockholm/makefu/2configs/nur.nix> <stockholm/makefu/2configs/support-nixos.nix> <stockholm/makefu/2configs/nix-community/mediawiki-matrix-bot.nix> + <stockholm/makefu/2configs/nix-community/supervision.nix> <stockholm/makefu/2configs/home-manager> <stockholm/makefu/2configs/home-manager/cli.nix> # <stockholm/makefu/2configs/stats/client.nix> diff --git a/makefu/2configs/nix-community/supervision.nix b/makefu/2configs/nix-community/supervision.nix new file mode 100644 index 000000000..f648b9c17 --- /dev/null +++ b/makefu/2configs/nix-community/supervision.nix @@ -0,0 +1,82 @@ +{ config, lib, pkgs, ... }: +let + isVM = lib.any (mod: mod == "xen-blkfront" || mod == "virtio_console") config.boot.initrd.kernelModules; + port = "9273"; +in { + + networking.firewall.extraCommands = '' + iptables -A INPUT -i retiolum -p tcp --dport ${port} -j ACCEPT + ''; + + services.telegraf = { + enable = true; + extraConfig = { + agent.interval = "60s"; + inputs = { + prometheus.metric_version = 2; + kernel_vmstat = { }; + smart = lib.mkIf (!isVM) { + path = pkgs.writeShellScript "smartctl" '' + exec /run/wrappers/bin/sudo ${pkgs.smartmontools}/bin/smartctl "$@" + ''; + }; + system = { }; + mem = { }; + file = [{ + data_format = "influx"; + file_tag = "name"; + files = [ "/var/log/telegraf/*" ]; + }] ++ lib.optional (lib.any (fs: fs == "ext4") config.boot.supportedFilesystems) { + name_override = "ext4_errors"; + files = [ "/sys/fs/ext4/*/errors_count" ]; + data_format = "value"; + }; + exec = lib.optionalAttrs (lib.any (fs: fs == "zfs") config.boot.supportedFilesystems) { + ## Commands array + commands = [ + (pkgs.writeScript "zpool-health" '' + #!${pkgs.gawk}/bin/awk -f + BEGIN { + while ("${pkgs.zfs}/bin/zpool status" | getline) { + if ($1 ~ /pool:/) { printf "zpool_status,name=%s ", $2 } + if ($1 ~ /state:/) { printf " state=\"%s\",", $2 } + if ($1 ~ /errors:/) { + if (index($2, "No")) printf "errors=0i\n"; else printf "errors=%di\n", $2 + } + } + } + '') + ]; + data_format = "influx"; + }; + systemd_units = { }; + swap = { }; + disk.tagdrop = { + fstype = [ "tmpfs" "ramfs" "devtmpfs" "devfs" "iso9660" "overlay" "aufs" "squashfs" ]; + device = [ "rpc_pipefs" "lxcfs" "nsfs" "borgfs" ]; + }; + diskio = { }; + }; + outputs.prometheus_client = { + listen = ":${port}"; + metric_version = 2; + }; + }; + }; + + security.sudo.extraRules = lib.mkIf (!isVM) [{ + users = [ "telegraf" ]; + commands = [{ + command = "${pkgs.smartmontools}/bin/smartctl"; + options = [ "NOPASSWD" ]; + }]; + }]; + # avoid logging sudo use + security.sudo.configFile = '' + Defaults:telegraf !syslog,!pam_session + ''; + # create dummy file to avoid telegraf errors + systemd.tmpfiles.rules = [ + "f /var/log/telegraf/dummy 0444 root root - -" + ]; +} |