nyancat/flake
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nixos/caddy: export metrics to prometheus

Browse source
This commit is contained in:
Guanran Wang 2024-09-07 20:38:10 +08:00
parent 2ef8aaf319
commit 5f8f3eb171
Signed by: nyancat
GPG key ID: 91F97D9ED12639CF
2 changed files with 70 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
hosts/tyo0/services/prometheus.nix
View file

@ -19,18 +19,17 @@ in
listenAddress = "127.0.0.1"; listenAddress = "127.0.0.1";
port = ports.blackbox; port = ports.blackbox;
configFile = (pkgs.formats.yaml { }).generate "config.yaml" { configFile = (pkgs.formats.yaml { }).generate "config.yaml" {
modules = { modules.http_2xx = {
http_2xx = {
prober = "http"; prober = "http";
}; http.fail_if_not_ssl = true;
}; };
}; };
}; };
scrapeConfigs = [ scrapeConfigs = [
{ {
job_name = "metrics"; job_name = "node_exporter";
scheme = "https"; metrics_path = "/metrics";
basic_auth = { basic_auth = {
username = "prometheus"; username = "prometheus";
password_file = config.sops.secrets."prometheus/auth".path; password_file = config.sops.secrets."prometheus/auth".path;
@ -43,8 +42,29 @@ in
}; };
} }
{ {
job_name = "http"; job_name = "caddy";
scheme = "http"; metrics_path = "/caddy";
basic_auth = {
username = "prometheus";
password_file = config.sops.secrets."prometheus/auth".path;
};
static_configs = lib.singleton {
targets = [
"tyo0.ny4.dev"
"pek0.ny4.dev"
];
};
}
{
job_name = "blackbox_exporter";
static_configs = lib.singleton {
targets = [
"127.0.0.1:${toString ports.blackbox}"
];
};
}
{
job_name = "blackbox_probe";
metrics_path = "/probe"; metrics_path = "/probe";
params = { params = {
module = [ "http_2xx" ]; module = [ "http_2xx" ];
@ -90,12 +110,12 @@ in
rules = [ rules = [
{ {
alert = "NodeDown"; alert = "NodeDown";
expr = ''up == 0''; expr = ''up{job="node_exporter"} == 0'';
for = "5m"; for = "5m";
} }
{ {
alert = "HTTPDown"; alert = "HTTPDown";
expr = ''probe_http_status_code < 200 or probe_http_status_code > 299''; expr = ''up{job="blackbox_probe"} == 0 or probe_success{job="blackbox_probe"} == 0'';
for = "5m"; for = "5m";
} }
{ {

23
nixos/profiles/prometheus/default.nix
View file

@ -7,7 +7,9 @@
enabledCollectors = [ "systemd" ]; enabledCollectors = [ "systemd" ];
}; };
services.caddy.settings.apps.http.servers.srv0.routes = lib.singleton { services.caddy.settings.apps.http.servers.srv0.metrics = { };
services.caddy.settings.apps.http.servers.srv0.routes = [
{
match = lib.singleton { match = lib.singleton {
host = [ config.networking.fqdn ]; host = [ config.networking.fqdn ];
path = [ "/metrics" ]; path = [ "/metrics" ];
@ -25,5 +27,24 @@
upstreams = lib.singleton { dial = "127.0.0.1:9091"; }; upstreams = lib.singleton { dial = "127.0.0.1:9091"; };
} }
]; ];
}
{
match = lib.singleton {
host = [ config.networking.fqdn ];
path = [ "/caddy" ];
};
handle = [
{
handler = "authentication";
providers.http_basic.accounts = lib.singleton {
username = "prometheus";
password = "$2a$14$2Phk4tobM04H4XiGegB3TuEXkyORCKMKW8TptYPTPXUWmZgtGBj/.";
}; };
} }
{
handler = "metrics";
}
];
}
];
}