zaphyra's git: nixfiles

zaphyra and void's nixfiles

commit 87838de18557893d1783e1ac7b2d18f1fe8a4ce1
parent 8e6cf0c85bb35972e889105e5a1d64fcabeb7052
Author: Katja (zaphyra) <git@ctu.cx>
Date: Fri, 23 May 2025 22:31:20 +0200

config/nixos/modules/websites: add `prometheus.infra.zaphyra.eu` (and enable on host `morio`)

2 files changed, 94 insertions(+), 0 deletions(-)
A
config/nixos/modules/websites/prometheus.infra.zaphyra.eu.nix
|
93
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
M
hosts/morio/default.nix
|
1
+
diff --git a/config/nixos/modules/websites/prometheus.infra.zaphyra.eu.nix b/config/nixos/modules/websites/prometheus.infra.zaphyra.eu.nix
@@ -0,0 +1,93 @@
+{
+  inputs,
+  povSelf,
+  hostConfig,
+  config,
+  lib,
+  dnsNix,
+  ...
+}:
+
+let
+  inherit (lib) types;
+  cfg = lib.getAttrFromPath povSelf config;
+
+in
+{
+
+  options = {
+    enable = {
+      type = types.bool;
+      default = false;
+    };
+    subdomain = {
+      type = types.str;
+      default = "prometheus.infra";
+    };
+    domain = {
+      type = types.str;
+      default = "zaphyra.eu";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    dns.zones."${cfg.domain}".subdomains."${cfg.subdomain}".CNAME = [ "${config.networking.fqdn}." ];
+
+    services.prometheus = {
+      enable = true;
+      webExternalUrl = "https://${cfg.subdomain}.${cfg.domain}/";
+      listenAddress = "[::1]";
+      port = 9090;
+      scrapeConfigs = [
+        {
+          job_name = "node-exporter";
+          scrape_interval = "30s";
+          scheme = "https";
+          metrics_path = "/node-exporter";
+          static_configs = [
+            {
+              targets = (
+                lib.mapAttrsToList (
+                  name: host:
+                  lib.mkIf (
+                    host.config.services.prometheus.exporters.node.enable == true
+                    && host.config.networking.hostName != ""
+                    && host.config.networking.domain != ""
+                  ) host.config.networking.fqdn
+                ) inputs.self.nixosConfigurations
+              );
+            }
+          ];
+        }
+        {
+          job_name = "systemd-exporter";
+          scrape_interval = "30s";
+          scheme = "https";
+          metrics_path = "/systemd-exporter";
+          static_configs = [
+            {
+              targets = (
+                lib.mapAttrsToList (
+                  name: host:
+                  lib.mkIf (
+                    host.config.services.prometheus.exporters.node.enable == true
+                    && host.config.networking.hostName != ""
+                    && host.config.networking.domain != ""
+                  ) host.config.networking.fqdn
+                ) inputs.self.nixosConfigurations
+              );
+            }
+          ];
+        }
+      ];
+    };
+
+    services.nginx.virtualHosts."${cfg.subdomain}.${cfg.domain}" = {
+      useACMEHost = "${config.networking.fqdn}";
+      forceSSL = true;
+      kTLS = true;
+      locations."/".proxyPass = "http://[::1]:${toString config.services.prometheus.port}/";
+    };
+  };
+
+}

diff --git a/hosts/morio/default.nix b/hosts/morio/default.nix
@@ -75,6 +75,7 @@
 
         websites = {
           "git.zaphyra.eu".enable = true;
+          "prometheus.infra.zaphyra.eu".enable = true;
         };
 
         users.katja.enable = true;