diff --git a/modules/nixos/hardware/zfs.nix b/modules/nixos/hardware/zfs.nix index dea9c42..6db46d4 100644 --- a/modules/nixos/hardware/zfs.nix +++ b/modules/nixos/hardware/zfs.nix @@ -10,6 +10,12 @@ config.boot.zfs.package.latestCompatibleLinuxPackages; boot.kernelParams = [ "nohibernate" ]; boot.supportedFilesystems = [ "zfs" ]; + services.prometheus.exporters.zfs.enable = true; + scrapeTargets = [ + "127.0.0.1:${ + builtins.toString config.services.prometheus.exporters.zfs.port + }" + ]; }; diff --git a/modules/nixos/services/nextcloud.nix b/modules/nixos/services/nextcloud.nix index b4a3e7f..fede4c8 100644 --- a/modules/nixos/services/nextcloud.nix +++ b/modules/nixos/services/nextcloud.nix @@ -11,6 +11,7 @@ config = { adminpassFile = config.secrets.nextcloud.dest; extraTrustedDomains = [ config.hostnames.content ]; + trustedProxies = [ "127.0.0.1" ]; }; }; @@ -74,6 +75,21 @@ requires = [ "phpfpm-nextcloud.service" ]; }; + # Log metrics to prometheus + services.prometheus.exporters.nextcloud = { + enable = true; + username = config.services.nextcloud.config.adminuser; + url = "http://localhost:8080"; + passwordFile = config.services.nextcloud.config.adminpassFile; + }; + scrapeTargets = [ + "127.0.0.1:${ + builtins.toString config.services.prometheus.exporters.nextcloud.port + }" + ]; + # Allows nextcloud-exporter to read passwordFile + users.users.nextcloud-exporter.extraGroups = [ "nextcloud" ]; + }; } diff --git a/modules/nixos/services/prometheus.nix b/modules/nixos/services/prometheus.nix index a08096d..fa026bd 100644 --- a/modules/nixos/services/prometheus.nix +++ b/modules/nixos/services/prometheus.nix @@ -1,5 +1,11 @@ { config, pkgs, lib, ... }: { + options.scrapeTargets = lib.mkOption { + type = lib.types.listOf lib.types.str; + description = "Prometheus scrape targets"; + default = [ ]; + }; + config = let # If hosting Grafana, host local Prometheus and listen for inbound jobs. If @@ -8,12 +14,33 @@ in lib.mkIf config.services.prometheus.enable { + scrapeTargets = [ + "127.0.0.1:${ + builtins.toString config.services.prometheus.exporters.node.port + }" + "127.0.0.1:${ + builtins.toString config.services.prometheus.exporters.systemd.port + }" + "127.0.0.1:${ + builtins.toString config.services.prometheus.exporters.process.port + }" + ]; + services.prometheus = { exporters.node.enable = true; + exporters.systemd.enable = true; + exporters.process.enable = true; + exporters.process.settings.process_names = [ + # Remove nix store path from process name + { + name = "{{.Matches.Wrapped}} {{ .Matches.Args }}"; + cmdline = [ "^/nix/store[^ ]*/(?P[^ /]*) (?P.*)" ]; + } + ]; extraFlags = lib.mkIf isServer [ "--web.enable-remote-write-receiver" ]; scrapeConfigs = [{ job_name = config.networking.hostName; - static_configs = [{ targets = [ "127.0.0.1:9100" ]; }]; + static_configs = [{ targets = config.scrapeTargets; }]; }]; webExternalUrl = lib.mkIf isServer "https://${config.hostnames.prometheus}";