From d0c233b7e178245121f14dae916f3136092c7840 Mon Sep 17 00:00:00 2001
From: min <minish@riseup.net>
Date: Sat, 14 Dec 2024 19:24:51 -0500
Subject: [PATCH] Deploy Prometheus + Grafana

---
 nixos/hosts/eidola/configuration.nix       |  1 +
 nixos/hosts/eidola/prometheus.nix          | 11 ++++++++
 nixos/hosts/silver/configuration.nix       |  4 ++-
 nixos/hosts/silver/mounts.nix              |  3 +++
 nixos/hosts/silver/prometheus.nix          | 11 ++++++++
 nixos/hosts/silver/services/breeze.nix     | 14 +++++------
 nixos/hosts/silver/services/default.nix    |  2 ++
 nixos/hosts/silver/services/grafana.nix    | 29 ++++++++++++++++++++++
 nixos/hosts/silver/services/prometheus.nix | 27 ++++++++++++++++++++
 9 files changed, 93 insertions(+), 9 deletions(-)
 create mode 100644 nixos/hosts/eidola/prometheus.nix
 create mode 100644 nixos/hosts/silver/prometheus.nix
 create mode 100644 nixos/hosts/silver/services/grafana.nix
 create mode 100644 nixos/hosts/silver/services/prometheus.nix

diff --git a/nixos/hosts/eidola/configuration.nix b/nixos/hosts/eidola/configuration.nix
index adf4b6c..59ca50a 100644
--- a/nixos/hosts/eidola/configuration.nix
+++ b/nixos/hosts/eidola/configuration.nix
@@ -11,6 +11,7 @@
     ./nebula.nix
     ./zfs.nix
     ./samba.nix
+    ./prometheus.nix
   ];
 
   networking.hostName = "eidola"; # Define your hostname.
diff --git a/nixos/hosts/eidola/prometheus.nix b/nixos/hosts/eidola/prometheus.nix
new file mode 100644
index 0000000..6df3b74
--- /dev/null
+++ b/nixos/hosts/eidola/prometheus.nix
@@ -0,0 +1,11 @@
+{...}: let
+  ipInternal = "10.13.1.1"; # TODO: hardcoding
+in {
+  services.prometheus.exporters = {
+    node = {
+      enable = true;
+      listenAddress = ipInternal;
+      enabledCollectors = ["systemd"];
+    };
+  };
+}
diff --git a/nixos/hosts/silver/configuration.nix b/nixos/hosts/silver/configuration.nix
index 40ee6d2..c8befd8 100644
--- a/nixos/hosts/silver/configuration.nix
+++ b/nixos/hosts/silver/configuration.nix
@@ -13,11 +13,13 @@
   };
 in {
   imports = [
+    ./services
+
     ./hardware.nix
     ./disk-config.nix
     ./mounts.nix
     ./secrets.nix
-    ./services
+    ./prometheus.nix
   ];
 
   networking.hostName = "silver"; # Define your hostname.
diff --git a/nixos/hosts/silver/mounts.nix b/nixos/hosts/silver/mounts.nix
index 81203a6..922846e 100644
--- a/nixos/hosts/silver/mounts.nix
+++ b/nixos/hosts/silver/mounts.nix
@@ -14,6 +14,9 @@
 
       "/var/lib/acme"
 
+      "/var/lib/prometheus2"
+      "/var/lib/grafana"
+
       "/srv"
     ];
     files = [
diff --git a/nixos/hosts/silver/prometheus.nix b/nixos/hosts/silver/prometheus.nix
new file mode 100644
index 0000000..ca4bb87
--- /dev/null
+++ b/nixos/hosts/silver/prometheus.nix
@@ -0,0 +1,11 @@
+{...}: let
+  ipInternal = "10.13.0.1"; # TODO: hardcoding
+in {
+  services.prometheus.exporters = {
+    node = {
+      enable = true;
+      listenAddress = ipInternal;
+      enabledCollectors = ["systemd"];
+    };
+  };
+}
diff --git a/nixos/hosts/silver/services/breeze.nix b/nixos/hosts/silver/services/breeze.nix
index 814f611..841c053 100644
--- a/nixos/hosts/silver/services/breeze.nix
+++ b/nixos/hosts/silver/services/breeze.nix
@@ -7,16 +7,14 @@ in {
     group = "breeze";
   };
 
-  services.nginx = {
-    virtualHosts.${dom} = {
-      forceSSL = true;
-      enableACME = true;
+  services.nginx.virtualHosts.${dom} = {
+    forceSSL = true;
+    enableACME = true;
 
-      quic = true;
+    quic = true;
 
-      locations."/" = {
-        proxyPass = "http://127.0.0.1:${toString httpIntPort}";
-      };
+    locations."/" = {
+      proxyPass = "http://127.0.0.1:${toString httpIntPort}";
     };
   };
 
diff --git a/nixos/hosts/silver/services/default.nix b/nixos/hosts/silver/services/default.nix
index f6d83c8..dbd218e 100644
--- a/nixos/hosts/silver/services/default.nix
+++ b/nixos/hosts/silver/services/default.nix
@@ -6,6 +6,8 @@
     ./gitea.nix
     ./synapse.nix
     ./nebula.nix
+    ./prometheus.nix
+    ./grafana.nix
   ];
 
   security.acme = {
diff --git a/nixos/hosts/silver/services/grafana.nix b/nixos/hosts/silver/services/grafana.nix
new file mode 100644
index 0000000..0573c98
--- /dev/null
+++ b/nixos/hosts/silver/services/grafana.nix
@@ -0,0 +1,29 @@
+{...}: let
+  dom = "graf.min.rip";
+  httpIntPort = 14050;
+in {
+  services.nginx.virtualHosts.${dom} = {
+    forceSSL = true;
+    enableACME = true;
+
+    locations."/" = {
+      proxyPass = "http://127.0.0.1:${toString httpIntPort}";
+    };
+  };
+
+  services.grafana = {
+    enable = true;
+
+    settings = {
+      server = {
+        http_addr = "127.0.0.1";
+        http_port = httpIntPort;
+
+        enable_gzip = true;
+
+        enforce_domain = true;
+        domain = dom;
+      };
+    };
+  };
+}
diff --git a/nixos/hosts/silver/services/prometheus.nix b/nixos/hosts/silver/services/prometheus.nix
new file mode 100644
index 0000000..ceb0b76
--- /dev/null
+++ b/nixos/hosts/silver/services/prometheus.nix
@@ -0,0 +1,27 @@
+{...}: let
+  ipSilver = "10.13.0.1"; # TODO: hardcoding
+  ipEidola = "10.13.1.1"; # TODO: hardcoding
+in {
+  services.prometheus = {
+    enable = true;
+
+    scrapeConfigs = [
+      {
+        job_name = "silver";
+        static_configs = [
+          {
+            targets = ["${ipSilver}:9100"];
+          }
+        ];
+      }
+      {
+        job_name = "eidola";
+        static_configs = [
+          {
+            targets = ["${ipEidola}:9100"];
+          }
+        ];
+      }
+    ];
+  };
+}