diff options
author | Karel Kočí <cynerd@email.cz> | 2023-01-08 11:08:52 +0100 |
---|---|---|
committer | Karel Kočí <cynerd@email.cz> | 2023-01-08 11:08:52 +0100 |
commit | 99c357915697b9d800523b2252850c758e2aae1d (patch) | |
tree | d296b94d4f4532f412554ce52f414bc77df67fce | |
parent | e7abf8728a0fd0a77e6fa5803acd1b0c1e0682c6 (diff) | |
download | nixos-personal-99c357915697b9d800523b2252850c758e2aae1d.tar.gz nixos-personal-99c357915697b9d800523b2252850c758e2aae1d.tar.bz2 nixos-personal-99c357915697b9d800523b2252850c758e2aae1d.zip |
nixos/monitoring: expand monitoring
-rw-r--r-- | flake.lock | 26 | ||||
-rw-r--r-- | nixos/machine/mrpump.nix | 3 | ||||
-rw-r--r-- | nixos/modules/desktop.nix | 2 | ||||
-rw-r--r-- | nixos/modules/home-assistant.nix | 49 | ||||
-rw-r--r-- | nixos/modules/hosts.nix | 2 | ||||
-rw-r--r-- | nixos/modules/monitoring.nix | 61 | ||||
-rwxr-xr-x | tools/influxdb-monitoring.sh | 6 |
7 files changed, 114 insertions, 35 deletions
@@ -93,11 +93,11 @@ "nixpkgs-regression": "nixpkgs-regression" }, "locked": { - "lastModified": 1672695323, - "narHash": "sha256-lNqpBa/77nbze8JhWtzeE9DgPy5Z8/JUlfbHHghx+G0=", + "lastModified": 1673071673, + "narHash": "sha256-yFr+MLbKqj2GH3I/J05vAMA9s7mdeUVAVRMvTTjw6zw=", "owner": "NixOS", "repo": "nix", - "rev": "a75b7ba30f1e4f8b15e810fd18e63ee9552e0815", + "rev": "4e2b155d2346f1abeef7cf7ee8a076e884fba15d", "type": "github" }, "original": { @@ -186,11 +186,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1672683526, - "narHash": "sha256-t0MENMO85gpsAWFy63WdPMsuBqeq+35lfwaccAfCFuE=", + "lastModified": 1673039641, + "narHash": "sha256-Bc9FVhyLxp2mX2SXr0N4Fj4St7o4yaYEXpd12etSNBY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e4c38ad4e69dc93c1366d576712f529585ec52ad", + "rev": "d9f73e41fd3c8e85b266bdb91cb7535600010798", "type": "github" }, "original": { @@ -251,11 +251,11 @@ ] }, "locked": { - "lastModified": 1671564570, - "narHash": "sha256-Upy3xAZKU3FVu4acqyWSdn17JsWdwifIBLvjU4+3CQc=", + "lastModified": 1672861162, + "narHash": "sha256-0aiZdSkj0FGp7x2hW4/MhMsk/52BiUPFMUdpIiCTOD0=", "owner": "cynerd", "repo": "nixturris", - "rev": "5b38cd01bb906f99deb762de4d13b1d569d9d994", + "rev": "64347b8b590096204f44b5ae0ef7e05837b9f233", "type": "github" }, "original": { @@ -266,11 +266,11 @@ }, "personal-secret": { "locked": { - "lastModified": 1672431649, - "narHash": "sha256-NQ5ExhJGZdTx8WW0gWqqaFaGoBKrtmMrQ2nvacoIVuI=", + "lastModified": 1673115364, + "narHash": "sha256-Iycxa2kd3O3SCjkbosTr70t3CtKrxqaGNYEqBrOAY54=", "ref": "refs/heads/master", - "rev": "26658654dc647a93ee33342364d4dc6cd97613c6", - "revCount": 52, + "rev": "bbed897a2c4b851790425ca193957191654350e3", + "revCount": 54, "type": "git", "url": "ssh://git@cynerd.cz/nixos-personal-secret" }, diff --git a/nixos/machine/mrpump.nix b/nixos/machine/mrpump.nix index 5da00e4..0b322dc 100644 --- a/nixos/machine/mrpump.nix +++ b/nixos/machine/mrpump.nix @@ -33,6 +33,9 @@ with lib; }; in { + # MrPump won't see Errol anyway + cynerd.hosts.enable = false; + cynerd.monitoring.enable = false; # Docker for the gitlab runner virtualisation.docker = { diff --git a/nixos/modules/desktop.nix b/nixos/modules/desktop.nix index 1f3ab71..27beb04 100644 --- a/nixos/modules/desktop.nix +++ b/nixos/modules/desktop.nix @@ -23,8 +23,6 @@ in { }; config = mkIf cnf.enable { - cynerd.hosts.enable = true; - programs.sway.enable = true; programs.sway.wrapperFeatures.gtk = true; programs.sway.extraPackages = with pkgs; [ diff --git a/nixos/modules/home-assistant.nix b/nixos/modules/home-assistant.nix index 80c76b3..e4f2232 100644 --- a/nixos/modules/home-assistant.nix +++ b/nixos/modules/home-assistant.nix @@ -26,6 +26,10 @@ in { acl = ["readwrite bigclown/#"]; passwordFile = "/run/secrets/mosquitto.bigclown.pass"; }; + telegraf = { + acl = ["read bigclown/node/#"]; + passwordFile = "/run/secrets/mosquitto.telegraf.pass"; + }; homeassistant = { acl = [ "readwrite bigclown/#" @@ -51,6 +55,7 @@ in { }; }; mqtt2influxdb = { + # TODO remove as we have telegraf enable = true; environmentFile = "/run/secrets/bigclown.env"; mqtt = { @@ -128,6 +133,50 @@ in { serviceConfig.ExecStart = "${pkgs.bigclown-leds}/bin/bigclown-leds /run/secrets/bigclown-leds.ini"; }; + services.telegraf.extraConfig = { + outputs.influxdb_v2 = [{ + urls = ["http://errol:8086"]; + token = "$INFLUX_TOKEN"; + organization = "personal"; + bucket = "bigclown"; + tagpass.source = ["bigclown"]; + }]; + inputs.mqtt_consumer = let + consumer = data_type: topics: { + tags = { source = "bigclown"; }; + servers = ["tcp://localhost:1883"]; + topics = topics; + username = "telegraf"; + password = "$MQTT_PASSWORD"; + data_format = "value"; + data_type = data_type; + topic_parsing = [{ + topic = "bigclown/node/+/+/+/+"; + measurement = "_/_/_/_/_/measurement"; + tags = "_/_/device/field/_/_"; + }]; + }; + in [ + (consumer "float" [ + "bigclown/node/+/battery/+/voltage" + "bigclown/node/+/thermometer/+/temperature" + "bigclown/node/+/hygrometer/+/relative-humidity" + "bigclown/node/+/lux-meter/+/illuminance" + "bigclown/node/+/barometer/+/pressure" + "bigclown/node/+/pir/+/event-count" + "bigclown/node/+/push-button/+/event-count" + ]) + (consumer "boolean" [ + "bigclown/node/+/flood-detector/+/alarm" + ]) + ]; + processors.pivot = [{ + tag_key = "field"; + value_key = "value"; + tagpass.source = ["bigclown"]; + }]; + }; + services.home-assistant = { enable = false; openFirewall = true; diff --git a/nixos/modules/hosts.nix b/nixos/modules/hosts.nix index e307619..ca9daa1 100644 --- a/nixos/modules/hosts.nix +++ b/nixos/modules/hosts.nix @@ -17,7 +17,7 @@ in { cynerd.hosts = { enable = mkOption { type = types.bool; - default = false; + default = true; description = "Use my personal static hosts"; }; vpn = staticZoneOption; diff --git a/nixos/modules/monitoring.nix b/nixos/modules/monitoring.nix index 1f011dd..abeba2d 100644 --- a/nixos/modules/monitoring.nix +++ b/nixos/modules/monitoring.nix @@ -30,6 +30,7 @@ in { config = mkMerge [ { cynerd.monitoring.host = "errol"; } + (mkIf cnf.enable { # Telegraf configuration services.telegraf = { @@ -37,44 +38,63 @@ in { environmentFiles = ["/run/secrets/telegraf.env"]; extraConfig = { agent = {}; - outputs.influxdb_v2 = { + outputs.influxdb_v2 = [{ urls = ["http://errol:8086"]; token = "$INFLUX_TOKEN"; organization = "personal"; bucket = "monitoring"; - }; + tagdrop.source = ["bigclown"]; # See home-assistant.nix + }]; inputs = { - cpu = { + cpu = [{ percpu = true; totalcpu = true; - }; - disk = { + }]; + mem = [{}]; + swap = [{}]; + disk = [{ ignore_fs = [ "tmpfs" "devtmpfs" "devfs" "iso9660" "overlay" "aufs" "squashfs" ]; - }; - diskio = {}; - diskio = {}; - mem = {}; - net = {}; - processes = {}; - swap = {}; - system = {}; + }]; + diskio = [{}]; + net = [{}]; + system = [{}]; + processes = [{}]; + systemd_units = [{}]; + wireguard = [{}]; } // (optionalAttrs cnf.hw { - sensors = {}; - smart = {}; + sensors = [{}]; + smart = [{ + path_smartctl = "${pkgs.smartmontools}/bin/smartctl"; + use_sudo = true; + }]; + wireless = [{}]; }); }; }; - # TODO probably add this to the upstream configuration systemd.services.telegraf.path = with pkgs; [ + "/run/wrappers" ] ++ (optionals cnf.hw [ - nvme-cli lm_sensors smartmontools + lm_sensors smartmontools nvme-cli ]); + security.sudo.extraRules = [ + { + users = ["telegraf"]; + commands = [{ + command = "${pkgs.smartmontools}/bin/smartctl"; + options = ["NOPASSWD"]; + }]; + } + ]; }) + (mkIf isHost { # InfluxDB services.influxdb2.enable = mkIf isHost true; + services.telegraf.extraConfig.inputs.prometheus = { + urls = ["http://localhost:8086/metrics"]; + }; # Grafana services.grafana = mkIf isHost { enable = true; @@ -84,9 +104,14 @@ in { admin_user = "cynerd"; admin_password = "$__file{/run/secrets/grafana.admin.pass}"; }; + server = { + http_addr = ""; + http_port = 3000; + }; }; }; - + networking.firewall.allowedTCPPorts = [8086 3000]; }) + ]; } diff --git a/tools/influxdb-monitoring.sh b/tools/influxdb-monitoring.sh index 6488d4f..f83f792 100755 --- a/tools/influxdb-monitoring.sh +++ b/tools/influxdb-monitoring.sh @@ -3,11 +3,15 @@ # telemetries. set -eu +if ! command -v influx jq pass; then + exec nix shell 'nixpkgs#influxdb2' 'nixpkgs#jq' 'nixpkgs#pass' -c "$0" "$@" +fi + cd "${0%/*}/.." influx_args=( # Warning: you might want to modify this when you move the InfluxDB host - "--host" "http://ridcully:8086" + "--host" "http://errol:8086" "--token" "$(pass 'nixos-secrets/influxdb/token/cynerd')" ) |