SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 15:11:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

alloy: Enable endpoints conditionally based on requirements

Browse source
This commit is contained in:
SebastianStork 2025-09-21 18:36:23 +02:00
parent 9bc7a2e737
commit 3f85a77fc9
4 changed files with 75 additions and 61 deletions
Download patch file Download diff file Expand all files Collapse all files

6
hosts/srv-monitor/default.nix
View file

@ -79,9 +79,9 @@
alloy = { alloy = {
enable = true; enable = true;
domain = "alloy-${config.networking.hostName}.${tailscaleDomain}"; domain = "alloy-${config.networking.hostName}.${tailscaleDomain}";
collect = { collect.metrics = {
hostMetrics = true; system = true;
victorialogsMetrics = true; victorialogs = true;
}; };
}; };

2
hosts/srv-private/default.nix
View file

@ -56,7 +56,7 @@
alloy = { alloy = {
enable = true; enable = true;
domain = "alloy-${config.networking.hostName}.${tailscaleDomain}"; domain = "alloy-${config.networking.hostName}.${tailscaleDomain}";
collect.hostMetrics = true; collect.metrics.system = true;
}; };
caddy.virtualHosts = caddy.virtualHosts =

4
hosts/srv-public/default.nix
View file

@ -78,8 +78,8 @@
enable = true; enable = true;
domain = "alloy-${config.networking.hostName}.${config.custom.services.tailscale.domain}"; domain = "alloy-${config.networking.hostName}.${config.custom.services.tailscale.domain}";
collect = { collect = {
hostMetrics = true; metrics.system = true;
sshdLogs = true; logs.sshd = true;
}; };
}; };

124
modules/system/services/alloy.nix
View file

@ -22,20 +22,22 @@ in
default = "https://logs.${config.custom.services.tailscale.domain}/insert/loki/api/v1/push"; default = "https://logs.${config.custom.services.tailscale.domain}/insert/loki/api/v1/push";
}; };
collect = { collect = {
hostMetrics = lib.mkEnableOption ""; metrics = {
victorialogsMetrics = lib.mkEnableOption ""; system = lib.mkEnableOption "";
sshdLogs = lib.mkEnableOption ""; victorialogs = lib.mkEnableOption "";
};
logs.sshd = lib.mkEnableOption "";
}; };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
assertions = [ assertions = [
{ {
assertion = cfg.collect.victorialogsMetrics -> config.services.victorialogs.enable; assertion = cfg.collect.metrics.victorialogs -> config.services.victorialogs.enable;
message = "Collecting VictoriaLogs metrics requires the VictoriaLogs service to be enabled."; message = "Collecting VictoriaLogs metrics requires the VictoriaLogs service to be enabled.";
} }
{ {
assertion = cfg.collect.sshdLogs -> config.services.openssh.enable; assertion = cfg.collect.logs.sshd -> config.services.openssh.enable;
message = "Collecting OpenSSH logs requires the OpenSSH service to be enabled."; message = "Collecting OpenSSH logs requires the OpenSSH service to be enabled.";
} }
]; ];
@ -53,57 +55,69 @@ in
]; ];
}; };
environment.etc = { environment.etc =
"alloy/endpoints.alloy".text = '' let
prometheus.remote_write "default" { isTrue = x: x;
endpoint { anyIsTrue = attrs: attrs |> lib.attrValues |> lib.any isTrue;
url = "${cfg.metricsEndpoint}" in
} {
} "alloy/metrics-endpoint.alloy" = {
enable = cfg.collect.metrics |> anyIsTrue;
text = ''
prometheus.remote_write "default" {
endpoint {
url = "${cfg.metricsEndpoint}"
}
}
'';
};
"alloy/logs-endpoint.alloy" = {
enable = cfg.collect.logs |> anyIsTrue;
text = ''
loki.write "default" {
endpoint {
url = "${cfg.logsEndpoint}"
}
}
'';
};
"alloy/system-metrics.alloy" = {
enable = cfg.collect.metrics.system;
text = ''
prometheus.exporter.unix "default" {
enable_collectors = ["systemd"]
}
loki.write "default" { prometheus.scrape "node_exporter" {
endpoint { targets = prometheus.exporter.unix.default.targets
url = "${cfg.logsEndpoint}" forward_to = [prometheus.remote_write.default.receiver]
} scrape_interval = "15s"
} }
''; '';
};
"alloy/host-metrics.alloy" = lib.mkIf cfg.collect.hostMetrics { "alloy/victorialogs-metrics.alloy" = {
text = '' enable = cfg.collect.metrics.victorialogs;
prometheus.exporter.unix "default" { text = ''
enable_collectors = ["systemd"] prometheus.scrape "victorialogs" {
} targets = [{
__address__ = "localhost:${builtins.toString config.custom.services.victorialogs.port}",
prometheus.scrape "node_exporter" { job = "victorialogs",
targets = prometheus.exporter.unix.default.targets instance = constants.hostname,
forward_to = [prometheus.remote_write.default.receiver] }]
scrape_interval = "15s" forward_to = [prometheus.remote_write.default.receiver]
} scrape_interval = "15s"
''; }
'';
};
"alloy/sshd-logs.alloy" = {
enable = cfg.collect.logs.sshd;
text = ''
loki.source.journal "sshd" {
matches = "_SYSTEMD_UNIT=sshd.service"
forward_to = [loki.write.default.receiver]
}
'';
};
}; };
"alloy/victorialogs-metrics.alloy" = lib.mkIf cfg.collect.victorialogsMetrics {
text = ''
prometheus.scrape "victorialogs" {
targets = [{
__address__ = "localhost:${builtins.toString config.custom.services.victorialogs.port}",
job = "victorialogs",
instance = constants.hostname,
}]
forward_to = [prometheus.remote_write.default.receiver]
scrape_interval = "15s"
}
'';
};
"alloy/sshd-logs.alloy" = lib.mkIf cfg.collect.sshdLogs {
text = ''
loki.source.journal "sshd" {
matches = "_SYSTEMD_UNIT=sshd.service"
forward_to = [loki.write.default.receiver]
}
'';
};
};
}; };
} }