diff --git a/roles/prometheus_cardano-node.nix b/roles/prometheus_cardano-node.nix index 0ca2ac1..a19dfec 100644 --- a/roles/prometheus_cardano-node.nix +++ b/roles/prometheus_cardano-node.nix @@ -11,16 +11,51 @@ services = { prometheus = { enable = true; + webExternalUrl = "https://monitoring.mcwhirter.io/prometheus/"; extraFlags = [ "--storage.tsdb.retention.time 8760h" ]; - alertmanagers = [ { - scheme = "http"; - path_prefix = "/"; - static_configs = [ { - targets = [ "airgead.mcwhirter.io:9093" ]; - } ]; - } ]; + exporters = { + node = { + enable = true; + openFirewall = true; + enabledCollectors = [ + "systemd" + "tcpstat" + "conntrack" + "diskstats" + "entropy" + "filefd" + "filesystem" + "loadavg" + "meminfo" + "netdev" + "netstat" + "stat" + "time" + "ntp" + "timex" + "vmstat" + "logind" + "interrupts" + "ksmd" + "processes" + ]; + }; + }; + #alertmanager = { + # enable = true; + # webExternalUrl = "https://monitoring.mcwhirter.io/alertmanager/"; + # configuration = [ + # ]; + #}; + #alertmanagers = [ { + # scheme = "http"; + # path_prefix = "/"; + # static_configs = [ { + # targets = [ "airgead.mcwhirter.io:9093" ]; + # } ]; + #} ]; rules = [ (builtins.toJSON { groups = [ { @@ -159,6 +194,7 @@ targets = [ "localhost:9090" ]; + labels = { alias = "prometheus"; }; } ]; } @@ -192,8 +228,8 @@ grafana = { enable = true; addr = "0.0.0.0"; - domain = "grafana.mcwhirter.io"; - rootUrl = "https://grafana.mcwhirter.io/"; + domain = "monitoring.mcwhirter.io"; + rootUrl = "https://monitoring.mcwhirter.io/grafana"; security = { adminPasswordFile = "/run/keys/grafana-apass"; # Where to find the password }; @@ -204,6 +240,13 @@ }; provision = { enable = true; + #dashboards = [ + # { + # name = "Node System Dashboard"; + # folder = "General"; + # options.path = ../monitoring/NodeSystemDashboard.json; + # } + #]; datasources = [ { type = "prometheus"; @@ -215,15 +258,25 @@ }; nginx = { - enable = true; # Enable Nginx + enable = true; # Enable Nginx recommendedGzipSettings = true; recommendedOptimisation = true; recommendedProxySettings = true; recommendedTlsSettings = true; - virtualHosts."grafana.mcwhirter.io" = { # Grafana hostname - enableACME = true; # Use ACME certs - forceSSL = true; # Force SSL - locations."/".proxyPass = "http://localhost:3000/"; # Proxy Grafana + virtualHosts."monitoring.mcwhirter.io" = { # Monitoring hostname + enableACME = true; # Use ACME certs + forceSSL = true; # Force SSL + locations = { + "/grafana/".proxyPass = "http://localhost:3000/"; # Proxy Grafana + "/prometheus/".extraConfig = '' + proxy_pass http://localhost:9090/prometheus/; + proxy_set_header Host $host; + proxy_set_header REMOTE_ADDR $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + ''; + #"/alertmanager/".proxyPass = "http://localhost:9093/"; # Proxy Alert Manager + }; }; }; @@ -234,7 +287,7 @@ security.acme = { acceptTerms = true; certs = { - "grafana.mcwhirter.io".email = "craige@mcwhirter.io"; + "monitoring.mcwhirter.io".email = "craige@mcwhirter.io"; }; };