diff --git a/nixos/hosts/kanako-hkg0/default.nix b/nixos/hosts/kanako-hkg0/default.nix index 04879f9..53d997c 100644 --- a/nixos/hosts/kanako-hkg0/default.nix +++ b/nixos/hosts/kanako-hkg0/default.nix @@ -10,6 +10,7 @@ ++ (with profiles; [ services.caddy services.prometheus.node-exporter + services.prometheus.ping-exporter ]) ++ (mylib.path.scanPaths ./. "default.nix"); diff --git a/nixos/hosts/reisen-fra0/default.nix b/nixos/hosts/reisen-fra0/default.nix index b46e0d9..38ef1eb 100644 --- a/nixos/hosts/reisen-fra0/default.nix +++ b/nixos/hosts/reisen-fra0/default.nix @@ -10,6 +10,7 @@ ++ (with profiles; [ services.caddy services.prometheus.node-exporter + services.prometheus.ping-exporter ]) ++ (mylib.path.scanPaths ./. "default.nix"); diff --git a/nixos/hosts/reisen-nrt0/default.nix b/nixos/hosts/reisen-nrt0/default.nix index 9138c95..4713ece 100644 --- a/nixos/hosts/reisen-nrt0/default.nix +++ b/nixos/hosts/reisen-nrt0/default.nix @@ -12,6 +12,7 @@ services.knot.secondary services.ntfy services.prometheus.node-exporter + services.prometheus.ping-exporter services.prometheus.server ]) ++ (mylib.path.scanPaths ./. "default.nix"); diff --git a/nixos/hosts/reisen-sea0/default.nix b/nixos/hosts/reisen-sea0/default.nix index c3368f3..1346a53 100644 --- a/nixos/hosts/reisen-sea0/default.nix +++ b/nixos/hosts/reisen-sea0/default.nix @@ -11,6 +11,7 @@ services.caddy services.knot.primary services.prometheus.node-exporter + services.prometheus.ping-exporter ]) ++ (mylib.path.scanPaths ./. "default.nix"); diff --git a/nixos/hosts/reisen-sin0/default.nix b/nixos/hosts/reisen-sin0/default.nix index 6b5ffaf..2be304e 100644 --- a/nixos/hosts/reisen-sin0/default.nix +++ b/nixos/hosts/reisen-sin0/default.nix @@ -11,6 +11,7 @@ services.caddy services.knot.secondary services.prometheus.node-exporter + services.prometheus.ping-exporter ]) ++ (mylib.path.scanPaths ./. "default.nix"); diff --git a/nixos/hosts/suwako-vie0/default.nix b/nixos/hosts/suwako-vie0/default.nix index e44ed02..eede95a 100644 --- a/nixos/hosts/suwako-vie0/default.nix +++ b/nixos/hosts/suwako-vie0/default.nix @@ -20,6 +20,7 @@ services.miniflux services.postgresql services.prometheus.node-exporter + services.prometheus.ping-exporter services.well-known ]) ++ (mylib.path.scanPaths ./. "default.nix"); diff --git a/nixos/modules/networking/ports.nix b/nixos/modules/networking/ports.nix index fa82526..f825dcf 100644 --- a/nixos/modules/networking/ports.nix +++ b/nixos/modules/networking/ports.nix @@ -34,6 +34,7 @@ in prometheus-alertmanager = 4061; prometheus-node-exporter = 4070; prometheus-blackbox-exporter = 4071; + prometheus-ping-exporter = 4072; # public ports enthalpy-wireguard-reimu-aston = 13101; diff --git a/nixos/profiles/services/prometheus/ping-exporter.nix b/nixos/profiles/services/prometheus/ping-exporter.nix new file mode 100644 index 0000000..43f5217 --- /dev/null +++ b/nixos/profiles/services/prometheus/ping-exporter.nix @@ -0,0 +1,46 @@ +{ + config, + lib, + ... +}: +let + common = import ../../../../zones/common.nix; + enthalpyHosts = lib.filterAttrs (_name: value: value.enthalpy_node_address != null) common.hosts; + targets = lib.mapAttrsToList (name: _value: "${name}.enta.rebmit.link") enthalpyHosts; +in +{ + services.prometheus.exporters.ping = { + enable = true; + listenAddress = "127.0.0.1"; + port = config.networking.ports.prometheus-ping-exporter; + telemetryPath = "/ping"; + settings = { + inherit targets; + }; + }; + + systemd.services.prometheus-ping-exporter = { + inherit (config.networking.netns.enthalpy) serviceConfig; + after = [ "netns-enthalpy.service" ]; + partOf = [ "netns-enthalpy.service" ]; + wantedBy = [ "netns-enthalpy.service" ]; + }; + + networking.netns.default.forwardPorts = lib.singleton { + protocol = "tcp"; + netns = "enthalpy"; + source = "127.0.0.1:${toString config.networking.ports.prometheus-ping-exporter}"; + target = "127.0.0.1:${toString config.networking.ports.prometheus-ping-exporter}"; + }; + + services.caddy.virtualHosts."${config.networking.fqdn}" = { + extraConfig = with config.services.prometheus.exporters.ping; '' + route /ping { + basic_auth { + prometheus {$PROM_PASSWD} + } + reverse_proxy ${listenAddress}:${toString port} + } + ''; + }; +} diff --git a/nixos/profiles/services/prometheus/server.nix b/nixos/profiles/services/prometheus/server.nix index 1f09b1f..858edbe 100644 --- a/nixos/profiles/services/prometheus/server.nix +++ b/nixos/profiles/services/prometheus/server.nix @@ -74,6 +74,16 @@ in }; static_configs = [ { inherit targets; } ]; } + { + job_name = "ping"; + scheme = "https"; + metrics_path = "/ping"; + basic_auth = { + username = "prometheus"; + password_file = config.sops.secrets."prometheus/password".path; + }; + static_configs = [ { inherit targets; } ]; + } { job_name = "dns"; scheme = "http";