feat(modules/dgn-monitoring): Replace dgn-node-monitoring

machines/nixos/storage01/prometheus.nix

@@ -17,9 +17,9 @@ let
     lib.mapAttrsToList (
       node:
       { config, ... }:
-      lib.optional config.dgn-node-monitoring.enable {
+      lib.optional config.dgn-monitoring.exporters.enable {
         targets = map (p: "${node}.dgnum:${builtins.toString p}") (
-          builtins.attrValues config.dgn-node-monitoring.ports
+          builtins.attrValues config.dgn-monitoring.exporters.ports
         );
         labels = {
           host = node;

machines/nixos/web02/_configuration.nix

@@ -21,7 +21,7 @@ lib.extra.mkConfig {
     dgn-access-control.users.root = [ "thubrecht" ];
 
     # Disable monitoring
-    dgn-node-monitoring.enable = false;
+    dgn-monitoring.enable = false;
 
     # Enable Postgres databases
     services.postgresql = {

modules/nixos/default.nix

@@ -26,7 +26,6 @@
       "dgn-monitoring"
       "dgn-netbox-agent"
       "dgn-network"
-      "dgn-node-monitoring"
       "dgn-notify"
       "dgn-records"
       "dgn-redirections"

modules/nixos/dgn-monitoring/default.nix

@@ -1,3 +1,7 @@
+# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
 {
   config,
   lib,
@@ -8,60 +12,70 @@
 }:
 
 let
-  inherit (lib) filterAttrs mapAttrsToList optional;
+  inherit (lib)
+    filterAttrs
+    mapAttrsToList
+    mkEnableOption
+    mkIf
+    ;
+
+  cfg = config.dgn-monitoring;
 in
 
 {
-  services.vmagent = {
+  imports = [ ./exporters.nix ];
-    enable = true;
 
-    flags = {
+  options.dgn-monitoring = {
-      "remoteWrite.url" = "http://${meta.network.storage01.netbirdIp}:8428/api/v1/write";
+    enable = mkEnableOption "the DGNum monitoring system" // {
-      "remoteWrite.label" = "node=${name}";
+      default = true;
+    };
+  };
+
+  config = mkIf cfg.enable {
+    services.vmagent = {
+      enable = true;
+
+      flags = {
+        "remoteWrite.url" = "http://${meta.network.storage01.netbirdIp}:8428/api/v1/write";
+        "remoteWrite.label" = "node=${name}";
+      };
+
+      prometheusConfig = {
+        scrape_configs =
+          mapAttrsToList
+            (job_name: cfg: {
+              inherit job_name;
+              static_configs = [ { targets = [ "127.0.0.1:${builtins.toString cfg.port}" ]; } ];
+            })
+            (
+              filterAttrs (
+                name: cfg:
+                !(builtins.elem name [
+                  "assertions"
+                  "warnings"
+                  "blackbox"
+                  "unifi-poller"
+                  "domain"
+                  "minio"
+                  "idrac"
+                  "pve"
+                  "tor"
+                ])
+                && cfg.enable
+              ) config.services.prometheus.exporters
+            );
+        global = {
+          scrape_interval = "15s";
+          external_labels.hostname = "${name}.${nodeMeta.site}.infra.dgnum.eu";
+        };
+      };
     };
 
-    prometheusConfig = {
+    services.journald.upload = {
-      scrape_configs =
+      enable = true;
-        mapAttrsToList
+      settings = {
-          (job_name: cfg: {
+        Upload.URL = "http://${meta.network.storage01.netbirdIp}:9428/insert/journald";
-            inherit job_name;
-            static_configs = [ { targets = [ "127.0.0.1:${builtins.toString cfg.port}" ]; } ];
-          })
-          (
-            filterAttrs (
-              name: cfg:
-              !(builtins.elem name [
-                "assertions"
-                "warnings"
-                "blackbox"
-                "unifi-poller"
-                "domain"
-                "minio"
-                "idrac"
-                "pve"
-                "tor"
-              ])
-              && cfg.enable
-            ) config.services.prometheus.exporters
-          );
-      global = {
-        scrape_interval = "15s";
-        external_labels.hostname = "${name}.${nodeMeta.site}.infra.dgnum.eu";
       };
     };
   };
-
-  # services.prometheus.exporters = {
-  #   node = {
-  #     enable = true;
-  #     enabledCollectors = [ "systemd" ] ++ (optional config.boot.zfs.enabled "zfs");
-  #   };
-  # };
-
-  services.journald.upload = {
-    enable = true;
-    settings = {
-      Upload.URL = "http://${meta.network.storage01.netbirdIp}:9428/insert/journald";
-    };
-  };
 }

modules/nixos/dgn-monitoring/exporters.nix

@@ -0,0 +1,84 @@
+# SPDX-FileCopyrightText: 2024 Maurice Debray <maurice.debray@dgnum.eu>
+# SPDX-FileCopyrightText: 2024 Ryan Lahfa <ryan.lahfa@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+{
+  pkgs,
+  sources,
+  config,
+  lib,
+  ...
+}:
+let
+  inherit (lib)
+    optional
+    mapAttrs
+    mapAttrs'
+    mkDefault
+    mkIf
+    mkOption
+    nameValuePair
+    recursiveUpdate
+    ;
+
+  inherit (lib.types) attrsOf bool port;
+
+  cfg = config.dgn-monitoring.exporters;
+in
+
+{
+  options.dgn-monitoring.exporters = {
+    enable = mkOption {
+      type = bool;
+      default = config.dgn-monitoring.enable;
+      description = ''
+        Whether to enable standard exporters for the dgnum monitoring system.
+      '';
+    };
+
+    ports = mkOption {
+      type = attrsOf port;
+      description = ''
+        Ports to listen on for each exporter.
+      '';
+    };
+  };
+
+  imports = [ "${sources.cgroup-exporter}/nix/module.nix" ];
+
+  config = mkIf cfg.enable {
+    dgn-monitoring.exporters.ports = mapAttrs (_: mkDefault) {
+      node = 9002;
+      cgroup = 9003;
+    };
+
+    services.prometheus = {
+      exporters =
+        recursiveUpdate
+          {
+            node = {
+              enable = true;
+              enabledCollectors = [
+                "processes"
+                "systemd"
+              ] ++ (optional config.boot.zfs.enabled "zfs");
+            };
+
+            cgroup = {
+              enable = true;
+              package = pkgs.callPackage "${sources.cgroup-exporter}/nix/package.nix" { };
+            };
+          }
+          (
+            mapAttrs (_: port: {
+              inherit port;
+              # NOTE: We always listen on localhost, as the agent runs on the same machine
+              listenAddress = "127.0.0.1";
+            }) cfg.ports
+          );
+    };
+
+    dgn-web.internalPorts = mapAttrs' (name: nameValuePair "${name}-exporter") cfg.ports;
+  };
+}

modules/nixos/dgn-node-monitoring.nix

@@ -1,68 +0,0 @@
-# SPDX-FileCopyrightText: 2024 Maurice Debray <maurice.debray@dgnum.eu>
-# SPDX-FileCopyrightText: 2024 Ryan Lahfa <ryan.lahfa@dgnum.eu>
-#
-# SPDX-License-Identifier: EUPL-1.2
-
-{
-  pkgs,
-  sources,
-  config,
-  lib,
-  ...
-}:
-let
-  inherit (lib)
-    mkEnableOption
-    mkIf
-    mkOption
-
-    types
-    ;
-  cfg = config.dgn-node-monitoring;
-in
-
-{
-  options.dgn-node-monitoring = {
-    enable = mkEnableOption "DGNum nodes monitoring (needs a valid netbird tunnel)" // {
-      default = true;
-    };
-
-    ports = mkOption {
-      type = types.attrsOf types.port;
-      default = {
-        node = 9002;
-        cgroup = 9003;
-      };
-      description = ''
-        Ports to listen on for each exporter.
-      '';
-    };
-  };
-
-  imports = [
-    "${sources.cgroup-exporter}/nix/module.nix"
-  ];
-
-  config = mkIf cfg.enable {
-    services.prometheus = {
-      exporters = {
-        node = {
-          enable = true;
-          enabledCollectors = [
-            "processes"
-            "systemd"
-          ];
-          port = cfg.ports.node;
-          listenAddress = "0.0.0.0";
-        };
-        cgroup = {
-          enable = true;
-          package = pkgs.callPackage "${sources.cgroup-exporter}/nix/package.nix" { };
-          listenAddress = "0.0.0.0";
-          port = cfg.ports.cgroup;
-        };
-      };
-    };
-    networking.firewall.interfaces.wt0.allowedTCPPorts = builtins.attrValues cfg.ports;
-  };
-}