xin/monitoring/default.nix

88 lines
2.0 KiB
Nix
Raw Permalink Normal View History

2023-09-12 08:44:05 -06:00
{ config
, lib
, ...
2023-07-11 09:12:50 -06:00
}:
with lib; let
2023-04-07 21:47:00 -06:00
cfg = config.services.xin-monitoring;
2023-07-11 09:12:50 -06:00
inherit
(builtins)
readFile
concatStringsSep
attrValues
mapAttrs
replaceStrings
;
2023-03-29 08:01:58 -06:00
nginxCfg = config.services.nginx;
2023-09-12 08:44:05 -06:00
buildFSChecker = fsList: (concatStringsSep "\n" (attrValues (mapAttrs
(f: v:
if v.fsType != "sshfs"
then ''
check filesystem ${replaceStrings ["/"] ["_"] f} with path ${f}
if space usage > 90% then alert
if inode usage > 90% then alert
''
else "")
fsList)));
buildNginxChecker = vhostList: (concatStringsSep "\n" (attrValues (mapAttrs
(f: v: ''
check host ${f} with address ${f}
if failed port 80 protocol http then alert
${
2023-07-11 09:12:50 -06:00
if v.enableACME
then "if failed port 443 protocol https then alert"
else ""
}
'')
vhostList)));
nginxChecks =
if nginxCfg.enable
then
if config.networking.hostName == "h"
then (buildNginxChecker nginxCfg.virtualHosts)
else ""
else "";
2023-09-12 08:44:05 -06:00
in
{
2023-04-07 21:47:00 -06:00
options = {
services.xin-monitoring = {
enable = mkOption {
type = types.bool;
default = true;
description = "Enable Monitoring";
};
fs = mkOption {
type = types.bool;
default = true;
description = ''
Create monitoring entry points from `config.fileSystems`.
'';
};
nginx = mkOption {
type = types.bool;
default = false;
description = ''
Create monitoring entry points from `services.nginx.virtualHosts`.
'';
};
};
};
config = mkIf cfg.enable {
2023-03-29 08:01:58 -06:00
sops.secrets = {
monit_cfg = {
sopsFile = config.xin-secrets.deploy;
owner = "root";
mode = "400";
};
};
services.monit = {
enable = true;
2023-04-07 21:47:00 -06:00
config = concatStrings [
(readFile ./monitrc)
(optionalString cfg.fs (buildFSChecker config.fileSystems))
(optionalString cfg.nginx nginxChecks)
];
2023-03-29 08:01:58 -06:00
};
};
}