monitoring: add nginx builder for monitoring, use it on h

This commit is contained in:
Aaron Bieber 2023-03-29 10:54:41 -06:00
parent ce30d73cb0
commit b47453122c
No known key found for this signature in database

View File

@ -3,6 +3,34 @@ let
inherit (builtins)
readFile concatStringsSep attrValues mapAttrs replaceStrings;
nginxCfg = config.services.nginx;
buildFSChecker = fsList:
(concatStringsSep "\n" (attrValues (mapAttrs (f: _: ''
check filesystem ${replaceStrings [ "/" ] [ "_" ] f} with path ${f}
if space usage > 90% then alert
if inode usage > 90% then alert
'') fsList)));
buildNginxChecker = vhostList:
(concatStringsSep "\n" (attrValues (mapAttrs (f: v: ''
check host ${f} with address ${f}
if failed port 80 protocol http then alert
${
if v.enableACME then
"if failed port 443 protocol https then alert"
else
""
}
'') vhostList)));
nginxChecks = if nginxCfg.enable then
if config.networking.hostName == "h" then
(buildNginxChecker nginxCfg.virtualHosts)
else
""
else
"";
in {
config = {
sops.secrets = {
@ -14,12 +42,8 @@ in {
};
services.monit = {
enable = true;
config = readFile ./monitrc + (concatStringsSep "\n" (attrValues (mapAttrs
(f: _: ''
check filesystem ${replaceStrings [ "/" ] [ "_" ] f} with path ${f}
if space usage > 90% then alert
if inode usage > 90% then alert
'') config.fileSystems)));
config = readFile ./monitrc + (buildFSChecker config.fileSystems)
+ nginxChecks;
};
};
}