diff --git a/hosts/bekkalokk/services/idp-simplesamlphp/default.nix b/hosts/bekkalokk/services/idp-simplesamlphp/default.nix index 4577265..ca79f8a 100644 --- a/hosts/bekkalokk/services/idp-simplesamlphp/default.nix +++ b/hosts/bekkalokk/services/idp-simplesamlphp/default.nix @@ -203,10 +203,10 @@ in return 404; ''; "/robots.txt" = { - alias = pkgs.writeTextDir "robots.txt" '' + alias = (pkgs.writeTextDir "robots.txt" '' User-agent: * Disallow: / - ''; + '') + "/"; }; }; }; diff --git a/hosts/ildkule/services/monitoring/prometheus/default.nix b/hosts/ildkule/services/monitoring/prometheus/default.nix index b991fda..6f3f95e 100644 --- a/hosts/ildkule/services/monitoring/prometheus/default.nix +++ b/hosts/ildkule/services/monitoring/prometheus/default.nix @@ -6,6 +6,7 @@ # ./mysqld.nix ./node.nix ./postgres.nix + ./systemd.nix ]; services.prometheus = { diff --git a/hosts/ildkule/services/monitoring/prometheus/systemd.nix b/hosts/ildkule/services/monitoring/prometheus/systemd.nix new file mode 100644 index 0000000..3a2cf98 --- /dev/null +++ b/hosts/ildkule/services/monitoring/prometheus/systemd.nix @@ -0,0 +1,16 @@ +{ config, ... }: let + cfg = config.services.prometheus; +in { + services.prometheus.scrapeConfigs = [{ + job_name = "systemd"; + static_configs = [ + { + targets = [ + "ildkule.pvv.ntnu.no:${toString cfg.exporters.node.port}" + "bicep.pvv.ntnu.no:9101" + "bekkalokk.pvv.ntnu.no:9101" + ]; + } + ]; + }]; +} diff --git a/misc/metrics-exporters.nix b/misc/metrics-exporters.nix index 9f32a28..4ee67e8 100644 --- a/misc/metrics-exporters.nix +++ b/misc/metrics-exporters.nix @@ -20,7 +20,29 @@ }; - networking.firewall.allowedTCPPorts = [ 9100 ]; + services.prometheus.exporters.systemd = { + enable = true; + port = 9101; + extraFlags = [ + "--systemd.collector.enable-restart-count" + "--systemd.collector.enable-ip-accounting" + ]; + }; + + systemd.services.prometheus-systemd-exporter.serviceConfig = { + IPAddressDeny = "any"; + IPAddressAllow = [ + "127.0.0.1" + "::1" + values.hosts.ildkule.ipv4 + values.hosts.ildkule.ipv6 + values.hosts.ildkule.ipv4_global + values.hosts.ildkule.ipv6_global + ]; + }; + + + networking.firewall.allowedTCPPorts = [ 9100 9101 ]; services.promtail = { enable = true;