diff --git a/morph/grid/local/grid.nix b/morph/grid/local/grid.nix
index da8a83812ceba910280bfc61210487b2f217113f..15fbb01061a664c1fbd2b03fe25be2fe1d14cbe0 100644
--- a/morph/grid/local/grid.nix
+++ b/morph/grid/local/grid.nix
@@ -121,7 +121,7 @@ let
grid.monitoringvpnIPv4 = "172.23.23.1";
grid.publicIPv4 = "192.168.56.24";
grid.monitoring = {
- inherit paymentExporterTargets blackboxExporterHttpsTargets;
+ inherit blackboxExporterHttpsTargets;
inherit (grid-config) monitoringDomains;
googleOAuthClientID = grid-config.monitoringGoogleOAuthClientID;
enableSlackAlert = false;
@@ -131,7 +131,6 @@ let
};
# TBD: derive these automatically:
- paymentExporterTargets = [ "payments" ];
blackboxExporterHttpsTargets = [
# "https://private.storage/"
# "https://payments.private.storage/"
diff --git a/morph/grid/production/grid.nix b/morph/grid/production/grid.nix
index ab45d4ba7f67e71383d28120bd925ac3a05f04ef..3a309dc8a0a3fe480def44e178769e390f5c6dd9 100644
--- a/morph/grid/production/grid.nix
+++ b/morph/grid/production/grid.nix
@@ -53,7 +53,7 @@ let
config = {
grid.monitoringvpnIPv4 = "172.23.23.1";
grid.monitoring = {
- inherit paymentExporterTargets blackboxExporterHttpsTargets;
+ inherit blackboxExporterHttpsTargets;
inherit (grid-config) monitoringDomains;
googleOAuthClientID = grid-config.monitoringGoogleOAuthClientID;
enableSlackAlert = true;
@@ -114,7 +114,6 @@ let
storage005 = { vpnIP = "172.23.23.25"; stateVersion = "19.03"; };
};
- paymentExporterTargets = [ "payments" ];
blackboxExporterHttpsTargets = [
"https://private.storage/"
"https://www.private.storage/"
diff --git a/morph/grid/testing/grid.nix b/morph/grid/testing/grid.nix
index 19839ae83fa16c31adf0fcd9e3727a8304f8dd6c..01ba9f02fe06c272a5e2ed310d96b6c80eac8f5d 100644
--- a/morph/grid/testing/grid.nix
+++ b/morph/grid/testing/grid.nix
@@ -69,7 +69,7 @@ let
config = {
grid.monitoringvpnIPv4 = "172.23.23.1";
grid.monitoring = {
- inherit paymentExporterTargets blackboxExporterHttpsTargets;
+ inherit blackboxExporterHttpsTargets;
inherit (grid-config) monitoringDomains;
googleOAuthClientID = grid-config.monitoringGoogleOAuthClientID;
enableSlackAlert = true;
@@ -79,7 +79,6 @@ let
};
# TBD: derive these automatically:
- paymentExporterTargets = [ "payments" ];
blackboxExporterHttpsTargets = [
"https://privatestorage-staging.com/"
"https://www.privatestorage-staging.com/"
diff --git a/morph/lib/issuer.nix b/morph/lib/issuer.nix
index 1f715171625d75175d9c962160e4773d9c6765d2..428a23bfda05e2f100df0d6afea40592de8c4cbf 100644
--- a/morph/lib/issuer.nix
+++ b/morph/lib/issuer.nix
@@ -48,6 +48,7 @@ in {
};
};
};
+ grid.monitoring.httpsScrapePorts = [ 443 ];
services.private-storage-issuer = {
enable = true;
tls = true;
diff --git a/morph/lib/monitored-node.nix b/morph/lib/monitored-node.nix
index b4e1f47ea1cf192f9470e6ffc2316cfcf8ec8b0a..8739dced771de09ca98662582a9be9380b699457 100644
--- a/morph/lib/monitored-node.nix
+++ b/morph/lib/monitored-node.nix
@@ -2,6 +2,12 @@
let
inherit (config.grid) publicKeyPath privateKeyPath monitoringvpnEndpoint monitoringvpnIPv4;
in {
+ options.grid.monitoring = {
+ httpsScrapePorts = lib.mkOption {
+ default = [];
+ # TODO
+ };
+ };
config = {
deployment = {
secrets = {
diff --git a/morph/lib/monitoring.nix b/morph/lib/monitoring.nix
index 7115efbaa71606ecc5bc03bf22ccfc568c564448..3c98a80ad1afc52287c7a5f4971aea80d2708357 100644
--- a/morph/lib/monitoring.nix
+++ b/morph/lib/monitoring.nix
@@ -10,6 +10,7 @@ let
inherit name;
vpnIPv4 = node.config.grid.monitoringvpnIPv4;
vpnHostName = "${name}.monitoringvpn";
+ httpsScrapeTargets = map (port: "${vpnHostName}:${toString port}") node.config.grid.monitoring.httpsScrapePorts or [];
hostNames = [name vpnHostName];
}) nodes;
@@ -25,6 +26,7 @@ let
# A list of VPN clients (IP addresses or hostnames) as strings indicating
# which nodes to scrape "nodeExporter" metrics from.
nodeExporterTargets = map (node: node.name) monitoringHosts;
+ httpsExporterTargets = lib.concatMap (node: node.httpsScrapeTargets) monitoringHosts;
in {
imports = [
../../nixos/modules/monitoring/vpn/server.nix
@@ -36,14 +38,6 @@ in {
];
options.grid.monitoring = {
- paymentExporterTargets = lib.mkOption {
- type = lib.types.listOf lib.types.str;
- description = ''
- A list of VPN clients (IP addresses or hostnames) as strings indicating
- which nodes to scrape PaymentServer metrics from.
- '';
- };
-
blackboxExporterHttpsTargets = lib.mkOption {
type = lib.types.listOf lib.types.str;
description = ''
@@ -151,9 +145,8 @@ in {
};
services.private-storage.monitoring.prometheus = {
- inherit nodeExporterTargets;
- inherit (cfg) paymentExporterTargets blackboxExporterHttpsTargets;
- nginxExporterTargets = [];
+ inherit nodeExporterTargets httpsExporterTargets;
+ inherit (cfg) blackboxExporterHttpsTargets;
};
services.private-storage.monitoring.grafana = {
diff --git a/nixos/modules/monitoring/server/prometheus.nix b/nixos/modules/monitoring/server/prometheus.nix
index 3bb00a5b95855859e455b5df8fb065b3d70bc855..799a12ccc0d3177c31aa42f112b1b084b3467828 100644
--- a/nixos/modules/monitoring/server/prometheus.nix
+++ b/nixos/modules/monitoring/server/prometheus.nix
@@ -21,15 +21,10 @@ in {
example = [ "node1" "node2" ];
description = "List of nodes (hostnames or IPs) to scrape.";
};
- nginxExporterTargets = lib.mkOption {
+ httpsExporterTargets = lib.mkOption {
type = with lib.types; listOf str;
- example = [ "node1" "node2" ];
- description = "List of nodes (hostnames or IPs) to scrape.";
- };
- paymentExporterTargets = lib.mkOption {
- type = with lib.types; listOf str;
- example = [ "node1" "node2" ];
- description = "List of nodes (hostnames or IPs) to scrape.";
+ example = [ "node1:443" "node2:9090" ];
+ description = "List of nodes (hostnames or IPs) and ports to scrape.";
};
blackboxExporterHttpsTargets = lib.mkOption {
type = with lib.types; listOf str;
@@ -53,20 +48,13 @@ in {
relabel_configs = [ dropPortNumber ];
}
{
- job_name = "nginx-exporters";
- static_configs = [{
- targets = map (x: x + ":" + (toString exportersCfg.nginx.port)) cfg.nginxExporterTargets;
- }];
- relabel_configs = [ dropPortNumber ];
- }
- {
- job_name = "payment-exporters";
+ job_name = "https-exporters";
scheme = "https";
tls_config.insecure_skip_verify = true;
static_configs = [{
# Explicitly setting the port number so the relabel_config can filter it out again.
# Leaving it out makes the port number show in Grafana.
- targets = map (x: x + ":443") cfg.paymentExporterTargets;
+ targets = cfg.httpsExporterTargets;
}];
relabel_configs = [ dropPortNumber ];
}