Compare commits

...

2 Commits

Author SHA1 Message Date
Daniel Olsen 1aa7dc9d1a [2] metrics: install systemd exporter 2024-09-02 23:10:00 +02:00
Daniel Olsen a7f6d8078b bekkalokk/idp: Disallow bots 2024-09-02 23:10:00 +02:00
4 changed files with 46 additions and 1 deletions

View File

@ -202,6 +202,12 @@ in
rewrite ^/simplesaml/(.*)$ /$1 redirect;
return 404;
'';
"/robots.txt" = {
root = pkgs.writeTextDir "robots.txt" ''
User-agent: *
Disallow: /
'';
};
};
};
};

View File

@ -6,6 +6,7 @@
# ./mysqld.nix
./node.nix
./postgres.nix
./systemd.nix
];
services.prometheus = {

View File

@ -0,0 +1,16 @@
{ config, ... }: let
cfg = config.services.prometheus;
in {
services.prometheus.scrapeConfigs = [{
job_name = "systemd";
static_configs = [
{
targets = [
"ildkule.pvv.ntnu.no:${toString cfg.exporters.node.port}"
"bicep.pvv.ntnu.no:9101"
"bekkalokk.pvv.ntnu.no:9101"
];
}
];
}];
}

View File

@ -20,7 +20,29 @@
};
networking.firewall.allowedTCPPorts = [ 9100 ];
services.prometheus.exporters.systemd = {
enable = true;
port = 9101;
extraFlags = [
"--systemd.collector.enable-restart-count"
"--systemd.collector.enable-ip-accounting"
];
};
systemd.services.prometheus-systemd-exporter.serviceConfig = {
IPAddressDeny = "any";
IPAddressAllow = [
"127.0.0.1"
"::1"
values.hosts.ildkule.ipv4
values.hosts.ildkule.ipv6
values.hosts.ildkule.ipv4_global
values.hosts.ildkule.ipv6_global
];
};
networking.firewall.allowedTCPPorts = [ 9100 9101 ];
services.promtail = {
enable = true;