aboutsummaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2020-12-27 15:36:09 +0100
committerIsmaël Bouya <ismael.bouya@normalesup.org>2020-12-27 15:36:09 +0100
commit6ee7783682e977f3ceebfb5a8ee8ddd1db3f7cc6 (patch)
tree783f1331c900aa63575e1f1589b0659d75d928dd /modules
parenta0d2610c6d727095a43672f6285d907db9b9e2ff (diff)
downloadNix-6ee7783682e977f3ceebfb5a8ee8ddd1db3f7cc6.tar.gz
Nix-6ee7783682e977f3ceebfb5a8ee8ddd1db3f7cc6.tar.zst
Nix-6ee7783682e977f3ceebfb5a8ee8ddd1db3f7cc6.zip
Add monitoring for dilion and quatresaisons
Diffstat (limited to 'modules')
-rw-r--r--modules/private/monitoring/default.nix20
-rw-r--r--modules/private/monitoring/objects_common.nix1
-rw-r--r--modules/private/monitoring/objects_dilion.nix22
-rw-r--r--modules/private/monitoring/objects_eldiron.nix6
-rw-r--r--modules/private/monitoring/objects_monitoring-1.nix18
-rw-r--r--modules/private/monitoring/objects_quatresaisons.nix16
-rw-r--r--modules/private/system/dilion.nix3
-rw-r--r--modules/private/system/quatresaisons.nix1
8 files changed, 77 insertions, 10 deletions
diff --git a/modules/private/monitoring/default.nix b/modules/private/monitoring/default.nix
index 344e369..a298f92 100644
--- a/modules/private/monitoring/default.nix
+++ b/modules/private/monitoring/default.nix
@@ -16,13 +16,21 @@ let
16 else if config.myServices.databases.enable 16 else if config.myServices.databases.enable
17 then config.myServices.databases.postgresql.package 17 then config.myServices.databases.postgresql.package
18 else pkgs.postgresql; 18 else pkgs.postgresql;
19 zfsPlugin = pkgs.fetchurl {
20 url = "https://www.claudiokuenzler.com/monitoring-plugins/check_zpools.sh";
21 sha256 = "0p9ms9340in80jkds4kfspw62xnzsv5s7ni9m28kxyd0bnzkbzhf";
22 };
19 myplugins = pkgs.runCommand "buildplugins" { 23 myplugins = pkgs.runCommand "buildplugins" {
20 buildInputs = [ pkgs.makeWrapper pkgs.perl ]; 24 buildInputs = [ pkgs.makeWrapper pkgs.perl ];
21 } '' 25 } ''
22 mkdir $out 26 mkdir $out
27 cp ${zfsPlugin} $out/check_zpool.sh && chmod +x $out/check_zpool.sh
23 cp ${./plugins}/* $out/ 28 cp ${./plugins}/* $out/
24 patchShebangs $out 29 patchShebangs $out
25 wrapProgram $out/check_command --prefix PATH : ${config.security.wrapperDir} 30 wrapProgram $out/check_command --prefix PATH : ${config.security.wrapperDir}
31 wrapProgram $out/check_zpool.sh --prefix PATH : ${lib.makeBinPath [
32 pkgs.which pkgs.zfs pkgs.gawk
33 ]}
26 wrapProgram $out/send_nrdp.sh --prefix PATH : ${lib.makeBinPath [ 34 wrapProgram $out/send_nrdp.sh --prefix PATH : ${lib.makeBinPath [
27 pkgs.curl pkgs.jq 35 pkgs.curl pkgs.jq
28 ]} 36 ]}
@@ -79,6 +87,11 @@ let
79 ''; 87 '';
80 toObjects = pkgs.callPackage ./to_objects.nix {}; 88 toObjects = pkgs.callPackage ./to_objects.nix {};
81 commonConfig = { 89 commonConfig = {
90 dilion = {
91 processWarn = "250"; processAlert = "400";
92 loadWarn = "8.0"; loadAlert = "10.0";
93 interface = "eth0";
94 };
82 eldiron = { 95 eldiron = {
83 processWarn = "250"; processAlert = "400"; 96 processWarn = "250"; processAlert = "400";
84 loadWarn = "8.0"; loadAlert = "10.0"; 97 loadWarn = "8.0"; loadAlert = "10.0";
@@ -95,11 +108,16 @@ let
95 load15Warn = "1.0"; load15Alert = "2.0"; 108 load15Warn = "1.0"; load15Alert = "2.0";
96 interface = "ens3"; 109 interface = "ens3";
97 }; 110 };
111 quatresaisons = {
112 processWarn = "250"; processAlert = "400";
113 loadWarn = "8.0"; loadAlert = "10.0";
114 interface = "eth0";
115 };
98 }; 116 };
99 externalObjects = lib.genAttrs [ "tiboqorl-fr" ] 117 externalObjects = lib.genAttrs [ "tiboqorl-fr" ]
100 (n: pkgs.callPackage (./. + "/objects_" + n + ".nix") { inherit emailCheck; }); 118 (n: pkgs.callPackage (./. + "/objects_" + n + ".nix") { inherit emailCheck; });
101 masterPassiveObjects = let 119 masterPassiveObjects = let
102 passiveNodes = lib.attrsets.filterAttrs (n: _: builtins.elem n ["backup-2" "eldiron"]) nodes; 120 passiveNodes = lib.attrsets.filterAttrs (n: _: builtins.elem n ["backup-2" "eldiron" "quatresaisons" "dilion"]) nodes;
103 toPassiveServices = map (s: s.passiveInfo.filter s // s.passiveInfo); 121 toPassiveServices = map (s: s.passiveInfo.filter s // s.passiveInfo);
104 passiveServices = lib.flatten (lib.attrsets.mapAttrsToList 122 passiveServices = lib.flatten (lib.attrsets.mapAttrsToList
105 (_: n: toPassiveServices n.config.myServices.monitoring.services) 123 (_: n: toPassiveServices n.config.myServices.monitoring.services)
diff --git a/modules/private/monitoring/objects_common.nix b/modules/private/monitoring/objects_common.nix
index 82043eb..7f553a0 100644
--- a/modules/private/monitoring/objects_common.nix
+++ b/modules/private/monitoring/objects_common.nix
@@ -143,6 +143,7 @@ in
143 check_smtp = "$USER1$/check_smtp -H $HOSTADDRESS$ -p 25 -S -D 21,15"; 143 check_smtp = "$USER1$/check_smtp -H $HOSTADDRESS$ -p 25 -S -D 21,15";
144 check_tcp = "$USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ -e \"$ARG2$\" -Mcrit"; 144 check_tcp = "$USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ -e \"$ARG2$\" -Mcrit";
145 check_tcp_ssl = "$USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ -S -D 21,15"; 145 check_tcp_ssl = "$USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ -S -D 21,15";
146 check_zfs = "$USER2$/check_zpool.sh -p ALL";
146 147
147 check_host_alive = "$USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5"; 148 check_host_alive = "$USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5";
148 check_last_file_date = "${sudo} -u \"$ARG3$\" $USER2$/check_last_file_date \"$ARG1$\" \"$ARG2$\""; 149 check_last_file_date = "${sudo} -u \"$ARG3$\" $USER2$/check_last_file_date \"$ARG1$\" \"$ARG2$\"";
diff --git a/modules/private/monitoring/objects_dilion.nix b/modules/private/monitoring/objects_dilion.nix
new file mode 100644
index 0000000..ea4ec37
--- /dev/null
+++ b/modules/private/monitoring/objects_dilion.nix
@@ -0,0 +1,22 @@
1{ lib, hostFQDN, emailCheck, ... }:
2let
3 defaultPassiveInfo = {
4 filter = lib.attrsets.filterAttrs
5 (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_");
6 use = "external-passive-service";
7 freshness_threshold = "450";
8 retry_interval = "1";
9 servicegroups = "webstatus-resources";
10 host_name = hostFQDN;
11 };
12in
13{
14 service = [
15 {
16 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; };
17 service_description = "No ZFS pool is degraded";
18 use = "local-service";
19 check_command = ["check_zfs"];
20 }
21 ];
22}
diff --git a/modules/private/monitoring/objects_eldiron.nix b/modules/private/monitoring/objects_eldiron.nix
index 92f997f..2c15dd6 100644
--- a/modules/private/monitoring/objects_eldiron.nix
+++ b/modules/private/monitoring/objects_eldiron.nix
@@ -19,6 +19,12 @@ in
19 check_command = ["check_postgresql_replication" "backup-2" "/run/postgresql" "5432"]; 19 check_command = ["check_postgresql_replication" "backup-2" "/run/postgresql" "5432"];
20 } 20 }
21 { 21 {
22 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-resources"; };
23 service_description = "No ZFS pool is degraded";
24 use = "local-service";
25 check_command = ["check_zfs"];
26 }
27 {
22 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-email"; }; 28 passiveInfo = defaultPassiveInfo // { servicegroups = "webstatus-email"; };
23 service_description = "mailq is empty"; 29 service_description = "mailq is empty";
24 use = "local-service"; 30 use = "local-service";
diff --git a/modules/private/monitoring/objects_monitoring-1.nix b/modules/private/monitoring/objects_monitoring-1.nix
index 94b676b..4b784ed 100644
--- a/modules/private/monitoring/objects_monitoring-1.nix
+++ b/modules/private/monitoring/objects_monitoring-1.nix
@@ -113,17 +113,17 @@ in
113 } 113 }
114 114
115 # Backup services 115 # Backup services
116 { 116 # {
117 service_description = "eriomem backup is up and not full"; 117 # service_description = "eriomem backup is up and not full";
118 host_name = "eldiron.immae.eu"; 118 # host_name = "eldiron.immae.eu";
119 use = "external-service"; 119 # use = "external-service";
120 check_command = "check_backup_eriomem"; 120 # check_command = "check_backup_eriomem";
121 121
122 check_interval = "120"; 122 # check_interval = "120";
123 notification_interval = "1440"; 123 # notification_interval = "1440";
124 124
125 servicegroups = "webstatus-backup"; 125 # servicegroups = "webstatus-backup";
126 } 126 # }
127 { 127 {
128 service_description = "ovh backup is up and not full"; 128 service_description = "ovh backup is up and not full";
129 host_name = "eldiron.immae.eu"; 129 host_name = "eldiron.immae.eu";
diff --git a/modules/private/monitoring/objects_quatresaisons.nix b/modules/private/monitoring/objects_quatresaisons.nix
new file mode 100644
index 0000000..3927ef5
--- /dev/null
+++ b/modules/private/monitoring/objects_quatresaisons.nix
@@ -0,0 +1,16 @@
1{ lib, hostFQDN, emailCheck, ... }:
2let
3 defaultPassiveInfo = {
4 filter = lib.attrsets.filterAttrs
5 (k: v: builtins.elem k ["service_description"] || builtins.substring 0 1 k == "_");
6 use = "external-passive-service";
7 freshness_threshold = "450";
8 retry_interval = "1";
9 servicegroups = "webstatus-resources";
10 host_name = hostFQDN;
11 };
12in
13{
14 service = [
15 ];
16}
diff --git a/modules/private/system/dilion.nix b/modules/private/system/dilion.nix
index 4e2a11f..b89b364 100644
--- a/modules/private/system/dilion.nix
+++ b/modules/private/system/dilion.nix
@@ -24,6 +24,8 @@
24 "/boot/pass.key" = "/boot/pass.key"; 24 "/boot/pass.key" = "/boot/pass.key";
25 }; 25 };
26 kernel.sysctl."vm.nr_hugepages" = 256; # for xmr-stak 26 kernel.sysctl."vm.nr_hugepages" = 256; # for xmr-stak
27 # available in nixos-20.09
28 #zfs.requestEncryptionCredentials = [ "zpool/root" ];
27 }; 29 };
28 nix.maxJobs = 8; 30 nix.maxJobs = 8;
29 powerManagement.cpuFreqGovernor = "powersave"; 31 powerManagement.cpuFreqGovernor = "powersave";
@@ -147,6 +149,7 @@
147 nix.binaryCaches = [ "https://hydra.iohk.io" "https://cache.nixos.org" ]; 149 nix.binaryCaches = [ "https://hydra.iohk.io" "https://cache.nixos.org" ];
148 nix.binaryCachePublicKeys = [ "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" ]; 150 nix.binaryCachePublicKeys = [ "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" ];
149 151
152 myServices.monitoring.enable = true;
150 myServices.certificates.enable = true; 153 myServices.certificates.enable = true;
151 security.acme.certs."${name}" = { 154 security.acme.certs."${name}" = {
152 user = config.services.nginx.user; 155 user = config.services.nginx.user;
diff --git a/modules/private/system/quatresaisons.nix b/modules/private/system/quatresaisons.nix
index 353323f..e905460 100644
--- a/modules/private/system/quatresaisons.nix
+++ b/modules/private/system/quatresaisons.nix
@@ -274,6 +274,7 @@ in
274 } 274 }
275 ]; 275 ];
276 276
277 myServices.monitoring.enable = true;
277 myServices.certificates.enable = true; 278 myServices.certificates.enable = true;
278 users.mutableUsers = true; 279 users.mutableUsers = true;
279 system.stateVersion = "21.03"; 280 system.stateVersion = "21.03";