ptr.pet / ark
nix machine / user configurations
fork atom

feat(wolumonde): collect metrics from netbird [skip ci]

ptr.pet 13a05010 188fdf7b

verified
options
unified split
Changed files
+17 -2
hosts
wolumonde
modules
netbird.nix
+17 -2
hosts/wolumonde/modules/netbird.nix 
···

       
1

       
 

       
{ config, ... }:


     

       
2

       
 

       
let


     

       

       

       
     

       
3

       
 

       
  oidcUrl = config.services.pocket-id.settings.APP_URL;


     

       
4

       
 

       
  oidcClientId = "41f4ea08-a20f-43dc-aa75-c76efa49bbb8";


     

       
5

       
 

       
in


     
···

       
24

       
 

       
      AUTH_CLIENT_ID = oidcClientId;


     

       
25

       
 

       
      AUTH_AUDIENCE = oidcClientId;


     

       
26

       
 

       
    };


     

       

       

       
     

       
27

       
 

       
    management = {


     

       
28

       
 

       
      metricsPort = 9409;


     

       
29

       
 

       
      oidcConfigEndpoint = "${oidcUrl}/.well-known/openid-configuration";


     

       
30

       
-

       
      turnDomain = config.services.netbird.server.domain;


     

       
31

       
 

       
      settings = {


     

       
32

       
 

       
        TURNConfig.Secret._secret = config.age.secrets.netbirdTurnSecret.path;


     

       
33

       
 

       
        DataStoreEncryptionKey._secret = config.age.secrets.netbirdDataStoreEncKey.path;


     
···

       
51

       
 

       
    };


     

       
52

       
 

       
  };


     

       
53

       
 

       



     

       
54

       
-

       
  services.nginx.virtualHosts.${config.services.netbird.server.domain} = {


     

       
55

       
 

       
    useACMEHost = "gaze.systems";


     

       
56

       
 

       
    forceSSL = true;


     

       
57

       
 

       
    quic = true;


     

       
58

       
 

       
    kTLS = true;


     

       
59

       
 

       
  };


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
60

       
 

       
}


     
···

       
1

       
 

       
{ config, ... }:


     

       
2

       
 

       
let


     

       
3

       
+

       
  cfg = config.services.netbird.server;


     

       
4

       
 

       
  oidcUrl = config.services.pocket-id.settings.APP_URL;


     

       
5

       
 

       
  oidcClientId = "41f4ea08-a20f-43dc-aa75-c76efa49bbb8";


     

       
6

       
 

       
in


     
···

       
25

       
 

       
      AUTH_CLIENT_ID = oidcClientId;


     

       
26

       
 

       
      AUTH_AUDIENCE = oidcClientId;


     

       
27

       
 

       
    };


     

       
28

       
+

       
    signal.metricsPort = 9091;


     

       
29

       
 

       
    management = {


     

       
30

       
 

       
      metricsPort = 9409;


     

       
31

       
 

       
      oidcConfigEndpoint = "${oidcUrl}/.well-known/openid-configuration";


     

       
32

       
+

       
      turnDomain = cfg.domain;


     

       
33

       
 

       
      settings = {


     

       
34

       
 

       
        TURNConfig.Secret._secret = config.age.secrets.netbirdTurnSecret.path;


     

       
35

       
 

       
        DataStoreEncryptionKey._secret = config.age.secrets.netbirdDataStoreEncKey.path;


     
···

       
53

       
 

       
    };


     

       
54

       
 

       
  };


     

       
55

       
 

       



     

       
56

       
+

       
  services.nginx.virtualHosts.${cfg.domain} = {


     

       
57

       
 

       
    useACMEHost = "gaze.systems";


     

       
58

       
 

       
    forceSSL = true;


     

       
59

       
 

       
    quic = true;


     

       
60

       
 

       
    kTLS = true;


     

       
61

       
 

       
  };


     

       
62

       
+

       



     

       
63

       
+

       
  services.victoriametrics.prometheusConfig.scrape_configs = [


     

       
64

       
+

       
    {


     

       
65

       
+

       
      job_name = "netbird_management";


     

       
66

       
+

       
      metrics_path = "/metrics";


     

       
67

       
+

       
      static_configs = [ { targets = [ "localhost:${toString cfg.management.metricsPort}" ]; } ];


     

       
68

       
+

       
    }


     

       
69

       
+

       
    {


     

       
70

       
+

       
      job_name = "netbird_signal";


     

       
71

       
+

       
      metrics_path = "/metrics";


     

       
72

       
+

       
      static_configs = [ { targets = [ "localhost${toString cfg.signal.metricsPort}" ]; } ];


     

       
73

       
+

       
    }


     

       
74

       
+

       
  ];


     

       
75

       
 

       
}