torjus/nixos-servers
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
Files
4efc798c38a28628c4e203bff43d10ced47410c7
nixos-servers/system/monitoring/metrics.nix
Torjus Håkestad 4efc798c38
All checks were successful
Run nix flake check / flake-check (push) Successful in 2m6s
Details
nixos-exporter: fix nkey file permissions 
Set owner/group to nixos-exporter so the service can read the
NATS credentials file.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-09 00:18:10 +01:00

58 lines
1.4 KiB
Nix
Raw Blame History

{ pkgs, ... }:
{
services.prometheus.exporters.node = {
enable = true;
enabledCollectors = [
"systemd"
"logind"
"cgroups"
"processes"
];
};
services.prometheus.exporters.systemd = {
enable = true;
# Default port: 9558
extraFlags = [
"--systemd.collector.enable-restart-count"
"--systemd.collector.enable-ip-accounting"
];
};
# Fetch NKey from Vault for NATS authentication
vault.secrets.nixos-exporter-nkey = {
secretPath = "shared/nixos-exporter/nkey";
extractKey = "nkey";
owner = "nixos-exporter";
group = "nixos-exporter";
};
services.prometheus.exporters.nixos = {
enable = true;
# Default port: 9971
flake = {
enable = true;
url = "git+https://git.t-juice.club/torjus/nixos-servers.git";
nats = {
enable = true;
url = "nats://nats1.home.2rjus.net:4222";
credentialsFile = "/run/secrets/nixos-exporter-nkey";
};
};
};
# Ensure exporter starts after Vault secret is available
systemd.services.prometheus-nixos-exporter = {
after = [ "vault-secret-nixos-exporter-nkey.service" ];
requires = [ "vault-secret-nixos-exporter-nkey.service" ];
};
# Register nixos-exporter as a Prometheus scrape target
homelab.monitoring.scrapeTargets = [
{
job_name = "nixos-exporter";
port = 9971;
}
];
}
Reference in New Issue View Git Blame Copy Permalink