diff --git a/flake.lock b/flake.lock index f908edd..c388be8 100644 --- a/flake.lock +++ b/flake.lock @@ -503,22 +503,6 @@ "type": "github" } }, - "nixpkgs_3": { - "locked": { - "lastModified": 1764560356, - "narHash": "sha256-M5aFEFPppI4UhdOxwdmceJ9bDJC4T6C6CzCK1E2FZyo=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "6c8f0cca84510cc79e09ea99a299c9bc17d03cb6", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, "nur": { "inputs": { "flake-parts": [ @@ -634,14 +618,19 @@ "nix-filter": [ "nix-filter" ], - "nixpkgs": "nixpkgs_2" + "nixpkgs": [ + "nixpkgs" + ], + "treefmt-nix": [ + "treefmt-nix" + ] }, "locked": { - "lastModified": 1757763404, - "narHash": "sha256-a1h+58wDOtbQXrHoZwLwB7PhXwFhBXRHhNRhAQGq/oY=", + "lastModified": 1764875421, + "narHash": "sha256-ZO9wiokPhropwsU3BfIgjm1bc59SIyqrfjfnFCM2Q68=", "ref": "refs/heads/main", - "rev": "07a5fbca27ec941c841ad93f2ac65bc529225a51", - "revCount": 46, + "rev": "fa892558f123c5d5395663fa666466c73b997245", + "revCount": 48, "type": "git", "url": "https://git.berlin.ccc.de/servicepoint/servicepoint-cli.git" }, @@ -658,7 +647,7 @@ "nix-filter": [ "nix-filter" ], - "nixpkgs": "nixpkgs_3" + "nixpkgs": "nixpkgs_2" }, "locked": { "lastModified": 1757763091, diff --git a/flake.nix b/flake.nix index e997171..cdc2bf4 100644 --- a/flake.nix +++ b/flake.nix @@ -41,10 +41,10 @@ servicepoint-cli = { url = "git+https://git.berlin.ccc.de/servicepoint/servicepoint-cli.git"; inputs = { - # TODO: update flake to 25.11 - # nixpkgs.follows = "nixpkgs"; + nixpkgs.follows = "nixpkgs"; naersk.follows = "naersk"; nix-filter.follows = "nix-filter"; + treefmt-nix.follows = "treefmt-nix"; }; }; servicepoint-simulator = { @@ -277,6 +277,7 @@ self.nixosModules.globalinstalls self.nixosModules.lix-is-nix self.nixosModules.openssh + self.nixosModules.prometheus-node self.nixosModules.systemd-boot self.nixosModules.tailscale zerforschen-plus.nixosModules.default diff --git a/nixosConfigurations/forgejo-runner-1/forgejo-runner.nix b/nixosConfigurations/forgejo-runner-1/forgejo-runner.nix index 4edc17e..df9fb2b 100644 --- a/nixosConfigurations/forgejo-runner-1/forgejo-runner.nix +++ b/nixosConfigurations/forgejo-runner-1/forgejo-runner.nix @@ -8,7 +8,7 @@ # https://wiki.nixos.org/wiki/Forgejo services.gitea-actions-runner = { - package = pkgs.forgejo-actions-runner; + package = pkgs.forgejo-runner; instances.default = { enable = true; name = "cccb"; diff --git a/nixosConfigurations/hetzner-vpn2/nginx.nix b/nixosConfigurations/hetzner-vpn2/nginx.nix index 126e690..8f1bead 100644 --- a/nixosConfigurations/hetzner-vpn2/nginx.nix +++ b/nixosConfigurations/hetzner-vpn2/nginx.nix @@ -2,6 +2,7 @@ let blog-domain-socket = "/run/nginx/blog.sock"; anubis-domain-socket = "/run/anubis/anubis-blog/anubis.sock"; + anubis-metrics-socket = "/run/anubis/anubis-blog/anubis-metrics.sock"; in { security.acme = { @@ -26,8 +27,9 @@ in "zerforschen.plus" = { addSSL = true; enableACME = true; - locations."/" = { - proxyPass = "http://unix:" + anubis-domain-socket; + locations = { + "/".proxyPass = "http://unix:" + anubis-domain-socket; + "/_metrics".proxyPass = "http://unix:" + anubis-metrics-socket; }; }; @@ -47,6 +49,7 @@ in settings = { BIND = anubis-domain-socket; TARGET = "unix://" + blog-domain-socket; + METRICS_BIND = anubis-metrics-socket; }; }; }; diff --git a/nixosModules/prometheus-node.nix b/nixosModules/prometheus-node.nix new file mode 100644 index 0000000..576db81 --- /dev/null +++ b/nixosModules/prometheus-node.nix @@ -0,0 +1,20 @@ +{ + services.prometheus.exporters = { + node = { + enable = true; + openFirewall = true; + port = 9190; + enabledCollectors = [ + # keep-sorted start + "cgroups" + "interrupts" + "softirqs" + "swap" + "systemd" + "tcpstat" + "wifi" + # keep-sorted end + ]; + }; + }; +}