diff --git a/README.md b/README.md index 83684fb..979286d 100644 --- a/README.md +++ b/README.md @@ -7,8 +7,8 @@ services: - stalwart (mail.extremist.software) - searxng (search.extremist.software) - synapse (matrix.extremist.software) -- grafana/prometheus (status.extremist.software) -- uptime-kuma (uptime.extremist.software) +- grafana/prometheus/blackbox exporter (status.extremist.software) +- uptime redirect to status.extremist.software (uptime.extremist.software) - ntfy (ntfy.extremist.software) - mymx (mymx.extremist.software) - caddy (reverse proxy + rate limiting) diff --git a/configuration.nix b/configuration.nix index 9a74c91..b957a5e 100644 --- a/configuration.nix +++ b/configuration.nix @@ -15,7 +15,7 @@ ./modules/matrix.nix ./modules/monitoring.nix ./modules/ntfy.nix - ./modules/uptime-kuma.nix + ./modules/blackbox-exporter.nix ./modules/noisebell.nix ./modules/noisepics.nix ]; diff --git a/modules/blackbox-exporter.nix b/modules/blackbox-exporter.nix new file mode 100644 index 0000000..e1b8017 --- /dev/null +++ b/modules/blackbox-exporter.nix @@ -0,0 +1,228 @@ +{ + config, + lib, + pkgs, + ... +}: + +let + blackboxConfig = pkgs.writeText "blackbox.yml" '' + modules: + http_2xx: + prober: http + timeout: 5s + http: + preferred_ip_protocol: ip4 + tcp_connect: + prober: tcp + timeout: 5s + tcp: + preferred_ip_protocol: ip4 + icmp: + prober: icmp + timeout: 5s + icmp: + preferred_ip_protocol: ip4 + ''; + + blackboxAddress = "127.0.0.1:${toString config.services.prometheus.exporters.blackbox.port}"; + + mkBlackboxJob = name: module: interval: monitors: { + job_name = name; + scrape_interval = interval; + metrics_path = "/probe"; + params.module = [ module ]; + static_configs = map ( + { name, target }: + { + targets = [ target ]; + labels.monitor = name; + } + ) monitors; + relabel_configs = [ + { + source_labels = [ "__address__" ]; + target_label = "__param_target"; + } + { + source_labels = [ "__param_target" ]; + target_label = "instance"; + } + { + target_label = "__address__"; + replacement = blackboxAddress; + } + ]; + }; + + http60Monitors = [ + { + name = "Website (Apex)"; + target = "https://extremist.software"; + } + { + name = "Extremist Software Forgejo"; + target = "https://git.extremist.software"; + } + { + name = "Stalwart Admin"; + target = "https://mail.extremist.software"; + } + { + name = "SearxNG"; + target = "https://search.extremist.software"; + } + { + name = "Grafana"; + target = "https://status.extremist.software"; + } + { + name = "ntfy"; + target = "https://ntfy.extremist.software"; + } + { + name = "Matrix"; + target = "https://matrix.extremist.software"; + } + { + name = "Noisebell"; + target = "https://noisebell.extremist.software"; + } + { + name = "Noisebell Discord"; + target = "https://discord.noisebell.extremist.software"; + } + { + name = "Noisebell RSS"; + target = "https://rss.noisebell.extremist.software"; + } + { + name = "Noisepics"; + target = "https://noisepics.extremist.software"; + } + { + name = "Noisebridge Mailing List"; + target = "https://lists.noisebridge.net"; + } + { + name = "Noisebridge Safespace"; + target = "https://safespace.noisebridge.net"; + } + { + name = "Noisebridge Library"; + target = "https://library.noisebridge.net"; + } + { + name = "Noisebridge Electronic Parts"; + target = "https://parts.noisebridge.net"; + } + { + name = "Noisebridge Auth"; + target = "https://auth.noisebridge.net"; + } + { + name = "Noisebridge Grafana"; + target = "https://grafana.noisebridge.net"; + } + { + name = "Noisebridge Prometheus"; + target = "https://prometheus.noisebridge.net"; + } + { + name = "jetpham.com"; + target = "https://jetpham.com"; + } + { + name = "m3.noisebridge.net"; + target = "https://m3.noisebridge.net"; + } + { + name = "m5.noisebridge.net"; + target = "https://m5.noisebridge.net"; + } + { + name = "m6.noisebridge.net"; + target = "https://m6.noisebridge.net"; + } + { + name = "m7.noisebridge.net"; + target = "https://m7.noisebridge.net"; + } + { + name = "Gitcafe"; + target = "https://app.gitcafe.dev"; + } + { + name = "Github"; + target = "https://github.com/"; + } + { + name = "Gitlab"; + target = "https://gitlab.com"; + } + { + name = "git.paperclover.net"; + target = "https://git.paperclover.net/clo"; + } + ]; + + http600Monitors = [ + { + name = "Noisebridge Wiki"; + target = "https://www.noisebridge.net/"; + } + { + name = "noisebridge.org"; + target = "https://www.noisebridge.org"; + } + { + name = "noisebridge.io"; + target = "https://noisebridge.io"; + } + ]; + + tcp60Monitors = [ + { + name = "SMTP (Standard)"; + target = "extremist.software:25"; + } + { + name = "SMTPS (Secure)"; + target = "extremist.software:465"; + } + { + name = "Submission"; + target = "mail.extremist.software:587"; + } + { + name = "IMAPS (Secure)"; + target = "extremist.software:993"; + } + { + name = "Noisebridge Mailing list SMTP"; + target = "lists.noisebridge.net:25"; + } + ]; + + icmp60Monitors = [ + { + name = "extremist.software ping"; + target = "extremist.software"; + } + ]; +in +{ + services.prometheus.exporters.blackbox = { + enable = true; + listenAddress = "127.0.0.1"; + port = 9115; + configFile = blackboxConfig; + }; + + services.prometheus.scrapeConfigs = lib.mkAfter [ + (mkBlackboxJob "blackbox-http-60s" "http_2xx" "60s" http60Monitors) + (mkBlackboxJob "blackbox-http-600s" "http_2xx" "600s" http600Monitors) + (mkBlackboxJob "blackbox-tcp-60s" "tcp_connect" "60s" tcp60Monitors) + (mkBlackboxJob "blackbox-icmp-60s" "icmp" "60s" icmp60Monitors) + ]; +} diff --git a/modules/caddy.nix b/modules/caddy.nix index 7af168e..afb852d 100644 --- a/modules/caddy.nix +++ b/modules/caddy.nix @@ -112,7 +112,7 @@ window 1m } } - reverse_proxy localhost:4001 + redir https://status.extremist.software{uri} ''; }; diff --git a/modules/uptime-kuma.nix b/modules/uptime-kuma.nix deleted file mode 100644 index 8ae0d6f..0000000 --- a/modules/uptime-kuma.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ config, pkgs, ... }: - -{ - services.uptime-kuma = { - enable = true; - settings = { - PORT = "4001"; - HOST = "127.0.0.1"; - }; - }; -}