genebean/dots
1
0
Fork 0
mirror of https://github.com/genebean/dots.git synced 2026-05-31 23:55:20 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #657 from genebean/ports-module-remaining-hosts

Browse source 
Extend dots.ports module to remaining NixOS hosts
This commit is contained in:
Gene Liverman 2026-05-31 21:35:39 -04:00 committed by GitHub
commit d3ed387567
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 26 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

1
modules/hosts/nixos/bigboy/default.nix
View file

@ -17,6 +17,7 @@ in
# Include the results of the hardware scan.
./hardware-configuration.nix
../../../shared/linux/flatpaks.nix
../../../shared/nixos/ports.nix
../../../shared/nixos/ripping.nix
];

24
modules/hosts/nixos/hetznix02/default.nix
View file

@ -1,5 +1,7 @@
{
config,
inputs,
lib,
pkgs,
username,
...
@ -7,6 +9,7 @@
{
imports = [
../../../shared/nixos/nixroutes.nix
../../../shared/nixos/ports.nix
./disk-config.nix
./hardware-configuration.nix
./post-install
@ -33,15 +36,18 @@
];
networking = {
# Open ports in the firewall.
firewall.allowedTCPPorts = [
22 # ssh
80 # Nginx
443 # Nginx
];
# firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# firewall.enable = false;
firewall = {
allowedTCPPorts = lib.pipe config.dots.ports [
builtins.attrValues
(builtins.filter (e: e.openFirewall && e.protocol == "tcp"))
(map (e: e.port))
];
allowedUDPPorts = lib.pipe config.dots.ports [
builtins.attrValues
(builtins.filter (e: e.openFirewall && e.protocol == "udp"))
(map (e: e.port))
];
};
hostId = "89bbb3e6"; # head -c4 /dev/urandom | od -A none -t x4

8
modules/hosts/nixos/hetznix02/post-install/monitoring.nix
View file

@ -16,7 +16,7 @@ in
{
job_name = "node";
static_configs = [
{ targets = [ "127.0.0.1:9100" ]; }
{ targets = [ "127.0.0.1:${toString config.dots.ports.node-exporter.port}" ]; }
];
metric_relabel_configs = [
{
@ -37,7 +37,7 @@ in
{
job_name = "nginx";
static_configs = [
{ targets = [ "127.0.0.1:9113" ]; }
{ targets = [ "127.0.0.1:${toString config.dots.ports.nginx-exporter.port}" ]; }
];
metric_relabel_configs = [
{
@ -84,7 +84,7 @@ in
prometheus.exporters.node = {
enable = true;
listenAddress = "127.0.0.1";
port = 9100;
inherit (config.dots.ports.node-exporter) port;
enabledCollectors = [
"systemd"
];
@ -98,7 +98,7 @@ in
prometheus.exporters.nginx = {
enable = true;
listenAddress = "127.0.0.1";
port = 9113;
inherit (config.dots.ports.nginx-exporter) port;
scrapeUri = "https://127.0.0.1/server_status";
sslVerify = false;
};

1
modules/hosts/nixos/kiosk-entryway/default.nix
View file

@ -7,6 +7,7 @@
}:
{
imports = [
../../../shared/nixos/ports.nix
./disk-config.nix
./hardware-configuration.nix
./monitoring.nix

4
modules/hosts/nixos/kiosk-entryway/monitoring.nix
View file

@ -16,7 +16,7 @@ in
{
job_name = "node";
static_configs = [
{ targets = [ "127.0.0.1:9100" ]; }
{ targets = [ "127.0.0.1:${toString config.dots.ports.node-exporter.port}" ]; }
];
metric_relabel_configs = [
{
@ -63,7 +63,7 @@ in
prometheus.exporters.node = {
enable = true;
listenAddress = "127.0.0.1";
port = 9100;
inherit (config.dots.ports.node-exporter) port;
extraFlags = [
"--collector.filesystem.mount-points-exclude=^/(sys|proc|dev|run|tmp|var/lib/docker/.+)($|/)"
"--collector.diskstats.device-exclude=^(loop|ram|fd|sr|dm-|nvme[0-9]n[0-9]p[0-9]+_crypt)$"

2
modules/hosts/nixos/kiosk-gene-desk/default.nix
View file

@ -10,6 +10,7 @@
imports = [
# SD card image
"${inputs.nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
../../../shared/nixos/ports.nix
./read-only-root.nix
];
@ -92,6 +93,7 @@
};
prometheus.exporters.node = {
enable = true;
inherit (config.dots.ports.node-exporter) port;
enabledCollectors = [
"logind"
"systemd"

1
modules/hosts/nixos/rainbow-planet/default.nix
View file

@ -9,6 +9,7 @@
imports = [
./hardware-configuration.nix
../../../shared/linux/flatpaks.nix
../../../shared/nixos/ports.nix
../../../shared/nixos/ripping.nix
];