add influx listener to telegraf

2025-04-27 18:35:23 +02:00 · 2025-04-27 18:35:23 +02:00 · fa4fafa7a9
commit fa4fafa7a9
parent 72fffad326
3 changed files with 89 additions and 64 deletions
--- a/nixos/celestia/configuration.nix
+++ b/nixos/celestia/configuration.nix
@ -2,6 +2,7 @@
  config,
  lib,
  pkgs,
+  mypkgs,
  ...
 }: let
  makeVirtualHost = {
@ -78,7 +79,7 @@ in {

    firewall = {
      enable = true;
-      allowedTCPPorts = [22 111 443 2049 4000 4001 4002 20048];
+      allowedTCPPorts = [22 111 443 2049 4000 4001 4002 9999 20048];
      allowedUDPPorts = [53 111 2049 4000 4001 4002 20048];
    };
  };
@ -97,6 +98,7 @@ in {
    rtl_433
    dump1090
    rtl-sdr
+    mypkgs.nixvim
  ];

  users.users."root".openssh.authorizedKeys.keys = [
@ -258,13 +260,16 @@ in {
      environmentFiles = [config.sops.secrets."telegraf_api_token".path];
      extraConfig = {
        inputs = {
+          influxdb_v2_listener = {
+            service_address = "127.0.0.1:9998";
+          };
+
          prometheus = {
            urls = [
              "http://127.0.0.1:${builtins.toString config.services.prometheus.exporters.zfs.port}"
              "http://127.0.0.1:${builtins.toString config.services.prometheus.exporters.smartctl.port}"
              "http://127.0.0.1:${builtins.toString config.services.prometheus.exporters.systemd.port}"
              "http://127.0.0.1:${builtins.toString config.services.prometheus.exporters.node.port}"
-              "http://127.0.0.1:8123"
            ];
          };
        };
@ -274,7 +279,7 @@ in {
            token = "\${TELEGRAF_API_TOKEN}";
            organization = "fuckwit.dev";
            bucket = "world";
-            timeout = "10s";
+            timeout = "60s";
          };
        };
      };
@ -283,56 +288,74 @@ in {
    nginx = {
      enable = true;
      clientMaxBodySize = "500m";
-      virtualHosts = makeVirtualHosts [
+      virtualHosts =
+        # Tasmota devices check /health of the influxdb2 server.
+        # Telegraf does not provide this endpoint so we fake it via nginx
+        # https://github.com/influxdata/telegraf/issues/16321
        {
-          subdomain = "jdownloader";
-          port = 5800;
+          "influxdb-proxy.fuckwit.dev" = {
+            listen = [
+              {
+                port = 9999;
+                addr = "0.0.0.0";
+              }
+            ];
+            locations = {
+              "/health".return = "200 ''";
+              "/".proxyPass = "http://127.0.0.1:9998";
+            };
+          };
        }
-        {
-          subdomain = "jellyfin";
-          port = 8096;
-        }
-        {
-          subdomain = "sonarr";
-          port = 8989;
-        }
-        {
-          subdomain = "radarr";
-          port = 7878;
-        }
-        {
-          subdomain = "lidarr";
-          port = 8686;
-        }
-        {
-          subdomain = "prowlarr";
-          port = 9696;
-        }
-        {
-          subdomain = "paperless";
-          port = 28981;
-        }
-        {
-          subdomain = "homepage";
-          port = 8082;
-        }
-        {
-          subdomain = "photoprism";
-          port = 2342;
-        }
-        {
-          subdomain = "immich";
-          port = 2283;
-        }
-        {
-          subdomain = "qbittorrent";
-          port = 8080;
-        }
-        {
-          subdomain = "shimmie";
-          port = 8000;
-        }
-      ];
+        // makeVirtualHosts [
+          {
+            subdomain = "jdownloader";
+            port = 5800;
+          }
+          {
+            subdomain = "jellyfin";
+            port = 8096;
+          }
+          {
+            subdomain = "sonarr";
+            port = 8989;
+          }
+          {
+            subdomain = "radarr";
+            port = 7878;
+          }
+          {
+            subdomain = "lidarr";
+            port = 8686;
+          }
+          {
+            subdomain = "prowlarr";
+            port = 9696;
+          }
+          {
+            subdomain = "paperless";
+            port = 28981;
+          }
+          {
+            subdomain = "homepage";
+            port = 8082;
+          }
+          {
+            subdomain = "photoprism";
+            port = 2342;
+          }
+          {
+            subdomain = "immich";
+            port = 2283;
+          }
+          {
+            subdomain = "qbittorrent";
+            port = 8080;
+          }
+          {
+            subdomain = "shimmie";
+            port = 8000;
+          }
+        ];
    };

    paperless = {
@ -582,17 +605,17 @@ in {
          ];
        };

-        qbittorrent-exporter = {
-          image = "docker.io/esanchezm/prometheus-qbittorrent-exporter";
-          autoStart = true;
-          networks = ["container:gluetun"];
-          dependsOn = ["qbittorrent"];
-          environment = {
-            QBITTORRENT_PORT = "8080";
-            QBITTORRENT_HOST = "127.0.0.1";
-            EXPORTER_PORT = "8123";
-          };
-        };
+        # qbittorrent-exporter = {
+        #   image = "docker.io/esanchezm/prometheus-qbittorrent-exporter";
+        #   autoStart = true;
+        #   networks = ["container:gluetun"];
+        #   dependsOn = ["qbittorrent"];
+        #   environment = {
+        #     QBITTORRENT_PORT = "8080";
+        #     QBITTORRENT_HOST = "127.0.0.1";
+        #     EXPORTER_PORT = "8123";
+        #   };
+        # };
      };
    };
  };
--- a/nixos/configurations.nix
+++ b/nixos/configurations.nix
@ -4,6 +4,7 @@
  sops-nix,
  lanzaboote,
  simple-nixos-mailserver,
+  nixvim,
  inputs,
  ...
 }: let
@ -50,7 +51,7 @@
  }:
    np.lib.nixosSystem {
      inherit system;
-      specialArgs = {mypkgs = customPkgs."${system}";};
+      specialArgs = {mypkgs = customPkgs."${system}" // { nixvim = nixvim.packages.${system}.default;};};
      modules =
        defaultModules
        ++ [
--- a/nixos/primordial/mail.nix
+++ b/nixos/primordial/mail.nix
@ -16,6 +16,7 @@
      };
    };

-    certificateScheme = "acme-nginx";
+    certificateScheme = "acme";
+    acmeCertificateName = "fuckwit.dev";
  };
 }