simono41/chaos-jetzt-nixfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

services/monitoring: Fix missing firewall rule

Browse source 
I didn't notice this was missing in #5 until after deploying it. Since
the ports on the monitoring-network-interface (ens10) were not open,
scraping would fail and thus generate alerts.
This commit is contained in:
Moritz 'e1mo' Fromm 2023-01-06 16:07:46 +01:00
parent d199834a61
commit 935f51e7d9
No known key found for this signature in database
GPG key ID: 1D5D79A439E787F1
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
services/monitoring/default.nix
View file

@ -132,6 +132,15 @@ in {
]; ];
}; };
networking.firewall.interfaces.ens10.allowedTCPPorts = let
inherit (config.services) prometheus;
ifEnabled = x: lib.optional x.enable x.port;
in (
(ifEnabled prometheus)
++ (ifEnabled prometheus.alertmanager)
++ (ifEnabled prometheus.exporters.node)
);
services.prometheus = { services.prometheus = {
enable = true; enable = true;
webExternalUrl = "https://${fqdn}/prometheus/"; webExternalUrl = "https://${fqdn}/prometheus/";