diff --git a/services/self_host/htop.nix b/services/self_host/htop.nix index 311370f..e6b71f4 100644 --- a/services/self_host/htop.nix +++ b/services/self_host/htop.nix @@ -4,15 +4,17 @@ let cfg = config.service.selfhost.monitor; in { - services = { - glances.enable = true; + config = lib.mkIf cfg { + services = { + glances.enable = true; - nginx.virtualHosts."htop.enium.eu" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:61208"; - proxyWebsockets = true; + nginx.virtualHosts."htop.enium.eu" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:61208"; + proxyWebsockets = true; + }; }; }; }; diff --git a/services/self_host/monitor.nix b/services/self_host/monitor.nix index bf034b6..65ed0f3 100644 --- a/services/self_host/monitor.nix +++ b/services/self_host/monitor.nix @@ -5,39 +5,40 @@ let monitored = [ "nginx" "grafana" ]; email = "raphael@enium.eu"; in - { - services.grafana = { - enable = true; - package = pkgs.grafana; - dataDir = "/var/lib/grafana"; - }; - - environment.etc."process-exporter.json".text = builtins.toJSON { - procMatchers = lib.map (svc: { - name = svc; - cmdline = [ - "${svc}:" - ]; - }) monitored; - }; - - systemd.services.process_exporter = { - description = "Prometheus Process Exporter"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${pkgs.prometheus-process-exporter}/bin/process-exporter --config.path /etc/process-exporter.json"; - Restart = "always"; +{ + config = lib.mkIf cfg { + services.grafana = { + enable = true; + package = pkgs.grafana; + dataDir = "/var/lib/grafana"; }; - }; - - services.prometheus = { - enable = true; - checkConfig = false; - exporters = { - blackbox = { - enable = true; - configFile = pkgs.writeText "blackbox-exporter.yml" '' + + environment.etc."process-exporter.json".text = builtins.toJSON { + procMatchers = lib.map (svc: { + name = svc; + cmdline = [ + "${svc}:" + ]; + }) monitored; + }; + + systemd.services.process_exporter = { + description = "Prometheus Process Exporter"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + ExecStart = "${pkgs.prometheus-process-exporter}/bin/process-exporter --config.path /etc/process-exporter.json"; + Restart = "always"; + }; + }; + + services.prometheus = { + enable = true; + checkConfig = false; + exporters = { + blackbox = { + enable = true; + configFile = pkgs.writeText "blackbox-exporter.yml" '' modules: http_2xx: prober: http @@ -49,74 +50,74 @@ in no_follow_redirects: false fail_if_not_ssl: false ''; - }; - node.enable = true; - systemd.enable = true; - }; - scrapeConfigs = [ - { - job_name = "systemd_exporter"; - metrics_path = "/metrics"; - static_configs = [{ - targets = [ - "127.0.0.1:9558" - ]; - }]; - } - { - job_name = "node_exporter"; - static_configs = [{ - targets = [ - "127.0.0.1:9100" - ]; - }]; - } - { - job_name = "process_exporter"; - metrics_path = "/metrics"; - scheme = "http"; - static_configs = [{ - targets = [ - "127.0.0.1:9256" - ]; - }]; - } - { - job_name = "blackbox_http_probe"; - metrics_path = "/probe"; - params = { - module = [ - "http_2xx" - ]; }; - static_configs = [{ - targets = [ - "https://raphael.parodi.pro" - "https://nextcloud.enium.eu" - "https://htop.enium.eu" - "https://monitor.enium.eu" - "https://ollama.enium.eu" - "http://relance-pas-stp.me:4242" + node.enable = true; + systemd.enable = true; + }; + scrapeConfigs = [ + { + job_name = "systemd_exporter"; + metrics_path = "/metrics"; + static_configs = [{ + targets = [ + "127.0.0.1:9558" + ]; + }]; + } + { + job_name = "node_exporter"; + static_configs = [{ + targets = [ + "127.0.0.1:9100" + ]; + }]; + } + { + job_name = "process_exporter"; + metrics_path = "/metrics"; + scheme = "http"; + static_configs = [{ + targets = [ + "127.0.0.1:9256" + ]; + }]; + } + { + job_name = "blackbox_http_probe"; + metrics_path = "/probe"; + params = { + module = [ + "http_2xx" + ]; + }; + static_configs = [{ + targets = [ + "https://raphael.parodi.pro" + "https://nextcloud.enium.eu" + "https://htop.enium.eu" + "https://monitor.enium.eu" + "https://ollama.enium.eu" + "http://relance-pas-stp.me:4242" + ]; + }]; + relabel_configs = [ + { source_labels = [ "__address__" ]; + target_label = "__param_target"; + } + { source_labels = [ "__param_target" ]; + target_label = "instance"; + } + { target_label = "__address__"; + replacement = "127.0.0.1:9115"; + } ]; - }]; - relabel_configs = [ - { source_labels = [ "__address__" ]; - target_label = "__param_target"; - } - { source_labels = [ "__param_target" ]; - target_label = "instance"; - } - { target_label = "__address__"; - replacement = "127.0.0.1:9115"; - } - ]; - proxy_url = "http://127.0.0.1:9115"; - } - ]; - ruleFiles = lib.mkForce [ "/etc/prometheus/services.rules" ]; - }; - - environment.etc."prometheus/services.rules".text = '' + proxy_url = "http://127.0.0.1:9115"; + } + ]; + ruleFiles = lib.mkForce [ "/etc/prometheus/services.rules" ]; + }; + + environment.etc."prometheus/services.rules".text = '' groups: - name: services rules: @@ -157,12 +158,13 @@ groups: description: "Le processus grafana tourne de nouveau." ''; - services.nginx.virtualHosts."monitor.enium.eu" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:3000"; - proxyWebsockets = true; + services.nginx.virtualHosts."monitor.enium.eu" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:3000"; + proxyWebsockets = true; + }; }; }; - } +} diff --git a/services/self_host/nextcloud.nix b/services/self_host/nextcloud.nix index e875951..b6218bc 100644 --- a/services/self_host/nextcloud.nix +++ b/services/self_host/nextcloud.nix @@ -5,32 +5,34 @@ let dataDir = "/mnt/data/nextcloud"; in { - environment.systemPackages = with pkgs; [ - php - ]; - services = { - nextcloud = { - enable = true; - https = true; - package = pkgs.nextcloud31; - hostName = "nextcloud.enium.eu"; - datadir = "/mnt/data/nextcloud/"; - config = { - adminpassFile = "/etc/nextcloud-pass.txt"; - adminuser = "OwnedByTheEniumTeam"; - dbtype = "sqlite"; + config = lib.mkIf cfg { + environment.systemPackages = with pkgs; [ + php + ]; + services = { + nextcloud = { + enable = true; + https = true; + package = pkgs.nextcloud31; + hostName = "nextcloud.enium.eu"; + datadir = "/mnt/data/nextcloud/"; + config = { + adminpassFile = "/etc/nextcloud-pass.txt"; + adminuser = "OwnedByTheEniumTeam"; + dbtype = "sqlite"; + }; + settings = { + trusted_domains = [ + "192.168.1.254" + ]; + default_phone_region = "FR"; + }; }; - settings = { - trusted_domains = [ - "192.168.1.254" - ]; - default_phone_region = "FR"; - }; - }; - nginx.virtualHosts."nextcloud.enium.eu".enableACME = true; - nginx.virtualHosts."nextcloud.enium.eu".forceSSL = true; - nginx.virtualHosts."nextcloud.enium.eu".locations."~ \.php$".extraConfig = '' + nginx.virtualHosts."nextcloud.enium.eu".enableACME = true; + nginx.virtualHosts."nextcloud.enium.eu".forceSSL = true; + nginx.virtualHosts."nextcloud.enium.eu".locations."~ \.php$".extraConfig = '' fastcgi_pass unix:/run/phpfpm-nextcloud.sock; - ''; + ''; + }; }; } diff --git a/services/self_host/ollama.nix b/services/self_host/ollama.nix index 2331670..dc6ca5d 100644 --- a/services/self_host/ollama.nix +++ b/services/self_host/ollama.nix @@ -4,25 +4,27 @@ let cfg = config.service.selfhost.ollama; in { - services = { - ollama = { - enable = true; - loadModels = [ - "qwen2.5:3b" - ]; - acceleration = "cuda"; - }; + config = lib.mkIf cfg { + services = { + ollama = { + enable = true; + loadModels = [ + "qwen2.5:3b" + ]; + acceleration = "cuda"; + }; - open-webui = { - enable = true; - port = 13007; - }; - nginx.virtualHosts."ollama.enium.eu" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:13007"; - proxyWebsockets = true; + open-webui = { + enable = true; + port = 13007; + }; + nginx.virtualHosts."ollama.enium.eu" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:13007"; + proxyWebsockets = true; + }; }; }; };