raphael/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(selfhost): now really use the boolean of the function

Browse source
This commit is contained in:
Raphael 2025-07-04 03:04:32 +02:00
parent c212d0c671
commit 62d63e139b
4 changed files with 164 additions and 156 deletions
Download patch file Download diff file Expand all files Collapse all files

18
services/self_host/htop.nix
View file

@ -4,15 +4,17 @@ let
cfg = config.service.selfhost.monitor; cfg = config.service.selfhost.monitor;
in in
{ {
services = { config = lib.mkIf cfg {
glances.enable = true; services = {
glances.enable = true;
nginx.virtualHosts."htop.enium.eu" = { nginx.virtualHosts."htop.enium.eu" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:61208"; proxyPass = "http://127.0.0.1:61208";
proxyWebsockets = true; proxyWebsockets = true;
};
}; };
}; };
}; };

212
services/self_host/monitor.nix
View file

@ -5,39 +5,40 @@ let
monitored = [ "nginx" "grafana" ]; monitored = [ "nginx" "grafana" ];
email = "raphael@enium.eu"; email = "raphael@enium.eu";
in in
{ {
services.grafana = { config = lib.mkIf cfg {
enable = true; services.grafana = {
package = pkgs.grafana; enable = true;
dataDir = "/var/lib/grafana"; package = pkgs.grafana;
}; dataDir = "/var/lib/grafana";
environment.etc."process-exporter.json".text = builtins.toJSON {
procMatchers = lib.map (svc: {
name = svc;
cmdline = [
"${svc}:"
];
}) monitored;
};
systemd.services.process_exporter = {
description = "Prometheus Process Exporter";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.prometheus-process-exporter}/bin/process-exporter --config.path /etc/process-exporter.json";
Restart = "always";
}; };
};
environment.etc."process-exporter.json".text = builtins.toJSON {
services.prometheus = { procMatchers = lib.map (svc: {
enable = true; name = svc;
checkConfig = false; cmdline = [
exporters = { "${svc}:"
blackbox = { ];
enable = true; }) monitored;
configFile = pkgs.writeText "blackbox-exporter.yml" '' };
systemd.services.process_exporter = {
description = "Prometheus Process Exporter";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.prometheus-process-exporter}/bin/process-exporter --config.path /etc/process-exporter.json";
Restart = "always";
};
};
services.prometheus = {
enable = true;
checkConfig = false;
exporters = {
blackbox = {
enable = true;
configFile = pkgs.writeText "blackbox-exporter.yml" ''
modules: modules:
http_2xx: http_2xx:
prober: http prober: http
@ -49,74 +50,74 @@ in
no_follow_redirects: false no_follow_redirects: false
fail_if_not_ssl: false fail_if_not_ssl: false
''; '';
};
node.enable = true;
systemd.enable = true;
};
scrapeConfigs = [
{
job_name = "systemd_exporter";
metrics_path = "/metrics";
static_configs = [{
targets = [
"127.0.0.1:9558"
];
}];
}
{
job_name = "node_exporter";
static_configs = [{
targets = [
"127.0.0.1:9100"
];
}];
}
{
job_name = "process_exporter";
metrics_path = "/metrics";
scheme = "http";
static_configs = [{
targets = [
"127.0.0.1:9256"
];
}];
}
{
job_name = "blackbox_http_probe";
metrics_path = "/probe";
params = {
module = [
"http_2xx"
];
}; };
static_configs = [{ node.enable = true;
targets = [ systemd.enable = true;
"https://raphael.parodi.pro" };
"https://nextcloud.enium.eu" scrapeConfigs = [
"https://htop.enium.eu" {
"https://monitor.enium.eu" job_name = "systemd_exporter";
"https://ollama.enium.eu" metrics_path = "/metrics";
"http://relance-pas-stp.me:4242" static_configs = [{
targets = [
"127.0.0.1:9558"
];
}];
}
{
job_name = "node_exporter";
static_configs = [{
targets = [
"127.0.0.1:9100"
];
}];
}
{
job_name = "process_exporter";
metrics_path = "/metrics";
scheme = "http";
static_configs = [{
targets = [
"127.0.0.1:9256"
];
}];
}
{
job_name = "blackbox_http_probe";
metrics_path = "/probe";
params = {
module = [
"http_2xx"
];
};
static_configs = [{
targets = [
"https://raphael.parodi.pro"
"https://nextcloud.enium.eu"
"https://htop.enium.eu"
"https://monitor.enium.eu"
"https://ollama.enium.eu"
"http://relance-pas-stp.me:4242"
];
}];
relabel_configs = [
{ source_labels = [ "__address__" ];
target_label = "__param_target";
}
{ source_labels = [ "__param_target" ];
target_label = "instance";
}
{ target_label = "__address__";
replacement = "127.0.0.1:9115";
}
]; ];
}]; proxy_url = "http://127.0.0.1:9115";
relabel_configs = [ }
{ source_labels = [ "__address__" ]; ];
target_label = "__param_target"; ruleFiles = lib.mkForce [ "/etc/prometheus/services.rules" ];
} };
{ source_labels = [ "__param_target" ];
target_label = "instance"; environment.etc."prometheus/services.rules".text = ''
}
{ target_label = "__address__";
replacement = "127.0.0.1:9115";
}
];
proxy_url = "http://127.0.0.1:9115";
}
];
ruleFiles = lib.mkForce [ "/etc/prometheus/services.rules" ];
};
environment.etc."prometheus/services.rules".text = ''
groups: groups:
- name: services - name: services
rules: rules:
@ -157,12 +158,13 @@ groups:
description: "Le processus grafana tourne de nouveau." description: "Le processus grafana tourne de nouveau."
''; '';
services.nginx.virtualHosts."monitor.enium.eu" = { services.nginx.virtualHosts."monitor.enium.eu" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:3000"; proxyPass = "http://127.0.0.1:3000";
proxyWebsockets = true; proxyWebsockets = true;
};
}; };
}; };
} }

52
services/self_host/nextcloud.nix
View file

@ -5,32 +5,34 @@ let
dataDir = "/mnt/data/nextcloud"; dataDir = "/mnt/data/nextcloud";
in in
{ {
environment.systemPackages = with pkgs; [ config = lib.mkIf cfg {
php environment.systemPackages = with pkgs; [
]; php
services = { ];
nextcloud = { services = {
enable = true; nextcloud = {
https = true; enable = true;
package = pkgs.nextcloud31; https = true;
hostName = "nextcloud.enium.eu"; package = pkgs.nextcloud31;
datadir = "/mnt/data/nextcloud/"; hostName = "nextcloud.enium.eu";
config = { datadir = "/mnt/data/nextcloud/";
adminpassFile = "/etc/nextcloud-pass.txt"; config = {
adminuser = "OwnedByTheEniumTeam"; adminpassFile = "/etc/nextcloud-pass.txt";
dbtype = "sqlite"; adminuser = "OwnedByTheEniumTeam";
dbtype = "sqlite";
};
settings = {
trusted_domains = [
"192.168.1.254"
];
default_phone_region = "FR";
};
}; };
settings = { nginx.virtualHosts."nextcloud.enium.eu".enableACME = true;
trusted_domains = [ nginx.virtualHosts."nextcloud.enium.eu".forceSSL = true;
"192.168.1.254" nginx.virtualHosts."nextcloud.enium.eu".locations."~ \.php$".extraConfig = ''
];
default_phone_region = "FR";
};
};
nginx.virtualHosts."nextcloud.enium.eu".enableACME = true;
nginx.virtualHosts."nextcloud.enium.eu".forceSSL = true;
nginx.virtualHosts."nextcloud.enium.eu".locations."~ \.php$".extraConfig = ''
fastcgi_pass unix:/run/phpfpm-nextcloud.sock; fastcgi_pass unix:/run/phpfpm-nextcloud.sock;
''; '';
};
}; };
} }

38
services/self_host/ollama.nix
View file

@ -4,25 +4,27 @@ let
cfg = config.service.selfhost.ollama; cfg = config.service.selfhost.ollama;
in in
{ {
services = { config = lib.mkIf cfg {
ollama = { services = {
enable = true; ollama = {
loadModels = [ enable = true;
"qwen2.5:3b" loadModels = [
]; "qwen2.5:3b"
acceleration = "cuda"; ];
}; acceleration = "cuda";
};
open-webui = { open-webui = {
enable = true; enable = true;
port = 13007; port = 13007;
}; };
nginx.virtualHosts."ollama.enium.eu" = { nginx.virtualHosts."ollama.enium.eu" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:13007"; proxyPass = "http://127.0.0.1:13007";
proxyWebsockets = true; proxyWebsockets = true;
};
}; };
}; };
}; };