4 files changed, 79 insertions, 0 deletions
diff --git a/secrets/atlas/grafanaKanidmSecret.age b/secrets/atlas/grafanaKanidmSecret.age
new file mode 100644
index 0000000..586f788
--- /dev/null
+++ b/secrets/atlas/grafanaKanidmSecret.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> X25519 WN8YTDxF+JY8a2W10sd4nFDPEOzQhVFWmMK0TC7BRCw
+2/au+k29lSsMZxMIj2+yGzJRt8PO9KnQ0snh/b8vkno
+-> X25519 RVgT9JDOzVBhsWE+tw1uWyvz3ECyAexSArI4avMyTFs
+iD/aHD+/w1dvyERSgqy8nu3KXC2I0xmWoMlJzLFBdNw
+--- PW47hPTW9nkWD4CBGgGBVgL2mc5/Lu7qDmchRt1NJ2U
+n�rG�{OE�4�6{ʇ�B8��jU|W/1?>40��V�?��Ky�P#&N$��2�2P���"����¢���1&��;�o9
+\ No newline at end of file
diff --git a/systems/atlas/default.nix b/systems/atlas/default.nix
index 66ee476..61be648 100644
--- a/systems/atlas/default.nix
+++ b/systems/atlas/default.nix
@@ -4,10 +4,12 @@
     (modulesPath + "/profiles/minimal.nix")
     ./hardware-configuration.nix
     ./forgejo.nix
+    ./grafana.nix
     ./kanidm.nix
     ./miniflux.nix
     ./moyai.nix
     ./nixpkgs-tracker-bot.nix
+    ./victoria-metrics.nix
 
     inputs.self.nixosModules.default
   ];
diff --git a/systems/atlas/grafana.nix b/systems/atlas/grafana.nix
new file mode 100644
index 0000000..c6a84ab
--- /dev/null
+++ b/systems/atlas/grafana.nix
@@ -0,0 +1,18 @@
+{ config, ... }:
+
+{
+  services = {
+    grafana = {
+      enable = true;
+    };
+
+    nginx.virtualHosts = {
+      "grafana.getchoo.com" = {
+        locations."/" = {
+          proxyPass = "http://${config.services.grafana.settings.server.http_addr}:${toString config.services.grafana.settings.server.http_port}";
+          proxyWebsockets = true;
+        };
+      };
+    };
+  };
+}
diff --git a/systems/atlas/victoria-metrics.nix b/systems/atlas/victoria-metrics.nix
new file mode 100644
index 0000000..25f0e57
--- /dev/null
+++ b/systems/atlas/victoria-metrics.nix
@@ -0,0 +1,52 @@
+{
+  lib,
+  inputs,
+  ...
+}:
+
+let
+  usesNodeExporter = system: system.config.services.prometheus.exporters.node.enable;
+
+  nodeExporterFrom =
+    system:
+    "http://${system.config.networking.hostName}:${toString system.config.services.prometheus.exporters.node.port}";
+
+  toNodeStaticConfig = system: {
+    targets = [ (nodeExporterFrom system) ];
+    labels.type = "node";
+  };
+
+  remoteNodes = lib.mapAttrsToList (lib.const toNodeStaticConfig) (
+    lib.filterAttrs (lib.const usesNodeExporter) inputs.self.nixosConfigurations
+  );
+in
+
+{
+  borealis = {
+    victorialogs = {
+      enable = true;
+    };
+  };
+
+  services = {
+    journald.upload.enable = true;
+
+    prometheus.exporters.node.enable = true;
+
+    victoriametrics = {
+      enable = true;
+
+      retentionPeriod = "7d";
+
+      prometheusConfig = {
+        scrape_configs = [
+          {
+            job_name = "node-exporter";
+            metrics_path = "/metrics";
+            static_configs = remoteNodes;
+          }
+        ];
+      };
+    };
+  };
+}