pyrox.dev
lol
prometheus exporter modules: unify firewall handling
+49
-1
+10
nixos/modules/services/monitoring/prometheus/blackbox-exporter.nix
+10
nixos/modules/services/monitoring/prometheus/blackbox-exporter.nix
···
31
31
Extra commandline options when launching the blackbox exporter.
32
32
'';
33
33
};
34
+
35
+
openFirewall = mkOption {
36
+
type = types.bool;
37
+
default = false;
38
+
description = ''
39
+
Open port in firewall for incoming connections.
40
+
'';
41
+
};
34
42
};
35
43
};
36
44
37
45
config = mkIf cfg.enable {
46
+
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.port;
47
+
38
48
systemd.services.prometheus-blackbox-exporter = {
39
49
description = "Prometheus exporter for blackbox probes";
40
50
unitConfig.Documentation = "https://github.com/prometheus/blackbox_exporter";
+10
nixos/modules/services/monitoring/prometheus/json-exporter.nix
+10
nixos/modules/services/monitoring/prometheus/json-exporter.nix
···
38
38
Extra commandline options when launching the JSON exporter.
39
39
'';
40
40
};
41
+
42
+
openFirewall = mkOption {
43
+
type = types.bool;
44
+
default = false;
45
+
description = ''
46
+
Open port in firewall for incoming connections.
47
+
'';
48
+
};
41
49
};
42
50
};
43
51
44
52
config = mkIf cfg.enable {
53
+
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.port;
54
+
45
55
systemd.services.prometheus-json-exporter = {
46
56
description = "Prometheus exporter for JSON over HTTP";
47
57
unitConfig.Documentation = "https://github.com/kawamuray/prometheus-json-exporter";
+9
-1
nixos/modules/services/monitoring/prometheus/nginx-exporter.nix
+9
-1
nixos/modules/services/monitoring/prometheus/nginx-exporter.nix
···
41
41
Extra commandline options when launching the nginx exporter.
42
42
'';
43
43
};
44
+
45
+
openFirewall = mkOption {
46
+
type = types.bool;
47
+
default = false;
48
+
description = ''
49
+
Open port in firewall for incoming connections.
50
+
'';
51
+
};
44
52
};
45
53
};
46
54
47
55
config = mkIf cfg.enable {
48
-
networking.firewall.allowedTCPPorts = [ cfg.port ];
56
+
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.port;
49
57
50
58
systemd.services.prometheus-nginx-exporter = {
51
59
after = [ "network.target" "nginx.service" ];
+10
nixos/modules/services/monitoring/prometheus/node-exporter.nix
+10
nixos/modules/services/monitoring/prometheus/node-exporter.nix
···
44
44
Extra commandline options when launching the node exporter.
45
45
'';
46
46
};
47
+
48
+
openFirewall = mkOption {
49
+
type = types.bool;
50
+
default = false;
51
+
description = ''
52
+
Open port in firewall for incoming connections.
53
+
'';
54
+
};
47
55
};
48
56
};
49
57
50
58
config = mkIf cfg.enable {
59
+
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.port;
60
+
51
61
systemd.services.prometheus-node-exporter = {
52
62
description = "Prometheus exporter for machine metrics";
53
63
unitConfig.Documentation = "https://github.com/prometheus/node_exporter";
+10
nixos/modules/services/monitoring/prometheus/varnish-exporter.nix
+10
nixos/modules/services/monitoring/prometheus/varnish-exporter.nix
···
25
25
Extra commandline options when launching the Varnish exporter.
26
26
'';
27
27
};
28
+
29
+
openFirewall = mkOption {
30
+
type = types.bool;
31
+
default = false;
32
+
description = ''
33
+
Open port in firewall for incoming connections.
34
+
'';
35
+
};
28
36
};
29
37
};
30
38
31
39
config = mkIf cfg.enable {
40
+
networking.firewall.allowedTCPPorts = optional cfg.openFirewall cfg.port;
41
+
32
42
systemd.services.prometheus-varnish-exporter = {
33
43
description = "Prometheus exporter for Varnish metrics";
34
44
unitConfig.Documentation = "https://github.com/jonnenauha/prometheus_varnish_exporter";