summaryrefslogtreecommitdiffstats
path: root/krebs/2configs/shack/prometheus/blackbox.nix
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2020-07-22 16:25:00 +0200
committermakefu <github@syntax-fehler.de>2020-07-22 16:25:00 +0200
commit2d058d7be6cebdbc14cb74981000930cdcb3af74 (patch)
tree8081fdc4a7473a3a016f95dcb18b57fddfc3155e /krebs/2configs/shack/prometheus/blackbox.nix
parent86d28f1f591f71885469dea5e962d3aef41dcee2 (diff)
puyak: enable blackbox prometheus exporter, use it to ping internal and external hosts
Diffstat (limited to 'krebs/2configs/shack/prometheus/blackbox.nix')
-rw-r--r--krebs/2configs/shack/prometheus/blackbox.nix19
1 files changed, 19 insertions, 0 deletions
diff --git a/krebs/2configs/shack/prometheus/blackbox.nix b/krebs/2configs/shack/prometheus/blackbox.nix
new file mode 100644
index 000000000..82ce003e8
--- /dev/null
+++ b/krebs/2configs/shack/prometheus/blackbox.nix
@@ -0,0 +1,19 @@
+{pkgs, ... }:
+{
+ systemd.services.prometheus-blackbox-exporter.serviceConfig = {
+ CapabilityBoundingSet = ["CAP_NET_RAW"]; # icmp allow
+ AmbientCapabilities = ["CAP_NET_RAW"];
+ };
+ services.prometheus.exporters.blackbox = {
+ enable = true;
+ # openFirewall = true; # not requred if running on the same host as prometheus
+ port = 9115;
+ configFile = pkgs.writeText "icmp" ''
+ modules:
+ icmp:
+ prober: icmp
+ icmp:
+ preferred_ip_protocol: ip4
+ '';
+ };
+}