{ pkgs, config, lib, ... }: { nix = { package = pkgs.nix; # SEE: https://github.com/NixOS/nix/issues/4119#issuecomment-1734738812 settings.sandbox = "relaxed"; extraOptions = '' experimental-features = nix-command flakes repl-flake extra-platforms = x86_64-darwin aarch64-darwin x86_64-linux ''; }; # Right now the documentation build is broken. # TODO(jwall): Add this back when they work again. documentation.enable = false; # I'm not a zealot about this one. nixpkgs.config.allowUnfree = true; nixpkgs.overlays = [ (self: super: { neovim = super.neovim.override { viAlias = true; vimAlias = true; }; }) ]; # TODO(zaphar): Move this to a module. launchd.user.agents.ipfs = { serviceConfig = { ProgramArguments = [ "${pkgs.kubo}/bin/ipfs" "daemon" "--init" ]; KeepAlive = true; RunAtLoad = true; }; }; services.durnitisp.enable = true; services.node-exporter.enable = true; services.prometheus.enable = true; services.heracles.enable = true; services.heracles.settings = [ { title = "Metrics"; span = { end = "now"; duration = "1d"; step_duration = "5min"; }; graphs = [ { title = "CPU and Mem Used"; query_type = "Range"; yaxes = [ { anchor = "y"; tickformat = "~%"; } ]; plots = [ { # Memory Usage source = "http://${config.services.prometheus.listen}"; query = '' (node_memory_wired_bytes + node_memory_compressed_bytes + node_memory_active_bytes) / node_memory_total_bytes ''; config = { name_format = "`\${labels.instance} - Memory`"; yaxis = "y"; fill = "tozeroy"; }; } { # CPU plot source = "http://${config.services.prometheus.listen}"; query = '' sum by (job,instance, mode)(irate(node_cpu_seconds_total{mode!="idle"}[5m])) / ignoring(mode) group_left sum by (job,instance)(irate(node_cpu_seconds_total[5m])) ''; config = { name_format = "`\${labels.instance} - \${labels.mode}`"; axis = "y"; }; } ]; } { title = "Network Quality"; query_type = "Range"; d3_tick_format = "~s"; yaxes = [ { anchor = "y"; type = "log"; } ]; plots = [ { source = "http://${config.services.prometheus.listen}"; query = '' stun_attempt_latency_ms ''; config = { name_format = "`UDP \${labels.domain} latency`"; yaxis = "y"; }; } { source = "http://${config.services.prometheus.listen}"; query = '' ping_latency ''; config = { name_format = "`Ping \${labels.domain} latency`"; yaxis = "y"; }; } ]; } { title = "Network Traffic Bytes"; query_type = "Range"; d3_tick_format = "~s"; yaxes = [ { anchor = "y"; type = "log"; } ]; plots = [ { source = "http://${config.services.prometheus.listen}"; query = '' irate(node_network_receive_bytes_total{device=~"(lo|en).*"}[5m]) ''; config = { name_format = "`\${labels.device} Rx`"; yaxis = "y"; }; } { source = "http://${config.services.prometheus.listen}"; query = '' irate(node_network_transmit_bytes_total{device=~"(lo|en).*"}[5m]) ''; config = { name_format = "`\${labels.device} Tx`"; yaxis = "y"; }; } ]; } ]; } ]; services.victoria-logs.enable = true; services.vector.enable = true; services.vector.settings = { data_dir = "/var/lib/vector"; sources = { prometheus = { type = "file"; include = [ config.services.prometheus.stdoutPath config.services.prometheus.stderrPath ]; }; heracles = { type = "file"; include = [ config.services.heracles.stdoutPath config.services.heracles.stderrPath ]; }; # TODO(zaphar): We should remap durnitisp output to strip the TTY control characters. durnitisp = { type = "file"; include = [ config.services.durnitisp.stdoutPath config.services.durnitisp.stderrPath ]; }; vector = { type = "file"; include = [ config.services.vector.stdoutPath config.services.vector.stderrPath ]; }; }; transforms = { strip_tty = { type = "remap"; inputs = [ "durnitisp" ]; source = "_msg = strip_ansi_escape_codes(_msg)"; }; }; sinks = { victoria = { type = "elasticsearch"; mode = "bulk"; endpoints = [ "http://${config.services.victoria-logs.listenAddr}/insert/elasticsearch/" ]; inputs = [ "prometheus" "heracles" "durnitisp" "vector" ]; api_version = "v8"; healthcheck.enabled = false; query = { _msg_field = "message"; _time_field = "timestamp"; _stream_fields = "host,file"; }; }; }; }; # TODO launchd.user.agents.prometheus; # Use a custom configuration.nix location. # $ darwin-rebuild switch -I darwin-config=$HOME/.config/nixpkgs/darwin/configuration.nix # environment.darwinConfig = "$HOME/.config/nixpkgs/darwin/configuration.nix"; # Auto upgrade nix package and the daemon service. services.nix-daemon.enable = true; #services.spacebar.enable = true; #services.spacebar.package = "${pkgs.spacebar}"; # Create /etc/bashrc that loads the nix-darwin environment. # programs.bash.enable = true; # default shell on catalina # programs.fish.enable = true; system.defaults = { finder.AppleShowAllExtensions = true; }; system.systemBuilderArgs = lib.mkIf (config.nix.settings.sandbox == "relaxed") { sandboxProfile = '' (allow file-read* file-write* process-exec mach-lookup (subpath "${builtins.storeDir}")) ''; }; # Used for backwards compatibility, please read the changelog before changing. # $ darwin-rebuild changelog system.stateVersion = 4; }