zaphar/dotfiles
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
dotfiles/nix/base-system/darwin-configuration.nix

299 lines
10 KiB
Nix
Raw Blame History

{ pkgs, config, lib, ... }:
{
nix = {
package = pkgs.nix;
# SEE: https://github.com/NixOS/nix/issues/4119#issuecomment-1734738812
settings.sandbox = "relaxed";
extraOptions = ''
experimental-features = nix-command flakes repl-flake
extra-platforms = x86_64-darwin aarch64-darwin x86_64-linux
trusted-users = root zaphar
'';
};
# Right now the documentation build is broken.
# TODO(jwall): Add this back when they work again.
documentation.enable = false;
# I'm not a zealot about this one.
nixpkgs.config.allowUnfree = true;
nixpkgs.overlays = [
(self: super: {
neovim = super.neovim.override {
viAlias = true;
vimAlias = true;
};
})
];
# TODO(zaphar): Move this to a module.
launchd.user.agents.ipfs = {
serviceConfig = {
ProgramArguments = [
"${pkgs.kubo}/bin/ipfs"
"daemon"
"--init"
];
KeepAlive = true;
RunAtLoad = true;
};
};
services.durnitisp.enable = true;
services.node-exporter.enable = true;
services.prometheus.enable = true;
services.heracles.enable = true;
services.heracles.settings = [
{
title = "Metrics";
span = {
end = "now";
duration = "1h";
step_duration = "1min";
};
graphs = [
{
title = "CPU and Mem Used";
query_type = "Range";
yaxes = [
{
anchor = "y";
tickformat = "~%";
}
];
plots = [
{ # Memory Usage
source = "http://${config.services.prometheus.listen}";
query = ''
(node_memory_wired_bytes
+ node_memory_compressed_bytes
+ node_memory_active_bytes)
/ node_memory_total_bytes
'';
config = {
name_format = "`\${labels.instance} - Memory`";
yaxis = "y";
fill = "tozeroy";
};
}
{ # CPU plot
source = "http://${config.services.prometheus.listen}";
query = ''
sum by (job,instance, mode)(irate(node_cpu_seconds_total{mode!="idle"}[5m]))
/ ignoring(mode) group_left
sum by (job,instance)(irate(node_cpu_seconds_total[5m]))
'';
config = {
name_format = "`\${labels.instance} - \${labels.mode}`";
axis = "y";
};
}
];
}
{
title = "Network Latency";
query_type = "Range";
d3_tick_format = "~s";
yaxes = [
{
anchor = "y";
type = "log";
}
];
plots = [
{
source = "http://${config.services.prometheus.listen}";
query = ''
stun_attempt_latency_ms
'';
config = {
name_format = "`UDP \${labels.domain} latency`";
yaxis = "y";
};
}
{
source = "http://${config.services.prometheus.listen}";
query = ''
ping_latency
'';
config = {
name_format = "`Ping \${labels.domain} latency`";
yaxis = "y";
};
}
];
}
{
title = "Network Errors 5m delta";
query_type = "Range";
d3_tick_format = "~s";
yaxes = [
{
anchor = "y";
}
];
plots = [
{
source = "http://${config.services.prometheus.listen}";
query = ''
delta(stun_attempt_counter{result="err"}[5m])
'';
config = {
name_format = "`UDP \${labels.domain} failure count`";
yaxis = "y1";
};
}
];
}
{
title = "Network Traffic Bytes";
query_type = "Range";
d3_tick_format = "~s";
yaxes = [
{
anchor = "y";
type = "log";
}
];
plots = [
{
source = "http://${config.services.prometheus.listen}";
query = ''
irate(node_network_receive_bytes_total{device=~"(lo|en).*"}[5m])
'';
config = {
name_format = "`\${labels.device} Rx`";
yaxis = "y";
};
}
{
source = "http://${config.services.prometheus.listen}";
query = ''
irate(node_network_transmit_bytes_total{device=~"(lo|en).*"}[5m])
'';
config = {
name_format = "`\${labels.device} Tx`";
yaxis = "y";
};
}
];
}
];
}
];
services.victoria-logs.enable = true;
services.vector.enable = true;
services.vector.settings = {
data_dir = "/var/lib/vector";
api = {
enabled = true;
address = "127.0.0.1:8686";
};
sources = {
prometheus = {
type = "file";
include = [
config.services.prometheus.stdoutPath
config.services.prometheus.stderrPath
];
};
#heracles = {
# type = "file";
# include = [
# config.services.heracles.stdoutPath
# config.services.heracles.stderrPath
# ];
#};
# TODO(zaphar): We should remap durnitisp output to strip the TTY control characters.
durnitisp = {
type = "file";
include = [
config.services.durnitisp.stdoutPath
config.services.durnitisp.stderrPath
];
};
vector = {
type = "internal_logs";
};
victoria-logs = {
type = "file";
include = [
config.services.victoria-logs.stdoutPath
config.services.victoria-logs.stderrPath
];
};
system = {
type = "file";
include = [
"/var/log/system.log"
];
};
};
transforms = {
durnitisp_no_tty = {
type = "remap";
inputs = [
"durnitisp"
];
source = ''
.message = strip_ansi_escape_codes(.message) ?? .message
'';
};
};
sinks = {
victoria = {
type = "elasticsearch";
mode = "bulk";
endpoints = [
"http://${config.services.victoria-logs.listenAddr}/insert/elasticsearch"
];
inputs = [
"prometheus"
#"heracles"
"durnitisp_no_tty"
"vector"
"victoria-logs"
"system"
];
api_version = "v8";
healthcheck.enabled = false;
query = {
_msg_field = "message";
_time_field = "timestamp";
_stream_fields = "host,file";
};
};
};
};
# TODO launchd.user.agents.prometheus;
# Use a custom configuration.nix location.
# $ darwin-rebuild switch -I darwin-config=$HOME/.config/nixpkgs/darwin/configuration.nix
# environment.darwinConfig = "$HOME/.config/nixpkgs/darwin/configuration.nix";
# Auto upgrade nix package and the daemon service.
services.nix-daemon.enable = true;
#services.spacebar.enable = true;
#services.spacebar.package = "${pkgs.spacebar}";
# Create /etc/bashrc that loads the nix-darwin environment.
# programs.bash.enable = true; # default shell on catalina
# programs.fish.enable = true;
system.defaults = {
finder.AppleShowAllExtensions = true;
};
system.systemBuilderArgs = lib.mkIf (config.nix.settings.sandbox == "relaxed") {
sandboxProfile = ''
(allow file-read* file-write* process-exec mach-lookup (subpath "${builtins.storeDir}"))
'';
};
# Used for backwards compatibility, please read the changelog before changing.
# $ darwin-rebuild changelog
system.stateVersion = 4;
}
Reference in New Issue View Git Blame Copy Permalink