M roles/prometheus.nix => roles/prometheus.nix +6 -2
@@ 9,6 9,7 @@ in {
exporters = lib.mkOption {
type = lib.types.submodule {
options = {
+ enable = lib.mkEnableOption "prometheus exporters";
openFirewall = lib.mkOption {
type = lib.types.bool;
default = false;
@@ 42,16 43,19 @@ in {
};
};
};
+ default = {};
};
};
- config = {
+ # FIXME: this or top level prometheus server enable
+ config = lib.mkIf cfg.exporters.enable {
+ # FIXME: only open for exporters that are enabled
networking.firewall.allowedTCPPorts = lib.mkIf cfg.exporters.openFirewall [
cfg.exporters.node.port
cfg.exporters.systemd.port
];
- services.prometheus.exporters = {
+ services.prometheus.exporters = lib.mkIf cfg.exporters.enable {
node = lib.mkIf cfg.exporters.node.enable {
enable = true;
port = cfg.exporters.node.port;
M systems/profiles/lxc/roles.nix => systems/profiles/lxc/roles.nix +1 -0
@@ 1,5 1,6 @@
{
roles.prometheus.exporters = {
+ enable = true;
openFirewall = true;
node = {
enable = true;