more monitoring

2025-04-25 16:08:30 +02:00 · 2024-06-06 20:50:33 +02:00 · 2024-06-06 20:50:33 +02:00 · 53eb192ea8
commit 53eb192ea8
parent 5089f62112
9 changed files with 147 additions and 24 deletions
--- a/hosts/falkenstein/modules/caddy/default.nix
+++ b/hosts/falkenstein/modules/caddy/default.nix
@ -25,9 +25,14 @@ in
        metrics
      }
    '';
-    virtualHosts.":2018".extraConfig = ''
-      metrics
-    '';
+    virtualHosts.":2018" = {
+      extraConfig = ''
+        metrics
+      '';
+      logFormat = ''
+        output discard
+      '';
+    };
    virtualHosts."${config.networking.domain}".extraConfig = ''
      file_server browse
      root * /srv/web/${config.networking.domain}
--- a/hosts/falkenstein/modules/monitoring/default.nix
+++ b/hosts/falkenstein/modules/monitoring/default.nix
@ -86,6 +86,7 @@
                job = "caddy_access_log";
                agent = "caddy-promtail";
                __path__ = "/var/log/caddy/*.log";
+                host = "falkenstein";
              };
            }
          ];
@ -107,6 +108,19 @@
                db_type = "city";
              };
            }
+            {
+              geoip = {
+                db = "/var/lib/GeoIP/GeoLite2-ASN.mmdb";
+                source = "remote_ip";
+                db_type = "asn";
+              };
+            }
+            {
+              labeldrop = [
+                "geoip_subdivision_code"
+                "geoip_continent_code"
+              ];
+            }
          ];

        }
--- a/hosts/falkenstein/modules/monitoring/dmarc.nix
+++ b/hosts/falkenstein/modules/monitoring/dmarc.nix
@ -1,5 +1,7 @@
-{ config, ... }:
+{ config, lib, ... }:
 {
+  # required for elasticsearch
+  nixpkgs.config.allowUnfree = true;
  age.secrets.dmarc = {
    file = ../../../../secrets/falkenstein/dmarc.age;
  };
@ -7,7 +9,8 @@
    description = "DMARC Report recipient";
    isNormalUser = true;
  };
-  networking.firewall.allowedTCPPorts = [ config.services.elasticsearch.tcp_port ];
+  networking.firewall.allowedTCPPorts = [ 9200 ];
+  services.elasticsearch.listenAddress = "0.0.0.0";
  services.parsedmarc = {
    enable = true;
    provision = {
@ -16,7 +19,7 @@
        datasource = false;
      };
      localMail.enable = false;
-      elasticsearch = false;
+      elasticsearch = true;
      geoIp = false;
    };
    settings = {
@ -28,8 +31,6 @@
          _secret = config.age.secrets.dmarc.path;
        };
      };
-      opensearch.hosts = "localhost:9200";
    };
  };
-  services.opensearch.enable = true;
 }