allow prometheus to access metrics

2024-11-22 00:04:01 +01:00 · 2024-02-20 08:33:07 +01:00 · 2024-02-20 08:33:07 +01:00 · 51a349428f
commit 51a349428f
parent c7c25d5dbc
2 changed files with 11 additions and 0 deletions
--- a/modules/flake-module.nix
+++ b/modules/flake-module.nix
@ -7,6 +7,7 @@
      inputs.srvos.nixosModules.hardware-hetzner-cloud
      inputs.srvos.nixosModules.mixins-telegraf
      ./single-disk.nix
+      ./monitoring.nix
      {
        sops.age.keyFile = "/var/lib/secrets/age";
      }
--- a/modules/monitoring.nix
+++ b/modules/monitoring.nix
@ -0,0 +1,10 @@
+{
+  # Allow Mic92's prometheus server to access telegraf
+  networking.firewall.extraCommands = ''
+    ip6tables -A nixos-fw -p tcp --source 2a03:4000:62:fdb::/128 --dport 9273 -j nixos-fw-accept
+  '';
+  networking.firewall.extraStopCommands = ''
+    ip6tables -D nixos-fw -p tcp --source 2a03:4000:62:fdb::/128 --dport 9273 -j nixos-fw-accept || true
+  '';
+}
+