From 139033130f48be7f9edae9d235d928c9e5faa59c Mon Sep 17 00:00:00 2001 From: fi Date: Fri, 22 Aug 2025 18:47:20 +0200 Subject: [PATCH] Enable metrics for matrix-synapse --- config/hosts/matrix/configuration.nix | 2 +- config/hosts/matrix/matrix-synapse.nix | 53 +++++++++++++++++--------- config/hosts/metrics/nginx.nix | 19 --------- config/hosts/metrics/prometheus.nix | 18 ++++++++- 4 files changed, 52 insertions(+), 40 deletions(-) diff --git a/config/hosts/matrix/configuration.nix b/config/hosts/matrix/configuration.nix index 9ffa4c6..a52998c 100644 --- a/config/hosts/matrix/configuration.nix +++ b/config/hosts/matrix/configuration.nix @@ -9,7 +9,7 @@ hostName = "matrix"; firewall = { enable = true; - allowedTCPPorts = [ 80 8443 8448 ]; + allowedTCPPorts = [ 80 8443 8448 9000 ]; }; }; diff --git a/config/hosts/matrix/matrix-synapse.nix b/config/hosts/matrix/matrix-synapse.nix index 82b82e1..371eb95 100644 --- a/config/hosts/matrix/matrix-synapse.nix +++ b/config/hosts/matrix/matrix-synapse.nix @@ -3,26 +3,40 @@ services.matrix-synapse = { enable = true; settings = { - listeners = [{ - port = 8008; - bind_addresses = [ - "::1" - "127.0.0.1" - ]; - type = "http"; - tls = false; - x_forwarded = true; - resources = [ - { - compress = true; - names = [ "client" ]; - } - { + listeners = [ + { + port = 8008; + bind_addresses = [ + "::1" + "127.0.0.1" + ]; + type = "http"; + tls = false; + x_forwarded = true; + resources = [ + { + compress = true; + names = [ "client" ]; + } + { + compress = false; + names = [ "federation" ]; + } + ]; + } + { + port = 9000; + type = "http"; + tls = false; + bind_addresses = [ + "0.0.0.0" + ]; + resources = [{ + names = [ "metrics" ]; compress = false; - names = [ "federation" ]; - } - ]; - }]; + }]; + } + ]; server_name = "nekover.se"; public_baseurl = "https://matrix.nekover.se"; database = { @@ -40,6 +54,7 @@ signing_key_path = "/secrets/matrix-homeserver-signing-key.secret"; admin_contact = "mailto:admin@nekover.se"; web_client_location = "https://element.nekover.se"; + enable_metrics = true; turn_uris = [ "turns:turn.nekover.se?transport=udp" "turns:turn.nekover.se?transport=tcp" diff --git a/config/hosts/metrics/nginx.nix b/config/hosts/metrics/nginx.nix index aefb0b5..9e31454 100644 --- a/config/hosts/metrics/nginx.nix +++ b/config/hosts/metrics/nginx.nix @@ -22,25 +22,6 @@ proxyWebsockets = true; }; }; - "alertmanager.grzb.de"= { - forceSSL = true; - enableACME = true; - listen = [ - { - addr = "0.0.0.0"; - port = 80; - } - { - addr = "0.0.0.0"; - port = 443; - ssl = true; - } - ]; - locations."/" = { - proxyPass = "http://${config.services.prometheus.alertmanager.listenAddress}:${builtins.toString config.services.prometheus.alertmanager.port}"; - proxyWebsockets = true; - }; - }; }; }; } diff --git a/config/hosts/metrics/prometheus.nix b/config/hosts/metrics/prometheus.nix index 236fb58..0163c43 100644 --- a/config/hosts/metrics/prometheus.nix +++ b/config/hosts/metrics/prometheus.nix @@ -1,8 +1,16 @@ -{ hosts, ... }: +{ hosts, pkgs, ... }: +let + # https://github.com/element-hq/synapse/tree/master/contrib/prometheus/ + synapseRules = pkgs.fetchurl { + url = "https://raw.githubusercontent.com/element-hq/synapse/refs/heads/master/contrib/prometheus/synapse-v2.rules"; + hash = "sha256-WldlBdCMzul49OlFhJMsrx4MYFakHTa36Y9HnV22EwI="; + }; +in { services.prometheus = { enable = true; retentionTime = "90d"; + ruleFiles = [ synapseRules ]; scrapeConfigs = [ { job_name = "node"; @@ -15,6 +23,14 @@ }; }) (builtins.attrNames hosts); } + { + job_name = "synapse"; + scrape_interval = "15s"; + metrics_path = "/_synapse/metrics"; + static_configs = [{ + targets = [ "matrix.vs.grzb.de:9000" ]; + }]; + } ]; }; }