From 5b8e13008a4a4da028b9902e7e35aaf1747f1166 Mon Sep 17 00:00:00 2001
From: Philipp Hochkamp <git@phochkamp.de>
Date: Tue, 9 Aug 2022 02:06:28 +0200
Subject: [PATCH] close firewall on prometheus

---
 data/monitoring.toml                  | 12 +++++-------
 hosts/picard/default.nix              |  2 +-
 nixos-modules/services/monitoring.nix |  6 +++---
 3 files changed, 9 insertions(+), 11 deletions(-)

diff --git a/data/monitoring.toml b/data/monitoring.toml
index c2b5394c..74920572 100644
--- a/data/monitoring.toml
+++ b/data/monitoring.toml
@@ -3,14 +3,12 @@ hostname = "ds9"
 ip = "100.83.96.25" # tailscale
 
 [hostOverrides]
-wormhole = "10.0.0.1"
-picard = "ragon.xyz"
 
-#[exporters.nginx]
-#hosts = [
-#  "ds9",
-#  "wormhole"
-#]
+[exporters.nginx]
+hosts = [
+  "ds9",
+  "picard"
+]
 
 [exporters.node]
 hosts = [ "ds9", "picard" ]
diff --git a/hosts/picard/default.nix b/hosts/picard/default.nix
index 95704f82..62bae801 100644
--- a/hosts/picard/default.nix
+++ b/hosts/picard/default.nix
@@ -70,7 +70,7 @@
      "~(?P<ip>.*)" $ip;
     }
 
-    log_format anonymized '$ip_anonymized - $remote_user [$time_local] '
+    log_format anonymized '$ip_anonymized - - $remote_user [$time_local] '
        '"$request" $status $body_bytes_sent '
        '"$http_referer" "$http_user_agent"';
 
diff --git a/nixos-modules/services/monitoring.nix b/nixos-modules/services/monitoring.nix
index c6008dc5..ff2b8c95 100644
--- a/nixos-modules/services/monitoring.nix
+++ b/nixos-modules/services/monitoring.nix
@@ -11,7 +11,7 @@ let
       (
         if (builtins.elem y (builtins.attrNames cfg.hostOverrides))
         then cfg.hostOverrides.${y}
-        else "${y}.hailsatan.eu"
+        else y
       )
   );
 in
@@ -124,7 +124,7 @@ in
       services.prometheus.exporters.nginxlog.settings = {
         namespaces = [{
           name = "nginx";
-          format = "$remote_addr - $remote_user [$time_local] \"$request\" $status $body_bytes_sent \"$http_referer\" \"$http_user_agent\" \"$http_x_forwarded_for\"";
+          format = "$remote_addr - - $remote_user [$time_local] \"$request\" $status $body_bytes_sent \"$http_referer\" \"$http_user_agent\" \"$http_x_forwarded_for\"";
           source.files = [ "/var/log/nginx/access.log" ];
         }];
       };
@@ -135,7 +135,7 @@ in
         configuration = {
           server.http_listen_port = 28183;
           positions.filename = "/tmp/positions.yaml";
-          clients = [{ url = "http://${getHost cfg.master.hostname}:3100/loki/api/v1/push"; }];
+          clients = [{ url = "http://${cfg.master.ip}:3100/loki/api/v1/push"; }];
           scrape_configs = [
             {
               job_name = "journal";