From ad7e232f88da63802544a4b473185a5589fd9a74 Mon Sep 17 00:00:00 2001
From: Andrew Childs <lorne@cons.org.nz>
Date: Sun, 27 Jan 2019 21:06:37 +0900
Subject: [PATCH 1/3] nixos/prometheus: add `ec2_sd_configs` section to
 `scrape_configs`

---
 .../monitoring/prometheus/default.nix         | 65 +++++++++++++++++++
 1 file changed, 65 insertions(+)

diff --git a/nixos/modules/services/monitoring/prometheus/default.nix b/nixos/modules/services/monitoring/prometheus/default.nix
index 0d73551dc07..41519fe548f 100644
--- a/nixos/modules/services/monitoring/prometheus/default.nix
+++ b/nixos/modules/services/monitoring/prometheus/default.nix
@@ -277,6 +277,14 @@ let
           List of labeled target groups for this job.
         '';
       };
+      ec2_sd_configs = mkOption {
+        type = types.listOf promTypes.ec2_sd_config;
+        default = [];
+        apply = x: map _filter x;
+        description = ''
+          List of EC2 service discovery configurations.
+        '';
+      };
       relabel_configs = mkOption {
         type = types.listOf promTypes.relabel_config;
         default = [];
@@ -306,6 +314,63 @@ let
     };
   };
 
+  promTypes.ec2_sd_config = types.submodule {
+    options = {
+      region = mkOption {
+        type = types.str;
+        description = ''
+          The AWS Region.
+        '';
+      };
+      access_key = mkOption {
+        type = types.nullOr types.str;
+        default = null;
+        description = ''
+          The AWS API key id. If blank, the environment variable
+          `AWS_ACCESS_KEY_ID` is used.
+        '';
+      };
+      secret_key = mkOption {
+        type = types.nullOr types.str;
+        default = null;
+        description = ''
+          The AWS API key secret. If blank, the environment variable
+          `AWS_SECRET_ACCESS_KEY` is used.
+        '';
+      };
+      profile = mkOption {
+        type = types.nullOr types.str;
+        default = null;
+        description = ''
+          Named AWS profile used to connect to the API.
+        '';
+      };
+      role_arn = mkOption {
+        type = types.nullOr types.str;
+        default = null;
+        description = ''
+          AWS Role ARN, an alternative to using AWS API keys.
+        '';
+      };
+      refresh_interval = mkOption {
+        type = types.nullOr types.str;
+        default = null;
+        description = ''
+          Refresh interval to re-read the instance list.
+        '';
+      };
+      port = mkOption {
+        type = types.int;
+        default = 80;
+        description = ''
+          The port to scrape metrics from. If using the public IP
+          address, this must instead be specified in the relabeling
+          rule.
+        '';
+      };
+    };
+  };
+
   promTypes.dns_sd_config = types.submodule {
     options = {
       names = mkOption {

From a23db5db08206e77c2861107bfaf600b8ff7f5ce Mon Sep 17 00:00:00 2001
From: Bas van Dijk <v.dijk.bas@gmail.com>
Date: Tue, 16 Apr 2019 16:04:33 +0200
Subject: [PATCH 2/3] nixos/prometheus: add new ec2_sd_config options for
 prometheus2

---
 .../monitoring/prometheus/default.nix         | 38 +++++++++++++++++--
 1 file changed, 35 insertions(+), 3 deletions(-)

diff --git a/nixos/modules/services/monitoring/prometheus/default.nix b/nixos/modules/services/monitoring/prometheus/default.nix
index 41519fe548f..525b0b18cec 100644
--- a/nixos/modules/services/monitoring/prometheus/default.nix
+++ b/nixos/modules/services/monitoring/prometheus/default.nix
@@ -322,12 +322,19 @@ let
           The AWS Region.
         '';
       };
+      endpoint = mkOption {
+        type = types.nullOr types.str;
+        default = null;
+        description = ''
+          Custom endpoint to be used.
+        '';
+      };
       access_key = mkOption {
         type = types.nullOr types.str;
         default = null;
         description = ''
           The AWS API key id. If blank, the environment variable
-          `AWS_ACCESS_KEY_ID` is used.
+          <literal>AWS_ACCESS_KEY_ID</literal> is used.
         '';
       };
       secret_key = mkOption {
@@ -335,7 +342,7 @@ let
         default = null;
         description = ''
           The AWS API key secret. If blank, the environment variable
-          `AWS_SECRET_ACCESS_KEY` is used.
+           <literal>AWS_SECRET_ACCESS_KEY</literal> is used.
         '';
       };
       profile = mkOption {
@@ -368,6 +375,32 @@ let
           rule.
         '';
       };
+      filters = mkOption {
+        type = types.nullOr (types.listOf promTypes.filter);
+        default = null;
+        description = ''
+          Filters can be used optionally to filter the instance list by other criteria.
+        '';
+      };
+    };
+  };
+
+  promTypes.filter = types.submodule {
+    options = {
+      name = mkOption {
+        type = types.str;
+        description = ''
+          See <link xlink:href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html">this list</link>
+          for the available filters.
+        '';
+      };
+      value = mkOption {
+        type = types.listOf types.str;
+        default = [];
+        description = ''
+          Value of the filter.
+        '';
+      };
     };
   };
 
@@ -545,7 +578,6 @@ let
     };
   };
 
- 
 in {
   options = {
     services.prometheus = {

From a913d0891cae7557bf6b56d6fc7b251aff373b2e Mon Sep 17 00:00:00 2001
From: Bas van Dijk <v.dijk.bas@gmail.com>
Date: Tue, 16 Apr 2019 16:06:11 +0200
Subject: [PATCH 3/3] nixos/prometheus: filter out empty srcape_configs
 attributes

This results in a smaller prometheus.yml config file.

It also allows us to use the same options for both prometheus-1 and
prometheus-2 since the new options for prometheus-2 default to null
and will be filtered out if they are not set.
---
 .../monitoring/prometheus/default.nix         | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/nixos/modules/services/monitoring/prometheus/default.nix b/nixos/modules/services/monitoring/prometheus/default.nix
index 525b0b18cec..e7ac12c07d3 100644
--- a/nixos/modules/services/monitoring/prometheus/default.nix
+++ b/nixos/modules/services/monitoring/prometheus/default.nix
@@ -54,7 +54,7 @@ let
     rule_files = map (promtoolCheck "check-rules" "rules") (cfg.ruleFiles ++ [
       (pkgs.writeText "prometheus.rules" (concatStringsSep "\n" cfg.rules))
     ]);
-    scrape_configs = cfg.scrapeConfigs;
+    scrape_configs = filterEmpty cfg.scrapeConfigs;
   };
 
   generatedPrometheusYml = writePrettyJSON "prometheus.yml" promConfig;
@@ -81,7 +81,7 @@ let
     rule_files = map (prom2toolCheck "check rules" "rules") (cfg2.ruleFiles ++ [
       (pkgs.writeText "prometheus.rules" (concatStringsSep "\n" cfg2.rules))
     ]);
-    scrape_configs = cfg2.scrapeConfigs;
+    scrape_configs = filterEmpty cfg2.scrapeConfigs;
     alerting = optionalAttrs (cfg2.alertmanagerURL != []) {
       alertmanagers = [{
         static_configs = [{
@@ -108,6 +108,21 @@ let
   ] ++
   optional (cfg2.webExternalUrl != null) "--web.external-url=${cfg2.webExternalUrl}";
 
+  filterEmpty = filterAttrsListRecursive (_n: v: !(v == null || v == [] || v == {}));
+  filterAttrsListRecursive = pred: x:
+    if isAttrs x then
+      listToAttrs (
+        concatMap (name:
+          let v = x.${name}; in
+          if pred name v then [
+            (nameValuePair name (filterAttrsListRecursive pred v))
+          ] else []
+        ) (attrNames x)
+      )
+    else if isList x then
+      map (filterAttrsListRecursive pred) x
+    else x;
+
   promTypes.globalConfig = types.submodule {
     options = {
       scrape_interval = mkOption {