saga: monitoring server
This commit is contained in:
parent
1ef59b6364
commit
5f866a8b98
5 changed files with 154 additions and 12 deletions
|
@ -4,7 +4,7 @@ inputs: {
|
|||
# deploy = {
|
||||
# # host = "10.0.0.202";
|
||||
# host = "ci.barn-beaver.ts.net";
|
||||
# sshUser = "erwin";
|
||||
# targetUser = "erwin";
|
||||
# buildOn = "local";
|
||||
# substituteOnTarget = true;
|
||||
# tags = [ "container" ];
|
||||
|
@ -15,7 +15,7 @@ inputs: {
|
|||
deploy = {
|
||||
# host = "10.0.0.205";
|
||||
host = "frigate.barn-beaver.ts.net";
|
||||
sshUser = "erwin";
|
||||
targetUser = "erwin";
|
||||
buildOn = "local";
|
||||
substituteOnTarget = true;
|
||||
tags = [ "container" ];
|
||||
|
@ -26,7 +26,7 @@ inputs: {
|
|||
deploy = {
|
||||
# host = "10.0.0.203";
|
||||
host = "gitea.barn-beaver.ts.net";
|
||||
sshUser = "erwin";
|
||||
targetUser = "erwin";
|
||||
buildOn = "local";
|
||||
substituteOnTarget = true;
|
||||
tags = [ "container" ];
|
||||
|
@ -37,7 +37,7 @@ inputs: {
|
|||
deploy = {
|
||||
# host = "10.0.0.210";
|
||||
host = "gitea-runner.barn-beaver.ts.net";
|
||||
sshUser = "erwin";
|
||||
targetUser = "erwin";
|
||||
buildOn = "local";
|
||||
substituteOnTarget = true;
|
||||
tags = [ "container" ];
|
||||
|
@ -48,7 +48,7 @@ inputs: {
|
|||
deploy = {
|
||||
# host = "heimdall.datarift.nl";
|
||||
host = "heimdall.barn-beaver.ts.net";
|
||||
sshUser = "erwin";
|
||||
targetUser = "erwin";
|
||||
buildOn = "local";
|
||||
substituteOnTarget = true;
|
||||
tags = [ "metal" ];
|
||||
|
@ -59,7 +59,7 @@ inputs: {
|
|||
deploy = {
|
||||
# host = "10.0.0.167";
|
||||
host = "10.0.0.208";
|
||||
sshUser = "erwin";
|
||||
targetUser = "erwin";
|
||||
buildOn = "local";
|
||||
substituteOnTarget = true;
|
||||
tags = [ "container" ];
|
||||
|
@ -76,7 +76,7 @@ inputs: {
|
|||
deploy = {
|
||||
# host = "10.0.0.204";
|
||||
host = "minio.barn-beaver.ts.net";
|
||||
sshUser = "erwin";
|
||||
targetUser = "erwin";
|
||||
buildOn = "local";
|
||||
substituteOnTarget = true;
|
||||
tags = [ "container" ];
|
||||
|
@ -106,7 +106,7 @@ inputs: {
|
|||
deploy = {
|
||||
# host = "10.0.0.251";
|
||||
host = "proxy.barn-beaver.ts.net";
|
||||
sshUser = "erwin";
|
||||
targetUser = "erwin";
|
||||
buildOn = "local";
|
||||
substituteOnTarget = true;
|
||||
tags = [ "container" ];
|
||||
|
@ -116,12 +116,21 @@ inputs: {
|
|||
system = "aarch64-linux";
|
||||
config = import ./regin/configuration.nix inputs;
|
||||
};
|
||||
saga = {
|
||||
config = import ./saga/configuration.nix inputs;
|
||||
deploy = {
|
||||
# host = "10.0.0.212";
|
||||
host = "saga.barn-beaver.ts.net";
|
||||
targetUser = "erwin";
|
||||
tags = [ "container" ];
|
||||
};
|
||||
};
|
||||
# thor = {
|
||||
# system = "aarch64-linux";
|
||||
# config = import ./thor/configuration.nix inputs;
|
||||
# # deploy = {
|
||||
# # host = "10.0.0.198";
|
||||
# # sshUser = "erwin";
|
||||
# # targetUser = "erwin";
|
||||
# # buildOn = "local";
|
||||
# # substituteOnTarget = true;
|
||||
# # };
|
||||
|
@ -131,7 +140,7 @@ inputs: {
|
|||
deploy = {
|
||||
# host = "10.0.0.207";
|
||||
host = "unifi.barn-beaver.ts.net";
|
||||
sshUser = "erwin";
|
||||
targetUser = "erwin";
|
||||
buildOn = "local";
|
||||
substituteOnTarget = true;
|
||||
tags = [ "container" ];
|
||||
|
@ -142,7 +151,7 @@ inputs: {
|
|||
deploy = {
|
||||
# host = "10.0.0.206";
|
||||
host = "valkyrie.barn-beaver.ts.net";
|
||||
sshUser = "erwin";
|
||||
targetUser = "erwin";
|
||||
buildOn = "local";
|
||||
substituteOnTarget = true;
|
||||
tags = [ "container" ];
|
||||
|
|
80
machines/saga/configuration.nix
Normal file
80
machines/saga/configuration.nix
Normal file
|
@ -0,0 +1,80 @@
|
|||
{ self, ... }:
|
||||
{ modulesPath, lib, ... }:
|
||||
{
|
||||
imports = [
|
||||
(modulesPath + "/virtualisation/lxc-container.nix")
|
||||
../../users/root
|
||||
../../users/erwin
|
||||
|
||||
./grafana
|
||||
./prometheus
|
||||
];
|
||||
|
||||
eboskma = {
|
||||
users.erwin = {
|
||||
enable = true;
|
||||
server = true;
|
||||
};
|
||||
nix-common = {
|
||||
enable = true;
|
||||
remote-builders = true;
|
||||
};
|
||||
tailscale.enable = true;
|
||||
};
|
||||
|
||||
boot = {
|
||||
isContainer = true;
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Amsterdam";
|
||||
|
||||
system.configurationRevision = lib.mkIf (self ? rev) self.rev;
|
||||
|
||||
networking = {
|
||||
hostName = "saga";
|
||||
useDHCP = false;
|
||||
useHostResolvConf = false;
|
||||
networkmanager.enable = false;
|
||||
useNetworkd = true;
|
||||
nftables.enable = true;
|
||||
|
||||
firewall.trustedInterfaces = [ "tailscale0" ];
|
||||
};
|
||||
|
||||
systemd.network = {
|
||||
enable = true;
|
||||
|
||||
wait-online.anyInterface = true;
|
||||
|
||||
networks = {
|
||||
"40-eth0" = {
|
||||
matchConfig = {
|
||||
Name = "eth0";
|
||||
};
|
||||
|
||||
networkConfig = {
|
||||
Address = "10.0.0.212/24";
|
||||
Gateway = "10.0.0.1";
|
||||
DNS = "10.0.0.206";
|
||||
DHCP = "no";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
security = {
|
||||
sudo-rs = {
|
||||
enable = true;
|
||||
execWheelOnly = true;
|
||||
wheelNeedsPassword = false;
|
||||
};
|
||||
sudo.enable = false;
|
||||
};
|
||||
|
||||
# sops.defaultSopsFile = ./secrets.yaml;
|
||||
# sops.secrets = {
|
||||
|
||||
# };
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
}
|
13
machines/saga/grafana/default.nix
Normal file
13
machines/saga/grafana/default.nix
Normal file
|
@ -0,0 +1,13 @@
|
|||
{
|
||||
services.grafana = {
|
||||
enable = true;
|
||||
settings = {
|
||||
server = {
|
||||
domain = "saga.datarift.nl";
|
||||
enforce_domain = true;
|
||||
http_addr = "0.0.0.0";
|
||||
root_url = "https://saga.datarift.nl";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
37
machines/saga/prometheus/default.nix
Normal file
37
machines/saga/prometheus/default.nix
Normal file
|
@ -0,0 +1,37 @@
|
|||
{ config, ... }:
|
||||
{
|
||||
services.prometheus = {
|
||||
enable = true;
|
||||
|
||||
scrapeConfigs = [
|
||||
{
|
||||
job_name = "saga";
|
||||
static_configs = [
|
||||
{
|
||||
targets = [
|
||||
"saga:${toString config.services.prometheus.exporters.node.port}" # node
|
||||
];
|
||||
}
|
||||
];
|
||||
}
|
||||
{
|
||||
job_name = "valkyrie";
|
||||
static_configs = [
|
||||
{
|
||||
targets = [
|
||||
"valkyrie:${toString config.services.prometheus.exporters.node.port}" # node
|
||||
"valkyrie:${toString config.services.prometheus.exporters.unbound.port}" # unbound
|
||||
];
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
exporters = {
|
||||
node = {
|
||||
enable = true;
|
||||
enabledCollectors = [ "systemd" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -14,6 +14,7 @@ let
|
|||
|
||||
tls {
|
||||
dns cloudflare {env.CF_API_TOKEN}
|
||||
propagation_timeout -1
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
@ -32,6 +33,7 @@ let
|
|||
|
||||
tls {
|
||||
dns cloudflare {env.CF_API_TOKEN}
|
||||
propagation_timeout -1
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
@ -49,7 +51,7 @@ in
|
|||
|
||||
email = "erwin@datarift.nl";
|
||||
|
||||
# acmeCA = "https://acme-staging-v02.api.letsencrypt.org/directory";
|
||||
acmeCA = "https://acme-v02.api.letsencrypt.org/directory";
|
||||
|
||||
virtualHosts = {
|
||||
"home.datarift.nl" = mkProxyHost "homeassistant.barn-beaver.ts.net:8123";
|
||||
|
@ -58,6 +60,7 @@ in
|
|||
"git.datarift.nl" = mkProxyHost "gitea.barn-beaver.ts.net:3000";
|
||||
"minio.datarift.nl" = mkProxyHost "minio.barn-beaver.ts.net:9000";
|
||||
"minio-admin.datarift.nl" = mkLocalProxyHost "minio.barn-beaver.ts.net:9001";
|
||||
"saga.datarift.nl" = mkLocalProxyHost "saga.barn-beaver.ts.net:3000";
|
||||
"unifi.datarift.nl" = mkLocalProxyHost "unifi.barn-beaver.ts.net:8443";
|
||||
};
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue