saga: Add incus metrics
This commit is contained in:
parent
c4343b9855
commit
d0d9277387
4 changed files with 83 additions and 5 deletions
|
@ -14,6 +14,7 @@ keys:
|
|||
- &k3s-1 age1gsjy4em8u668tnx77jr7kk345m4hzmmt3seclzvsd25ldgwd45pq6zu7cv
|
||||
- &k3s-2 age1ghda0mj5wc2vpksjuvaf3t0xklpcgnykvepzu9k5csf482ngpans9h05pp
|
||||
- &k3s-3 age1mpyg2qcrehfcpksygk9hduz79l93gy2crpwn0vu70mtcmzapeyvqrrjw5r
|
||||
- &saga age10advysga7fpkh7uuv9a7phs77c5khswf5c9q9txvrauxtqr4yu0sk2r75v
|
||||
creation_rules:
|
||||
- path_regex: machines/loki/[^/]+\.yaml$
|
||||
key_groups:
|
||||
|
@ -78,3 +79,9 @@ creation_rules:
|
|||
- *erwin
|
||||
- *erwin_horus
|
||||
- *proxy
|
||||
- path_regex: machines/saga/[^/]+\.ya?ml$
|
||||
key_groups:
|
||||
- age:
|
||||
- *erwin
|
||||
- *erwin_horus
|
||||
- *saga
|
||||
|
|
|
@ -1,5 +1,10 @@
|
|||
{ self, ... }:
|
||||
{ modulesPath, lib, ... }:
|
||||
{
|
||||
modulesPath,
|
||||
lib,
|
||||
config,
|
||||
...
|
||||
}:
|
||||
{
|
||||
imports = [
|
||||
(modulesPath + "/virtualisation/lxc-container.nix")
|
||||
|
@ -71,10 +76,18 @@
|
|||
sudo.enable = false;
|
||||
};
|
||||
|
||||
# sops.defaultSopsFile = ./secrets.yaml;
|
||||
# sops.secrets = {
|
||||
|
||||
# };
|
||||
sops.defaultSopsFile = ./secrets.yaml;
|
||||
sops.secrets = {
|
||||
metrics_ca = {
|
||||
owner = config.systemd.services.prometheus.serviceConfig.User;
|
||||
};
|
||||
metrics_cert = {
|
||||
owner = config.systemd.services.prometheus.serviceConfig.User;
|
||||
};
|
||||
metrics_key = {
|
||||
owner = config.systemd.services.prometheus.serviceConfig.User;
|
||||
};
|
||||
};
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
}
|
||||
|
|
|
@ -2,6 +2,12 @@
|
|||
{
|
||||
services.prometheus = {
|
||||
enable = true;
|
||||
globalConfig = {
|
||||
scrape_interval = "15s";
|
||||
};
|
||||
# Only check the configuration syntax, because the check is run during the build phase
|
||||
# and secrets are not accessible to the build environment
|
||||
checkConfig = "syntax-only";
|
||||
|
||||
scrapeConfigs = [
|
||||
{
|
||||
|
@ -25,6 +31,17 @@
|
|||
}
|
||||
];
|
||||
}
|
||||
{
|
||||
job_name = "incus";
|
||||
metrics_path = "/1.0/metrics";
|
||||
scheme = "https";
|
||||
tls_config = {
|
||||
ca_file = config.sops.secrets.metrics_ca.path;
|
||||
cert_file = config.sops.secrets.metrics_cert.path;
|
||||
key_file = config.sops.secrets.metrics_key.path;
|
||||
};
|
||||
static_configs = [ { targets = [ "odin:8443" ]; } ];
|
||||
}
|
||||
];
|
||||
|
||||
exporters = {
|
||||
|
|
41
machines/saga/secrets.yaml
Normal file
41
machines/saga/secrets.yaml
Normal file
|
@ -0,0 +1,41 @@
|
|||
metrics_cert: ENC[AES256_GCM,data:hxI6B6h1eOaHlYpUeHcsXMAEPZwuKpAgZ9gYkkqK73guUymi6g38kd1ULarm4cDHQC6ugaS5SadBxCExzxvTHpxXJWS+mc+GxJgU6u0wxitWG6h1M2btCHH6blvb/dKrSHcVNEBm+se/XwcPDvDuKJckS3JRfQ6dUpziNcguF1g0RSk7rWtKyLJx40O3Mc1BivAaPirNxOeExhwG7UX4rfwzw3ajqPg0AnaXfRlHA5vfvZAGhTYh1qXrUWXQgtjZj/B30vMB18oA6vxZnmkFVbZyUwh9O65hkdWY8kGQSc1IuhmzK7vcLquTAymdVgmW6Zmy/49bRgC5+aZKiIwiXnnK1e/Ygy+WvvQ/dpJZ0YANhLFiC1ygXiUHGOzh4gvo23c5NPcH8PDnMx6z1j5V4QTqi2w5RCA3A7pobP/u7Jn0pqFqRB2ws9bpsLQXGifOoGhTGiEfM6XJPSELNx3OMYmNSMbtM9PrMTs8ajaT3Vo0alwR67hSEU4i13vpgcEErcf+bxo8DoBRi3qwoU7bc/y2XLIWdxy9I2UTE2gMxuINHUuWX+n8J6WFYTs66KwXDY16G2WBBPh7zbjQqa8HLM4/K6bZVDKvhEuoDDz+Mp9bf2dlaM9qADnjumjRXbivdYg45rT3nuAsJ5pcEbz3RPP8j9Ri6cbb/eChWqCXcWyzEY8NfMNAdph3jetduaic+SgCqUnhJptM2lOPgdo0uscqD1O08giAvqLciTBR/kB2N9hIXOXwVVLgkSLvryduD/q1plfEnVzcsrUauJ6lleS0EUqQlVdrvM+DSYMPBZgecAmjrpvDdNP5gMseLrpd2/vVZOM3An/wrgf2vTOA3HNm1Fjj/iyKvIVsj+ZV0TAsXJh8BwyF09mJLm7kwKP+wkUmJkWJUW2yG/Dx9LHKaMhUEsMpF0ogP9aekyYG8d5PJ2d8VdKjQI2aanSkkh7kXPghemjfjP9T,iv:irh5m+oLYqMVsSmZNZK7s9nQtLxRvZ80lIAfE4nrAf4=,tag:xL5/SAP9b07yuiZUdizwwA==,type:str]
|
||||
metrics_key: ENC[AES256_GCM,data:fGpIg3k/PBcq4dVdLL5oNEdbrPTFarDAi9QLw7ViEfzG4jdxOec8rdFNtECX3IdtGIFZ7VtLd7hTISYrklafBqYMyBw0y3dxmbQaG7CQoIPoxnoJlbwAxofjfgFyVa69V6/o1mvCBfw3Tv8akRQel+3lTTB7RgqBsd+JNjiIsrC5r4JAr6KJCkKKLbNJZ79W1PGdKb2VEeVwGmdfWcvKz4TN6Za4cwhc51IAnZBH+2QnNNCYM6JnT0LVIzERS6ljF8MOb2Xmaqb9w6QxxTLX4nheEceWpOMLc71nIGtMSsU+SiRiZtHEdcUsDGBUdriqQ2mP5Q10Yz0K0u1wqXiLiz/wfeFGIvRPNOpP/b/cSFQSp494ZnMdO2bsnXOKQNFVBkkIO2jvB2SOlIJwC329n9vG,iv:jktiYgPJluYrQOpOOTwwpQ9SDJVvsO4lEwDe+l2cn3Q=,tag:rduGq7/XVShG9SqQeWl19g==,type:str]
|
||||
metrics_ca: ENC[AES256_GCM,data:nMocCNsco+iYrrZbJxuoWhQ5ytDyy+JjaRTbalTof4CPK3CtWpu2KhHhVJNN+XaThns3jzBEjEDyuPqhb27CaUG871Z8O8BGAEtYWUa886sIdgPgOkL3rsDCELxnnEkCKIcyfu3DZFIcs+hWQGOVQ3KBY44dpwJzm5xm/PbbpiPo7QawAzEhOynmRz1eN+At+aDgBNMRJ9fWg5qaImf6iFL804M7q6mjVAOopvL+I5vMAn4FODWWn93Vm0edHWjhIDb2NHuwSL0WRdt74GMES+ZPvBjpnGsMFteCC1sWGuAMY9S78V54+o95Ijf6j8yzPadyayZb51K2/qGWas/wpaQlmva2mQvv/y1jpDfewLt4ZstzqCamVhhXzZfguf7F+MpbEGpNUl7SvCnS6BtNU7XCaV5bEp8vTKfhYVh+/AqBPYG2BpLB0N/Q198/nTkW82CgP1V4BJ8HD8FiWympZjhLjdglkMZ3h1u9k6VQIAZ9kQS3B60kKBq1mWhDVmZmNTSMf85zfV48XrBPF/ttCfCjd33gxopok5OLMZqVHNKY4PxCLI6e5FKOwwEmrzf6MffGiDWZWMgTaz3OM+d9Yv8yjNDeboGb6TGRn4yXfKlcsl4mYZi+C3IJ0BkmUA9BXaLXhhWKl/e5Xs5Ajtgf3fwSVEgsQ8G3kC2OQT0qoIMKx37K4YmABYVFx0qcJy2diQ3ZoFmvGAwvYb5vKtlyJHnbDz6OyXWfYc1UkAG4mtHNMrsgSL7ruju4QvIeZPwXDsNazI9R3dWaLbnz041JQNRvA0Kpwg3LxHaf4D0Ln7nBokEmvRycuBXljPk35B3CuGoj2qnCJzx057MTQoX/UKtQ/KRbGP0Dmmu+s1cH9dHw8l3ya+zZEKBJHt2w7rmmMiYVXMetjoPIHevePumDeXFRyCvU3mWwj7xUtzbrpTwY0zSYi5brdMRe4NBtmYJsMmH7Jgc+HOgtbm8MC++FApxiKpV2,iv:08lM7WQLcnuC7DvTZ1999sOojo9l35gAZpp4oIMuJBY=,tag:YW0xjTJkycV7xJHZuhE0uQ==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age:
|
||||
- recipient: age1h7ddyj66gcqt5vnzphjfn6y5tul79q0glcdl0et9w44z2evl999qe02wht
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBIMlFrZ0NESnJ5cnFtRkxi
|
||||
RjI5cDRtd0tkRWZTTHY2MXFoN21NUWJjVWlRCm8vN043dUUvTVF2VDJhWmFHeSs5
|
||||
NUdkTnhLbnViMm9nM2xUK2ZTZmFTMnMKLS0tIERjU0hweGVwTUJ2blhadVF4OGJO
|
||||
bVl1R1d1TmxVVGN4eWliVE1GM1FhcncKlUv/IG0zAyyuQx3AC6aZr1dv9aujSSnS
|
||||
bhaMBbfi0NFAWTWhX/2aNtg7Yn+WHcaYZtfUs7Jb93txJQa6oW6ZDA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age1435gxhlpu55pp86r8pullhc6wg43nv6qm5l3g2vl5000xhn8apdqtlf8cg
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2ZHJUQ0xEa20yczdldTh4
|
||||
V0E4SDY2MWpwVW0vWDBQejJ5VEFYQXFVZGlFCnpnN09mS1p2eUFGTSt0T0VZQTBI
|
||||
cno3YUFFQjhSNVZJZ2NNdG9ZSHZLS0EKLS0tIEU4b1p6eFhGT1VjMmFwNjcxNDcy
|
||||
a2hyZzZqS21mQk52WktWSnNqRFhuQ2MKnNTAwSMVjIFNpbtCYvmtemm4NssJ/N7D
|
||||
9b/Y6i1cEvjkzsx/q5GOsPIUWJkrQ2pV8q5qUB3c6cKsaQO7TNFqcg==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
- recipient: age10advysga7fpkh7uuv9a7phs77c5khswf5c9q9txvrauxtqr4yu0sk2r75v
|
||||
enc: |
|
||||
-----BEGIN AGE ENCRYPTED FILE-----
|
||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrWkExNUc2SU5pVWQzWW5u
|
||||
TXgzUHFtN2pZYnhOVC9pUngvbEVzMnp3Z0NjCmdsbXlhQ0lUOUtJQ0ZmaWl5dFNn
|
||||
SVdUUlByZjdwZUIraGlRN3BCa3h3ZkUKLS0tIEYwZC96MnorRWlMUmFjRGs4Q0FN
|
||||
K1FHaGVOQlo2cjBTQ3ZIYXZ5ZzNsNlEKLZWrUkNXTv8ECwXz1aPdnrpMs6r9Q+yI
|
||||
k5rFkaa+ylIk4OqouKRxxlNFdgcdqqYdZEqLrfuLnamzr6LNaoL1dQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-02-29T10:40:34Z"
|
||||
mac: ENC[AES256_GCM,data:mofYtl2tbmOhe12j1murXcx4GAosmE4ezZZ1Uby8F0TS6Ob2J+13SBS1jwhEkU8S9ylVgx0jSET2weoEHfYS+d0/RDd9bjdXrnI8DeIA46D3wNNssYID9RAuPE18Dc98eVMOOBwH/hT46Bj630l0Rm8H/HB+fwcOFR5ahcvm2Pw=,iv:p2+aTSaOqL1jQpUt9+FBf8QgcwA13haKXLrGV4wdH84=,tag:ecgweBQiXOyiRVY9yBwDIw==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
Loading…
Reference in a new issue