netdata metrics with basic auth

seems to have performance problems with caddy
This commit is contained in:
Noah Masur 2022-10-10 18:11:08 +00:00
parent 170f8c67de
commit a5e186ee87
2 changed files with 49 additions and 0 deletions

View File

@ -21,12 +21,17 @@ nixpkgs.lib.nixosSystem {
streamServer = "stream.masu.rs"; streamServer = "stream.masu.rs";
nextcloudServer = "cloud.masu.rs"; nextcloudServer = "cloud.masu.rs";
transmissionServer = "download.masu.rs"; transmissionServer = "download.masu.rs";
metricsServer = "metrics.masu.rs";
# Disable passwords, only use SSH key # Disable passwords, only use SSH key
passwordHash = null; passwordHash = null;
publicKey = publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s"; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
# Password for metrics server
metricsPasswordHashed =
"$2a$14$rr.lPIF8ktl5bepks1iD3OXu5Se11/uAog01wlFMwgk0MCb1Rm3PG";
# Nextcloud backup config # Nextcloud backup config
backupS3 = { backupS3 = {
endpoint = "s3.us-west-002.backblazeb2.com"; endpoint = "s3.us-west-002.backblazeb2.com";
@ -77,5 +82,6 @@ nixpkgs.lib.nixosSystem {
../../modules/services/jellyfin.nix ../../modules/services/jellyfin.nix
../../modules/services/nextcloud.nix ../../modules/services/nextcloud.nix
../../modules/services/transmission.nix ../../modules/services/transmission.nix
../../modules/services/metrics.nix
]; ];
} }

View File

@ -0,0 +1,43 @@
{ config, lib, ... }: {
options = {
metricsServer = lib.mkOption {
type = lib.types.str;
description = "Hostname for Metrics server";
};
metricsPasswordHashed = lib.mkOption {
type = lib.types.str;
description = "Metrics password hashed with `caddy hash-password`";
};
};
imports = [ ./caddy.nix ];
config = {
services.netdata.enable = true;
caddyRoutes = [{
match = [{ host = [ config.metricsServer ]; }];
handle = [
{
handler = "authentication";
providers = {
http_basic = {
accounts = [{
username = config.user;
password = config.metricsPasswordHashed;
}];
};
};
}
{
handler = "reverse_proxy";
upstreams = [{ dial = "localhost:19999"; }];
}
];
}];
};
}