switch to netdata cloud

fix performance issues with caddy mostly
This commit is contained in:
Noah Masur 2022-10-10 19:22:39 +00:00
parent a5e186ee87
commit c4c75cd587
5 changed files with 29 additions and 44 deletions

19
apps/netdata-cloud.nix Normal file
View File

@ -0,0 +1,19 @@
{ pkgs, ... }: {
type = "app";
program = builtins.toString (pkgs.writeShellScript "netdata-cloud" ''
if [ "$EUID" -ne 0 ]; then
echo "Please run as root"
exit 1
fi
mkdir --parents --mode 0750 /var/lib/netdata/cloud.d
printf "\nEnter the claim token for netdata cloud...\n\n"
read -p "Token: " token
echo "''${token}" > /var/lib/netdata/cloud.d/token
chown -R netdata:netdata /var/lib/netdata
${pkgs.netdata}/bin/netdata-claim.sh -id=$(uuidgen)
printf "\n\nNow restart netdata service.\n\n"
'');
}

View File

@ -92,6 +92,9 @@
# Load the SSH key for this machine # Load the SSH key for this machine
loadkey = import ./apps/loadkey.nix { inherit pkgs; }; loadkey = import ./apps/loadkey.nix { inherit pkgs; };
# Connect machine metrics to Netdata Cloud
netdata = import ./apps/netdata-cloud.nix { inherit pkgs; };
}); });
devShells = forAllSystems (system: devShells = forAllSystems (system:

View File

@ -21,17 +21,12 @@ nixpkgs.lib.nixosSystem {
streamServer = "stream.masu.rs"; streamServer = "stream.masu.rs";
nextcloudServer = "cloud.masu.rs"; nextcloudServer = "cloud.masu.rs";
transmissionServer = "download.masu.rs"; transmissionServer = "download.masu.rs";
metricsServer = "metrics.masu.rs";
# Disable passwords, only use SSH key # Disable passwords, only use SSH key
passwordHash = null; passwordHash = null;
publicKey = publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s"; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
# Password for metrics server
metricsPasswordHashed =
"$2a$14$rr.lPIF8ktl5bepks1iD3OXu5Se11/uAog01wlFMwgk0MCb1Rm3PG";
# Nextcloud backup config # Nextcloud backup config
backupS3 = { backupS3 = {
endpoint = "s3.us-west-002.backblazeb2.com"; endpoint = "s3.us-west-002.backblazeb2.com";

View File

@ -1,42 +1,13 @@
{ config, lib, ... }: { { config, pkgs, lib, ... }: {
options = {
metricsServer = lib.mkOption {
type = lib.types.str;
description = "Hostname for Metrics server";
};
metricsPasswordHashed = lib.mkOption {
type = lib.types.str;
description = "Metrics password hashed with `caddy hash-password`";
};
};
imports = [ ./caddy.nix ];
config = { config = {
services.netdata.enable = true; services.netdata = {
enable = true;
caddyRoutes = [{ # Disable local dashboard (unsecured)
match = [{ host = [ config.metricsServer ]; }]; config = { web.mode = "none"; };
handle = [
{
handler = "authentication";
providers = {
http_basic = {
accounts = [{
username = config.user;
password = config.metricsPasswordHashed;
}];
}; };
};
}
{
handler = "reverse_proxy";
upstreams = [{ dial = "localhost:19999"; }];
}
];
}];
}; };

View File

@ -146,10 +146,7 @@ in {
systemd.services.litestream-s3 = { systemd.services.litestream-s3 = {
requiredBy = [ "litestream.service" ]; requiredBy = [ "litestream.service" ];
before = [ "litestream.service" ]; before = [ "litestream.service" ];
serviceConfig = { serviceConfig = { Type = "oneshot"; };
Type = "oneshot";
RemainAfterExit = true;
};
script = '' script = ''
echo \ echo \
LITESTREAM_SECRET_ACCESS_KEY=$(${pkgs.age}/bin/age --decrypt \ LITESTREAM_SECRET_ACCESS_KEY=$(${pkgs.age}/bin/age --decrypt \