mirror of
https://github.com/nmasur/dotfiles
synced 2024-11-25 13:45:37 +00:00
switch to netdata cloud
fix performance issues with caddy mostly
This commit is contained in:
parent
a5e186ee87
commit
c4c75cd587
19
apps/netdata-cloud.nix
Normal file
19
apps/netdata-cloud.nix
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
{ pkgs, ... }: {
|
||||||
|
|
||||||
|
type = "app";
|
||||||
|
|
||||||
|
program = builtins.toString (pkgs.writeShellScript "netdata-cloud" ''
|
||||||
|
if [ "$EUID" -ne 0 ]; then
|
||||||
|
echo "Please run as root"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
mkdir --parents --mode 0750 /var/lib/netdata/cloud.d
|
||||||
|
printf "\nEnter the claim token for netdata cloud...\n\n"
|
||||||
|
read -p "Token: " token
|
||||||
|
echo "''${token}" > /var/lib/netdata/cloud.d/token
|
||||||
|
chown -R netdata:netdata /var/lib/netdata
|
||||||
|
${pkgs.netdata}/bin/netdata-claim.sh -id=$(uuidgen)
|
||||||
|
printf "\n\nNow restart netdata service.\n\n"
|
||||||
|
'');
|
||||||
|
|
||||||
|
}
|
@ -92,6 +92,9 @@
|
|||||||
# Load the SSH key for this machine
|
# Load the SSH key for this machine
|
||||||
loadkey = import ./apps/loadkey.nix { inherit pkgs; };
|
loadkey = import ./apps/loadkey.nix { inherit pkgs; };
|
||||||
|
|
||||||
|
# Connect machine metrics to Netdata Cloud
|
||||||
|
netdata = import ./apps/netdata-cloud.nix { inherit pkgs; };
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
devShells = forAllSystems (system:
|
devShells = forAllSystems (system:
|
||||||
|
@ -21,17 +21,12 @@ nixpkgs.lib.nixosSystem {
|
|||||||
streamServer = "stream.masu.rs";
|
streamServer = "stream.masu.rs";
|
||||||
nextcloudServer = "cloud.masu.rs";
|
nextcloudServer = "cloud.masu.rs";
|
||||||
transmissionServer = "download.masu.rs";
|
transmissionServer = "download.masu.rs";
|
||||||
metricsServer = "metrics.masu.rs";
|
|
||||||
|
|
||||||
# Disable passwords, only use SSH key
|
# Disable passwords, only use SSH key
|
||||||
passwordHash = null;
|
passwordHash = null;
|
||||||
publicKey =
|
publicKey =
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
|
||||||
|
|
||||||
# Password for metrics server
|
|
||||||
metricsPasswordHashed =
|
|
||||||
"$2a$14$rr.lPIF8ktl5bepks1iD3OXu5Se11/uAog01wlFMwgk0MCb1Rm3PG";
|
|
||||||
|
|
||||||
# Nextcloud backup config
|
# Nextcloud backup config
|
||||||
backupS3 = {
|
backupS3 = {
|
||||||
endpoint = "s3.us-west-002.backblazeb2.com";
|
endpoint = "s3.us-west-002.backblazeb2.com";
|
||||||
|
@ -1,42 +1,13 @@
|
|||||||
{ config, lib, ... }: {
|
{ config, pkgs, lib, ... }: {
|
||||||
|
|
||||||
options = {
|
|
||||||
metricsServer = lib.mkOption {
|
|
||||||
type = lib.types.str;
|
|
||||||
description = "Hostname for Metrics server";
|
|
||||||
};
|
|
||||||
metricsPasswordHashed = lib.mkOption {
|
|
||||||
type = lib.types.str;
|
|
||||||
description = "Metrics password hashed with `caddy hash-password`";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
imports = [ ./caddy.nix ];
|
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
|
|
||||||
services.netdata.enable = true;
|
services.netdata = {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
caddyRoutes = [{
|
# Disable local dashboard (unsecured)
|
||||||
match = [{ host = [ config.metricsServer ]; }];
|
config = { web.mode = "none"; };
|
||||||
handle = [
|
};
|
||||||
{
|
|
||||||
handler = "authentication";
|
|
||||||
providers = {
|
|
||||||
http_basic = {
|
|
||||||
accounts = [{
|
|
||||||
username = config.user;
|
|
||||||
password = config.metricsPasswordHashed;
|
|
||||||
}];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
||||||
{
|
|
||||||
handler = "reverse_proxy";
|
|
||||||
upstreams = [{ dial = "localhost:19999"; }];
|
|
||||||
}
|
|
||||||
];
|
|
||||||
}];
|
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -146,10 +146,7 @@ in {
|
|||||||
systemd.services.litestream-s3 = {
|
systemd.services.litestream-s3 = {
|
||||||
requiredBy = [ "litestream.service" ];
|
requiredBy = [ "litestream.service" ];
|
||||||
before = [ "litestream.service" ];
|
before = [ "litestream.service" ];
|
||||||
serviceConfig = {
|
serviceConfig = { Type = "oneshot"; };
|
||||||
Type = "oneshot";
|
|
||||||
RemainAfterExit = true;
|
|
||||||
};
|
|
||||||
script = ''
|
script = ''
|
||||||
echo \
|
echo \
|
||||||
LITESTREAM_SECRET_ACCESS_KEY=$(${pkgs.age}/bin/age --decrypt \
|
LITESTREAM_SECRET_ACCESS_KEY=$(${pkgs.age}/bin/age --decrypt \
|
||||||
|
Loading…
Reference in New Issue
Block a user