mirror of
https://github.com/nmasur/dotfiles
synced 2024-11-25 13:45:37 +00:00
switch to netdata cloud
fix performance issues with caddy mostly
This commit is contained in:
parent
a5e186ee87
commit
c4c75cd587
19
apps/netdata-cloud.nix
Normal file
19
apps/netdata-cloud.nix
Normal file
@ -0,0 +1,19 @@
|
||||
{ pkgs, ... }: {
|
||||
|
||||
type = "app";
|
||||
|
||||
program = builtins.toString (pkgs.writeShellScript "netdata-cloud" ''
|
||||
if [ "$EUID" -ne 0 ]; then
|
||||
echo "Please run as root"
|
||||
exit 1
|
||||
fi
|
||||
mkdir --parents --mode 0750 /var/lib/netdata/cloud.d
|
||||
printf "\nEnter the claim token for netdata cloud...\n\n"
|
||||
read -p "Token: " token
|
||||
echo "''${token}" > /var/lib/netdata/cloud.d/token
|
||||
chown -R netdata:netdata /var/lib/netdata
|
||||
${pkgs.netdata}/bin/netdata-claim.sh -id=$(uuidgen)
|
||||
printf "\n\nNow restart netdata service.\n\n"
|
||||
'');
|
||||
|
||||
}
|
@ -92,6 +92,9 @@
|
||||
# Load the SSH key for this machine
|
||||
loadkey = import ./apps/loadkey.nix { inherit pkgs; };
|
||||
|
||||
# Connect machine metrics to Netdata Cloud
|
||||
netdata = import ./apps/netdata-cloud.nix { inherit pkgs; };
|
||||
|
||||
});
|
||||
|
||||
devShells = forAllSystems (system:
|
||||
|
@ -21,17 +21,12 @@ nixpkgs.lib.nixosSystem {
|
||||
streamServer = "stream.masu.rs";
|
||||
nextcloudServer = "cloud.masu.rs";
|
||||
transmissionServer = "download.masu.rs";
|
||||
metricsServer = "metrics.masu.rs";
|
||||
|
||||
# Disable passwords, only use SSH key
|
||||
passwordHash = null;
|
||||
publicKey =
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
|
||||
|
||||
# Password for metrics server
|
||||
metricsPasswordHashed =
|
||||
"$2a$14$rr.lPIF8ktl5bepks1iD3OXu5Se11/uAog01wlFMwgk0MCb1Rm3PG";
|
||||
|
||||
# Nextcloud backup config
|
||||
backupS3 = {
|
||||
endpoint = "s3.us-west-002.backblazeb2.com";
|
||||
|
@ -1,42 +1,13 @@
|
||||
{ config, lib, ... }: {
|
||||
|
||||
options = {
|
||||
metricsServer = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Hostname for Metrics server";
|
||||
};
|
||||
metricsPasswordHashed = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Metrics password hashed with `caddy hash-password`";
|
||||
};
|
||||
};
|
||||
|
||||
imports = [ ./caddy.nix ];
|
||||
{ config, pkgs, lib, ... }: {
|
||||
|
||||
config = {
|
||||
|
||||
services.netdata.enable = true;
|
||||
services.netdata = {
|
||||
enable = true;
|
||||
|
||||
caddyRoutes = [{
|
||||
match = [{ host = [ config.metricsServer ]; }];
|
||||
handle = [
|
||||
{
|
||||
handler = "authentication";
|
||||
providers = {
|
||||
http_basic = {
|
||||
accounts = [{
|
||||
username = config.user;
|
||||
password = config.metricsPasswordHashed;
|
||||
}];
|
||||
};
|
||||
};
|
||||
}
|
||||
{
|
||||
handler = "reverse_proxy";
|
||||
upstreams = [{ dial = "localhost:19999"; }];
|
||||
}
|
||||
];
|
||||
}];
|
||||
# Disable local dashboard (unsecured)
|
||||
config = { web.mode = "none"; };
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
|
@ -146,10 +146,7 @@ in {
|
||||
systemd.services.litestream-s3 = {
|
||||
requiredBy = [ "litestream.service" ];
|
||||
before = [ "litestream.service" ];
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
RemainAfterExit = true;
|
||||
};
|
||||
serviceConfig = { Type = "oneshot"; };
|
||||
script = ''
|
||||
echo \
|
||||
LITESTREAM_SECRET_ACCESS_KEY=$(${pkgs.age}/bin/age --decrypt \
|
||||
|
Loading…
Reference in New Issue
Block a user