pub-solar/infra
6
1
Fork 3
Code Issues 18 Pull requests 11 Actions Packages Projects 1 Releases Wiki Activity

Compare commits

base: pub-solar:7910f61dd5a745d8ace5a00296ce19e8d8931867
Branches Tags
pub-solar:main
pub-solar:ci-treefmt
pub-solar:docs-garage
pub-solar:docs-cachix
pub-solar:feat/automated-account-deletion
pub-solar:ssl-cert-warning
pub-solar:feat/matrix-moderation-draupnir
pub-solar:nginx-maintenance
pub-solar:feat/matrix-moderation
pub-solar:fix/use-nix-firewall-nat-feature-for-forgejo-redirect
pub-solar:feat/loomio
pub-solar:feat/matrix-hookshot
pub-solar:feat/libreddit
pub-solar:feat/invidious
...
compare: pub-solar:9cbd60a80b025df0da2c18c3ce0ecadf8de1179b
Branches Tags
pub-solar:main
pub-solar:ci-treefmt
pub-solar:docs-garage
pub-solar:docs-cachix
pub-solar:feat/automated-account-deletion
pub-solar:ssl-cert-warning
pub-solar:feat/matrix-moderation-draupnir
pub-solar:nginx-maintenance
pub-solar:feat/matrix-moderation
pub-solar:fix/use-nix-firewall-nat-feature-for-forgejo-redirect
pub-solar:feat/loomio
pub-solar:feat/matrix-hookshot
pub-solar:feat/libreddit
pub-solar:feat/invidious

6 commits
7910f61dd5 ... 9cbd60a80b

Author SHA1 Message Date
teutat3s 9cbd60a80b
alerts.pub.solar: use DNS challenge for cert
Some checks failed
Flake checks / Check (pull_request) Failing after 1m30s
Details
2024-09-10 14:27:35 +02:00
teutat3s 6a235fa0d8
alerts: add check for healthy garage cluster 2024-09-10 14:26:26 +02:00
teutat3s 19963ee749
trinkgenossin: fix duplicate promtail, prometheus-exporter 2024-09-10 14:25:51 +02:00
teutat3s b2cb9755e1
monitoring: add prometheus-exporter, promtail to 
delite, blue-shell

add instance labels to garage scrape jobs
 2024-09-10 14:25:00 +02:00
teutat3s 3556a653be
delite: use static IP in initrd, DHCP not working 2024-09-10 14:22:40 +02:00
teutat3s b72384b8d1
loki: store logs in /var/lib/loki 2024-09-10 14:22:04 +02:00
5 changed files with 54 additions and 8 deletions
Show stats Expand all files Collapse all files

10
hosts/default.nix
View file

@ -82,8 +82,6 @@
self.nixosModules.overlays self.nixosModules.overlays
self.nixosModules.unlock-luks-on-boot self.nixosModules.unlock-luks-on-boot
self.nixosModules.core self.nixosModules.core
self.nixosModules.prometheus-exporters
self.nixosModules.promtail
self.nixosModules.garage self.nixosModules.garage
self.nixosModules.nginx self.nixosModules.nginx
@ -105,8 +103,8 @@
self.nixosModules.overlays self.nixosModules.overlays
self.nixosModules.unlock-luks-on-boot self.nixosModules.unlock-luks-on-boot
self.nixosModules.core self.nixosModules.core
#self.nixosModules.prometheus-exporters self.nixosModules.prometheus-exporters
#self.nixosModules.promtail self.nixosModules.promtail
self.nixosModules.garage self.nixosModules.garage
self.nixosModules.nginx self.nixosModules.nginx
@ -122,8 +120,8 @@
self.nixosModules.overlays self.nixosModules.overlays
self.nixosModules.unlock-luks-on-boot self.nixosModules.unlock-luks-on-boot
self.nixosModules.core self.nixosModules.core
#self.nixosModules.prometheus-exporters self.nixosModules.prometheus-exporters
#self.nixosModules.promtail self.nixosModules.promtail
self.nixosModules.garage self.nixosModules.garage
self.nixosModules.nginx self.nixosModules.nginx

2
hosts/delite/configuration.nix
View file

@ -9,7 +9,7 @@
boot.kernelParams = [ boot.kernelParams = [
"boot.shell_on_fail=1" "boot.shell_on_fail=1"
"ip=dhcp" "ip=5.255.119.132::5.255.119.1:255.255.255.0:delite::off"
]; ];
# This option defines the first version of NixOS you have installed on this particular machine, # This option defines the first version of NixOS you have installed on this particular machine,

2
modules/loki/default.nix
View file

@ -25,7 +25,7 @@
}; };
}; };
replication_factor = 1; replication_factor = 1;
path_prefix = "/data/loki"; path_prefix = "/var/lib/loki";
storage = { storage = {
filesystem = { filesystem = {
chunks_directory = "chunks/"; chunks_directory = "chunks/";

6
modules/prometheus/alert-rules.nix
View file

@ -250,4 +250,10 @@ lib.mapAttrsToList
# description = # description =
# "alertmanager: number of active silences has changed: {{$value}}"; # "alertmanager: number of active silences has changed: {{$value}}";
# }; # };
garage_cluster_healthy = {
condition = "cluster_healthy = 0";
time = "15m";
description = "garage cluster on {{$labels.instance}} is not healthy: {{$labels.result}}!";
};
}) })

42
modules/prometheus/default.nix
View file

@ -12,6 +12,15 @@
owner = "alertmanager"; owner = "alertmanager";
}; };
security.acme.certs = {
"alerts.${config.pub-solar-os.networking.domain}" = {
# disable http challenge
webroot = null;
# enable dns challenge
dnsProvider = "namecheap";
};
};
services.nginx.virtualHosts."alerts.${config.pub-solar-os.networking.domain}" = { services.nginx.virtualHosts."alerts.${config.pub-solar-os.networking.domain}" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
@ -74,6 +83,22 @@
instance = "trinkgenossin"; instance = "trinkgenossin";
}; };
} }
{
targets = [
"delite.wg.${config.pub-solar-os.networking.domain}:${toString config.services.prometheus.exporters.node.port}"
];
labels = {
instance = "delite";
};
}
{
targets = [
"blue-shell.wg.${config.pub-solar-os.networking.domain}:${toString config.services.prometheus.exporters.node.port}"
];
labels = {
instance = "blue-shell";
};
}
]; ];
} }
{ {
@ -94,9 +119,26 @@
{ {
targets = [ targets = [
"trinkgenossin.wg.${config.pub-solar-os.networking.domain}:3903" "trinkgenossin.wg.${config.pub-solar-os.networking.domain}:3903"
];
labels = {
instance = "trinkgenossin";
};
}
{
targets = [
"delite.wg.${config.pub-solar-os.networking.domain}:3903" "delite.wg.${config.pub-solar-os.networking.domain}:3903"
];
labels = {
instance = "delite";
};
}
{
targets = [
"blue-shell.wg.${config.pub-solar-os.networking.domain}:3903" "blue-shell.wg.${config.pub-solar-os.networking.domain}:3903"
]; ];
labels = {
instance = "blue-shell";
};
} }
]; ];
} }