Compare commits
8 commits
e12564358d
...
4bd78856e7
Author | SHA1 | Date | |
---|---|---|---|
♥ Minnie ♥ | 4bd78856e7 | ||
♥ Minnie ♥ | 45d22ff08c | ||
♥ Minnie ♥ | 6c290fa729 | ||
♥ Minnie ♥ | 1d03ffaef9 | ||
♥ Minnie ♥ | 5f49d7ad3f | ||
♥ Minnie ♥ | 19d5a9ca82 | ||
♥ Minnie ♥ | 5e3f774b80 | ||
♥ Minnie ♥ | f183eee3ac |
|
@ -15,6 +15,7 @@
|
|||
matchBlocks."viridian" = {
|
||||
hostname = "192.168.1.102";
|
||||
identityFile = "/home/sajenim/.ssh/sajenim_sk";
|
||||
port = 62841;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -6,7 +6,9 @@
|
|||
settings = {
|
||||
PermitRootLogin = "no";
|
||||
PasswordAuthentication = false;
|
||||
AllowUsers = [ "sajenim" ];
|
||||
};
|
||||
ports = [ 62841 ];
|
||||
openFirewall = true;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -6,8 +6,12 @@
|
|||
./minecraft
|
||||
./borgbackup.nix
|
||||
./forgejo.nix
|
||||
./httpd.nix
|
||||
./lighttpd.nix
|
||||
./mpd.nix
|
||||
./samba.nix
|
||||
./grafana.nix
|
||||
./mysql.nix
|
||||
./prometheus.nix
|
||||
./endlessh-go.nix
|
||||
];
|
||||
}
|
||||
|
|
30
nixos/viridian/services/endlessh-go.nix
Normal file
30
nixos/viridian/services/endlessh-go.nix
Normal file
|
@ -0,0 +1,30 @@
|
|||
{ config, ... }:
|
||||
|
||||
{
|
||||
services.endlessh-go = {
|
||||
enable = true;
|
||||
port = 22; # SSH port
|
||||
prometheus = {
|
||||
enable = true;
|
||||
listenAddress = "127.0.0.1";
|
||||
port = 2112; # Prometheus metrics port
|
||||
};
|
||||
extraOptions = [
|
||||
"-interval_ms=1000"
|
||||
"-logtostderr"
|
||||
"-v=1"
|
||||
"-geoip_supplier=ip-api"
|
||||
];
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
services.prometheus.scrapeConfigs = [
|
||||
{
|
||||
job_name = "endlessh";
|
||||
static_configs = [{
|
||||
targets = [ "127.0.0.1:${toString config.services.endlessh-go.prometheus.port}" ];
|
||||
}];
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
{ ... }:
|
||||
{ config, ... }:
|
||||
|
||||
{
|
||||
services.forgejo = {
|
||||
|
@ -33,7 +33,7 @@
|
|||
|
||||
services.traefik.dynamicConfigOptions.http.services = {
|
||||
forgejo.loadBalancer.servers = [
|
||||
{ url = "http://127.0.0.1:3131"; }
|
||||
{ url = "http://127.0.0.1:${toString config.services.forgejo.settings.server.HTTP_PORT}"; }
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
56
nixos/viridian/services/grafana.nix
Normal file
56
nixos/viridian/services/grafana.nix
Normal file
|
@ -0,0 +1,56 @@
|
|||
{ config, ... }:
|
||||
|
||||
{
|
||||
# Setup grafana our grafana instance.
|
||||
services.grafana = {
|
||||
enable = true;
|
||||
dataDir = "/srv/services/grafana";
|
||||
settings = {
|
||||
server = {
|
||||
http_addr = "127.0.0.1";
|
||||
http_port = 3400;
|
||||
domain = "kanto.dev";
|
||||
root_url = "https://kanto.dev/grafana/";
|
||||
serve_from_sub_path = true;
|
||||
};
|
||||
database = {
|
||||
type = "mysql";
|
||||
name = "grafana";
|
||||
user = "grafana";
|
||||
host = "/var/run/mysqld/mysqld.sock";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# Setup our database for grafana.
|
||||
services.mysql = {
|
||||
ensureUsers = [{
|
||||
name = "grafana";
|
||||
ensurePermissions = {
|
||||
"grafana.*" = "ALL PRIVILEGES";
|
||||
};
|
||||
}];
|
||||
ensureDatabases = [ "grafana" ];
|
||||
};
|
||||
|
||||
# Setup our traefik router.
|
||||
services.traefik.dynamicConfigOptions.http.routers = {
|
||||
grafana = {
|
||||
rule = "Host(`kanto.dev`)";
|
||||
entryPoints = [
|
||||
"websecure"
|
||||
];
|
||||
middlewares = [
|
||||
"admin"
|
||||
];
|
||||
service = "grafana";
|
||||
};
|
||||
};
|
||||
|
||||
# Setup our traefik service.
|
||||
services.traefik.dynamicConfigOptions.http.services = {
|
||||
grafana.loadBalancer.servers = [
|
||||
{ url = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}"; }
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,35 +0,0 @@
|
|||
{ ... }:
|
||||
|
||||
{
|
||||
services.httpd = {
|
||||
enable = true;
|
||||
virtualHosts."sajenim.dev" = {
|
||||
documentRoot = "/srv/services/httpd/sajenim.dev";
|
||||
listen = [{
|
||||
ip = "192.168.1.102";
|
||||
port = 5624;
|
||||
}];
|
||||
adminAddr = "its.jassy@pm.me";
|
||||
};
|
||||
};
|
||||
|
||||
services.traefik.dynamicConfigOptions.http.routers = {
|
||||
httpd = {
|
||||
rule = "Host(`sajenim.dev`)";
|
||||
entryPoints = [
|
||||
"websecure"
|
||||
];
|
||||
middlewares = [
|
||||
"geoblock"
|
||||
];
|
||||
service = "httpd";
|
||||
};
|
||||
};
|
||||
|
||||
services.traefik.dynamicConfigOptions.http.services = {
|
||||
httpd.loadBalancer.servers = [
|
||||
{ url = "http://127.0.0.1:5624"; }
|
||||
];
|
||||
};
|
||||
}
|
||||
|
29
nixos/viridian/services/lighttpd.nix
Normal file
29
nixos/viridian/services/lighttpd.nix
Normal file
|
@ -0,0 +1,29 @@
|
|||
{ config, ... }:
|
||||
|
||||
{
|
||||
services.lighttpd = {
|
||||
enable = true;
|
||||
port = 5624;
|
||||
document-root = "/srv/services/websites/sajenim.dev";
|
||||
};
|
||||
|
||||
services.traefik.dynamicConfigOptions.http.routers = {
|
||||
lighttpd = {
|
||||
rule = "Host(`sajenim.dev`)";
|
||||
entryPoints = [
|
||||
"websecure"
|
||||
];
|
||||
middlewares = [
|
||||
"geoblock"
|
||||
];
|
||||
service = "lighttpd";
|
||||
};
|
||||
};
|
||||
|
||||
services.traefik.dynamicConfigOptions.http.services = {
|
||||
lighttpd.loadBalancer.servers = [
|
||||
{ url = "http://127.0.0.1:${toString config.services.lighttpd.port}"; }
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
{ inputs, pkgs, lib, ... }:
|
||||
{ inputs, pkgs, lib, config, ... }:
|
||||
let
|
||||
modpack = pkgs.fetchPackwizModpack rec {
|
||||
version = "c9087bf";
|
||||
|
@ -90,7 +90,7 @@ in
|
|||
|
||||
services.traefik.dynamicConfigOptions.http.services = {
|
||||
minecraft.loadBalancer.servers = [
|
||||
{ url = "http://127.0.0.1:25565"; }
|
||||
{ url = "http://127.0.0.1:${toString config.services.minecraft-servers.servers.kanto.serverProperties.server-port}"; }
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
10
nixos/viridian/services/mysql.nix
Normal file
10
nixos/viridian/services/mysql.nix
Normal file
|
@ -0,0 +1,10 @@
|
|||
{ pkgs, ... }:
|
||||
|
||||
{
|
||||
services.mysql = {
|
||||
enable = true;
|
||||
package = pkgs.mariadb;
|
||||
dataDir = "/srv/services/mysql";
|
||||
};
|
||||
}
|
||||
|
33
nixos/viridian/services/prometheus.nix
Normal file
33
nixos/viridian/services/prometheus.nix
Normal file
|
@ -0,0 +1,33 @@
|
|||
{ config, ... }:
|
||||
|
||||
{
|
||||
services.prometheus = {
|
||||
enable = true;
|
||||
port = 9001; # Port to listen on.
|
||||
|
||||
# Valid in all configuration contexts, defaults for other configuration sections.
|
||||
globalConfig = {
|
||||
scrape_interval = "15s";
|
||||
};
|
||||
|
||||
# Collect specific metrics, format them, and expose them through HTTP endpoints for prometheus to scrape.
|
||||
exporters = {
|
||||
node = {
|
||||
enable = true;
|
||||
enabledCollectors = [ "systemd" "processes" ];
|
||||
port = 9100;
|
||||
};
|
||||
};
|
||||
|
||||
# Specify a set of targets and parameters describing how to scrape them.
|
||||
scrapeConfigs = [
|
||||
{
|
||||
job_name = "node";
|
||||
static_configs = [{
|
||||
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ];
|
||||
}];
|
||||
}
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
@ -89,6 +89,21 @@
|
|||
];
|
||||
};
|
||||
};
|
||||
# Used to expose metrics
|
||||
metrics = {
|
||||
address = ":8082";
|
||||
};
|
||||
};
|
||||
|
||||
# Provide metrics for the prometheus backend
|
||||
metrics = {
|
||||
prometheus = {
|
||||
entryPoint = "metrics";
|
||||
buckets = [ "0.1" "0.3" "1.2" "5.0" ];
|
||||
addEntryPointsLabels = true;
|
||||
addRoutersLabels = true;
|
||||
addServicesLabels = true;
|
||||
};
|
||||
};
|
||||
|
||||
# Retrieve certificates from an ACME server
|
||||
|
@ -118,6 +133,16 @@
|
|||
};
|
||||
};
|
||||
|
||||
# Scrape our traefik metrics
|
||||
services.prometheus.scrapeConfigs = [
|
||||
{
|
||||
job_name = "traefik";
|
||||
static_configs = [{
|
||||
targets = [ "127.0.0.1:8082" ];
|
||||
}];
|
||||
}
|
||||
];
|
||||
|
||||
# Persist our traefik data & logs
|
||||
environment.persistence."/persist" = {
|
||||
directories = [
|
||||
|
|
Loading…
Reference in a new issue