jasmine/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Remove SSH Tarpit and SSH logging in grafana

Browse source
This commit is contained in:
♥ Minnie ♥ 2024-07-09 09:47:14 +08:00
parent 6f4a3e7a96
commit 10d696d3d2
Signed by: jasmine
GPG key ID: 8563E358D4E8040E
4 changed files with 0 additions and 145 deletions
Download patch file Download diff file Expand all files Collapse all files

3
nixos/viridian/services/default.nix
View file

@ -13,8 +13,5 @@
./grafana.nix
./mysql.nix
./prometheus.nix
./endlessh-go.nix
./promtail.nix
./loki.nix
];
}

30
nixos/viridian/services/endlessh-go.nix
View file

@ -1,30 +0,0 @@
{ config, ... }:
{
services.endlessh-go = {
enable = true;
port = 22; # SSH port
prometheus = {
enable = true;
listenAddress = "127.0.0.1";
port = 2112; # Prometheus metrics port
};
extraOptions = [
"-interval_ms=1000"
"-logtostderr"
"-v=1"
"-geoip_supplier=ip-api"
];
openFirewall = true;
};
services.prometheus.scrapeConfigs = [
{
job_name = "endlessh";
static_configs = [{
targets = [ "127.0.0.1:${toString config.services.endlessh-go.prometheus.port}" ];
}];
}
];
}

81
nixos/viridian/services/loki.nix
View file

@ -1,81 +0,0 @@
{ ... }:
{
services.loki = {
enable = true;
configuration = {
server.http_listen_port = 3030;
auth_enabled = false;
ingester = {
lifecycler = {
address = "127.0.0.1";
ring = {
kvstore = {
store = "inmemory";
};
replication_factor = 1;
};
};
chunk_idle_period = "1h";
max_chunk_age = "1h";
chunk_target_size = 999999;
chunk_retain_period = "30s";
# max_transfer_retries = 0;
};
schema_config = {
configs = [{
from = "2022-06-06";
store = "boltdb-shipper";
object_store = "filesystem";
schema = "v13";
index = {
prefix = "index_";
period = "24h";
};
}];
};
storage_config = {
boltdb_shipper = {
active_index_directory = "/var/lib/loki/boltdb-shipper-active";
cache_location = "/var/lib/loki/boltdb-shipper-cache";
cache_ttl = "24h";
# shared_store = "filesystem";
};
filesystem = {
directory = "/var/lib/loki/chunks";
};
};
limits_config = {
reject_old_samples = true;
reject_old_samples_max_age = "168h";
allow_structured_metadata = false; # IDK it said add this to fix some error
};
# chunk_store_config = {
# max_look_back_period = "0s";
# };
table_manager = {
retention_deletes_enabled = false;
retention_period = "0s";
};
compactor = {
working_directory = "/var/lib/loki";
# shared_store = "filesystem";
compactor_ring = {
kvstore = {
store = "inmemory";
};
};
};
};
# user, group, dataDir, extraFlags, (configFile)
};
}

31
nixos/viridian/services/promtail.nix
View file

@ -1,31 +0,0 @@
{ config, ... }:
{
services.promtail = {
enable = true;
configuration = {
server = {
http_listen_port = 9080;
grpc_listen_port = 0;
};
positions = {
filename = "/tmp/positions.yaml";
};
clients = [{
url = "http://127.0.0.1:${toString config.services.loki.configuration.server.http_listen_port}/loki/api/v1/push";
}];
scrape_configs = [{
job_name = "system";
static_configs = [{
targets = [ "localhost" ]; # Promtail target is localhost
labels = {
instance = "viridian.kanto.dev"; # Label identifier for instance
env = "kanto"; # Environment label
job = "secure"; # Job label
__path__ = "/var/log/sshd.log";
};
}];
}];
};
};
}