From a9697956e4fa4fdfd3cfef5b2a05baef62e47fb0 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Thu, 25 Jul 2024 16:41:38 +0200 Subject: [PATCH 1/8] Helix nixd LSP --- hmModules/helix/default.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/hmModules/helix/default.nix b/hmModules/helix/default.nix index 89f0e01..a593e7d 100644 --- a/hmModules/helix/default.nix +++ b/hmModules/helix/default.nix @@ -13,5 +13,19 @@ true-color = true; # to make colors coherent when in ssh }; }; + languages = { + language = [ + { + name = "nix"; + language-servers = ["nixd"]; + } + ]; + language-servers = [ + { + name = "nixd"; + command = "nixd"; + } + ]; + }; }; } From ff789db499468e0b5a6aa158592c10449e4d00fc Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Thu, 25 Jul 2024 16:42:39 +0200 Subject: [PATCH 2/8] `garmin-collector` --- hosts/default.nix | 1 + modules/garmin-collector/default.nix | 46 ++++++++++ packages/garmin-collector/default.nix | 12 +++ packages/garmin-collector/garmin-collector.py | 82 ++++++++++++++++++ secrets/garmin-collector-environment.age | Bin 0 -> 1713 bytes secrets/secrets.nix | 1 + 6 files changed, 142 insertions(+) create mode 100644 modules/garmin-collector/default.nix create mode 100644 packages/garmin-collector/default.nix create mode 100644 packages/garmin-collector/garmin-collector.py create mode 100644 secrets/garmin-collector-environment.age diff --git a/hosts/default.nix b/hosts/default.nix index 27ff71f..16a5f4f 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -182,6 +182,7 @@ # "matrix-registration-shared-secret".owner = "matrix-synapse"; # "matrix-sliding-sync-secret".owner = "matrix-synapse"; "autistici-password".owner = "forgejo"; + "garmin-collector-environment".owner = "garmin-collector"; }; }; }; diff --git a/modules/garmin-collector/default.nix b/modules/garmin-collector/default.nix new file mode 100644 index 0000000..b4ac0e1 --- /dev/null +++ b/modules/garmin-collector/default.nix @@ -0,0 +1,46 @@ +{ + pkgs, + lib, + fleetFlake, + config, + ... +}: { + users.users.garmin-collector = { + isSystemUser = true; + group = "garmin-collector"; + extraGroups = ["garmin-collector"]; + home = "/var/lib/garmin-collector"; + }; + + users.groups.garmin-collector = {}; + + systemd.services.garmin-collector = { + description = "Garmin collector pushing to Prometheus Pushgateway"; + wantedBy = ["multi-user.target"]; + environment = { + PUSHGATEWAY_ADDRESS = config.services.prometheus.pushgateway.web.listen-address; + }; + serviceConfig = { + Group = "garmin-collector"; + User = "garmin-collector"; + WorkingDirectory = "/var/lib/garmin-collector"; + ExecStart = '' + ${lib.getExe fleetFlake.packages.${pkgs.system}.garmin-collector} + ''; + EnvironmentFile = config.age.secrets.garmin-collector-environment.path; + }; + }; + + systemd.timers."garmin-collector" = { + wantedBy = ["timers.target"]; + timerConfig = { + OnBootSec = "5m"; + OnUnitActiveSec = "4h"; + Unit = "garmin-collector.service"; + }; + }; + + environment.persistence."/persist".directories = [ + "/var/lib/garmin-collector" + ]; +} diff --git a/packages/garmin-collector/default.nix b/packages/garmin-collector/default.nix new file mode 100644 index 0000000..2e19330 --- /dev/null +++ b/packages/garmin-collector/default.nix @@ -0,0 +1,12 @@ +{ + writers, + python3Packages, + ... +}: +writers.writePython3Bin "garmin-collector" { + libraries = with python3Packages; [ + prometheus-client + garminconnect + ]; + flakeIgnore = ["E501"]; +} (builtins.readFile ./garmin-collector.py) diff --git a/packages/garmin-collector/garmin-collector.py b/packages/garmin-collector/garmin-collector.py new file mode 100644 index 0000000..f296638 --- /dev/null +++ b/packages/garmin-collector/garmin-collector.py @@ -0,0 +1,82 @@ +# !/usr/bin/env python3 + +import datetime +import os + +from garth.exc import GarthHTTPError + +from garminconnect import ( + Garmin, + GarminConnectAuthenticationError, +) + + +from prometheus_client import CollectorRegistry, push_to_gateway +from prometheus_client.core import GaugeMetricFamily + +email = os.getenv("GARMIN_EMAIL") +password = os.getenv("GARMIN_PASSWORD") +tokenstore = os.getenv("GARMINTOKENS") or "~/.garminconnect" +tokenstore_base64 = os.getenv("GARMINTOKENS_BASE64") or "~/.garminconnect_base64" +gateway_address = os.getenv("PUSHGATEWAY_ADDRESS") + +today = datetime.date.today() + + +def init_api(email=email, password=password): + """Initialize Garmin API with your credentials.""" + + try: + print( + f"Trying to login to Garmin Connect using token data from directory '{tokenstore}'...\n" + ) + + garmin = Garmin() + garmin.login(tokenstore) + except (FileNotFoundError, GarthHTTPError, GarminConnectAuthenticationError): + # Session is expired. You'll need to log in again + print( + "Login tokens not present, login with your Garmin Connect credentials to generate them.\n" + f"They will be stored in '{tokenstore}' for future use.\n" + ) + garmin = Garmin(email=email, password=password, is_cn=False) + garmin.login() + # Save Oauth1 and Oauth2 token files to directory for next login + garmin.garth.dump(tokenstore) + print( + f"Oauth tokens stored in '{tokenstore}' directory for future use. (first method)\n" + ) + # Encode Oauth1 and Oauth2 tokens to base64 string and safe to file for next login (alternative way) + token_base64 = garmin.garth.dumps() + dir_path = os.path.expanduser(tokenstore_base64) + with open(dir_path, "w") as token_file: + token_file.write(token_base64) + print( + f"Oauth tokens encoded as base64 string and saved to '{dir_path}' file for future use. (second method)\n" + ) + + return garmin + + +class GarminCollector: + def __init__(self): + super().__init__() + self.api = init_api() + + def collect(self): + try: + body = self.api.get_daily_weigh_ins(today.isoformat())["totalAverage"] + metric_gauge = GaugeMetricFamily("body_composition", "Body composition and weight", labels=["metric"]) + for k in ["weight", "bmi", "bodyFat", "bodyWater", "boneMass", "muscleMass", "physiqueRating", "visceralFat"]: + metric_gauge.add_metric([k], body[k]) + except Exception as e: + print(f"Something went wrong while fetching body composition data\n{e}") + + yield metric_gauge + + +if __name__ == "__main__": + registry = CollectorRegistry() + registry.register(GarminCollector()) + + push_to_gateway(gateway_address, job='garmin', registry=registry) diff --git a/secrets/garmin-collector-environment.age b/secrets/garmin-collector-environment.age new file mode 100644 index 0000000000000000000000000000000000000000..efc5779ffef174d6bdd9c322235c021118feb077 GIT binary patch literal 1713 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!*`Do#|;cT7xoD(8wUEGYJJcQi;g z&q&TnPYd=<3o1=XOLj4{G%-&vPj@PfaxSi{CtbdPZ3ips1s*G|l;DkzI^G4(Fhw=gI%3@j-NaQAd8NlbF`D0X)& zG)@XlEhsX`$nkOsGWQ4zN((Uy^f8I@&d&^r;z~&mHFgcIEGc*MF%HagwJ=Y1tMsq( zEeo-9G7m2{F!V{WFs{n-swxZgH*pMbcJW9Lsme{tHK{bKh|Kd(58z7Dx6F2Ot;~;d z4>k+QhzK?f_bAKH%?t3=&kFQ5vNWi0D+*8Y%`&LS%Zo~LDfcUOPm44ONlUFT54J3d zEKcY0ObOO53dk`E_45hND9a1WGtka3F7o!tH*hlx%`OkC@bI;CN_5J}56G(U^vn;7 zjBpA_EpzuV*Vhkp$~VsBDl$nl3kyi{D=IYc%c;sUDA6_#b}^~)P75@(D6b5N3^4bI z&^9jeEGkbAGB?ghcJnRpj|vR)(2fWTHpnwAG^Ye8K z%5)41bv7@`HTCp%bSp@643Et6P4+VkaY{6;a7;H0_75%t?3@}W|N(=U>u!wNdH%=}o%JV2R40I`W_RtS5 zcB{%V3UI9|F$xK)sEV-U()LabGLIm}%w1_mZEG;s$aC33?Dh`M&$u@BH4e>Mz zH}eX$u=I;WPRD^BMaKG$Tp2Ebg}Eh8VTHktC4p`(Ny*uX5fvt(ZhlS${)X<^X~vdW zMuCQACIyD(Ua96eJ|#VKW_IR+->LC)bN8C+4`0U?$K*%=w;+KI_NhUxzLMj=sd z7EVrk=jXKLBTGiuHMNOIo`QR zC1yEX+UAb=;n`k^MNZj;&XJBG=>;j}d1;Q`QI2k&;ptW3-iZM|N$D0_ zUSTO*mgfGUM%q3p1}3S7+1Y6&kwylAsS)Nur3GanMV8@_ex-iyVa_?J-UX!=9;smk zMlPoAzTw7BrhbJ{WyWS9T;@I**(DVL<;f{d1wK`-<*AOIKDlP)W@d>c0nW}AMF9oQ zW`TtP`5`Hpe!<1=E`CvFDXGCu;d#!^#kt<;j$GzW;UQ((X%&%C&S_OniNRr|!Kq$} z;cmgjo*5bbE=e9?mX6K_E+vjW{)H*}IbJ2@7F9{10WKjq1{K+8xE5Rq7a!V`!8XU{H{lV^-)JrtJ}6Zjfx5pP3orsGV9-5R%O0Z0_!y6YT68 zndBRpS?XV0WL}w85T240X;$TypPW(^XdY1#7@iqg6qwAVtE;O}WME;MSsWGQr(IH% z8(t8QZe*UBm1IzvRGRMM66$D>m{=ZSo|c;FpW(>0e5v3014%4%uD`mvt=8hhDT5P6 z|0kPA{AX=hUlaaL`$uK<{lcj|Z}}V_7R^_i^?!Fx`-TLKoq`+oPI2_p$xtqie0Cz; vB6wbob(v=XgZ^AeE#(J6#u*RX*JZP>{B7ueexh4h_;iJ**B5jYhq40z!s9|D literal 0 HcmV?d00001 diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 8f3c4ef..fb8e4df 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -27,6 +27,7 @@ in "matrix-sliding-sync-secret.age".publicKeys = [ccr-ssh ccr-gpg sisko]; "forgejo-runners-token.age".publicKeys = [ccr-ssh ccr-gpg picard]; "forgejo-nix-access-tokens.age".publicKeys = [ccr-ssh ccr-gpg picard]; + "garmin-collector-environment.age".publicKeys = [ccr-ssh ccr-gpg sisko]; # WireGuard "picard-wireguard-private-key.age".publicKeys = [ccr-ssh ccr-gpg picard]; From 865274a2df843031dc7df6791c26c48538e59849 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Thu, 25 Jul 2024 16:43:11 +0200 Subject: [PATCH 3/8] Disable `photos.aciceri.dev` DNS --- modules/rock5b-proxy/default.nix | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/modules/rock5b-proxy/default.nix b/modules/rock5b-proxy/default.nix index 1906a71..6e51923 100644 --- a/modules/rock5b-proxy/default.nix +++ b/modules/rock5b-proxy/default.nix @@ -35,17 +35,17 @@ proxyPass = "http://localhost:${builtins.toString config.services.invidious.port}"; }; }; - "photos.aciceri.dev" = { - extraConfig = '' - client_max_body_size 50000M; - ''; - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://localhost:2283"; - proxyWebsockets = true; - }; - }; + # "photos.aciceri.dev" = { + # extraConfig = '' + # client_max_body_size 50000M; + # ''; + # forceSSL = true; + # enableACME = true; + # locations."/" = { + # proxyPass = "http://localhost:2283"; + # proxyWebsockets = true; + # }; + # }; # "jellyfin.aciceri.dev" = { # forceSSL = true; From 71a3654e9a14db142fdc17f5105c44abe0a27732 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Thu, 25 Jul 2024 16:43:58 +0200 Subject: [PATCH 4/8] Restic for `sisko` --- hosts/sisko/default.nix | 2 + modules/restic/default.nix | 60 ++++++++---------- ...hetzner-storage-box-sisko-ssh-password.age | Bin 0 -> 1653 bytes secrets/secrets.nix | 2 + secrets/sisko-restic-password.age | 30 +++++++++ 5 files changed, 59 insertions(+), 35 deletions(-) create mode 100644 secrets/hetzner-storage-box-sisko-ssh-password.age create mode 100644 secrets/sisko-restic-password.age diff --git a/hosts/sisko/default.nix b/hosts/sisko/default.nix index 8aba34a..8baf83a 100644 --- a/hosts/sisko/default.nix +++ b/hosts/sisko/default.nix @@ -34,6 +34,8 @@ "prometheus-exporters" "loki" "promtail" + "restic" + # "immich" ] ++ [ ./disko.nix diff --git a/modules/restic/default.nix b/modules/restic/default.nix index 4496e61..52da5cf 100644 --- a/modules/restic/default.nix +++ b/modules/restic/default.nix @@ -3,43 +3,33 @@ pkgs, lib, ... -}: { - options.backup = { - paths = lib.mkOption { - type = lib.types.listOf lib.types.path; - default = []; +}: let + user = "u382036-sub1"; + host = "u382036.your-storagebox.de"; + port = "23"; +in { + age.secrets = { + HETZNER_STORAGE_BOX_SISKO_SSH_PASSWORD = { + file = ../../secrets/hetzner-storage-box-sisko-ssh-password.age; + owner = "root"; }; - }; - config.services.restic = { - backups = { - hetzner = { - paths = config.backup.paths; - passwordFile = config.age.secrets.restic-hetzner-password.path; - extraOptions = [ - # Use the host ssh key, for authorizing new hosts: - # cat /etc/ssh/ssh_host_ed25519_key.pub | ssh -p23 u382036-sub1@u382036-sub1.your-storagebox.de install-ssh-key - "sftp.command='ssh -p23 u382036-sub1@u382036-sub1.your-storagebox.de -i /etc/ssh/ssh_host_ed25519_key -s sftp'" - ]; - repository = "sftp://u382036-sub1@u382036-sub1.your-storagebox.de:23/"; - initialize = true; - timerConfig.OnCalendar = "daily"; - timerConfig.RandomizedDelaySec = "1h"; - }; + SISKO_RESTIC_PASSWORD = { + file = ../../secrets/sisko-restic-password.age; + owner = "root"; }; }; - config.environment.systemPackages = builtins.map (path: - pkgs.writeShellApplication { - name = "restic-restore-${builtins.replaceStrings ["/"] ["-"] path}"; - runtimeInputs = with pkgs; [restic]; - text = '' - restic -r ${config.services.restic.backups.hetzner.repository} \ - ${lib.concatMapStringsSep ''\'' (option: "-o ${option}") config.services.restic.backups.hetzner.extraOptions} \ - --password-file ${config.services.restic.backups.hetzner.passwordFile} \ - restore latest \ - --path "${path}"\ - --target "$1" - ''; - }) - config.services.restic.backups.hetzner.paths; + services.openssh.knownHosts."${host}".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICf9svRenC/PLKIL9nk6K/pxQgoiFC41wTNvoIncOxs"; + + services.restic.backups.sisko = { + paths = ["/persist"]; + passwordFile = config.age.secrets.SISKO_RESTIC_PASSWORD.path; + extraOptions = [ + "sftp.command='${lib.getExe pkgs.sshpass} -f ${config.age.secrets.HETZNER_STORAGE_BOX_SISKO_SSH_PASSWORD.path} ssh -p${port} ${user}@${host} -s sftp'" + ]; + repository = "sftp://${user}@${host}:${port}/"; + initialize = true; + timerConfig.OnCalendar = "daily"; + timerConfig.RandomizedDelaySec = "1h"; + }; } diff --git a/secrets/hetzner-storage-box-sisko-ssh-password.age b/secrets/hetzner-storage-box-sisko-ssh-password.age new file mode 100644 index 0000000000000000000000000000000000000000..d2e9b5acf5f88f348d9ca9895dfbe1ef5e530b04 GIT binary patch literal 1653 zcmYdHPt{G$OD?J`D9Oyv)5|YP*Do{V(zR14F3!*`Do#|;cT7xoD(7;|&CktBc8YWh zH8*ezil|EWOf?8}EHpCpE3!y)_VF(FtjO?iv@oem@iI(IiYoC7)i$g2^bWO*@To|O zs>tVZb&WDj%qw>DkIc_4b##u5v@FT-H+Krn@DJ6u$a4?!3rkKncXRj6H^>Qf@h=b0 zvIz6BbaC-<4h%AKGB<3(Gb) zEOm@BNq0{RayQBdstn4=N=~t?NK3IW^bacV<;qPdj|?}m$VxWL^vv{0EUok{NzG1A zvq;I;FEh{g35+NV4XE(W^C=DYFU}6Cbh5~F%kwC4D)BM%u*fy^apZCi3U|-VN%yoU zv?$CBEX@jciE9|%&f{POLq43%l7thH8(5?4KGV8<;pa5bFcIYE(p$baZfSvPEIYY3`ndB zjPMGGFb_62a`W_ebc+ZKj3`euF^C9u&#VgZb~a7%iz>s8$HO{TbvGnq+C@wV3DNHUeOEZf!2{5%R)((s;bqWkIPfy9rbIbKF z^wIY#3odld%yRU|D6I13%61G*c1cZgGc_*Hb@C5)2`+asG)xT(HV^SNO$+f0cZqT} z2?+_wbk0miPRD^BMaKG$Tp+yzJE-nTUZs{pm`c8or zPR8M7Mdf}`z7ZisiJ&+yF^$M@&$l#kOmg!rcT3LC(=QH8D%7qp<%;x6Oe-`pa`kjH z4a&|*OgHsTGxTus57RELGRz4KsIW9Qt1?Wn%ucHC%k}p&3n&b)@bfGVOE1s&%MY(g z&E(4WF*C_4D#{2gb@C|5^YSfD^UCrK%Ph!nk8-!jFRwJqigJ(4au3L^FiMIr_0Tre z*H6vL4>3yfOwZFUwb19v^b7U$DfLf|3iJ$dceM!A_cS&&)z;T9Pjn8}HcG5A&olIm zDD_RtD@e=mH%kn6bV;|&N%PDpNzQYMC^vTGaw)9}OfxOXGSJRWtqk?dNH#Vu@d@^h z46sZK@+);tD|59l_V&+nb4yCAGWE^~EsqHF&B^hMGB5BhGe`<{?FAL0dDJe=xHPSA1E;V;fG0iDV)h{+K_lO8~a!fL| z@UL)*a*c5Fic0p)&&cDlbkcTlG%mET2un1J^fgMVi1I28DXH=ZO1G>sF*Em!aw$j( zD)Y(8Ehq_zN;V76ch)a2FmTQC_N?+L@^due$_vk{EJ=(sclSyT%8K$yt_*dn3Un?h zODb@7D+>1ua`p2K3HLUzObV{bDljikNvp^+PYo)ns&e$s@N)?Z;R^C{Ey@flFYvH* zcXA8N&nx#yi7L!1@h=F^urx^Y$@9t&3rg{J^RCLWfTiQq6eCkpLrVqivXr1aM}-jo zQt#x%$e_$j$CAucKg%E|ugZ|faMx^)+z`_cr-;PhFlRsg%BqaONG`L0ycF;3eAmEm z{Zz;FkO04cY%l+)FzvJy=g6QmugK8MRL|mcXSaaLY%X10U4=|b1ATpe3nM@Mys)fN zZ ssh-rsa /AagBw +TKW/pV8ANvSWay5wTsFhV0CDSqn/wZAzNRP0WgRzBJbsrFP2/YYkhRHFtwkMjeXm +qEJPeXYdpgT6+FXq3nfhTaK/AbeebBRWO7dgGfKBosJ6Mc+PMhephrQ+oH6/zbG5 +l5QclAZ4NOfkD3f/nnqog13nKTijHjHcTnEWYZZz8RowaUEkEjo4Xbgw1MUbC8yJ +khyqZOTVFnfKgcSW5rlnsbrZKkmwYYY8mej27I9AFeSLgE0DOF3OWxrNxuPdxICp +h/kfQ2lPw75TWX5vj8WKOOxjAvheIiJDAAdfOoroK1BqKAUmpC6HjpC3cJZhrMmE +Xtob+esC39M8QBO1vUB639/I0AKAMbn3rE617StUr2QyyyNahnOOOPaZplCk/uM8 +Sde8d+VwTuvJXosuxi7Z+lQbeyCg7WmRigRoSiL6+9HcdMtDMDRjtloVq1o+iHXc +5A99Eeq0D/rBVSDmXKkVpcwLfruWL1v061+K7PPnjKa2CjnoEjAZDfqeQI+OBLZP +zqJ1CcQUnujYEpyhy4YV1ZpLZYOt48osEhUvG/eFnfymeDeAVAts725uzboN3uX8 +ETM5k0cW1ElSTL0BltRn8hRs8BSVXtKIucRXERomIwK+45ux8DHFS2NQlEHs2x1g +d4coPbCgMt7nBPYGnAUOYaWyw6dcaCAPNoVVIyUP1ps +-> ssh-rsa QHr3/A +GM2npxcLnNk81fSJUW9tcDnaKcx42cuxaObl8oCB43GIFm7K5L89FHj4Ww9RUJy0 +V41RQ802OBgudJqOI63DcW7mZ905fqLTnKZ75EJJSGgqjY0EcCOc2Oy8kV/BidWP +scmDbd+mQ1INuZBr9GBkD1brESh4vHtByPD6wkFKXlVkVTL49EQt8uBw8/0+uF0B +5a1aRQ09IkVPjluDMy2fc4VpgvkdnuXsMRD8vPk6gGzVlii72htGwYYWtIP9CgpY +trp85RxVGuqUTULFBOGXcc7YjfE1DWkPoeokCL8m7aVzdasZl+cl/Ick6rJueuQI +5ESvYKqRTfZ+oA8MapNtAZ7Nl8CT8VJoRyI6IQvPynRXCBK9D6gEAWc5l6Kv15Fl +73c8Q5I2oIaLOfeMYcZ1bL5Zvspa6Rsb5BtvOuOkacxx7GjMar1G2tUY4W3vFqn9 +yf8/Uc61LU6BYVvFh6DI6TwHp6xp/DrWZYhXCvNfirMn1NSw+8q0EEcIr2sUdkbx +gf2onMjtRP/Mki0oqkMTXnIsCzL/Y7D13GdouVqz0Ttbg/BEa8RnSaJxDIwQ1Wlz +VCC+oK/jTr+0pfP+3iR75WuGC0ce+muEN/L29H6wFk4N2oar/r0BYZZ6BtV9I9kS +8xnIxKvrcJ4O5dYy4f/lMeTRlPp6pz1jjtb6AVcNzHE +-> ssh-ed25519 +vdRnA qQe9nesjyr3dCtSa7xfgsw1RjKx5UGTzg+/XrcDzl0A +912JZmwcsvsg2D8G9LakTfOa70hCkk4DALZP1fKcw2A +--- GzPDMAdvn0Gvp+gqVd/1EKvMPtqPhIjpVYRDAcvhwaU +Ș x +ydOSa)avGჳMX %O=`~$  \ No newline at end of file From 2871c291bff1bc91eb8f3b904681848ca5804196 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Thu, 25 Jul 2024 16:44:14 +0200 Subject: [PATCH 5/8] Promtail --- modules/promtail/default.nix | 2 +- modules/promtail/protmail.yaml | 0 2 files changed, 1 insertion(+), 1 deletion(-) delete mode 100644 modules/promtail/protmail.yaml diff --git a/modules/promtail/default.nix b/modules/promtail/default.nix index 74f2eec..f6d7621 100644 --- a/modules/promtail/default.nix +++ b/modules/promtail/default.nix @@ -11,7 +11,7 @@ }; clients = [ { - url = "http://sisko.fleet:${builtins.toString config.services.loki.configuration.server.http_listen_port}/loki/api/v1/push"; + url = "http://sisko.fleet:${builtins.toString config.services.loki.configuration.server.http_listen_port or 3100}/loki/api/v1/push"; } ]; positions = { diff --git a/modules/promtail/protmail.yaml b/modules/promtail/protmail.yaml deleted file mode 100644 index e69de29..0000000 From a39a314e4c3801fc5e34ee7e39ce49224391c4f7 Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Thu, 25 Jul 2024 16:44:28 +0200 Subject: [PATCH 6/8] Prometheus pushgateway --- modules/prometheus-exporters/default.nix | 76 ++++++++++++++++-------- modules/prometheus/default.nix | 62 +++++++++++++++++++ 2 files changed, 112 insertions(+), 26 deletions(-) diff --git a/modules/prometheus-exporters/default.nix b/modules/prometheus-exporters/default.nix index ceaab99..a56d1cb 100644 --- a/modules/prometheus-exporters/default.nix +++ b/modules/prometheus-exporters/default.nix @@ -1,32 +1,56 @@ { config, pkgs, + lib, ... -}: { - services.prometheus.exporters.node = { - enable = true; - enabledCollectors = [ - "cpu" - "conntrack" - "diskstats" - "entropy" - "filefd" - "filesystem" - "loadavg" - "mdadm" - "meminfo" - "netdev" - "netstat" - "stat" - "time" - "vmstat" - "systemd" - "logind" - "interrupts" - "ksmd" - "textfile" - "pressure" - ]; - extraFlags = ["--collector.ethtool" "--collector.softirqs" "--collector.tcpstat" "--collector.wifi"]; +}: let + hostname = config.networking.hostName; + mkFor = hosts: lib.mkIf (builtins.elem hostname hosts); +in { + services.prometheus.exporters = { + node = mkFor ["sisko" "picard"] { + enable = true; + enabledCollectors = [ + "cpu" + "conntrack" + "diskstats" + "entropy" + "filefd" + "filesystem" + "loadavg" + "mdadm" + "meminfo" + "netdev" + "netstat" + "stat" + "time" + "vmstat" + "systemd" + "logind" + "interrupts" + "ksmd" + "textfile" + "pressure" + ]; + extraFlags = ["--collector.ethtool" "--collector.softirqs" "--collector.tcpstat" "--collector.wifi"]; + }; + wireguard = mkFor ["sisko" "picard"] { + enable = true; + }; + zfs = mkFor ["picard"] { + enable = true; + }; + # restic = mkFor ["sisko"] { + # enable = true; + # }; + postgres = mkFor ["sisko"] { + enable = true; + }; + nginx = mkFor ["sisko"] { + enable = true; + }; + smartctl = mkFor ["sisko"] { + enable = true; + }; }; } diff --git a/modules/prometheus/default.nix b/modules/prometheus/default.nix index e77b7d6..c35b04e 100644 --- a/modules/prometheus/default.nix +++ b/modules/prometheus/default.nix @@ -3,6 +3,12 @@ in { services.prometheus = { enable = true; + pushgateway = { + enable = true; + web = { + listen-address = "sisko.fleet:9094"; + }; + }; checkConfig = false; # Otherwise it will fail because it cannot access bearer_token_file webExternalUrl = "https://status.aciceri.dev"; globalConfig.scrape_interval = "10s"; @@ -17,6 +23,14 @@ in { } ]; } + { + job_name = "pushgateway"; + static_configs = [ + { + targets = [cfg.pushgateway.web.listen-address]; + } + ]; + } { job_name = "node"; static_configs = [ @@ -25,6 +39,54 @@ in { } ]; } + { + job_name = "wireguard"; + static_configs = [ + { + targets = builtins.map (host: "${host}.fleet:9586") ["picard"]; + } + ]; + } + { + job_name = "zfs"; + static_configs = [ + { + targets = builtins.map (host: "${host}.fleet:9134") ["picard"]; + } + ]; + } + { + job_name = "restic"; + static_configs = [ + { + targets = builtins.map (host: "${host}.fleet:9753") ["sisko"]; + } + ]; + } + { + job_name = "postgres"; + static_configs = [ + { + targets = builtins.map (host: "${host}.fleet:9187") ["sisko"]; + } + ]; + } + { + job_name = "nginx"; + static_configs = [ + { + targets = builtins.map (host: "${host}.fleet:9117") ["sisko"]; + } + ]; + } + { + job_name = "smartctl"; + static_configs = [ + { + targets = builtins.map (host: "${host}.fleet:9633") ["sisko"]; + } + ]; + } ]; }; environment.persistence."/persist".directories = [ From dbb15d07ed8e6c76e7c378523ad3c09e91da78ec Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Thu, 25 Jul 2024 16:44:37 +0200 Subject: [PATCH 7/8] Enable promtail on `picard` --- hosts/picard/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/picard/default.nix b/hosts/picard/default.nix index 97be64f..5337448 100644 --- a/hosts/picard/default.nix +++ b/hosts/picard/default.nix @@ -42,6 +42,7 @@ "adb" "guix" "prometheus-exporters" + "promtail" ] ++ [ ./disko.nix From 797f8d032dcaa429d2856cddbe0213df6473581b Mon Sep 17 00:00:00 2001 From: Andrea Ciceri Date: Thu, 25 Jul 2024 16:44:56 +0200 Subject: [PATCH 8/8] Enable `garmin-collector` on `sisko` --- hosts/sisko/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/sisko/default.nix b/hosts/sisko/default.nix index 8baf83a..f86b986 100644 --- a/hosts/sisko/default.nix +++ b/hosts/sisko/default.nix @@ -34,6 +34,7 @@ "prometheus-exporters" "loki" "promtail" + "garmin-collector" "restic" # "immich" ]