From da5512f2e9a7d97bccbcac8b8971defa5b971b83 Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Mon, 12 Apr 2021 17:59:51 +0200 Subject: feat(whitby): Enable Grafana at status.tvl.su Enables a Grafana service pointing to whitby's local Prometheus instance, accessible at status.tvl.su. I've no idea how to configure Grafana and if it's possible to link it to CAS, but we'll see about that later. Notes: * the explicit fixpoint for whitby config has been removed as we have the `config` parameter available now * backups are enabled for the Grafana storage location Change-Id: If5ffe0c1a3378d1c88529129487c643642705fd2 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2948 Tested-by: BuildkiteCI Reviewed-by: grfn --- ops/machines/whitby/default.nix | 26 ++++++++++++++++++++++---- ops/modules/www/status.tvl.su.nix | 25 +++++++++++++++++++++++++ 2 files changed, 47 insertions(+), 4 deletions(-) create mode 100644 ops/modules/www/status.tvl.su.nix diff --git a/ops/machines/whitby/default.nix b/ops/machines/whitby/default.nix index 554caa6642..82853a21e5 100644 --- a/ops/machines/whitby/default.nix +++ b/ops/machines/whitby/default.nix @@ -4,7 +4,7 @@ let inherit (builtins) listToAttrs; inherit (lib) range; -in lib.fix(self: { +in { imports = [ "${depot.path}/ops/modules/clbot.nix" "${depot.path}/ops/modules/irccat.nix" @@ -22,6 +22,7 @@ in lib.fix(self: { "${depot.path}/ops/modules/www/code.tvl.fyi.nix" "${depot.path}/ops/modules/www/cs.tvl.fyi.nix" "${depot.path}/ops/modules/www/login.tvl.fyi.nix" + "${depot.path}/ops/modules/www/status.tvl.su.nix" "${depot.path}/ops/modules/www/tazj.in.nix" "${depot.path}/ops/modules/www/todo.tvl.fyi.nix" "${depot.path}/ops/modules/www/tvl.fyi.nix" @@ -140,7 +141,7 @@ in lib.fix(self: { # above (otherwise DHCP overwrites it): environment.etc."resolv.conf" = with lib; { source = pkgs.writeText "resolv.conf" '' - ${concatStringsSep "\n" (map (ns: "nameserver ${ns}") self.networking.nameservers)} + ${concatStringsSep "\n" (map (ns: "nameserver ${ns}") config.networking.nameservers)} options edns0 ''; }; @@ -331,7 +332,7 @@ in lib.fix(self: { # Regularly back up whitby to Google Cloud Storage. systemd.services.restic = { description = "Backups to Google Cloud Storage"; - script = "${pkgs.restic}/bin/restic backup /var/lib/gerrit /var/backup/postgresql"; + script = "${pkgs.restic}/bin/restic backup /var/lib/gerrit /var/backup/postgresql /var/lib/grafana"; environment = { GOOGLE_PROJECT_ID = "tazjins-infrastructure"; @@ -380,6 +381,23 @@ in lib.fix(self: { }]; }; + services.grafana = { + enable = true; + port = 4723; # "graf" on phone keyboard + domain = "status.tvl.su"; + rootUrl = "https://status.tvl.su"; + analytics.reporting.enable = false; + + provision = { + enable = true; + datasources = [{ + name = "Prometheus"; + type = "prometheus"; + url = "http://localhost:9090"; + }]; + }; + }; + security.sudo.extraRules = [ { groups = ["wheel"]; @@ -479,4 +497,4 @@ in lib.fix(self: { }; system.stateVersion = "20.03"; -}) +} diff --git a/ops/modules/www/status.tvl.su.nix b/ops/modules/www/status.tvl.su.nix new file mode 100644 index 0000000000..2bb6093c14 --- /dev/null +++ b/ops/modules/www/status.tvl.su.nix @@ -0,0 +1,25 @@ +{ config, ... }: + +{ + imports = [ + ./base.nix + ]; + + config = { + services.nginx.virtualHosts."status-fyi" = { + serverName = "status.tvl.fyi"; + enableACME = true; + extraConfig = "return 302 https://status.tvl.su$request_uri;"; + }; + + services.nginx.virtualHosts.grafana = { + serverName = "status.tvl.su"; + enableACME = true; + forceSSL = true; + + locations."/" = { + proxyPass = "http://localhost:${toString config.services.grafana.port}"; + }; + }; + }; +} -- cgit 1.4.1