From e9c3d2f6d91129d173f4f94b4fa3d8269480094c Mon Sep 17 00:00:00 2001 From: Griffin Smith Date: Sun, 7 Nov 2021 17:01:44 -0500 Subject: feat(gs/mugwump): Run xanthous server Add a nixos module for running the xanthous server in a docker container, and install it on mugwump including a prometheus scrape config. Change-Id: Ifeb315845b7eef2ee33af98fa3f71acdd3d9fe6b Reviewed-on: https://cl.tvl.fyi/c/depot/+/3812 Reviewed-by: grfn Tested-by: BuildkiteCI --- users/grfn/system/system/machines/mugwump.nix | 9 ++++++ users/grfn/xanthous/server/docker.nix | 2 -- users/grfn/xanthous/server/module.nix | 41 +++++++++++++++++++++++++++ 3 files changed, 50 insertions(+), 2 deletions(-) create mode 100644 users/grfn/xanthous/server/module.nix diff --git a/users/grfn/system/system/machines/mugwump.nix b/users/grfn/system/system/machines/mugwump.nix index 6e6deb6c2b24..aae9b0387ff5 100644 --- a/users/grfn/system/system/machines/mugwump.nix +++ b/users/grfn/system/system/machines/mugwump.nix @@ -7,6 +7,7 @@ with lib; ../modules/common.nix (modulesPath + "/installer/scan/not-detected.nix") "${depot.path}/ops/modules/prometheus-fail2ban-exporter.nix" + "${depot.path}/users/grfn/xanthous/server/module.nix" ]; networking.hostName = "mugwump"; @@ -200,6 +201,12 @@ with lib; static_configs = [{ targets = ["localhost:${toString config.services.prometheus.exporters.nginx.port}"]; }]; + } { + job_name = "xanthous_server"; + scrape_interval = "1s"; + static_configs = [{ + targets = ["localhost:${toString config.services.xanthous-server.metricsPort}"]; + }]; } { job_name = "blackbox"; metrics_path = "/probe"; @@ -226,6 +233,8 @@ with lib; }]; }; + services.xanthous-server.enable = true; + virtualisation.docker.enable = true; services.buildkite-agents = listToAttrs (map (n: rec { diff --git a/users/grfn/xanthous/server/docker.nix b/users/grfn/xanthous/server/docker.nix index e6054a66d28a..a62943c2b077 100644 --- a/users/grfn/xanthous/server/docker.nix +++ b/users/grfn/xanthous/server/docker.nix @@ -6,7 +6,6 @@ let inherit (depot.users.grfn) xanthous; xanthous-server = xanthous.server; - in pkgs.dockerTools.buildLayeredImage { name = "xanthous-server"; tag = "latest"; @@ -17,5 +16,4 @@ in pkgs.dockerTools.buildLayeredImage { "--xanthous-binary-path" "${xanthous}/bin/xanthous" ]; }; - ci = false; } diff --git a/users/grfn/xanthous/server/module.nix b/users/grfn/xanthous/server/module.nix new file mode 100644 index 000000000000..11adda955d2c --- /dev/null +++ b/users/grfn/xanthous/server/module.nix @@ -0,0 +1,41 @@ +{ config, lib, pkgs, depot, ... }: + +let + cfg = config.services.xanthous-server; +in { + options = with lib; { + services.xanthous-server = { + enable = mkEnableOption "xanthous server"; + + port = mkOption { + type = types.int; + default = 2222; + description = "Port to listen to for SSH connections"; + }; + + metricsPort = mkOption { + type = types.int; + default = 9000; + description = "Port to listen to for prometheus metrics"; + }; + + image = mkOption { + type = types.package; + default = depot.users.grfn.xanthous.server.docker; + description = "OCI image file to run"; + }; + }; + }; + + config = lib.mkIf cfg.enable { + virtualisation.oci-containers.containers."xanthous-server" = { + autoStart = true; + image = "${cfg.image.imageName}:${cfg.image.imageTag}"; + imageFile = cfg.image; + ports = [ + "${toString cfg.port}:22" + "${toString cfg.metricsPort}:9000" + ]; + }; + }; +} -- cgit 1.4.1