summaryrefslogtreecommitdiffstats
path: root/lass/1systems/mors.nix
diff options
context:
space:
mode:
Diffstat (limited to 'lass/1systems/mors.nix')
-rw-r--r--lass/1systems/mors.nix192
1 files changed, 50 insertions, 142 deletions
diff --git a/lass/1systems/mors.nix b/lass/1systems/mors.nix
index dde867eb3..afe37e958 100644
--- a/lass/1systems/mors.nix
+++ b/lass/1systems/mors.nix
@@ -31,13 +31,6 @@ with import <stockholm/lib>;
];
}
#{
- # services.mysql = {
- # enable = true;
- # package = pkgs.mariadb;
- # rootPassword = "<secrets>/mysql_rootPassword";
- # };
- #}
- #{
# services.elasticsearch = {
# enable = true;
# plugins = [
@@ -83,140 +76,56 @@ with import <stockholm/lib>;
{
services.redis.enable = true;
}
- {
- virtualisation.libvirtd.enable = true;
- }
- {
- services.nginx = {
- enable = mkDefault true;
- virtualHosts = {
- "stats.mors" = {
- locations = {
- "/" = {
- proxyPass = "http://localhost:3000/";
- extraConfig = ''
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- '';
- };
- };
- };
- };
- };
-
- services.grafana = {
- enable = true;
- addr = "127.0.0.1";
- users.allowSignUp = false;
- users.allowOrgCreate = false;
- users.autoAssignOrg = false;
- auth.anonymous.enable = true;
- security = import <secrets/grafana_security.nix>; # { AdminUser = ""; adminPassword = ""}
- };
-
- services.graphite = {
- api = {
- enable = true;
- listenAddress = "127.0.0.1";
- port = 18080;
- };
- carbon = {
- enableCache = true;
- # save disk usage by restricting to 1 bulk update per second
- config = ''
- [cache]
- MAX_CACHE_SIZE = inf
- MAX_UPDATES_PER_SECOND = 1
- MAX_CREATES_PER_MINUTE = 500
- '';
- storageSchemas = ''
- [carbon]
- pattern = ^carbon\.
- retentions = 60:90d
-
- [elchos]
- patterhn = ^elchos\.
- retentions = 10s:30d,60s:3y
-
- [default]
- pattern = .*
- retentions = 30s:30d,300s:1y
- '';
- };
- };
-
- services.collectd = {
- enable = true;
- include = [ (toString (pkgs.writeText "collectd-graphite-cfg" ''
- LoadPlugin write_graphite
- <Plugin "write_graphite">
- <Carbon>
- Host "localhost"
- Port "2003"
- EscapeCharacter "_"
- StoreRates false
- AlwaysAppendDS false
- </Carbon>
- </Plugin>
- ''))
- ];
- extraConfig = ''
- LoadPlugin interface
- LoadPlugin battery
- LoadPlugin load
- LoadPlugin cpu
- LoadPlugin entropy
- LoadPlugin write_graphite
- <Plugin "interface">
- Interface "et0"
- Interface "wl0"
- Interface "retiolum"
- </Plugin>
- '';
- };
- services.graphite.beacon = {
- enable = true;
- config = {
- graphite_url = "http://localhost:18080";
- cli = {
- command = ''${pkgs.irc-announce}/bin/irc-announce irc.freenode.org 6667 mors-beacon-alert \#krebs ' ''${level} ''${name} ''${value}' '';
- };
- smtp = {
- from = "beacon@mors.r";
- to = [
- "lass@mors.r"
- ];
- };
- normal_handlers = [
- "smtp"
- "cli"
- ];
- warning_handlers = [
- "smtp"
- "cli"
- ];
- critical_handlers = [
- "smtp"
- "cli"
- ];
- alerts = [
- {
- name = "testbattery";
- query = "*.battery-0.capacity";
- method = "last_value";
- interval = "1minute";
- logging = "info";
- repeat_interval = "5minute";
- rules = [
- "warning: < 30.0"
- "critical: < 10.0"
- ];
- }
- ];
- };
- };
- }
+ #{
+ # #gitit magic
+ # imports = [ <nixpkgs/nixos/modules/services/misc/gitit.nix> ];
+ # services.gitit = {
+ # enable = true;
+ # haskellPackages = pkgs.haskell.packages.ghc7103;
+ # };
+ #}
+ #{
+ # lass.icinga2 = {
+ # enable = true;
+ # configFiles = [
+ # ''
+ # template Service "generic-service" {
+ # max_check_attempts = 3
+ # check_interval = 5m
+ # retry_interval = 1m
+ # enable_perfdata = true
+ # }
+ # apply Service "ping4" {
+ # }
+ # ''
+ # ];
+ # };
+ # services.mysql = {
+ # enable = true;
+ # package = pkgs.mariadb;
+ # rootPassword = "<secrets>/mysql_rootPassword";
+ # };
+ # lass.icingaweb2 = {
+ # enable = true;
+ # initialRootPasswordHash = "$1$HpWDCehI$ITbAoyfOB6HEN1ftooxZq0";
+ # resources = {
+ # icinga2db = {
+ # type = "mysql";
+ # host = "localhost";
+ # user = "icingaweb2";
+ # db = "icinga";
+ # passfile = <secrets/icinga2-pw>;
+ # };
+ # icingaweb2db = {
+ # type = "mysql";
+ # host = "localhost";
+ # user = "icingaweb2";
+ # db = "icingaweb2";
+ # passfile = <secrets/icinga2-pw>;
+ # };
+ # };
+ # };
+ #}
];
krebs.build.host = config.krebs.hosts.mors;
@@ -229,7 +138,6 @@ with import <stockholm/lib>;
initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; } ];
initrd.luks.cryptoModules = [ "aes" "sha512" "sha1" "xts" ];
initrd.availableKernelModules = [ "xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
- #kernelModules = [ "kvm-intel" "msr" ];
};
fileSystems = {
"/" = {