From 2c484daf3cb78deefdcfe2ef6cececaab397dace Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 5 Feb 2017 00:23:44 +0100
Subject: l 2 monitoring client: remove dns query
---
lass/2configs/monitoring/client.nix | 4 ----
1 file changed, 4 deletions(-)
(limited to 'lass')
diff --git a/lass/2configs/monitoring/client.nix b/lass/2configs/monitoring/client.nix
index e879d6960..210fd2d10 100644
--- a/lass/2configs/monitoring/client.nix
+++ b/lass/2configs/monitoring/client.nix
@@ -29,10 +29,6 @@ with import <stockholm/lib>;
''
[[inputs.net]]
''
- ''
- [[inputs.dns_query]]
- servers = ["8.8.8.8"]
- ''
];
};
systemd.services.telegraf.path = with pkgs; [
--
cgit v1.2.3
From 0ea991ffe9252041751e6e740c5166e164541928 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 5 Feb 2017 00:25:39 +0100
Subject: l 2 monitoring server: add ram & deadman alarm
---
lass/2configs/monitoring/server.nix | 37 +++++++++++++++++++++++++------------
1 file changed, 25 insertions(+), 12 deletions(-)
(limited to 'lass')
diff --git a/lass/2configs/monitoring/server.nix b/lass/2configs/monitoring/server.nix
index 2e1c15ca1..505cb7a17 100644
--- a/lass/2configs/monitoring/server.nix
+++ b/lass/2configs/monitoring/server.nix
@@ -1,9 +1,7 @@
{pkgs, config, ...}:
with import <stockholm/lib>;
{
- services.influxdb = {
- enable = true;
- };
+ services.influxdb.enable = true;
services.influxdb.extraConfig = {
meta.hostname = config.krebs.build.host.name;
@@ -29,24 +27,39 @@ with import <stockholm/lib>;
data="$(${pkgs.jq}/bin/jq -r .message)"
export LOGNAME=prism-alarm
${pkgs.irc-announce}/bin/irc-announce \
- irc.freenode.org 6667 prism-alarm \#krebs-bots "$data" >/dev/null
+ ni.r 6667 prism-alarm \#retiolum "$data" >/dev/null
'';
in {
enable = true;
+ check_db = "telegraf_db";
alarms = {
- test2 = ''
- batch
+ cpu = ''
+ var data = batch
|query(${"'''"}
SELECT mean("usage_user") AS mean
FROM "${config.lass.kapacitor.check_db}"."default"."cpu"
${"'''"})
- .every(3m)
- .period(1m)
+ .period(10m)
+ .every(1m)
+ .groupBy('host')
+ data |alert()
+ .crit(lambda: "mean" > 90)
+ .exec('${echoToIrc}')
+ data |deadman(1.0,5m)
+ .stateChangesOnly()
+ .exec('${echoToIrc}')
+ '';
+ ram = ''
+ var data = batch
+ |query(${"'''"}
+ SELECT mean("used_percent") AS mean
+ FROM "${config.lass.kapacitor.check_db}"."default"."mem"
+ ${"'''"})
+ .period(10m)
+ .every(1m)
.groupBy('host')
- |alert()
- .crit(lambda: "mean" > 90)
- // Whenever we get an alert write it to a file.
- .log('/tmp/alerts.log')
+ data |alert()
+ .crit(lambda: "mean" > 90)
.exec('${echoToIrc}')
'';
};
--
cgit v1.2.3
From 2a3176d871497daf95cd5c28fc5c2d02d1bd32fd Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 5 Feb 2017 00:28:41 +0100
Subject: l 2 nixpkgs: 5fff5a9 -> f66d782
unstable
---
lass/2configs/nixpkgs.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'lass')
diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix
index 4a1b0379b..e7229654d 100644
--- a/lass/2configs/nixpkgs.nix
+++ b/lass/2configs/nixpkgs.nix
@@ -3,6 +3,6 @@
{
krebs.build.source.nixpkgs.git = {
url = https://github.com/nixos/nixpkgs;
- ref = "5fff5a902594b34471b613eb2babcec923e1e1f1";
+ ref = "f66d782";
};
}
--
cgit v1.2.3
From 25597af7630ba57a771c90748dd7e0d18e42052b Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 5 Feb 2017 00:48:06 +0100
Subject: l 3: remove urxvtd
---
lass/3modules/default.nix | 1 -
lass/3modules/urxvtd.nix | 55 -----------------------------------------------
2 files changed, 56 deletions(-)
delete mode 100644 lass/3modules/urxvtd.nix
(limited to 'lass')
diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix
index 2bf2df8b3..f97b041ac 100644
--- a/lass/3modules/default.nix
+++ b/lass/3modules/default.nix
@@ -6,7 +6,6 @@ _:
./hosts.nix
./mysql-backup.nix
./umts.nix
- ./urxvtd.nix
./usershadow.nix
./xresources.nix
./kapacitor.nix
diff --git a/lass/3modules/urxvtd.nix b/lass/3modules/urxvtd.nix
deleted file mode 100644
index 469616a9f..000000000
--- a/lass/3modules/urxvtd.nix
+++ /dev/null
@@ -1,55 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-let
-in
-
-with builtins;
-with lib;
-
-{
- options = {
- services.urxvtd = {
- enable = mkOption {
- type = types.bool;
- default = false;
- description = "Enable urxvtd per user";
- };
- users = mkOption {
- type = types.listOf types.string;
- default = [];
- description = "users to run urxvtd for";
- };
- urxvtPackage = mkOption {
- type = types.package;
- default = pkgs.rxvt_unicode;
- description = "urxvt package to use";
- };
- };
- };
-
- config =
- let
- cfg = config.services.urxvtd;
- users = cfg.users;
- urxvt = cfg.urxvtPackage;
- mkService = user: {
- description = "urxvt terminal daemon";
- wantedBy = [ "multi-user.target" ];
- restartIfChanged = false;
- path = [ pkgs.xlibs.xrdb ];
- environment = {
- DISPLAY = ":0";
- URXVT_PERL_LIB = "${urxvt}/lib/urxvt/perl";
- };
- serviceConfig = {
- Restart = "always";
- User = user;
- ExecStart = "${urxvt}/bin/urxvtd";
- };
- };
- in
- mkIf cfg.enable {
- environment.systemPackages = [ urxvt ];
- systemd.services = listToAttrs (map (u: { name = "${u}-urxvtd"; value = mkService u; }) users);
- };
-}
--
cgit v1.2.3
From 2d8c8c4cf51db69912633283c53327197ad5b437 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 5 Feb 2017 01:18:53 +0100
Subject: l 2 baseX: remove broken termite
---
lass/2configs/baseX.nix | 1 -
1 file changed, 1 deletion(-)
(limited to 'lass')
diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix
index e879e8e58..2933ca0e4 100644
--- a/lass/2configs/baseX.nix
+++ b/lass/2configs/baseX.nix
@@ -66,7 +66,6 @@ in {
youtube-tools
rxvt_unicode
- termite
#window manager stuff
#haskellPackages.xmobar
#haskellPackages.yeganesh
--
cgit v1.2.3
From 427482e4793cb679804d2d0c1f8b5a809502464f Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 5 Feb 2017 01:19:10 +0100
Subject: l 5 xmonad: remove broken termite
---
lass/5pkgs/xmonad-lass.nix | 1 -
1 file changed, 1 deletion(-)
(limited to 'lass')
diff --git a/lass/5pkgs/xmonad-lass.nix b/lass/5pkgs/xmonad-lass.nix
index cf8eaf058..dd4d8803c 100644
--- a/lass/5pkgs/xmonad-lass.nix
+++ b/lass/5pkgs/xmonad-lass.nix
@@ -129,7 +129,6 @@ myKeyMap =
, ("M4-<Esc>", toggleWS)
, ("M4-S-<Enter>", spawn urxvtcPath)
, ("M4-x", floatNext True >> spawn urxvtcPath)
- , ("M4-z", floatNext True >> spawn "${pkgs.termite}/bin/termite")
, ("M4-f", floatNext True)
, ("M4-b", sendMessage ToggleStruts)
--
cgit v1.2.3
From cf5cb7267f0df98997452a1d9faf910946c709ee Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 5 Feb 2017 09:30:56 +0100
Subject: l 2 mail: mutt-kz -> neomutt
---
lass/2configs/mail.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
(limited to 'lass')
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 872acc003..5ca84133d 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -17,7 +17,7 @@ let
muttrc = pkgs.writeText "muttrc" ''
# gpg
- source ${pkgs.mutt-kz}/share/doc/mutt-kz/samples/gpg.rc
+ source ${pkgs.neomutt}/share/doc/neomutt/samples/gpg.rc
set pgp_use_gpg_agent = yes
set pgp_sign_as = 0x976A7E4D
set crypt_autosign = yes
@@ -99,7 +99,7 @@ let
'';
mutt = pkgs.writeDashBin "mutt" ''
- exec ${pkgs.mutt-kz}/bin/mutt -F ${muttrc} $@
+ exec ${pkgs.neomutt}/bin/mutt -F ${muttrc} $@
'';
in {
--
cgit v1.2.3
From 035dce390cf0de75cf9e10e67c51388a9d1b648b Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 5 Feb 2017 09:35:31 +0100
Subject: l 2 websites domsen: remove user nrg
---
lass/2configs/websites/domsen.nix | 10 +---------
1 file changed, 1 insertion(+), 9 deletions(-)
(limited to 'lass')
diff --git a/lass/2configs/websites/domsen.nix b/lass/2configs/websites/domsen.nix
index 66fc681b1..0b75425c4 100644
--- a/lass/2configs/websites/domsen.nix
+++ b/lass/2configs/websites/domsen.nix
@@ -118,8 +118,7 @@ in {
{ from = "mail@jla-trading.com"; to = "jla-trading"; }
{ from = "jms@ubikmedia.eu"; to = "jms"; }
{ from = "ms@ubikmedia.eu"; to = "ms"; }
- { from = "nrg@ubikmedia.eu"; to = "nrg"; }
- { from = "ubik@ubikmedia.eu"; to = "domsen, jms, ms, nrg"; }
+ { from = "ubik@ubikmedia.eu"; to = "domsen, jms, ms"; }
{ from = "testuser@lassul.us"; to = "testuser"; }
];
@@ -161,13 +160,6 @@ in {
createHome = true;
};
- users.users.nrg = {
- uid = genid_signed "nrg";
- home = "/home/nrg";
- useDefaultShell = true;
- createHome = true;
- };
-
users.users.testuser = {
uid = genid_signed "testuser";
home = "/home/testuser";
--
cgit v1.2.3
From 6ad79bd34eb62d916d5802536174bdb6c3fcd363 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 5 Feb 2017 12:15:17 +0100
Subject: l 2 monitoring client: use services.telegraf
---
lass/2configs/monitoring/client.nix | 105 ++++++++----------------------------
1 file changed, 22 insertions(+), 83 deletions(-)
(limited to 'lass')
diff --git a/lass/2configs/monitoring/client.nix b/lass/2configs/monitoring/client.nix
index 210fd2d10..d20ad475d 100644
--- a/lass/2configs/monitoring/client.nix
+++ b/lass/2configs/monitoring/client.nix
@@ -1,90 +1,29 @@
{pkgs, config, ...}:
with import <stockholm/lib>;
{
- lass.telegraf = {
+ services.telegraf = {
enable = true;
- interval = "1s";
-
- outputs = ''
- [outputs.influxdb]
- urls = ["http://prism:8086"]
- database = "telegraf_db"
- user_agent = "telegraf"
- '';
- inputs = [
- ''
- [cpu]
- percpu = false
- totalcpu = true
- drop = ["cpu_time"]
- ''
- ''
- [[inputs.mem]]
- ''
- ''
- [[inputs.ping]]
- urls = ["8.8.8.8"]
- ''
- ''
- [[inputs.net]]
- ''
- ];
- };
- systemd.services.telegraf.path = with pkgs; [
- iputils
- lm_sensors
- ];
-
- services.collectd = {
- enable = true;
- autoLoadPlugin = true;
- extraConfig = ''
- Hostname ${config.krebs.build.host.name}
- LoadPlugin load
- LoadPlugin disk
- LoadPlugin memory
- Interval 30.0
-
- LoadPlugin interface
- <Plugin "interface">
- Interface "*Link"
- Interface "lo"
- Interface "vboxnet*"
- Interface "virbr*"
- IgnoreSelected true
- </Plugin>
-
- LoadPlugin df
- <Plugin "df">
- MountPoint "/nix/store"
- FSType "tmpfs"
- FSType "binfmt_misc"
- FSType "debugfs"
- FSType "mqueue"
- FSType "hugetlbfs"
- FSType "systemd-1"
- FSType "cgroup"
- FSType "securityfs"
- FSType "ramfs"
- FSType "proc"
- FSType "devpts"
- FSType "devtmpfs"
- MountPoint "/var/lib/docker/devicemapper"
- IgnoreSelected true
- </Plugin>
-
- LoadPlugin cpu
- <Plugin cpu>
- ReportByCpu true
- ReportByState true
- ValuesPercentage true
- </Plugin>
-
- LoadPlugin network
- <Plugin "network">
- Server "prism" "25826"
- </Plugin>
- '';
+ extraConfig = {
+ interval = "1s";
+ outputs = {
+ influxdb = {
+ urls = ["http://prism:8086"];
+ database = "telegraf_db";
+ user_agent = "telegraf";
+ };
+ };
+ inputs = {
+ cpu = {
+ percpu = false;
+ totalcpu = true;
+ };
+ mem = {};
+ ping = {
+ urls = ["8.8.8.8"];
+ };
+ net = {};
+ };
+ };
};
}
--
cgit v1.2.3
From 53532e63f006479bc3ff57c93a2b5f52d4709545 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 5 Feb 2017 14:20:55 +0100
Subject: l 2 monitoring: remove broken ping statistics
---
lass/2configs/monitoring/client.nix | 3 ---
1 file changed, 3 deletions(-)
(limited to 'lass')
diff --git a/lass/2configs/monitoring/client.nix b/lass/2configs/monitoring/client.nix
index d20ad475d..bd7d6acbb 100644
--- a/lass/2configs/monitoring/client.nix
+++ b/lass/2configs/monitoring/client.nix
@@ -19,9 +19,6 @@ with import <stockholm/lib>;
totalcpu = true;
};
mem = {};
- ping = {
- urls = ["8.8.8.8"];
- };
net = {};
};
};
--
cgit v1.2.3
From a5bd0ad7742260db8893d8578950a0cfd0cbc62e Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Sun, 5 Feb 2017 14:21:42 +0100
Subject: l 2 monitoring: set agent interval to 1s
---
lass/2configs/monitoring/client.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'lass')
diff --git a/lass/2configs/monitoring/client.nix b/lass/2configs/monitoring/client.nix
index bd7d6acbb..b8c245215 100644
--- a/lass/2configs/monitoring/client.nix
+++ b/lass/2configs/monitoring/client.nix
@@ -5,7 +5,7 @@ with import <stockholm/lib>;
enable = true;
extraConfig = {
- interval = "1s";
+ agent.interval = "1s";
outputs = {
influxdb = {
urls = ["http://prism:8086"];
--
cgit v1.2.3
From b24a84a4e12e0943a17c7afb715bd728a6a6e47f Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Mon, 6 Feb 2017 15:08:49 +0100
Subject: l 2 repo-sync: also sync populate
---
lass/2configs/repo-sync.nix | 1 +
1 file changed, 1 insertion(+)
(limited to 'lass')
diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix
index b1a26b171..5b6930c93 100644
--- a/lass/2configs/repo-sync.nix
+++ b/lass/2configs/repo-sync.nix
@@ -102,6 +102,7 @@ in {
(sync-retiolum "go")
(sync-retiolum "much")
(sync-retiolum "newsbot-js")
+ (sync-retiolum "populate")
(sync-retiolum "stockholm")
(sync-retiolum "wai-middleware-time")
(sync-retiolum "web-routes-wai-custom")
--
cgit v1.2.3
From 9439a1579ed84af8b43eb5ddb01b7aa19e060b79 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Mon, 6 Feb 2017 15:09:10 +0100
Subject: l 2 mail: fix path to gpg.rc
---
lass/2configs/mail.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'lass')
diff --git a/lass/2configs/mail.nix b/lass/2configs/mail.nix
index 5ca84133d..e4b319528 100644
--- a/lass/2configs/mail.nix
+++ b/lass/2configs/mail.nix
@@ -17,7 +17,7 @@ let
muttrc = pkgs.writeText "muttrc" ''
# gpg
- source ${pkgs.neomutt}/share/doc/neomutt/samples/gpg.rc
+ source ${pkgs.neomutt}/share/doc/mutt/samples/gpg.rc
set pgp_use_gpg_agent = yes
set pgp_sign_as = 0x976A7E4D
set crypt_autosign = yes
--
cgit v1.2.3
From 96ab457d0985aa9fec742430a285012a797ba8d5 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Mon, 6 Feb 2017 16:20:45 +0100
Subject: l 2 repo-sync: use lassul.us instead of prism
workaround because cgit http is currently broken on prism
---
lass/2configs/repo-sync.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'lass')
diff --git a/lass/2configs/repo-sync.nix b/lass/2configs/repo-sync.nix
index 5b6930c93..83f646130 100644
--- a/lass/2configs/repo-sync.nix
+++ b/lass/2configs/repo-sync.nix
@@ -49,7 +49,7 @@ let
mirror.url = "${mirror}${name}";
};
lassulus = {
- origin.url = "http://cgit.prism/${name}";
+ origin.url = "http://cgit.lassul.us/${name}";
mirror.url = "${mirror}${name}";
};
"@latest" = {
--
cgit v1.2.3
From 8d5484a79763cc4d4f4feebc5cb1fa27d3d44764 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Mon, 6 Feb 2017 17:02:41 +0100
Subject: l 2 buildbot: use cgit.lassul.us
---
lass/2configs/buildbot-standalone.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'lass')
diff --git a/lass/2configs/buildbot-standalone.nix b/lass/2configs/buildbot-standalone.nix
index c9e2928b3..cd11254d6 100644
--- a/lass/2configs/buildbot-standalone.nix
+++ b/lass/2configs/buildbot-standalone.nix
@@ -11,7 +11,7 @@ let
in {
config.krebs.buildbot.master = let
- stockholm-mirror-url = http://cgit.prism/stockholm ;
+ stockholm-mirror-url = http://cgit.lassul.us/stockholm ;
in {
workers = {
testworker = "lasspass";
--
cgit v1.2.3
From 73f72eeaf128104328b5e53257e3ca92c8441df5 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Mon, 6 Feb 2017 19:13:59 +0100
Subject: l 3: remove obsolete telegraf module
---
lass/3modules/default.nix | 1 -
lass/3modules/telegraf.nix | 84 ----------------------------------------------
2 files changed, 85 deletions(-)
delete mode 100644 lass/3modules/telegraf.nix
(limited to 'lass')
diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix
index f97b041ac..f4a2b4565 100644
--- a/lass/3modules/default.nix
+++ b/lass/3modules/default.nix
@@ -9,6 +9,5 @@ _:
./usershadow.nix
./xresources.nix
./kapacitor.nix
- ./telegraf.nix
];
}
diff --git a/lass/3modules/telegraf.nix b/lass/3modules/telegraf.nix
deleted file mode 100644
index 0b3be2d69..000000000
--- a/lass/3modules/telegraf.nix
+++ /dev/null
@@ -1,84 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with builtins;
-with lib;
-
-let
- cfg = config.lass.telegraf;
-
- out = {
- options.lass.telegraf = api;
- config = mkIf cfg.enable imp;
- };
-
- api = {
- enable = mkEnableOption "telegraf";
- dataDir = mkOption {
- type = types.str;
- default = "/var/lib/telegraf";
- };
- user = mkOption {
- type = types.str;
- default = "telegraf";
- };
- outputs = mkOption {
- type = types.str;
- default = ''
- [outputs.influxdb]
- urls = ["http://localhost:8086"]
- database = "telegraf_db"
- user_agent = "telegraf"
- '';
- };
- inputs = mkOption {
- type = with types; listOf str;
- default = [
- ''
- [cpu]
- percpu = false
- totalcpu = true
- drop = ["cpu_time"]
- ''
- ];
- };
- interval = mkOption {
- type = types.str;
- default = "10s";
- };
- config = mkOption {
- type = types.str;
- #TODO: find a good default
- default = ''
- [agent]
- interval = "${cfg.interval}"
-
- [outputs]
-
- ${cfg.outputs}
-
- ${concatStringsSep "\n" cfg.inputs}
-
- '';
- description = "configuration telegraf is started with";
- };
- };
-
- configFile = pkgs.writeText "telegraf.conf" cfg.config;
-
- imp = {
-
- systemd.services.telegraf = {
- description = "telegraf";
- after = [ "network.target" ];
- wantedBy = [ "multi-user.target" ];
-
- restartIfChanged = true;
-
- serviceConfig = {
- Restart = "always";
- ExecStart = "${pkgs.telegraf}/bin/telegraf -config ${configFile}";
- };
- };
- };
-
-in out
--
cgit v1.2.3
From 2b68541e297fd6fcb67a117c7d816dbcca9e8c64 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 7 Feb 2017 17:09:39 +0100
Subject: l 3 kapacitor: use extraConfig & start as user
---
lass/3modules/kapacitor.nix | 188 +++++++++++++++++++++++++-------------------
1 file changed, 109 insertions(+), 79 deletions(-)
(limited to 'lass')
diff --git a/lass/3modules/kapacitor.nix b/lass/3modules/kapacitor.nix
index 299a56d92..092890814 100644
--- a/lass/3modules/kapacitor.nix
+++ b/lass/3modules/kapacitor.nix
@@ -1,7 +1,7 @@
{ config, lib, pkgs, ... }:
with builtins;
-with lib;
+with import <stockholm/lib>;
let
cfg = config.lass.kapacitor;
@@ -11,6 +11,71 @@ let
config = mkIf cfg.enable imp;
};
+ configOptions = recursiveUpdate {
+ hostname = "localhost";
+ data_dir = cfg.dataDir;
+ http = {
+ bind-address = ":9092";
+ auth-enabled = false;
+ log-enabled = false;
+ gtgwrite-tracing = false;
+ pprof-enabled = false;
+ https-enabled = false;
+ https-certificate = "/etc/ssl/kapacitor.pem";
+ shutdown-timeout = "10s";
+ shared-secret = "";
+ };
+
+ replay ={
+ dir = "${cfg.dataDir}/replay";
+ };
+
+ storage = {
+ boltdb = "${cfg.dataDir}/kapacitor.db";
+ };
+
+ task = {
+ dir = "${cfg.dataDir}/tasks";
+ snapshot-interval = "1m0s";
+ };
+
+ influxdb = [{
+ enabled = true;
+ name = "default";
+ default = false;
+ urls = ["http://localhost:8086"];
+ username = "";
+ password = "";
+ ssl-ca = "";
+ ssl-cert = "";
+ ssl-key = "";
+ insecure-skip-verify = false;
+ timeout = "0s";
+ disable-subscriptions = false;
+ subscription-protocol = "http";
+ udp-bind = "";
+ udp-buffer = 1000;
+ udp-read-buffer = 0;
+ startup-timeout = "5m0s";
+ subscriptions-sync-interval = "1m0s";
+ influxdb.excluded-subscriptions = {
+ _kapacitor = ["autogen"];
+ };
+ }];
+
+ logging = {
+ file = "STDERR";
+ level = "INFO";
+ };
+
+ deadman = {
+ interval = "10s";
+ id = "{{ .Group }}:NODE_NAME for task '{{ .TaskName }}'";
+ message = "{{ .ID }} is {{ if eq .Level \"OK\" }}alive{{ else }}dead{{ end }}: {{ index .Fields \"emitted\" | printf \"%0.3f\" }} points/INTERVAL.";
+ global = false;
+ };
+ } cfg.extraConfig;
+
api = {
enable = mkEnableOption "kapacitor";
dataDir = mkOption {
@@ -18,90 +83,54 @@ let
default = "/var/lib/kapacitor";
};
user = mkOption {
- type = types.str;
- default = "kapacitor";
+ type = types.user;
+ default = {
+ name = "kapacitor";
+ home = cfg.dataDir;
+ };
};
- logLevel = mkOption {
- type = types.enum ["DEBUG" "INFO" "WARN" "ERROR" "OFF"];
- default = "INFO";
+ group = mkOption {
+ type = types.group;
+ default = {
+ name = "kapacitor";
+ };
};
- alarms = mkOption {
- type = with types; attrsOf str;
+ extraConfig = mkOption {
+ type = types.attrs;
default = {};
};
- check_db = mkOption {
- type = types.str;
- default = "all_data";
- };
- config = mkOption {
- type = types.str;
- #TODO: find a good default
- default = ''
- hostname = "localhost"
- data_dir = "${cfg.dataDir}"
-
- [http]
- bind-address = ":9092"
- auth-enabled = false
- log-enabled = true
- write-tracing = false
- pprof-enabled = false
- https-enabled = false
- https-certificate = "/etc/ssl/kapacitor.pem"
- shutdown-timeout = "10s"
- shared-secret = ""
-
- [replay]
- dir = "${cfg.dataDir}/replay"
-
- [storage]
- boltdb = "${cfg.dataDir}/kapacitor.db"
-
- [task]
- dir = "${cfg.dataDir}/tasks"
- snapshot-interval = "1m0s"
-
- [[influxdb]]
- enabled = true
- name = "default"
- default = false
- urls = ["http://localhost:8086"]
- username = ""
- password = ""
- ssl-ca = ""
- ssl-cert = ""
- ssl-key = ""
- insecure-skip-verify = false
- timeout = "0s"
- disable-subscriptions = false
- subscription-protocol = "http"
- udp-bind = ""
- udp-buffer = 1000
- udp-read-buffer = 0
- startup-timeout = "5m0s"
- subscriptions-sync-interval = "1m0s"
- [influxdb.subscriptions]
- [influxdb.excluded-subscriptions]
- _kapacitor = ["autogen"]
-
- [logging]
- file = "STDERR"
- level = "${cfg.logLevel}"
-
- [deadman]
- interval = "10s"
- threshold = 0.0
- id = "{{ .Group }}:NODE_NAME for task '{{ .TaskName }}'"
- message = "{{ .ID }} is {{ if eq .Level \"OK\" }}alive{{ else }}dead{{ end }}: {{ index .Fields \"emitted\" | printf \"%0.3f\" }} points/INTERVAL."
- global = false
- '';
- description = "configuration kapacitor is started with";
+ alarms = mkOption {
+ type = with types; attrsOf (submodule {
+ options = {
+ database = mkOption {
+ type = str;
+ };
+ text = mkOption {
+ type = str;
+ };
+ };
+ });
+ default = {};
};
};
- configFile = pkgs.writeText "kapacitor.conf" cfg.config;
+ configFile = pkgs.runCommand "kapacitor.toml" {} ''
+ ${pkgs.remarshal}/bin/remarshal -if json -of toml \
+ < ${pkgs.writeText "kapacitor.json" (builtins.toJSON configOptions)} \
+ > $out
+ '';
imp = {
+ users = {
+ groups.${cfg.group.name} = {
+ inherit (cfg.group) name gid;
+ };
+ users.${cfg.user.name} = {
+ inherit (cfg.user) home name uid;
+ createHome = true;
+ group = cfg.group.name;
+ };
+ };
systemd.services.kapacitor = {
description = "kapacitor";
@@ -112,6 +141,7 @@ let
serviceConfig = {
Restart = "always";
+ User = cfg.user.name;
ExecStart = "${pkgs.kapacitor}/bin/kapacitord -config ${configFile}";
};
};
@@ -125,13 +155,14 @@ let
serviceConfig = {
Type = "oneshot";
+ User = cfg.user.name;
ExecStart = pkgs.writeDash "add_alarms" ''
${pkgs.kapacitor}/bin/kapacitor delete tasks \*
${concatStrings (mapAttrsToList (name: alarm: ''
${pkgs.kapacitor}/bin/kapacitor define ${name} \
-type batch \
- -tick ${pkgs.writeText "${name}.tick" alarm} \
- -dbrp ${cfg.check_db}.default
+ -tick ${pkgs.writeText "${name}.tick" alarm.text} \
+ -dbrp ${alarm.database}.default
${pkgs.kapacitor}/bin/kapacitor enable ${name}
'') cfg.alarms)}
'';
@@ -139,5 +170,4 @@ let
};
};
-
in out
--
cgit v1.2.3
From f39df4913b225ec67ca0557e3b702323bcb2bf2b Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 7 Feb 2017 17:10:34 +0100
Subject: l 2 monitoring server: use new kapacitor config
---
lass/2configs/monitoring/server.nix | 66 ++++++++++++++++++++-----------------
1 file changed, 36 insertions(+), 30 deletions(-)
(limited to 'lass')
diff --git a/lass/2configs/monitoring/server.nix b/lass/2configs/monitoring/server.nix
index 505cb7a17..1b556c56b 100644
--- a/lass/2configs/monitoring/server.nix
+++ b/lass/2configs/monitoring/server.nix
@@ -22,6 +22,7 @@ with import <stockholm/lib>;
lass.kapacitor =
let
+ db = "telegraf_db";
echoToIrc = pkgs.writeDash "echo_irc" ''
set -euf
data="$(${pkgs.jq}/bin/jq -r .message)"
@@ -31,37 +32,42 @@ with import <stockholm/lib>;
'';
in {
enable = true;
- check_db = "telegraf_db";
alarms = {
- cpu = ''
- var data = batch
- |query(${"'''"}
- SELECT mean("usage_user") AS mean
- FROM "${config.lass.kapacitor.check_db}"."default"."cpu"
- ${"'''"})
- .period(10m)
- .every(1m)
- .groupBy('host')
- data |alert()
- .crit(lambda: "mean" > 90)
- .exec('${echoToIrc}')
- data |deadman(1.0,5m)
- .stateChangesOnly()
- .exec('${echoToIrc}')
- '';
- ram = ''
- var data = batch
- |query(${"'''"}
- SELECT mean("used_percent") AS mean
- FROM "${config.lass.kapacitor.check_db}"."default"."mem"
- ${"'''"})
- .period(10m)
- .every(1m)
- .groupBy('host')
- data |alert()
- .crit(lambda: "mean" > 90)
- .exec('${echoToIrc}')
- '';
+ cpu = {
+ database = db;
+ text = ''
+ var data = batch
+ |query(${"'''"}
+ SELECT mean("usage_user") AS mean
+ FROM "${db}"."default"."cpu"
+ ${"'''"})
+ .period(10m)
+ .every(1m)
+ .groupBy('host')
+ data |alert()
+ .crit(lambda: "mean" > 90)
+ .exec('${echoToIrc}')
+ data |deadman(1.0,5m)
+ .stateChangesOnly()
+ .exec('${echoToIrc}')
+ '';
+ };
+ ram = {
+ database = db;
+ text = ''
+ var data = batch
+ |query(${"'''"}
+ SELECT mean("used_percent") AS mean
+ FROM "${db}"."default"."mem"
+ ${"'''"})
+ .period(10m)
+ .every(1m)
+ .groupBy('host')
+ data |alert()
+ .crit(lambda: "mean" > 90)
+ .exec('${echoToIrc}')
+ '';
+ };
};
};
--
cgit v1.2.3
From 3085d190485d2b4e822bf4a507104ace155c52b3 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 7 Feb 2017 17:11:30 +0100
Subject: l 2 monitoring: disable influx http logging
---
lass/2configs/monitoring/server.nix | 1 +
1 file changed, 1 insertion(+)
(limited to 'lass')
diff --git a/lass/2configs/monitoring/server.nix b/lass/2configs/monitoring/server.nix
index 1b556c56b..ff6e980cb 100644
--- a/lass/2configs/monitoring/server.nix
+++ b/lass/2configs/monitoring/server.nix
@@ -8,6 +8,7 @@ with import <stockholm/lib>;
# meta.logging-enabled = true;
http.bind-address = ":8086";
admin.bind-address = ":8083";
+ http.log-enabled = false;
monitoring = {
enabled = false;
# write-interval = "24h";
--
cgit v1.2.3
From 73140ed18358e25983b28874c220f8e882e5e95f Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 7 Feb 2017 17:12:21 +0100
Subject: l 2 monitoring server: add kibana + elasticsearch
---
lass/2configs/monitoring/server.nix | 23 ++++++++++++++++++-----
1 file changed, 18 insertions(+), 5 deletions(-)
(limited to 'lass')
diff --git a/lass/2configs/monitoring/server.nix b/lass/2configs/monitoring/server.nix
index ff6e980cb..f3d8026ab 100644
--- a/lass/2configs/monitoring/server.nix
+++ b/lass/2configs/monitoring/server.nix
@@ -72,15 +72,28 @@ with import <stockholm/lib>;
};
};
- krebs.iptables.tables.filter.INPUT.rules = [
- { predicate = "-p tcp -i retiolum --dport 8086"; target = "ACCEPT"; }
- { predicate = "-p tcp -i retiolum --dport 3000"; target = "ACCEPT"; }
- { predicate = "-p udp -i retiolum --dport 25826"; target = "ACCEPT"; }
- ];
services.grafana = {
enable = true;
addr = "0.0.0.0";
auth.anonymous.enable = true;
security = import <secrets/grafana_security.nix>; # { AdminUser = ""; adminPassword = ""}
};
+
+ services.elasticsearch = {
+ enable = true;
+ listenAddress = "0.0.0.0";
+ };
+
+ services.kibana = {
+ enable = true;
+ listenAddress = "0.0.0.0";
+ };
+
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-p tcp -i retiolum --dport 8086"; target = "ACCEPT"; }
+ { predicate = "-p tcp -i retiolum --dport 3000"; target = "ACCEPT"; }
+ { predicate = "-p udp -i retiolum --dport 25826"; target = "ACCEPT"; }
+ { predicate = "-p tcp -i retiolum --dport 9200"; target = "ACCEPT"; }
+ { predicate = "-p tcp -i retiolum --dport 5601"; target = "ACCEPT"; }
+ ];
}
--
cgit v1.2.3
From aaf1f55626f16c7f9dcb681eb2d34743345e0e29 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 7 Feb 2017 17:12:50 +0100
Subject: l 2 monitoring client: add journalbeat
---
lass/2configs/monitoring/client.nix | 9 +++++++++
1 file changed, 9 insertions(+)
(limited to 'lass')
diff --git a/lass/2configs/monitoring/client.nix b/lass/2configs/monitoring/client.nix
index b8c245215..e2b7dcae6 100644
--- a/lass/2configs/monitoring/client.nix
+++ b/lass/2configs/monitoring/client.nix
@@ -23,4 +23,13 @@ with import <stockholm/lib>;
};
};
};
+
+ services.journalbeat = {
+ enable = true;
+ extraConfig = ''
+ output.elasticsearch:
+ hosts: ["prism:9200"]
+ template.enabled: false
+ '';
+ };
}
--
cgit v1.2.3
From 1d26ac7771945590d3c3bc0a6a53b90037c11084 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 7 Feb 2017 17:13:07 +0100
Subject: l 1 prism: scatter repo-sync timers
---
lass/1systems/prism.nix | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
(limited to 'lass')
diff --git a/lass/1systems/prism.nix b/lass/1systems/prism.nix
index f9654ac4c..c0c22a0de 100644
--- a/lass/1systems/prism.nix
+++ b/lass/1systems/prism.nix
@@ -215,7 +215,8 @@ in {
}
{
krebs.repo-sync.timerConfig = {
- OnCalendar = "*:0/5";
+ OnUnitInactiveSec = "5min";
+ RandomizedDelaySec = "2min";
};
}
{
--
cgit v1.2.3
From 69f6bd19714ece1f14fdbbc4314b5b7fe0fada31 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 7 Feb 2017 17:13:47 +0100
Subject: l 2 newsbot-js: remove some obsolete feeds
---
lass/2configs/newsbot-js.nix | 5 -----
1 file changed, 5 deletions(-)
(limited to 'lass')
diff --git a/lass/2configs/newsbot-js.nix b/lass/2configs/newsbot-js.nix
index 46ff3fbf9..3c6c5dc88 100644
--- a/lass/2configs/newsbot-js.nix
+++ b/lass/2configs/newsbot-js.nix
@@ -10,10 +10,6 @@ let
arbor|http://feeds2.feedburner.com/asert/|#news
archlinux|http://www.archlinux.org/feeds/news/|#news
ars|http://feeds.arstechnica.com/arstechnica/index?format=xml|#news
- asiaone_asia|http://news.asiaone.com/rss/asia|#news
- asiaone_business|http://business.asiaone.com/rss.xml|#news
- asiaone_sci|http://news.asiaone.com/rss/science-and-tech|#news
- asiaone_world|http://news.asiaone.com/rss/world|#news
augustl|http://augustl.com/atom.xml|#news
bbc|http://feeds.bbci.co.uk/news/rss.xml|#news
bdt_drucksachen|http://www.bundestag.de/dip21rss/bundestag_drucksachen.rss|#news #bundestag
@@ -78,7 +74,6 @@ let
heise|http://heise.de.feedsportal.com/c/35207/f/653902/index.rss|#news
hindu_business|http://www.thehindubusinessline.com/?service=rss|#news #financial
hindu|http://www.thehindu.com/?service=rss|#news
- hintergrund|http://www.hintergrund.de/index.php?option=com_bca-rss-syndicator&feed_id=8|#news
ign|http://feeds.ign.com/ign/all|#news
independent|http://www.independent.com/rss/headlines/|#news
indymedia|http://de.indymedia.org/RSS/newswire.xml|#news
--
cgit v1.2.3
From cb044e37e657f3a5c5dad69353b42695f742d65f Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 7 Feb 2017 17:14:35 +0100
Subject: l 1: add iso
---
lass/1systems/iso.nix | 152 ++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 152 insertions(+)
create mode 100644 lass/1systems/iso.nix
(limited to 'lass')
diff --git a/lass/1systems/iso.nix b/lass/1systems/iso.nix
new file mode 100644
index 000000000..9dfbf7cb8
--- /dev/null
+++ b/lass/1systems/iso.nix
@@ -0,0 +1,152 @@
+{ config, pkgs, ... }:
+
+with import <stockholm/lib>;
+{
+ imports = [
+ <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
+ ../../krebs
+ ../3modules
+ ../5pkgs
+ ../2configs/binary-cache/client.nix
+ ../2configs/mc.nix
+ ../2configs/nixpkgs.nix
+ ../2configs/vim.nix
+ {
+ krebs.enable = true;
+ krebs.build.user = config.krebs.users.lass;
+ krebs.build.host = config.krebs.hosts.iso;
+ krebs.build.source.nixos-config.symlink = "stockholm/lass/1systems/${config.krebs.buil.host.name}.nix";
+ }
+ {
+ nixpkgs.config.allowUnfree = true;
+ }
+ {
+ users.extraUsers = {
+ root = {
+ openssh.authorizedKeys.keys = [
+ config.krebs.users.lass.pubkey
+ config.krebs.users.lass-shodan.pubkey
+ config.krebs.users.lass-icarus.pubkey
+ ];
+ };
+ };
+ }
+ {
+ environment.extraInit = ''
+ EDITOR=vim
+ '';
+ }
+ {
+ environment.systemPackages = with pkgs; [
+ #stockholm
+ git
+ gnumake
+ jq
+ parallel
+ proot
+ populate
+
+ #style
+ most
+ rxvt_unicode.terminfo
+
+ #monitoring tools
+ htop
+ iotop
+
+ #network
+ iptables
+ iftop
+
+ #stuff for dl
+ aria2
+
+ #neat utils
+ krebspaste
+ pciutils
+ pop
+ psmisc
+ q
+ rs
+ tmux
+ untilport
+ usbutils
+
+ #unpack stuff
+ p7zip
+ unzip
+ unrar
+
+ #data recovery
+ ddrescue
+ ntfs3g
+ dosfstools
+ ];
+ }
+ {
+ programs.bash = {
+ enableCompletion = true;
+ interactiveShellInit = ''
+ HISTCONTROL='erasedups:ignorespace'
+ HISTSIZE=65536
+ HISTFILESIZE=$HISTSIZE
+
+ shopt -s checkhash
+ shopt -s histappend histreedit histverify
+ shopt -s no_empty_cmd_completion
+ complete -d cd
+ '';
+ promptInit = ''
+ if test $UID = 0; then
+ PS1='\[\033[1;31m\]\w\[\033[0m\] '
+ PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"'
+ elif test $UID = 1337; then
+ PS1='\[\033[1;32m\]\w\[\033[0m\] '
+ PROMPT_COMMAND='echo -ne "\033]0;$$ $PWD\007"'
+ else
+ PS1='\[\033[1;33m\]\u@\w\[\033[0m\] '
+ PROMPT_COMMAND='echo -ne "\033]0;$$ $USER@$PWD\007"'
+ fi
+ if test -n "$SSH_CLIENT"; then
+ PS1='\[\033[35m\]\h'" $PS1"
+ PROMPT_COMMAND='echo -ne "\033]0;$$ $HOSTNAME $USER@$PWD\007"'
+ fi
+ '';
+ };
+ }
+ {
+ services.openssh = {
+ enable = true;
+ hostKeys = [
+ # XXX bits here make no science
+ { bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
+ ];
+ };
+ }
+ {
+ krebs.iptables = {
+ enable = true;
+ tables = {
+ nat.PREROUTING.rules = [
+ { predicate = "! -i retiolum -p tcp -m tcp --dport 22"; target = "REDIRECT --to-ports 0"; precedence = 100; }
+ { predicate = "-p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 99; }
+ ];
+ nat.OUTPUT.rules = [
+ { predicate = "-o lo -p tcp -m tcp --dport 45621"; target = "REDIRECT --to-ports 22"; precedence = 100; }
+ ];
+ filter.INPUT.policy = "DROP";
+ filter.FORWARD.policy = "DROP";
+ filter.INPUT.rules = [
+ { predicate = "-m conntrack --ctstate RELATED,ESTABLISHED"; target = "ACCEPT"; precedence = 10001; }
+ { predicate = "-p icmp"; target = "ACCEPT"; precedence = 10000; }
+ { predicate = "-i lo"; target = "ACCEPT"; precedence = 9999; }
+ { predicate = "-p tcp --dport 22"; target = "ACCEPT"; precedence = 9998; }
+ { predicate = "-p tcp -i retiolum"; target = "REJECT --reject-with tcp-reset"; precedence = -10000; }
+ { predicate = "-p udp -i retiolum"; target = "REJECT --reject-with icmp-port-unreachable"; v6 = false; precedence = -10000; }
+ { predicate = "-i retiolum"; target = "REJECT --reject-with icmp-proto-unreachable"; v6 = false; precedence = -10000; }
+ ];
+ };
+ };
+ }
+ ];
+}
--
cgit v1.2.3
From 54e16f7a9e059991c85098e5e274bbadb8e93497 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 7 Feb 2017 17:21:25 +0100
Subject: move kapacitor to k 3
---
lass/3modules/default.nix | 1 -
lass/3modules/kapacitor.nix | 173 --------------------------------------------
2 files changed, 174 deletions(-)
delete mode 100644 lass/3modules/kapacitor.nix
(limited to 'lass')
diff --git a/lass/3modules/default.nix b/lass/3modules/default.nix
index f4a2b4565..959c9d1b4 100644
--- a/lass/3modules/default.nix
+++ b/lass/3modules/default.nix
@@ -8,6 +8,5 @@ _:
./umts.nix
./usershadow.nix
./xresources.nix
- ./kapacitor.nix
];
}
diff --git a/lass/3modules/kapacitor.nix b/lass/3modules/kapacitor.nix
deleted file mode 100644
index 092890814..000000000
--- a/lass/3modules/kapacitor.nix
+++ /dev/null
@@ -1,173 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-with builtins;
-with import <stockholm/lib>;
-
-let
- cfg = config.lass.kapacitor;
-
- out = {
- options.lass.kapacitor = api;
- config = mkIf cfg.enable imp;
- };
-
- configOptions = recursiveUpdate {
- hostname = "localhost";
- data_dir = cfg.dataDir;
- http = {
- bind-address = ":9092";
- auth-enabled = false;
- log-enabled = false;
- gtgwrite-tracing = false;
- pprof-enabled = false;
- https-enabled = false;
- https-certificate = "/etc/ssl/kapacitor.pem";
- shutdown-timeout = "10s";
- shared-secret = "";
- };
-
- replay ={
- dir = "${cfg.dataDir}/replay";
- };
-
- storage = {
- boltdb = "${cfg.dataDir}/kapacitor.db";
- };
-
- task = {
- dir = "${cfg.dataDir}/tasks";
- snapshot-interval = "1m0s";
- };
-
- influxdb = [{
- enabled = true;
- name = "default";
- default = false;
- urls = ["http://localhost:8086"];
- username = "";
- password = "";
- ssl-ca = "";
- ssl-cert = "";
- ssl-key = "";
- insecure-skip-verify = false;
- timeout = "0s";
- disable-subscriptions = false;
- subscription-protocol = "http";
- udp-bind = "";
- udp-buffer = 1000;
- udp-read-buffer = 0;
- startup-timeout = "5m0s";
- subscriptions-sync-interval = "1m0s";
- influxdb.excluded-subscriptions = {
- _kapacitor = ["autogen"];
- };
- }];
-
- logging = {
- file = "STDERR";
- level = "INFO";
- };
-
- deadman = {
- interval = "10s";
- id = "{{ .Group }}:NODE_NAME for task '{{ .TaskName }}'";
- message = "{{ .ID }} is {{ if eq .Level \"OK\" }}alive{{ else }}dead{{ end }}: {{ index .Fields \"emitted\" | printf \"%0.3f\" }} points/INTERVAL.";
- global = false;
- };
- } cfg.extraConfig;
-
- api = {
- enable = mkEnableOption "kapacitor";
- dataDir = mkOption {
- type = types.str;
- default = "/var/lib/kapacitor";
- };
- user = mkOption {
- type = types.user;
- default = {
- name = "kapacitor";
- home = cfg.dataDir;
- };
- };
- group = mkOption {
- type = types.group;
- default = {
- name = "kapacitor";
- };
- };
- extraConfig = mkOption {
- type = types.attrs;
- default = {};
- };
- alarms = mkOption {
- type = with types; attrsOf (submodule {
- options = {
- database = mkOption {
- type = str;
- };
- text = mkOption {
- type = str;
- };
- };
- });
- default = {};
- };
- };
-
- configFile = pkgs.runCommand "kapacitor.toml" {} ''
- ${pkgs.remarshal}/bin/remarshal -if json -of toml \
- < ${pkgs.writeText "kapacitor.json" (builtins.toJSON configOptions)} \
- > $out
- '';
-
- imp = {
- users = {
- groups.${cfg.group.name} = {
- inherit (cfg.group) name gid;
- };
- users.${cfg.user.name} = {
- inherit (cfg.user) home name uid;
- createHome = true;
- group = cfg.group.name;
- };
- };
-
- systemd.services.kapacitor = {
- description = "kapacitor";
- after = [ "network.target" ];
- wantedBy = [ "multi-user.target" ];
-
- restartIfChanged = true;
-
- serviceConfig = {
- Restart = "always";
- User = cfg.user.name;
- ExecStart = "${pkgs.kapacitor}/bin/kapacitord -config ${configFile}";
- };
- };
-
- systemd.services.kapacitor-alarms = {
- description = "kapacitor-alarms";
- after = [ "kapacitor.service" ];
- wantedBy = [ "multi-user.target" ];
-
- restartIfChanged = true;
-
- serviceConfig = {
- Type = "oneshot";
- User = cfg.user.name;
- ExecStart = pkgs.writeDash "add_alarms" ''
- ${pkgs.kapacitor}/bin/kapacitor delete tasks \*
- ${concatStrings (mapAttrsToList (name: alarm: ''
- ${pkgs.kapacitor}/bin/kapacitor define ${name} \
- -type batch \
- -tick ${pkgs.writeText "${name}.tick" alarm.text} \
- -dbrp ${alarm.database}.default
- ${pkgs.kapacitor}/bin/kapacitor enable ${name}
- '') cfg.alarms)}
- '';
- };
- };
-
- };
-in out
--
cgit v1.2.3
From dc4dcb80d39d0429c108c2b2258d4074eede2122 Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Tue, 7 Feb 2017 17:44:24 +0100
Subject: l 2 monitoring server: use krebs.kapacitor
---
lass/2configs/monitoring/server.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'lass')
diff --git a/lass/2configs/monitoring/server.nix b/lass/2configs/monitoring/server.nix
index f3d8026ab..bbae4511e 100644
--- a/lass/2configs/monitoring/server.nix
+++ b/lass/2configs/monitoring/server.nix
@@ -21,7 +21,7 @@ with import <stockholm/lib>;
}];
};
- lass.kapacitor =
+ krebs.kapacitor =
let
db = "telegraf_db";
echoToIrc = pkgs.writeDash "echo_irc" ''
--
cgit v1.2.3
From c12d68c1b41e4b6d5f31b65e4f2be0741b4b1d4d Mon Sep 17 00:00:00 2001
From: lassulus <lass@lassul.us>
Date: Wed, 8 Feb 2017 11:57:21 +0100
Subject: l 2 nixpkgs: f66d782 -> f7b7d8e
---
lass/2configs/nixpkgs.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'lass')
diff --git a/lass/2configs/nixpkgs.nix b/lass/2configs/nixpkgs.nix
index e7229654d..aef9dd8b4 100644
--- a/lass/2configs/nixpkgs.nix
+++ b/lass/2configs/nixpkgs.nix
@@ -3,6 +3,6 @@
{
krebs.build.source.nixpkgs.git = {
url = https://github.com/nixos/nixpkgs;
- ref = "f66d782";
+ ref = "f7b7d8e";
};
}
--
cgit v1.2.3