diff --git a/flake.nix b/flake.nix index 38e818ee..2d82cb92 100644 --- a/flake.nix +++ b/flake.nix @@ -264,6 +264,14 @@ isNix = true; isServer = true; }; + tako = mkDevice { + name = "tako"; + system = "x86_64-linux"; + user = "servius"; + hasGui = false; + isNix = true; + isServer = true; + }; ryu = mkDevice { name = "ryu"; system = "x86_64-linux"; diff --git a/nixos/mirai/configuration.nix b/nixos/mirai/configuration.nix index 92119a9c..5147215c 100644 --- a/nixos/mirai/configuration.nix +++ b/nixos/mirai/configuration.nix @@ -7,7 +7,7 @@ imports = [ # Include the results of the hardware scan. ./services - ./mirai.nix + ./tako.nix # ./docker.nix ]; @@ -24,7 +24,7 @@ security.sudo.wheelNeedsPassword = false; sops = { - secrets."builder/mirai/cache/private" = {}; + secrets."builder/tako/cache/private" = {}; secrets.users = { sopsFile = ../../secrets/users.yaml; format = "yaml"; @@ -51,14 +51,14 @@ trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nixos-raspberrypi.cachix.org-1:4iMO9LXa8BqhU+Rpg6LQKiGa2lsNh/j2oiYLNOQ5sPI=" - # "mirai:bcVPoFGBZ0i7JAKMXIqLj2GY3CulLC4kP7rQyqes1RM=" + # "tako:bcVPoFGBZ0i7JAKMXIqLj2GY3CulLC4kP7rQyqes1RM=" ]; }; extraOptions = '' build-users-group = nixbld extra-nix-path = nixpkgs=flake:nixpkgs builders-use-substitutes = true - secret-key-files = ${config.sops.secrets."builder/mirai/cache/private".path} + secret-key-files = ${config.sops.secrets."builder/tako/cache/private".path} ''; gc = { automatic = true; @@ -86,7 +86,7 @@ users.groups.media = {}; nixpkgs.config.allowUnfree = true; - networking.hostName = "mirai"; # Define your hostname. + networking.hostName = "tako"; # Define your hostname. # Pick only one of the below networking options. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. diff --git a/nixos/mirai/services/dashboards/enhanced-overview.json b/nixos/mirai/services/dashboards/enhanced-overview.json deleted file mode 100644 index 61834d50..00000000 --- a/nixos/mirai/services/dashboards/enhanced-overview.json +++ /dev/null @@ -1,912 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "grafana", - "uid": "-- Grafana --" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": null, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "max": 100, - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "yellow", - "value": 70 - }, - { - "color": "red", - "value": 85 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 1, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "100 - (avg by (instance) (irate(node_cpu_seconds_total{job=\"tsuba-node\",mode=\"idle\"}[5m])) * 100)", - "legendFormat": "Tsuba CPU Usage", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "100 - (avg by (instance) (irate(node_cpu_seconds_total{job=\"ryu-node\",mode=\"idle\"}[5m])) * 100)", - "legendFormat": "Ryu CPU Usage", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "100 - (avg by (instance) (irate(node_cpu_seconds_total{job=\"mirai-node\",mode=\"idle\"}[5m])) * 100)", - "legendFormat": "Mirai CPU Usage", - "range": true, - "refId": "C" - } - ], - "title": "CPU Usage - All Devices", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 8 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "(node_memory_MemTotal_bytes{job=\"tsuba-node\"} - node_memory_MemAvailable_bytes{job=\"tsuba-node\"}) / node_memory_MemTotal_bytes{job=\"tsuba-node\"} * 100", - "legendFormat": "Tsuba Memory Usage", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "(node_memory_MemTotal_bytes{job=\"ryu-node\"} - node_memory_MemAvailable_bytes{job=\"ryu-node\"}) / node_memory_MemTotal_bytes{job=\"ryu-node\"} * 100", - "legendFormat": "Ryu Memory Usage", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "(node_memory_MemTotal_bytes{job=\"mirai-node\"} - node_memory_MemAvailable_bytes{job=\"mirai-node\"}) / node_memory_MemTotal_bytes{job=\"mirai-node\"} * 100", - "legendFormat": "Mirai Memory Usage", - "range": true, - "refId": "C" - } - ], - "title": "Memory Usage - All Devices", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "yellow", - "value": 5 - }, - { - "color": "red", - "value": 10 - } - ] - } - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Failed Services" - }, - "properties": [ - { - "id": "unit", - "value": "short" - }, - { - "id": "custom.cellOptions", - "value": { - "type": "color-background" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Active Services" - }, - "properties": [ - { - "id": "unit", - "value": "short" - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 16 - }, - "id": 3, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": ["sum"], - "show": false - }, - "showHeader": true - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "systemd_units{job=~\"tsuba-systemd|ryu-systemd|mirai-systemd\",state=\"active\"}", - "format": "table", - "legendFormat": "__auto", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "systemd_units{job=~\"tsuba-systemd|ryu-systemd|mirai-systemd\",state=\"failed\"}", - "format": "table", - "hide": false, - "legendFormat": "__auto", - "range": true, - "refId": "B" - } - ], - "title": "SystemD Service Status", - "transformations": [ - { - "id": "merge", - "options": {} - }, - { - "id": "groupBy", - "options": { - "fields": { - "Value #A": { - "aggregations": ["sum"], - "operation": "aggregate" - }, - "Value #B": { - "aggregations": ["sum"], - "operation": "aggregate" - }, - "job": { - "aggregations": [], - "operation": "groupby" - } - } - } - }, - { - "id": "organize", - "options": { - "excludeByName": {}, - "indexByName": {}, - "renameByName": { - "Value #A (sum)": "Active Services", - "Value #B (sum)": "Failed Services", - "job": "Device" - } - } - } - ], - "type": "table" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 16 - }, - "id": 4, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "zfs_dataset_used_bytes{job=~\"tsuba-zfs|ryu-zfs|mirai-zfs\"} / zfs_dataset_available_bytes{job=~\"tsuba-zfs|ryu-zfs|mirai-zfs\"} * 100", - "legendFormat": "{{job}} - {{dataset}}", - "range": true, - "refId": "A" - } - ], - "title": "ZFS Pool Usage", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "yellow", - "value": 40 - }, - { - "color": "red", - "value": 60 - } - ] - } - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Temperature" - }, - "properties": [ - { - "id": "unit", - "value": "celsius" - }, - { - "id": "custom.cellOptions", - "value": { - "type": "gauge" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Health" - }, - "properties": [ - { - "id": "mappings", - "value": [ - { - "options": { - "0": { - "color": "red", - "index": 1, - "text": "FAIL" - }, - "1": { - "color": "green", - "index": 0, - "text": "OK" - } - }, - "type": "value" - } - ] - }, - { - "id": "custom.cellOptions", - "value": { - "type": "color-background" - } - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 24 - }, - "id": 5, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": ["sum"], - "show": false - }, - "showHeader": true - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "smartctl_device_smart_healthy{job=~\"tsuba-smartctl|ryu-smartctl|mirai-smartctl\"}", - "format": "table", - "legendFormat": "__auto", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "smartctl_device_temperature{job=~\"tsuba-smartctl|ryu-smartctl|mirai-smartctl\"}", - "format": "table", - "hide": false, - "legendFormat": "__auto", - "range": true, - "refId": "B" - } - ], - "title": "Disk Health & Temperature", - "transformations": [ - { - "id": "merge", - "options": {} - }, - { - "id": "organize", - "options": { - "excludeByName": { - "__name__": true, - "instance": true, - "Time": true - }, - "indexByName": {}, - "renameByName": { - "Value #A": "Health", - "Value #B": "Temperature", - "device": "Device", - "job": "System" - } - } - } - ], - "type": "table" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "reqps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 32 - }, - "id": 6, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "rate(nginx_http_requests_total{job=\"mirai-nginx\"}[5m])", - "legendFormat": "{{server}} - {{status}}", - "range": true, - "refId": "A" - } - ], - "title": "Nginx Request Rate", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 32 - }, - "id": 7, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "nginx_connections_active{job=\"mirai-nginx\"}", - "legendFormat": "Active Connections", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "nginx_connections_reading{job=\"mirai-nginx\"}", - "legendFormat": "Reading", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "nginx_connections_writing{job=\"mirai-nginx\"}", - "legendFormat": "Writing", - "range": true, - "refId": "C" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "nginx_connections_waiting{job=\"mirai-nginx\"}", - "legendFormat": "Waiting", - "range": true, - "refId": "D" - } - ], - "title": "Nginx Connections", - "type": "timeseries" - } - ], - "refresh": "30s", - "schemaVersion": 38, - "style": "dark", - "tags": ["monitoring", "overview", "enhanced"], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Enhanced Infrastructure Overview", - "uid": "enhanced-overview", - "version": 0, - "weekStart": "" -} diff --git a/nixos/mirai/services/dashboards/mirai-monitoring.json b/nixos/mirai/services/dashboards/mirai-monitoring.json deleted file mode 100644 index cc5948cc..00000000 --- a/nixos/mirai/services/dashboards/mirai-monitoring.json +++ /dev/null @@ -1,601 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "grafana", - "uid": "-- Grafana --" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": null, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "max": 100, - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 0 - }, - "id": 1, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "100 - (avg by (instance) (irate(node_cpu_seconds_total{job=\"mirai-node\",mode=\"idle\"}[5m])) * 100)", - "legendFormat": "CPU Usage", - "range": true, - "refId": "A" - } - ], - "title": "Mirai CPU Usage", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 0 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_memory_MemTotal_bytes{job=\"mirai-node\"} - node_memory_MemAvailable_bytes{job=\"mirai-node\"}", - "legendFormat": "Used Memory", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_memory_MemTotal_bytes{job=\"mirai-node\"}", - "legendFormat": "Total Memory", - "range": true, - "refId": "B" - } - ], - "title": "Mirai Memory Usage", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Memory" - }, - "properties": [ - { - "id": "unit", - "value": "bytes" - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Count" - }, - "properties": [ - { - "id": "unit", - "value": "short" - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 8 - }, - "id": 3, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": ["sum"], - "show": false - }, - "showHeader": true, - "sortBy": [ - { - "desc": true, - "displayName": "Memory" - } - ] - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "namedprocess_namegroup_memory_bytes{job=\"mirai-process\"} > 0", - "format": "table", - "legendFormat": "__auto", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "namedprocess_namegroup_num_procs{job=\"mirai-process\"} > 0", - "format": "table", - "hide": false, - "legendFormat": "__auto", - "range": true, - "refId": "B" - } - ], - "title": "Mirai Running Processes", - "transformations": [ - { - "id": "merge", - "options": {} - }, - { - "id": "organize", - "options": { - "excludeByName": { - "__name__": true, - "instance": true, - "job": true, - "Time": true - }, - "indexByName": {}, - "renameByName": { - "Value #A": "Memory", - "Value #B": "Count", - "groupname": "Process Name" - } - } - } - ], - "type": "table" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 16 - }, - "id": 4, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_load1{job=\"mirai-node\"}", - "legendFormat": "1m load", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_load5{job=\"mirai-node\"}", - "legendFormat": "5m load", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_load15{job=\"mirai-node\"}", - "legendFormat": "15m load", - "range": true, - "refId": "C" - } - ], - "title": "Mirai System Load", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 16 - }, - "id": 5, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "rate(node_network_receive_bytes_total{job=\"mirai-node\",device!~\"lo|veth.*|docker.*|virbr.*|br-.*\"}[5m])", - "legendFormat": "{{device}} - Inbound", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "rate(node_network_transmit_bytes_total{job=\"mirai-node\",device!~\"lo|veth.*|docker.*|virbr.*|br-.*\"}[5m])", - "legendFormat": "{{device}} - Outbound", - "range": true, - "refId": "B" - } - ], - "title": "Mirai Network I/O", - "type": "timeseries" - } - ], - "refresh": "30s", - "schemaVersion": 38, - "style": "dark", - "tags": ["monitoring", "mirai"], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Mirai System Monitoring", - "uid": "mirai-monitoring", - "version": 0, - "weekStart": "" -} diff --git a/nixos/mirai/services/dashboards/overview-monitoring.json b/nixos/mirai/services/dashboards/overview-monitoring.json deleted file mode 100644 index fc937ad2..00000000 --- a/nixos/mirai/services/dashboards/overview-monitoring.json +++ /dev/null @@ -1,689 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "grafana", - "uid": "-- Grafana --" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": null, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "max": 100, - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "yellow", - "value": 70 - }, - { - "color": "red", - "value": 85 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 1, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "100 - (avg by (instance) (irate(node_cpu_seconds_total{job=\"tsuba-node\",mode=\"idle\"}[5m])) * 100)", - "legendFormat": "Tsuba CPU Usage", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "100 - (avg by (instance) (irate(node_cpu_seconds_total{job=\"ryu-node\",mode=\"idle\"}[5m])) * 100)", - "legendFormat": "Ryu CPU Usage", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "100 - (avg by (instance) (irate(node_cpu_seconds_total{job=\"mirai-node\",mode=\"idle\"}[5m])) * 100)", - "legendFormat": "Mirai CPU Usage", - "range": true, - "refId": "C" - } - ], - "title": "All Devices - CPU Usage", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 8 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "(node_memory_MemTotal_bytes{job=\"tsuba-node\"} - node_memory_MemAvailable_bytes{job=\"tsuba-node\"}) / node_memory_MemTotal_bytes{job=\"tsuba-node\"} * 100", - "legendFormat": "Tsuba Memory Usage", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "(node_memory_MemTotal_bytes{job=\"ryu-node\"} - node_memory_MemAvailable_bytes{job=\"ryu-node\"}) / node_memory_MemTotal_bytes{job=\"ryu-node\"} * 100", - "legendFormat": "Ryu Memory Usage", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "(node_memory_MemTotal_bytes{job=\"mirai-node\"} - node_memory_MemAvailable_bytes{job=\"mirai-node\"}) / node_memory_MemTotal_bytes{job=\"mirai-node\"} * 100", - "legendFormat": "Mirai Memory Usage", - "range": true, - "refId": "C" - } - ], - "title": "All Devices - Memory Usage", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "CPU %" - }, - "properties": [ - { - "id": "unit", - "value": "percent" - }, - { - "id": "custom.cellOptions", - "value": { - "type": "gauge" - } - }, - { - "id": "max", - "value": 100 - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Memory %" - }, - "properties": [ - { - "id": "unit", - "value": "percent" - }, - { - "id": "custom.cellOptions", - "value": { - "type": "gauge" - } - }, - { - "id": "max", - "value": 100 - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Load 1m" - }, - "properties": [ - { - "id": "unit", - "value": "short" - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 16 - }, - "id": 3, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": [ - "sum" - ], - "show": false - }, - "showHeader": true - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "100 - (avg by (instance) (irate(node_cpu_seconds_total{job=~\"tsuba-node|ryu-node|mirai-node\",mode=\"idle\"}[5m])) * 100)", - "format": "table", - "legendFormat": "__auto", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "(node_memory_MemTotal_bytes{job=~\"tsuba-node|ryu-node|mirai-node\"} - node_memory_MemAvailable_bytes{job=~\"tsuba-node|ryu-node|mirai-node\"}) / node_memory_MemTotal_bytes{job=~\"tsuba-node|ryu-node|mirai-node\"} * 100", - "format": "table", - "hide": false, - "legendFormat": "__auto", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_load1{job=~\"tsuba-node|ryu-node|mirai-node\"}", - "format": "table", - "hide": false, - "legendFormat": "__auto", - "range": true, - "refId": "C" - } - ], - "title": "System Overview", - "transformations": [ - { - "id": "merge", - "options": {} - }, - { - "id": "organize", - "options": { - "excludeByName": { - "__name__": true, - "instance": true - }, - "indexByName": {}, - "renameByName": { - "Value #A": "CPU %", - "Value #B": "Memory %", - "Value #C": "Load 1m", - "job": "Device" - } - } - }, - { - "id": "filterFieldsByName", - "options": { - "include": { - "names": [ - "Device", - "CPU %", - "Memory %", - "Load 1m" - ] - } - } - } - ], - "type": "table" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 24 - }, - "id": 4, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_load1{job=\"tsuba-node\"}", - "legendFormat": "Tsuba 1m load", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_load1{job=\"ryu-node\"}", - "legendFormat": "Ryu 1m load", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_load1{job=\"mirai-node\"}", - "legendFormat": "Mirai 1m load", - "range": true, - "refId": "C" - } - ], - "title": "System Load Average (1m)", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Process Count" - }, - "properties": [ - { - "id": "unit", - "value": "short" - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 24 - }, - "id": 5, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": [ - "sum" - ], - "show": false - }, - "showHeader": true - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "count by (job) (namedprocess_namegroup_num_procs{job=~\"tsuba-process|ryu-process|mirai-process\"})", - "format": "table", - "legendFormat": "__auto", - "range": true, - "refId": "A" - } - ], - "title": "Active Process Count by Device", - "transformations": [ - { - "id": "organize", - "options": { - "excludeByName": { - "__name__": true, - "Time": true - }, - "indexByName": {}, - "renameByName": { - "Value": "Process Count", - "job": "Device" - } - } - } - ], - "type": "table" - } - ], - "refresh": "30s", - "schemaVersion": 38, - "style": "dark", - "tags": [ - "monitoring", - "overview" - ], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Infrastructure Overview", - "uid": "overview-monitoring", - "version": 0, - "weekStart": "" -} diff --git a/nixos/mirai/services/dashboards/ryu-monitoring.json b/nixos/mirai/services/dashboards/ryu-monitoring.json deleted file mode 100644 index 5dc502a7..00000000 --- a/nixos/mirai/services/dashboards/ryu-monitoring.json +++ /dev/null @@ -1,601 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "grafana", - "uid": "-- Grafana --" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": null, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "max": 100, - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 0 - }, - "id": 1, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "100 - (avg by (instance) (irate(node_cpu_seconds_total{job=\"ryu-node\",mode=\"idle\"}[5m])) * 100)", - "legendFormat": "CPU Usage", - "range": true, - "refId": "A" - } - ], - "title": "Ryu CPU Usage", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 0 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_memory_MemTotal_bytes{job=\"ryu-node\"} - node_memory_MemAvailable_bytes{job=\"ryu-node\"}", - "legendFormat": "Used Memory", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_memory_MemTotal_bytes{job=\"ryu-node\"}", - "legendFormat": "Total Memory", - "range": true, - "refId": "B" - } - ], - "title": "Ryu Memory Usage", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Memory" - }, - "properties": [ - { - "id": "unit", - "value": "bytes" - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Count" - }, - "properties": [ - { - "id": "unit", - "value": "short" - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 8 - }, - "id": 3, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": ["sum"], - "show": false - }, - "showHeader": true, - "sortBy": [ - { - "desc": true, - "displayName": "Memory" - } - ] - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "namedprocess_namegroup_memory_bytes{job=\"ryu-process\"} > 0", - "format": "table", - "legendFormat": "__auto", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "namedprocess_namegroup_num_procs{job=\"ryu-process\"} > 0", - "format": "table", - "hide": false, - "legendFormat": "__auto", - "range": true, - "refId": "B" - } - ], - "title": "Ryu Running Processes", - "transformations": [ - { - "id": "merge", - "options": {} - }, - { - "id": "organize", - "options": { - "excludeByName": { - "__name__": true, - "instance": true, - "job": true, - "Time": true - }, - "indexByName": {}, - "renameByName": { - "Value #A": "Memory", - "Value #B": "Count", - "groupname": "Process Name" - } - } - } - ], - "type": "table" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 16 - }, - "id": 4, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_load1{job=\"ryu-node\"}", - "legendFormat": "1m load", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_load5{job=\"ryu-node\"}", - "legendFormat": "5m load", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_load15{job=\"ryu-node\"}", - "legendFormat": "15m load", - "range": true, - "refId": "C" - } - ], - "title": "Ryu System Load", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "binBps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 16 - }, - "id": 5, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "rate(node_network_receive_bytes_total{job=\"ryu-node\",device!~\"lo|veth.*|docker.*|virbr.*|br-.*\"}[5m])", - "legendFormat": "{{device}} - Inbound", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "rate(node_network_transmit_bytes_total{job=\"ryu-node\",device!~\"lo|veth.*|docker.*|virbr.*|br-.*\"}[5m])", - "legendFormat": "{{device}} - Outbound", - "range": true, - "refId": "B" - } - ], - "title": "Ryu Network I/O", - "type": "timeseries" - } - ], - "refresh": "30s", - "schemaVersion": 38, - "style": "dark", - "tags": ["monitoring", "ryu"], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Ryu System Monitoring", - "uid": "ryu-monitoring", - "version": 0, - "weekStart": "" -} diff --git a/nixos/mirai/services/dashboards/systemd-monitoring.json b/nixos/mirai/services/dashboards/systemd-monitoring.json deleted file mode 100644 index 2fd30d2e..00000000 --- a/nixos/mirai/services/dashboards/systemd-monitoring.json +++ /dev/null @@ -1,616 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "grafana", - "uid": "-- Grafana --" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": null, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [ - { - "options": { - "0": { - "color": "red", - "index": 1, - "text": "FAILED" - }, - "1": { - "color": "green", - "index": 0, - "text": "ACTIVE" - } - }, - "type": "value" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 0.5 - } - ] - } - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Status" - }, - "properties": [ - { - "id": "custom.cellOptions", - "value": { - "type": "color-background" - } - } - ] - } - ] - }, - "gridPos": { - "h": 12, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 1, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": ["sum"], - "show": false - }, - "showHeader": true, - "sortBy": [ - { - "desc": false, - "displayName": "Device" - } - ] - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "systemd_unit_state{job=~\"tsuba-systemd|ryu-systemd|mirai-systemd\",state=~\"active|failed\",name=~\".+\\.(service|timer)$\"}", - "format": "table", - "legendFormat": "__auto", - "range": true, - "refId": "A" - } - ], - "title": "SystemD Services Status", - "transformations": [ - { - "id": "organize", - "options": { - "excludeByName": { - "__name__": true, - "instance": true, - "Time": true - }, - "indexByName": {}, - "renameByName": { - "Value": "Status", - "job": "Device", - "name": "Service", - "state": "State" - } - } - }, - { - "id": "filterFieldsByName", - "options": { - "include": { - "names": [ - "Device", - "Service", - "Status" - ] - } - } - } - ], - "type": "table" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 12 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "count by (job) (systemd_unit_state{job=~\"tsuba-systemd|ryu-systemd|mirai-systemd\",state=\"active\",name=~\".+\\.service$\"})", - "legendFormat": "{{job}} - Active Services", - "range": true, - "refId": "A" - } - ], - "title": "Active Services Count", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [ - { - "matcher": { - "id": "byRegexp", - "options": ".*Failed.*" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "red", - "mode": "fixed" - } - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 12 - }, - "id": 3, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "count by (job) (systemd_unit_state{job=~\"tsuba-systemd|ryu-systemd|mirai-systemd\",state=\"failed\",name=~\".+\\.service$\"})", - "legendFormat": "{{job}} - Failed Services", - "range": true, - "refId": "A" - } - ], - "title": "Failed Services Count", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Restart Count" - }, - "properties": [ - { - "id": "unit", - "value": "short" - }, - { - "id": "custom.cellOptions", - "value": { - "type": "color-background" - } - }, - { - "id": "thresholds", - "value": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "yellow", - "value": 5 - }, - { - "color": "red", - "value": 10 - } - ] - } - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 20 - }, - "id": 4, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": ["sum"], - "show": false - }, - "showHeader": true, - "sortBy": [ - { - "desc": true, - "displayName": "Restart Count" - } - ] - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "systemd_unit_restart_total{job=~\"tsuba-systemd|ryu-systemd|mirai-systemd\",name=~\".+\\.service$\"} > 0", - "format": "table", - "legendFormat": "__auto", - "range": true, - "refId": "A" - } - ], - "title": "Service Restart Count", - "transformations": [ - { - "id": "organize", - "options": { - "excludeByName": { - "__name__": true, - "instance": true, - "Time": true - }, - "indexByName": {}, - "renameByName": { - "Value": "Restart Count", - "job": "Device", - "name": "Service" - } - } - } - ], - "type": "table" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Next Run" - }, - "properties": [ - { - "id": "unit", - "value": "dateTimeAsIso" - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 28 - }, - "id": 5, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": ["sum"], - "show": false - }, - "showHeader": true - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "systemd_timer_last_trigger_seconds{job=~\"tsuba-systemd|ryu-systemd|mirai-systemd\",name=~\".+\\.timer$\"}", - "format": "table", - "legendFormat": "__auto", - "range": true, - "refId": "A" - } - ], - "title": "SystemD Timers", - "transformations": [ - { - "id": "organize", - "options": { - "excludeByName": { - "__name__": true, - "instance": true, - "Time": true - }, - "indexByName": {}, - "renameByName": { - "Value": "Last Trigger", - "job": "Device", - "name": "Timer" - } - } - } - ], - "type": "table" - } - ], - "refresh": "30s", - "schemaVersion": 38, - "style": "dark", - "tags": ["monitoring", "systemd", "services"], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "SystemD Services Monitoring", - "uid": "systemd-monitoring", - "version": 0, - "weekStart": "" -} diff --git a/nixos/mirai/services/dashboards/tsuba-monitoring.json b/nixos/mirai/services/dashboards/tsuba-monitoring.json deleted file mode 100644 index 93293173..00000000 --- a/nixos/mirai/services/dashboards/tsuba-monitoring.json +++ /dev/null @@ -1,624 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "grafana", - "uid": "-- Grafana --" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "type": "dashboard" - } - ] - }, - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": null, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "max": 100, - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percent" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 0 - }, - "id": 1, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "100 - (avg by (instance) (irate(node_cpu_seconds_total{job=\"tsuba-node\",mode=\"idle\"}[5m])) * 100)", - "legendFormat": "CPU Usage", - "range": true, - "refId": "A" - } - ], - "title": "Tsuba CPU Usage", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 0 - }, - "id": 2, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_memory_MemTotal_bytes{job=\"tsuba-node\"} - node_memory_MemAvailable_bytes{job=\"tsuba-node\"}", - "legendFormat": "Used Memory", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_memory_MemTotal_bytes{job=\"tsuba-node\"}", - "legendFormat": "Total Memory", - "range": true, - "refId": "B" - } - ], - "title": "Tsuba Memory Usage", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "custom": { - "align": "auto", - "cellOptions": { - "type": "auto" - }, - "inspect": false - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - } - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "CPU %" - }, - "properties": [ - { - "id": "unit", - "value": "percent" - }, - { - "id": "custom.cellOptions", - "value": { - "type": "gauge" - } - }, - { - "id": "max", - "value": 100 - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Memory" - }, - "properties": [ - { - "id": "unit", - "value": "bytes" - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 8 - }, - "id": 3, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": ["sum"], - "show": false - }, - "showHeader": true, - "sortBy": [ - { - "desc": true, - "displayName": "CPU %" - } - ] - }, - "pluginVersion": "10.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "rate(namedprocess_namegroup_cpu_seconds_total{job=\"tsuba-process\"}[5m]) * 100", - "format": "table", - "legendFormat": "__auto", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "namedprocess_namegroup_num_procs{job=\"tsuba-process\"} > 0", - "format": "table", - "hide": false, - "legendFormat": "__auto", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "namedprocess_namegroup_num_procs{job=\"tsuba-process\"}", - "format": "table", - "hide": false, - "legendFormat": "__auto", - "range": true, - "refId": "C" - } - ], - "title": "Tsuba Running Processes", - "transformations": [ - { - "id": "merge", - "options": {} - }, - { - "id": "organize", - "options": { - "excludeByName": { - "__name__": true, - "instance": true, - "job": true - }, - "indexByName": {}, - "renameByName": { - "Value #A": "CPU %", - "Value #B": "Memory", - "Value #C": "Count", - "groupname": "Process Name" - } - } - } - ], - "type": "table" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 16 - }, - "id": 4, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_load1{job=\"tsuba-node\"}", - "legendFormat": "1m load", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_load5{job=\"tsuba-node\"}", - "legendFormat": "5m load", - "range": true, - "refId": "B" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "node_load15{job=\"tsuba-node\"}", - "legendFormat": "15m load", - "range": true, - "refId": "C" - } - ], - "title": "Tsuba System Load", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "vis": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 16 - }, - "id": 5, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "rate(node_network_receive_bytes_total{job=\"tsuba-node\",device!~\"lo|veth.*|docker.*|virbr.*|br-.*\"}[5m])", - "legendFormat": "{{device}} - Inbound", - "range": true, - "refId": "A" - }, - { - "datasource": { - "type": "prometheus", - "uid": "prometheus" - }, - "editorMode": "code", - "expr": "rate(node_network_transmit_bytes_total{job=\"tsuba-node\",device!~\"lo|veth.*|docker.*|virbr.*|br-.*\"}[5m])", - "legendFormat": "{{device}} - Outbound", - "range": true, - "refId": "B" - } - ], - "title": "Tsuba Network I/O", - "type": "timeseries" - } - ], - "refresh": "30s", - "schemaVersion": 38, - "style": "dark", - "tags": ["monitoring", "tsuba"], - "templating": { - "list": [] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Tsuba System Monitoring", - "uid": "tsuba-monitoring", - "version": 0, - "weekStart": "" -} diff --git a/nixos/mirai/services/default.nix b/nixos/mirai/services/default.nix index 4c2d3cac..7e1e13ee 100644 --- a/nixos/mirai/services/default.nix +++ b/nixos/mirai/services/default.nix @@ -13,7 +13,6 @@ ./immich.nix # ./llama.nix ./lldap.nix - ./monitoring.nix ./nextcloud.nix # ./paperless.nix ./prowlarr.nix diff --git a/nixos/mirai/services/gitea.nix b/nixos/mirai/services/gitea.nix index 4b3e3ce1..7161ff11 100644 --- a/nixos/mirai/services/gitea.nix +++ b/nixos/mirai/services/gitea.nix @@ -6,7 +6,7 @@ }: { virtualisation.docker.enable = true; sops = { - # secrets."gitea/registration".owner = config.systemd.services.gitea-actions-mirai.serviceConfig.User; + # secrets."gitea/registration".owner = config.systemd.services.gitea-actions-tako.serviceConfig.User; secrets."gitea/registration" = {}; secrets."authelia/oidc/gitea/client_secret" = { owner = config.systemd.services.authelia-darksailor.serviceConfig.User; @@ -77,9 +77,9 @@ }; # gitea-actions-runner = { # instances = { - # mirai = { + # tako = { # enable = true; - # name = "mirai"; + # name = "tako"; # url = "https://git.darksailor.dev"; # labels = [ # "ubuntu-latest:docker://catthehacker/ubuntu:full-latest" @@ -149,7 +149,7 @@ after = ["sops-install-secrets.service"]; }; - # systemd.services."gitea-actions-mirai" = { + # systemd.services."gitea-actions-tako" = { # after = ["gitea.service"]; # }; diff --git a/nixos/mirai/services/monitoring.nix b/nixos/mirai/services/monitoring.nix deleted file mode 100644 index 2620ad7e..00000000 --- a/nixos/mirai/services/monitoring.nix +++ /dev/null @@ -1,249 +0,0 @@ -{ - config, - pkgs, - lib, - # devices, - ... -}: { - sops.secrets = { - "grafana/adminPassword" = { - owner = "grafana"; - group = "grafana"; - }; - oauth-client-secret-grafana-authelia = { - owner = config.systemd.services.authelia-darksailor.serviceConfig.User; - key = "authelia/oidc/grafana/client_secret"; - restartUnits = [ - "authelia-darksailor.service" - ]; - }; - oauth-client-secret-grafana = { - owner = config.systemd.services.grafana.serviceConfig.User; - key = "authelia/oidc/grafana/client_secret"; - restartUnits = [ - "grafana" - ]; - }; - }; - services = { - prometheus = { - enable = true; - port = 9090; - listenAddress = "0.0.0.0"; - - scrapeConfigs = []; - # ++ (lib.mapAttrsToList (name: cfg: { - # job_name = "mirai-" + name; - # static_configs = [ - # { - # targets = [("localhost:" + (builtins.toString cfg.port))]; - # } - # ]; - # }) - # (config.services.prometheus.exporters)); - - retentionTime = "30d"; - - globalConfig = { - scrape_interval = "15s"; - evaluation_interval = "15s"; - }; - }; - - prometheus.exporters = { - ping = { - enable = true; - settings = { - targets = [ - "1.1.1.1" - "ryu" - "tsuba" - "shiro" - ]; - ping = { - interval = "5s"; - timeout = "5s"; - }; - }; - openFirewall = true; - }; - node = { - enable = true; - enabledCollectors = [ - "systemd" - "textfile" - "filesystem" - "loadavg" - "meminfo" - "netdev" - "stat" - "time" - "uname" - "vmstat" - ]; - openFirewall = true; - }; - process = { - enable = true; - settings.process_names = [ - { - name = "{{.Comm}}"; - cmdline = [".*"]; - } - ]; - openFirewall = true; - }; - systemd = { - enable = true; - openFirewall = true; - }; - }; - - grafana = { - enable = true; - settings = { - server = { - http_addr = "0.0.0.0"; - http_port = 3333; - domain = "monitoring.darksailor.dev"; - root_url = "https://monitoring.darksailor.dev"; - }; - security = { - admin_user = "admin"; - admin_password = "$__file{${config.sops.secrets."grafana/adminPassword".path}}"; - }; - auth = { - disable_login_form = true; - }; - "auth.basic" = { - enabled = false; - }; - "auth.generic_oauth" = { - enabled = true; - name = "Authelia"; - client_id = "grafana"; - client_secret = "$__file{${config.sops.secrets.oauth-client-secret-grafana.path}}"; - scopes = "openid profile email groups"; - empty_scopes = false; - auth_url = "https://auth.darksailor.dev/api/oidc/authorization"; - token_url = "https://auth.darksailor.dev/api/oidc/token"; - api_url = "https://auth.darksailor.dev/api/oidc/userinfo"; - login_attribute_path = "email"; - groups_attribute_path = "groups"; - name_attribute_path = "name"; - email_attribute_path = "email"; - username_attribute_path = "preferred_username"; - use_pkce = true; - auto_login = true; - allow_sign_up = true; - role_attribute_path = "contains(groups[*], 'sso_admin') && 'Admin' || Viewer"; - use_refresh_token = false; - id_token_attribute_name = ""; - signout_redirect_url = "https://auth.darksailor.dev/logout"; - }; - }; - - provision = { - enable = true; - datasources.settings.datasources = [ - { - name = "Prometheus"; - type = "prometheus"; - access = "proxy"; - url = "http://localhost:9090"; - isDefault = true; - jsonData = { - timeInterval = "15s"; - }; - } - ]; - - dashboards.settings = { - apiVersion = 1; - providers = [ - { - name = "default"; - type = "file"; - options.path = "/var/lib/grafana/dashboards"; - } - ]; - }; - }; - }; - - caddy.virtualHosts."monitoring.darksailor.dev".extraConfig = '' - reverse_proxy localhost:${builtins.toString config.services.grafana.settings.server.http_port} - ''; - - authelia = { - instances.darksailor = { - settings = { - identity_providers = { - oidc = { - claims_policies = { - grafana = { - id_token = [ - "email" - "name" - "groups" - "preferred_username" - ]; - }; - }; - clients = [ - { - client_name = "Grafana"; - client_id = "grafana"; - claims_policy = "grafana"; - client_secret = ''{{ secret "${config.sops.secrets.oauth-client-secret-grafana-authelia.path}" }}''; - public = false; - authorization_policy = "one_factor"; - require_pkce = true; - pkce_challenge_method = "S256"; - redirect_uris = [ - "https://monitoring.darksailor.dev/login/generic_oauth" - ]; - scopes = [ - "openid" - "profile" - "email" - "groups" - ]; - response_types = ["code"]; - grant_types = ["authorization_code"]; - userinfo_signed_response_alg = "none"; - id_token_signed_response_alg = "RS256"; - access_token_signed_response_alg = "RS256"; - token_endpoint_auth_method = "client_secret_basic"; - } - ]; - }; - }; - }; - }; - }; - }; - - # SOPS secrets for Grafana - - # Create dashboard directory and copy dashboards - systemd.tmpfiles.rules = [ - "d /var/lib/grafana/dashboards 0755 grafana grafana" - "C /var/lib/grafana/dashboards/tsuba-monitoring.json 0644 grafana grafana - ${./dashboards/tsuba-monitoring.json}" - "C /var/lib/grafana/dashboards/ryu-monitoring.json 0644 grafana grafana - ${./dashboards/ryu-monitoring.json}" - "C /var/lib/grafana/dashboards/mirai-monitoring.json 0644 grafana grafana - ${./dashboards/mirai-monitoring.json}" - "C /var/lib/grafana/dashboards/overview-monitoring.json 0644 grafana grafana - ${./dashboards/overview-monitoring.json}" - "C /var/lib/grafana/dashboards/enhanced-overview.json 0644 grafana grafana - ${./dashboards/enhanced-overview.json}" - "C /var/lib/grafana/dashboards/systemd-monitoring.json 0644 grafana grafana - ${./dashboards/systemd-monitoring.json}" - ]; - - # Open firewall ports - networking.firewall = { - # Allow Tailscale traffic for metrics scraping - trustedInterfaces = ["tailscale0"]; - }; - - # Ensure Grafana service starts after PostgreSQL - # systemd.services.grafana.after = ["postgresql.service"]; - # systemd.services.grafana.requires = ["postgresql.service"]; -} diff --git a/nixos/mirai/services/shitpost.nix b/nixos/mirai/services/shitpost.nix index cb29ad0a..4f91f088 100644 --- a/nixos/mirai/services/shitpost.nix +++ b/nixos/mirai/services/shitpost.nix @@ -1,7 +1,6 @@ {pkgs, ...}: let src = pkgs.fetchgit { url = "https://git.darksailor.dev/servius/adarkdayinmylife.public"; - # repo = "adarkdayinmy.life"; rev = "68d972f68cab8f68916b94df05b7ab6a7da4a1da"; sha256 = "sha256-EVis06rmHq1jJK0FVsbgi7TOru7GtEUpbx0PjU2AKEo="; }; diff --git a/nixos/ryu/configuration.nix b/nixos/ryu/configuration.nix index 5f181eab..8f563d26 100644 --- a/nixos/ryu/configuration.nix +++ b/nixos/ryu/configuration.nix @@ -69,7 +69,7 @@ }; package = pkgs.nixVersions.nix_2_31; # deploy-rs doesn't work with nix >= 2.32 buildMachines = [ - ../../builders/mirai.nix + ../../builders/tako.nix ../../builders/shiro.nix # ../../builders/tsuba.nix ]; diff --git a/nixos/ryu/services/ollama.nix b/nixos/ryu/services/ollama.nix index e4aa568b..868c4fd1 100644 --- a/nixos/ryu/services/ollama.nix +++ b/nixos/ryu/services/ollama.nix @@ -42,7 +42,7 @@ caddy = { # virtualHosts."llama.ryu.darksailor.dev".extraConfig = '' # import hetzner - # forward_auth mirai:5555 { + # forward_auth tako:5555 { # uri /api/authz/forward-auth # copy_headers Remote-User Remote-Groups Remote-Email Remote-Name # } diff --git a/nixos/tako/configuration.nix b/nixos/tako/configuration.nix new file mode 100644 index 00000000..5147215c --- /dev/null +++ b/nixos/tako/configuration.nix @@ -0,0 +1,186 @@ +{ + config, + pkgs, + device, + ... +}: { + imports = [ + # Include the results of the hardware scan. + ./services + ./tako.nix + # ./docker.nix + ]; + + virtualisation.docker.enable = true; + # virtualisation.podman = { + # enable = true; + # dockerSocket.enable = true; + # defaultNetwork.dnsname.enable = true; + # }; + users.extraUsers.${device.user}.extraGroups = ["docker"]; + environment.systemPackages = with pkgs; [ + arion + ]; + + security.sudo.wheelNeedsPassword = false; + sops = { + secrets."builder/tako/cache/private" = {}; + secrets.users = { + sopsFile = ../../secrets/users.yaml; + format = "yaml"; + key = ""; + }; + }; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + nix = { + settings = { + max-jobs = 1; + cores = 8; + auto-optimise-store = true; + extra-experimental-features = "nix-command flakes auto-allocate-uids"; + trusted-users = ["root" "fs0c131y" "remotebuilder"]; + trusted-substituters = [ + "https://nix-community.cachix.org" + "https://nixos-raspberrypi.cachix.org" + # "https://sh.darksailor.dev" + ]; + trusted-public-keys = [ + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + "nixos-raspberrypi.cachix.org-1:4iMO9LXa8BqhU+Rpg6LQKiGa2lsNh/j2oiYLNOQ5sPI=" + # "tako:bcVPoFGBZ0i7JAKMXIqLj2GY3CulLC4kP7rQyqes1RM=" + ]; + }; + extraOptions = '' + build-users-group = nixbld + extra-nix-path = nixpkgs=flake:nixpkgs + builders-use-substitutes = true + secret-key-files = ${config.sops.secrets."builder/tako/cache/private".path} + ''; + gc = { + automatic = true; + dates = "daily"; + options = "--delete-older-than 5d"; + }; + package = pkgs.nixVersions.nix_2_31; # deploy-rs doesn't work with nix >= 2.32 + distributedBuilds = true; + }; + + users.users.fs0c131y = { + isNormalUser = true; + extraGroups = ["wheel" "docker" "media"]; + openssh.authorizedKeys.keyFiles = [ + ../../secrets/id_ed25519.pub + ../../secrets/id_ios.pub + ]; + }; + users.users.remotebuilder = { + isNormalUser = true; + openssh.authorizedKeys.keyFiles = [ + ../../secrets/id_ed25519.pub + ]; + }; + users.groups.media = {}; + + nixpkgs.config.allowUnfree = true; + networking.hostName = "tako"; # Define your hostname. + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Set your time zone. + time.timeZone = "Europe/Helsinki"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Select internationalisation properties. + # i18n.defaultLocale = "en_US.UTF-8"; + # console = { + # font = "Lat2-Terminus16"; + # keyMap = "us"; + # useXkbConfig = true; # use xkb.options in tty. + # }; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + + # Configure keymap in X11 + # services.xserver.xkb.layout = "us"; + # services.xserver.xkb.options = "eurosign:e,caps:escape"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # hardware.pulseaudio.enable = true; + # OR + # services.pipewire = { + # enable = true; + # pulse.enable = true; + # }; + + # Enable touchpad support (enabled default in most desktopManager). + # services.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + # users.users.alice = { + # isNormalUser = true; + # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + # packages = with pkgs; [ + # firefox + # tree + # ]; + # }; + + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + + # Open ports in the firewall. + networking.firewall.allowedTCPPorts = [22 80 443]; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; + + # This option defines the first version of NixOS you have installed on this particular machine, + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. + # + # Most users should NEVER change this value after the initial install, for any reason, + # even if you've upgraded your system to a new NixOS release. + # + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, + # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how + # to actually do that. + # + # This value being lower than the current NixOS release does NOT mean your system is + # out of date, out of support, or vulnerable. + # + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, + # and migrated your data accordingly. + # + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . + system.stateVersion = "24.11"; # Did you read the comment? +} diff --git a/nixos/tako/disk-config.nix b/nixos/tako/disk-config.nix new file mode 100644 index 00000000..4ce69c34 --- /dev/null +++ b/nixos/tako/disk-config.nix @@ -0,0 +1,96 @@ +{...}: { + disko.devices = { + disk = { + one = { + type = "disk"; + device = "/dev/nvme0n1"; + content = { + type = "gpt"; + partitions = { + ESP = { + priority = 1; + name = "ESP"; + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = ["umask=0077"]; + }; + }; + primary = { + size = "100%"; + content = { + type = "lvm_pv"; + vg = "pool"; + }; + }; + }; + }; + }; + two = { + type = "disk"; + device = "/dev/nvme1n1"; + content = { + type = "gpt"; + partitions = { + primary = { + size = "100%"; + content = { + type = "lvm_pv"; + vg = "pool"; + }; + }; + }; + }; + }; + }; + lvm_vg = { + pool = { + type = "lvm_vg"; + lvs = { + root = { + size = "64G"; + lvm_type = "mirror"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + mountOptions = [ + "defaults" + ]; + }; + }; + nix = { + size = "256G"; + lvm_type = "raid0"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/nix"; + }; + }; + home = { + size = "256G"; + lvm_type = "raid0"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/home"; + }; + }; + media = { + size = "100%"; + lvm_type = "raid0"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/media"; + }; + }; + }; + }; + }; + }; +} diff --git a/nixos/tako/docker.nix b/nixos/tako/docker.nix new file mode 100644 index 00000000..3a386d90 --- /dev/null +++ b/nixos/tako/docker.nix @@ -0,0 +1,69 @@ +{ + config, + lib, + pkgs, + ... +}: { + # virtualisation = { + # docker.enable = true; + # podman.enable = true; + # oci-containers = { + # backend = "podman"; + # containers.homeassistant = { + # volumes = ["home-assistant:/config"]; + # environment.TZ = "Asia/Kolkata"; + # image = "ghcr.io/home-assistant/home-assistant:stable"; # Warning: if the tag does not change, the image will not be updated + # extraOptions = [ + # "--network=ha-net" + # ]; + # }; + # }; + # }; + # networking.firewall.allowedTCPPorts = [8123]; + # environment.systemPackages = with pkgs; [ + # docker + # podman + # ]; + # services.caddy = { + # enable = true; + # virtualHosts."home.darksailor.dev".extraConfig = '' + # reverse_proxy localhost:8123 + # ''; + # }; + # containers.llama = { + # autoStart = true; + # privateNetwork = true; + # hostAddress = "192.168.100.10"; + # localAddress = "192.168.100.11"; + # hostAddress6 = "fc00::1"; + # localAddress6 = "fc00::2"; + # config = { + # config, + # pkgs, + # libs, + # ... + # }: { + # system.stateVersion = "24.11"; + # networking = { + # firewall = { + # enable = true; + # allowedTCPPorts = [4000]; + # }; + # # Use systemd-resolved inside the container + # # Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686 + # useHostResolvConf = lib.mkForce false; + # }; + # services.resolved.enable = true; + # services.llama-cpp = { + # enable = true; + # host = "127.0.0.1"; + # port = 4000; + # model = builtins.fetchurl { + # name = "qwen_2.5.1_coder_7b_instruct_gguf"; + # sha256 = "61834b88c1a1ce5c277028a98c4a0c94a564210290992a7ba301bbef96ef8eba"; + # url = "https://huggingface.co/bartowski/Qwen2.5.1-Coder-7B-Instruct-GGUF/resolve/main/Qwen2.5.1-Coder-7B-Instruct-Q8_0.gguf?download=true"; + # }; + # }; + # }; + # }; +} diff --git a/nixos/tako/services/attic.nix b/nixos/tako/services/attic.nix new file mode 100644 index 00000000..1d8e218e --- /dev/null +++ b/nixos/tako/services/attic.nix @@ -0,0 +1,17 @@ +{...}: { + services = { + atticd = { + enable = false; + listen = "/run/attic.sock"; + }; + caddy = { + virtualHosts."cache.darksailor.dev".extraConfig = '' + reverse_proxy /run/attic.sock { + transport http { + protocol = "fd" + } + } + ''; + }; + }; +} diff --git a/nixos/tako/services/atuin.nix b/nixos/tako/services/atuin.nix new file mode 100644 index 00000000..475e2b45 --- /dev/null +++ b/nixos/tako/services/atuin.nix @@ -0,0 +1,13 @@ +{...}: { + services = { + atuin = { + enable = true; + openRegistration = false; + }; + caddy = { + virtualHosts."atuin.darksailor.dev".extraConfig = '' + reverse_proxy localhost:8888 + ''; + }; + }; +} diff --git a/nixos/tako/services/authelia.nix b/nixos/tako/services/authelia.nix new file mode 100644 index 00000000..1777c84b --- /dev/null +++ b/nixos/tako/services/authelia.nix @@ -0,0 +1,107 @@ +{config, ...}: { + sops = { + secrets = let + user = config.systemd.services.authelia-darksailor.serviceConfig.User; + in { + "authelia/servers/darksailor/jwtSecret".owner = user; + "authelia/servers/darksailor/storageEncryptionSecret".owner = user; + "authelia/servers/darksailor/sessionSecret".owner = user; + "authelia/users/servius".owner = user; + "lldap/users/authelia".owner = user; + users.owner = user; + "authelia/oidc/jwks".owner = user; + }; + }; + services = { + authelia = { + instances.darksailor = { + enable = true; + settings = { + authentication_backend = { + password_reset.disable = false; + password_change.disable = false; + ldap = { + address = "ldap://localhost:389"; + timeout = "5s"; + base_dn = "dc=darksailor,dc=dev"; + user = "cn=authelia,ou=people,dc=darksailor,dc=dev"; + users_filter = "(&({username_attribute}={input})(objectClass=person))"; + groups_filter = "(&(member={dn})(objectClass=groupOfNames))"; + additional_users_dn = "OU=people"; + additional_groups_dn = "OU=groups"; + }; + }; + session = { + cookies = [ + { + domain = "darksailor.dev"; + authelia_url = "https://auth.darksailor.dev"; + name = "authelia_session"; + } + ]; + }; + access_control = { + default_policy = "one_factor"; + rules = let + bypass_api = domain: [ + { + inherit domain; + policy = "bypass"; + resources = [ + "^/api([/?].*)?$" + ]; + } + { + inherit domain; + policy = "one_factor"; + } + ]; + in + (bypass_api "sonarr.tsuba.darksailor.dev") + ++ (bypass_api "radarr.tsuba.darksailor.dev") + ++ (bypass_api "lidarr.tsuba.darksailor.dev") + ++ (bypass_api "bazarr.tsuba.darksailor.dev") + ++ (bypass_api "prowlarr.tsuba.darksailor.dev"); + }; + storage = { + local = { + path = "/var/lib/authelia-darksailor/authelia.sqlite3"; + }; + }; + theme = "dark"; + notifier.filesystem.filename = "/var/lib/authelia-darksailor/authelia-notifier.log"; + server = { + address = "0.0.0.0:5555"; + endpoints.authz = { + forward-auth = { + implementation = "ForwardAuth"; + }; + auth-request = { + implementation = "AuthRequest"; + }; + }; + }; + }; + secrets = { + jwtSecretFile = config.sops.secrets."authelia/servers/darksailor/jwtSecret".path; + storageEncryptionKeyFile = config.sops.secrets."authelia/servers/darksailor/storageEncryptionSecret".path; + sessionSecretFile = config.sops.secrets."authelia/servers/darksailor/sessionSecret".path; + oidcHmacSecretFile = config.sops.secrets."authelia/servers/darksailor/sessionSecret".path; + oidcIssuerPrivateKeyFile = config.sops.secrets."authelia/oidc/jwks".path; + }; + environmentVariables = { + AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE = config.sops.secrets."lldap/users/authelia".path; + }; + }; + }; + caddy = { + virtualHosts."auth.darksailor.dev".extraConfig = '' + reverse_proxy localhost:5555 { + # header_up Host {http.request.header.X-Forwarded-Host} + # header_up X-Forwarded-Host {http.request.header.X-Forwarded-Host} + # header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto} + } + ''; + }; + }; +} diff --git a/nixos/tako/services/caddy.nix b/nixos/tako/services/caddy.nix new file mode 100644 index 00000000..ec9add9e --- /dev/null +++ b/nixos/tako/services/caddy.nix @@ -0,0 +1,15 @@ +{...}: { + services = { + caddy = { + enable = true; + extraConfig = '' + (auth) { + forward_auth localhost:5555 { + uri /api/authz/forward-auth?authelia_url=https://auth.darksailor.dev + copy_headers Remote-User Remote-Groups Remote-Name Remote-Email + } + } + ''; + }; + }; +} diff --git a/nixos/tako/services/default.nix b/nixos/tako/services/default.nix new file mode 100644 index 00000000..4c2d3cac --- /dev/null +++ b/nixos/tako/services/default.nix @@ -0,0 +1,31 @@ +{...}: { + imports = [ + ./atuin.nix + ./authelia.nix + ./caddy.nix + ./excalidraw.nix + ./fail2ban.nix + ./flaresolverr.nix + ./games + ./gitea.nix + ./homepage.nix + # ./immich.nix + ./immich.nix + # ./llama.nix + ./lldap.nix + ./monitoring.nix + ./nextcloud.nix + # ./paperless.nix + ./prowlarr.nix + ./resolved.nix + ./searxng.nix + ./tailscale.nix + ./headscale.nix + ./shitpost.nix + ]; + services = { + nix-serve = { + enable = true; + }; + }; +} diff --git a/nixos/tako/services/excalidraw.nix b/nixos/tako/services/excalidraw.nix new file mode 100644 index 00000000..08fb46fd --- /dev/null +++ b/nixos/tako/services/excalidraw.nix @@ -0,0 +1,30 @@ +{...}: { + virtualisation.oci-containers = { + backend = "docker"; + containers = { + excalidraw = { + image = "excalidraw/excalidraw:latest"; + ports = ["127.0.0.1:5959:80"]; + volumes = []; + }; + }; + }; + services.caddy.virtualHosts."draw.darksailor.dev".extraConfig = '' + import auth + reverse_proxy localhost:5959 + ''; + services.authelia = { + instances.darksailor = { + settings = { + access_control = { + rules = [ + { + domain = "draw.darksailor.dev"; + policy = "one_factor"; + } + ]; + }; + }; + }; + }; +} diff --git a/nixos/tako/services/fail2ban.nix b/nixos/tako/services/fail2ban.nix new file mode 100644 index 00000000..349a705d --- /dev/null +++ b/nixos/tako/services/fail2ban.nix @@ -0,0 +1,22 @@ +{...}: { + # sops = { + # secrets."ryu/public" = {}; + # }; + services = { + fail2ban = { + enable = true; + bantime = "24h"; # Ban IPs for one day on the first ban + bantime-increment = { + enable = true; # Enable increment of bantime after each violation + # formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)"; + multipliers = "1 2 4 8 16 32 64"; + maxtime = "168h"; # Do not ban for more than 1 week + overalljails = true; # Calculate the bantime based on all the violations + }; + # I'm beind a CG-NAT + ignoreIP = [ + "106.219.121.52" + ]; + }; + }; +} diff --git a/nixos/tako/services/flaresolverr.nix b/nixos/tako/services/flaresolverr.nix new file mode 100644 index 00000000..08986daf --- /dev/null +++ b/nixos/tako/services/flaresolverr.nix @@ -0,0 +1,8 @@ +{stablePkgs, ...}: { + services = { + flaresolverr = { + enable = true; + package = stablePkgs.flaresolverr; + }; + }; +} diff --git a/nixos/tako/services/games/default.nix b/nixos/tako/services/games/default.nix new file mode 100644 index 00000000..ddca14d6 --- /dev/null +++ b/nixos/tako/services/games/default.nix @@ -0,0 +1,7 @@ +{...}: { + imports = [ + ./minecraft.nix + ./satisfactory.nix + ./terraria.nix + ]; +} diff --git a/nixos/tako/services/games/minecraft.nix b/nixos/tako/services/games/minecraft.nix new file mode 100644 index 00000000..e0cba319 --- /dev/null +++ b/nixos/tako/services/games/minecraft.nix @@ -0,0 +1,56 @@ +{ + pkgs, + inputs, + ... +}: { + # imports = [inputs.nix-minecraft.nixosModules.minecraft-servers]; + services = let + whitelist = { + "AbhinavSE" = "8b6c052e-69b3-4bee-b9dc-12eb94653c9e"; + "Serveus" = "79882fb6-d594-4073-a3d0-70a01d0abb67"; + "__Shun__" = "1c7a300f-98e4-402c-8741-432f3494bb25"; + "shashikant" = "20891e82-203c-4d04-9868-79a5879ecfc3"; + }; + in { + minecraft-server = { + inherit whitelist; + enable = false; + openFirewall = true; + eula = true; + declarative = true; + serverProperties = { + motd = "Servius's Minecraft Server"; + level-seed = "4504535438041489910"; + view-distance = 24; + white-list = true; + }; + package = let + getJavaVersion = v: (builtins.getAttr "openjdk${toString v}" pkgs.javaPackages.compiler).headless; + in + pkgs.minecraft-server.override { + url = "https://piston-data.mojang.com/v1/objects/6e64dcabba3c01a7271b4fa6bd898483b794c59b/server.jar"; + sha1 = "sha1-bmTcq7o8AacnG0+mvYmEg7eUxZs="; + version = "1.21.6"; + jre_headless = getJavaVersion 21; + }; + }; + # minecraft-servers = { + # enable = true; + # eula = true; + # openFirewall = true; + # servers.fabric = { + # inherit whitelist; + # enable = true; + # jvmOpts = "-Xmx4G -Xms4G"; + # package = pkgs.fabricServers.fabric-1_21_7; + # serverProperties = { + # motd = "Servius's Fabric Minecraft Server"; + # server-port = 25567; + # level-seed = "4504535438041489910"; + # view-distance = 24; + # white-list = true; + # }; + # }; + # }; + }; +} diff --git a/nixos/tako/services/games/satisfactory.nix b/nixos/tako/services/games/satisfactory.nix new file mode 100644 index 00000000..de078117 --- /dev/null +++ b/nixos/tako/services/games/satisfactory.nix @@ -0,0 +1,10 @@ +{...}: { + imports = [ + ../../../../modules/nixos/satisfactory.nix + ]; + services.satisfactory = { + # enable = true; + enable = false; + maxPlayers = 4; + }; +} diff --git a/nixos/tako/services/games/terraria.nix b/nixos/tako/services/games/terraria.nix new file mode 100644 index 00000000..68698f58 --- /dev/null +++ b/nixos/tako/services/games/terraria.nix @@ -0,0 +1,7 @@ +{...}: { + services.terraria = { + enable = true; + # port = 7777; + autoCreatedWorldSize = "large"; + }; +} diff --git a/nixos/tako/services/gitea.nix b/nixos/tako/services/gitea.nix new file mode 100644 index 00000000..7161ff11 --- /dev/null +++ b/nixos/tako/services/gitea.nix @@ -0,0 +1,185 @@ +{ + lib, + config, + pkgs, + ... +}: { + virtualisation.docker.enable = true; + sops = { + # secrets."gitea/registration".owner = config.systemd.services.gitea-actions-tako.serviceConfig.User; + secrets."gitea/registration" = {}; + secrets."authelia/oidc/gitea/client_secret" = { + owner = config.systemd.services.authelia-darksailor.serviceConfig.User; + mode = "0440"; + restartUnits = [ + "gitea.service" + "authelia-darksailor.service" + ]; + }; + secrets."authelia/oidc/gitea/client_id" = { + owner = config.systemd.services.authelia-darksailor.serviceConfig.User; + mode = "0440"; + restartUnits = [ + "gitea.service" + "authelia-darksailor.service" + ]; + }; + templates = { + "GITEA_REGISTRATION_TOKEN.env".content = '' + TOKEN=${config.sops.placeholder."gitea/registration"} + ''; + "GITEA_OAUTH_SETUP.env".content = '' + CLIENT_ID=${config.sops.placeholder."authelia/oidc/gitea/client_id"} + CLIENT_SECRET=${config.sops.placeholder."authelia/oidc/gitea/client_secret"} + ''; + }; + }; + services = { + gitea = { + enable = true; + lfs.enable = true; + settings = { + service = { + DISABLE_REGISTRATION = false; + ALLOW_ONLY_EXTERNAL_REGISTRATION = true; + SHOW_REGISTRATION_BUTTON = false; + ENABLE_REVERSE_PROXY_AUTHENTICATION = false; + ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false; + ENABLE_PASSWORD_SIGNIN_FORM = false; + }; + repository = { + ENABLE_PUSH_CREATE_USER = true; + }; + mailer = { + ENABLED = true; + PROTOCOL = "sendmail"; + }; + security = { + REVERSE_PROXY_AUTHENTICATION_USER = "REMOTE-USER"; + }; + server = { + ROOT_URL = "https://git.darksailor.dev"; + DOMAIN = "git.darksailor.dev"; + # LFS_START_SERVER = true; + LFS_ALLOW_PURE_SSH = true; + }; + oauth2_client = { + ENABLE_AUTO_REGISTRATION = true; + ACCOUNT_LINKING = "auto"; + OPENID_CONNECT_SCOPES = "openid profile email"; + }; + openid = { + ENABLE_OPENID_SIGNIN = false; + ENABLE_OPENID_SIGNUP = true; + WHITELISTED_URIS = "auth.darksailor.dev"; + }; + }; + }; + # gitea-actions-runner = { + # instances = { + # tako = { + # enable = true; + # name = "tako"; + # url = "https://git.darksailor.dev"; + # labels = [ + # "ubuntu-latest:docker://catthehacker/ubuntu:full-latest" + # "ubuntu-22.04:docker://catthehacker/ubuntu:full-22.04" + # "ubuntu-20.04:docker://catthehacker/ubuntu:full-20.04" + # "native:host" + # ]; + # tokenFile = "${config.sops.templates."GITEA_REGISTRATION_TOKEN.env".path}"; + # }; + # }; + # }; + caddy = { + virtualHosts."git.darksailor.dev".extraConfig = '' + reverse_proxy localhost:3000 + ''; + }; + authelia = { + instances.darksailor = { + settings = { + # access_control = { + # rules = [ + # { + # domain = "git.darksailor.dev"; + # policy = "bypass"; + # resources = [ + # "^/api([/?].*)?$" + # ]; + # } + # { + # domain = "git.darksailor.dev"; + # policy = "one_factor"; + # } + # ]; + # }; + identity_providers = { + oidc = { + clients = [ + { + client_name = "Gitea: Darksailor"; + client_id = ''{{ secret "${config.sops.secrets."authelia/oidc/gitea/client_id".path}" }}''; + client_secret = ''{{ secret "${config.sops.secrets."authelia/oidc/gitea/client_secret".path}" }}''; + public = false; + authorization_policy = "one_factor"; + require_pkce = false; + # pkce_challenge_method = "S256"; + redirect_uris = [ + "https://git.darksailor.dev/user/oauth2/authelia/callback" + ]; + scopes = [ + "openid" + "email" + "profile" + ]; + response_types = ["code"]; + grant_types = ["authorization_code"]; + userinfo_signed_response_alg = "none"; + token_endpoint_auth_method = "client_secret_post"; + } + ]; + }; + }; + }; + }; + }; + }; + systemd.services.gitea = { + after = ["sops-install-secrets.service"]; + }; + + # systemd.services."gitea-actions-tako" = { + # after = ["gitea.service"]; + # }; + + # systemd.services.gitea-oauth-setup = let + # name = "authelia"; + # gitea_oauth_script = pkgs.writeShellApplication { + # name = "gitea_oauth2_script"; + # runtimeInputs = [config.services.gitea.package]; + # text = '' + # gitea admin auth delete --id "$(gitea admin auth list | grep "${name}" | cut -d "$(printf '\t')" -f1)" + # gitea admin auth add-oauth --provider=openidConnect --name=${name} --key="$CLIENT_ID" --secret="$CLIENT_SECRET" --auto-discover-url=https://auth.darksailor.dev/.well-known/openid-configuration --scopes='openid email profile' + # ''; + # }; + # in { + # description = "Configure Gitea OAuth with Authelia"; + # after = ["gitea.service"]; + # wants = ["gitea.service"]; + # wantedBy = ["multi-user.target"]; + # serviceConfig = { + # Type = "oneshot"; + # User = config.services.gitea.user; + # Group = config.services.gitea.group; + # RemainAfterExit = true; + # ExecStart = "${lib.getExe gitea_oauth_script}"; + # WorkingDirectory = config.services.gitea.stateDir; + # EnvironmentFile = config.sops.templates."GITEA_OAUTH_SETUP.env".path; + # }; + # environment = { + # GITEA_WORK_DIR = config.services.gitea.stateDir; + # GITEA_CUSTOM = config.services.gitea.customDir; + # }; + # }; +} diff --git a/nixos/tako/services/headscale.nix b/nixos/tako/services/headscale.nix new file mode 100644 index 00000000..74594c0c --- /dev/null +++ b/nixos/tako/services/headscale.nix @@ -0,0 +1,79 @@ +{config, ...}: { + sops = { + secrets.headscale-secret = { + owner = config.systemd.services.headscale.serviceConfig.User; + mode = "0440"; + restartUnits = ["headscale.service" "authelia-darksailor.service"]; + key = "authelia/oidc/headscale/client_secret"; + }; + secrets.headscale-authelia = { + owner = config.systemd.services.authelia-darksailor.serviceConfig.User; + mode = "0440"; + restartUnits = ["headscale.service" "authelia-darksailor.service"]; + key = "authelia/oidc/headscale/client_secret"; + }; + }; + services = { + headscale = { + enable = true; + port = 8095; + settings = { + dns = { + magic_dns = true; + base_domain = "headscale.darksailor.dev"; + nameservers.global = ["1.1.1.1"]; + }; + oidc = { + issuer = "https://auth.darksailor.dev"; + client_id = "headscale"; + client_secret_path = "${config.sops.secrets.headscale-secret.path}"; + pkce = { + enabled = true; + method = "S256"; + }; + }; + }; + }; + # headplane = { + # enable = true; + # settings = { + # server.port = 42562; + # }; + # }; + caddy = { + virtualHosts."headscale.darksailor.dev".extraConfig = '' + reverse_proxy localhost:${toString config.services.headplane.settings.server.port} + ''; + }; + authelia = { + instances.darksailor = { + settings = { + identity_providers = { + oidc = { + clients = [ + { + client_name = "HeadScale"; + client_id = "headscale"; + client_secret = ''{{ secret "${config.sops.secrets.headscale-authelia.path}" }}''; + public = false; + authorization_policy = "one_factor"; + require_pkce = true; + pkce_challenge_method = "S256"; + redirect_uris = [ + "https://headscale.darksailor.dev/oidc/callback" + ]; + scopes = ["openid" "email" "profile" "groups"]; + response_types = ["code"]; + grant_types = ["authorization_code"]; + access_token_signed_response_alg = "none"; + userinfo_signed_response_alg = "none"; + token_endpoint_auth_method = "client_secret_basic"; + } + ]; + }; + }; + }; + }; + }; + }; +} diff --git a/nixos/tako/services/homepage.nix b/nixos/tako/services/homepage.nix new file mode 100644 index 00000000..530e89d3 --- /dev/null +++ b/nixos/tako/services/homepage.nix @@ -0,0 +1,181 @@ +{config, ...}: { + services = { + homepage-dashboard = { + enable = true; + allowedHosts = "dashboard.darksailor.dev"; + settings = { + title = "Servius' Dashboard"; + description = "A collection of services and links for quick access."; + }; + widgets = [ + { + resources = { + cpu = true; + disk = "/"; + memory = true; + }; + } + ]; + services = [ + { + "Tsuba" = [ + { + "Jellyfin" = { + icon = "jellyfin.png"; + description = "Jellyfin Media Server"; + href = "https://jellyfin.tsuba.darksailor.dev"; + }; + } + { + "Sonarr" = { + icon = "sonarr.png"; + description = "Sonarr: TV Series Management"; + href = "https://sonarr.tsuba.darksailor.dev"; + }; + } + { + "Bazarr" = { + icon = "bazarr.png"; + description = "Bazarr: Subtitles and Metadata"; + href = "https://bazarr.tsuba.darksailor.dev"; + }; + } + { + "Radarr" = { + icon = "radarr.png"; + description = "Radarr: Movie Management"; + href = "https://radarr.tsuba.darksailor.dev"; + }; + } + { + "Deluge" = { + icon = "deluge.png"; + description = "Deluge: Torrent Client"; + href = "https://deluge.tsuba.darksailor.dev"; + }; + } + { + "Prowlarr" = { + icon = "prowlarr.png"; + description = "Prowlarr: Indexer Manager"; + href = "https://prowlarr.tsuba.darksailor.dev"; + }; + } + { + "Home Assistant" = { + icon = "home-assistant.png"; + description = "Home Automation"; + href = "https://home.darksailor.dev"; + }; + } + ]; + } + { + "Tako" = [ + { + "Gitea" = { + icon = "gitea.png"; + description = "Gitea Code Hosting"; + href = "https://git.darksailor.dev"; + }; + } + { + "Nextcloud" = { + icon = "nextcloud.png"; + description = "Nextcloud Suite"; + href = "https://cloud.darksailor.dev"; + }; + } + { + "Open WebUI" = { + icon = "open-webui.png"; + description = "Open WebUI for self hosted llms"; + href = "https://llama.darksailor.dev"; + }; + } + { + "Immich" = { + icon = "immich.png"; + description = "Immich: Self-hosted Photo and Video Backup"; + href = "https://photos.darksailor.dev"; + }; + } + { + "Excalidraw" = { + icon = "excalidraw.png"; + description = "Excalidraw: Self-hosted Collaborative Whiteboard"; + href = "https://draw.darksailor.dev"; + }; + } + ]; + } + ]; + bookmarks = [ + { + "Nix" = [ + { + "Nixpkgs" = [ + { + abbr = "pkgs"; + href = "https://search.nixos.org/packages?channel=unstable"; + } + ]; + } + { + "NixOS" = [ + { + abbr = "nixos"; + href = "https://search.nixos.org/options?channel=unstable"; + } + ]; + } + { + "Home Manager" = [ + { + abbr = "hm"; + href = "https://home-manager-options.extranix.com"; + } + ]; + } + { + "NixVim" = [ + { + abbr = "nixvim"; + href = "https://nix-community.github.io/nixvim/search"; + } + ]; + } + { + "Tailscale" = [ + { + abbr = "ts"; + href = "https://login.tailscale.com"; + } + ]; + } + ]; + } + ]; + }; + caddy = { + virtualHosts."dashboard.darksailor.dev".extraConfig = '' + import auth + reverse_proxy localhost:${builtins.toString config.services.homepage-dashboard.listenPort} + ''; + }; + authelia = { + instances.darksailor = { + settings = { + access_control = { + rules = [ + { + domain = "dashboard.darksailor.dev"; + policy = "one_factor"; + } + ]; + }; + }; + }; + }; + }; +} diff --git a/nixos/tako/services/immich.nix b/nixos/tako/services/immich.nix new file mode 100644 index 00000000..b8516b94 --- /dev/null +++ b/nixos/tako/services/immich.nix @@ -0,0 +1,118 @@ +{ + pkgs, + config, + ... +}: { + sops = { + secrets."authelia/oidc/immich/client_id" = { + owner = config.systemd.services.authelia-darksailor.serviceConfig.User; + mode = "0440"; + restartUnits = ["immich-server.service" "authelia-darksailor.service"]; + }; + secrets."authelia/oidc/immich/client_secret" = { + owner = config.systemd.services.authelia-darksailor.serviceConfig.User; + mode = "0440"; + restartUnits = ["immich-server.service" "authelia-darksailor.service"]; + }; + templates = { + "immich-config.json" = { + content = + /* + json + */ + '' + { + "oauth": { + "clientId": "${config.sops.placeholder."authelia/oidc/immich/client_id"}", + "clientSecret": "${config.sops.placeholder."authelia/oidc/immich/client_secret"}", + "enabled": true, + "autoLaunch": true, + "autoRegister": true, + "buttonText": "Login with Authelia", + "scope": "openid email profile", + "issuerUrl": "https://auth.darksailor.dev" + }, + "passwordLogin" : { + "enabled": false + }, + "server": { + "externalDomain": "https://photos.darksailor.dev" + }, + { + "machineLearning": { + "enabled": true, + "urls": [ + "http://ryu.darksailor.dev:3003", + "http://localhost:3003" + ], + } + } + } + ''; + mode = "0400"; + owner = "immich"; + restartUnits = ["immich-server.service"]; + }; + }; + }; + virtualisation.oci-containers = { + backend = "docker"; + containers = { + immich-machine-learning = { + image = "ghcr.io/immich-app/immich-machine-learning:v${pkgs.immich.version}"; + ports = [ + "127.0.0.1:3003:3003" + ]; + volumes = [ + "model-cache:/cache" + ]; + }; + }; + }; + services.immich = { + enable = true; + mediaLocation = "/media/photos/immich"; + accelerationDevices = null; + machine-learning.enable = false; + environment = { + IMMICH_CONFIG_FILE = config.sops.templates."immich-config.json".path; + }; + package = pkgs.immich; + }; + services.caddy = { + virtualHosts."photos.darksailor.dev".extraConfig = '' + reverse_proxy localhost:${builtins.toString config.services.immich.port} + ''; + }; + services.authelia = { + instances.darksailor = { + settings = { + identity_providers = { + oidc = { + clients = [ + { + client_name = "immich"; + client_id = ''{{ secret "${config.sops.secrets."authelia/oidc/immich/client_id".path}" }}''; + client_secret = ''{{ secret "${config.sops.secrets."authelia/oidc/immich/client_secret".path}" }}''; + public = false; + authorization_policy = "one_factor"; + require_pkce = false; + redirect_uris = [ + "https://photos.darksailor.dev/auth/login" + "https://photos.darksailor.dev/user-settings" + "app.immich:///oauth-callback" + ]; + scopes = ["openid" "profile" "email"]; + response_types = ["code"]; + grant_types = ["authorization_code"]; + # access_token_signed_response_alg = "none"; + userinfo_signed_response_alg = "none"; + token_endpoint_auth_method = "client_secret_post"; + } + ]; + }; + }; + }; + }; + }; +} diff --git a/nixos/tako/services/llama.nix b/nixos/tako/services/llama.nix new file mode 100644 index 00000000..f3e21ceb --- /dev/null +++ b/nixos/tako/services/llama.nix @@ -0,0 +1,103 @@ +{ + config, + pkgs, + inputs, + ... +}: { + sops = { + secrets."llama/api_key".owner = config.services.caddy.user; + secrets."llama/user".owner = config.services.caddy.user; + secrets."openai/api_key" = {}; + templates = { + "LLAMA_API_KEY.env".content = '' + LLAMA_API_KEY=${config.sops.placeholder."llama/api_key"} + ''; + api_key_env.owner = config.services.caddy.user; + "OPENAI_API_KEY.env".content = '' + OPENAI_API_KEY="${config.sops.placeholder."openai/api_key"}" + ''; + }; + }; + services = { + llama-cpp = { + enable = false; + port = 11435; + model = pkgs.fetchurl { + url = "https://huggingface.co/lmstudio-community/gpt-oss-20b-GGUF/resolve/main/gpt-oss-20b-MXFP4.gguf"; + sha256 = "65d06d31a3977d553cb3af137b5c26b5f1e9297a6aaa29ae7caa98788cde53ab"; + }; + # package = pkgs.ik_llama; + }; + ollama = { + enable = false; + loadModels = [ + "deepseek-r1:7b" + "deepseek-r1:14b" + "RobinBially/nomic-embed-text-8k" + "qwen3:8b" + ]; + port = 11434; + host = "0.0.0.0"; + environmentVariables = { + OLLAMA_ORIGINS = "*"; + }; + }; + open-webui = { + enable = false; + port = 7070; + environment = { + SCARF_NO_ANALYTICS = "True"; + DO_NOT_TRACK = "True"; + ANONYMIZED_TELEMETRY = "False"; + WEBUI_AUTH = "False"; + ENABLE_LOGIN_FORM = "False"; + WEBUI_URL = "https://llama.darksailor.dev"; + OPENAI_BASE_URL = "https://ollama.darksailor.dev/v1"; + OLLAMA_API_BASE_URL = "https://ollama.ryu.darksailor.dev"; + }; + environmentFile = "${config.sops.templates."LLAMA_API_KEY.env".path}"; + }; + + caddy = { + virtualHosts."llama.darksailor.dev".extraConfig = '' + import auth + reverse_proxy localhost:${builtins.toString config.services.open-webui.port} + ''; + virtualHosts."ollama.darksailor.dev".extraConfig = '' + @apikey { + header Authorization "Bearer {env.LLAMA_API_KEY}" + } + + handle @apikey { + header { + # Set response headers or proxy to a different service if API key is valid + Access-Control-Allow-Origin * + -Authorization "Bearer {env.LLAMA_API_KEY}" # Remove the header after validation + } + reverse_proxy localhost:${builtins.toString config.services.llama-cpp.port} + } + + respond "Unauthorized" 403 + ''; + }; + authelia = { + instances.darksailor = { + settings = { + access_control = { + rules = [ + { + domain = "llama.darksailor.dev"; + policy = "one_factor"; + } + ]; + }; + }; + }; + }; + }; + systemd.services.caddy = { + serviceConfig = { + EnvironmentFile = config.sops.templates."LLAMA_API_KEY.env".path; + }; + }; +} diff --git a/nixos/tako/services/lldap.nix b/nixos/tako/services/lldap.nix new file mode 100644 index 00000000..acd9654f --- /dev/null +++ b/nixos/tako/services/lldap.nix @@ -0,0 +1,53 @@ +{ + config, + lib, + ... +}: { + services.lldap = { + enable = true; + settings = { + ldap_user_dn = "admin"; + ldap_base_dn = "dc=darksailor,dc=dev"; + ldap_user_email = "admin@darksailor.dev"; + http_host = "127.0.0.1"; + http_port = 5090; + ldap_port = 389; + ldap_host = "::"; + ldap_user_pass_file = config.sops.secrets."lldap/admin".path; + environmentFile = '' + LLDAP_JWT_SECRET_FILE = ${config.sops.secrets."lldap/jwt".path}; + LLDAP_KEY_SEED_FILE = ${config.sops.secrets."lldap/seed".path}; + ''; + }; + }; + users.users.lldap = { + name = "lldap"; + group = "lldap"; + description = "LDAP Server User"; + isSystemUser = true; + }; + users.groups.lldap = {}; + + systemd.services.lldap = { + serviceConfig = { + AmbientCapabilities = "CAP_NET_BIND_SERVICE"; + DynamicUser = lib.mkForce false; + User = "lldap"; + Group = "lldap"; + }; + }; + sops = { + secrets = let + owner = config.systemd.services.lldap.serviceConfig.User; + group = config.systemd.services.lldap.serviceConfig.Group; + restartUnits = ["lldap.service"]; + cfg = { + inherit owner group restartUnits; + }; + in { + "lldap/jwt" = cfg; + "lldap/seed" = cfg; + "lldap/admin" = cfg; + }; + }; +} diff --git a/nixos/tako/services/navidrome.nix b/nixos/tako/services/navidrome.nix new file mode 100644 index 00000000..394bf372 --- /dev/null +++ b/nixos/tako/services/navidrome.nix @@ -0,0 +1,18 @@ +{...}: { + services = { + navidrome = { + enable = true; + settings = { + MusicFolder = "/media/music"; + ReverseProxyUserHeader = "Remote-User"; + ReverseProxyWhitelist = "127.0.0.1/32"; + }; + }; + caddy = { + virtualHosts."music.darksailor.dev".extraConfig = '' + import auth + reverse_proxy localhost:4533 + ''; + }; + }; +} diff --git a/nixos/tako/services/nextcloud.nix b/nixos/tako/services/nextcloud.nix new file mode 100644 index 00000000..ae6bb868 --- /dev/null +++ b/nixos/tako/services/nextcloud.nix @@ -0,0 +1,104 @@ +{ + config, + pkgs, + ... +}: { + sops = { + secrets."nextcloud/adminpass".owner = config.users.users.nextcloud.name; + # secrets."authelia/oidc/nextcloud/client_id".owner = config.users.users.nextcloud.name; + secrets."authelia/oidc/nextcloud/client_secret".owner = config.users.users.nextcloud.name; + }; + imports = [ + "${fetchTarball { + url = "https://github.com/onny/nixos-nextcloud-testumgebung/archive/fa6f062830b4bc3cedb9694c1dbf01d5fdf775ac.tar.gz"; + sha256 = "0gzd0276b8da3ykapgqks2zhsqdv4jjvbv97dsxg0hgrhb74z0fs"; + }}/nextcloud-extras.nix" + ]; + services = { + nextcloud = { + enable = true; + package = pkgs.nextcloud32; + extraApps = { + inherit (config.services.nextcloud.package.packages.apps) contacts calendar bookmarks user_oidc; + }; + extraAppsEnable = true; + hostName = "cloud.darksailor.dev"; + config.adminuser = "servius"; + config.adminpassFile = config.sops.secrets."nextcloud/adminpass".path; + config.dbtype = "sqlite"; + configureRedis = true; + https = true; + caching = { + redis = true; + apcu = true; + memcached = true; + }; + webserver = "caddy"; + settings = {}; + }; + # caddy = { + # virtualHosts."cloud.darksailor.dev".extraConfig = '' + # reverse_proxy localhost:8080 + # ''; + # }; + # nginx.virtualHosts."${config.services.nextcloud.hostName}".listen = [ + # { + # addr = "127.0.0.1"; + # port = 8080; # NOT an exposed port + # } + # ]; + + # authelia.instances.darksailor = { + # settings = { + # definitions = { + # user_attributes = { + # is_nextcloud_admin = { + # expression = ''"nextcloud-admins" in groups"''; + # }; + # }; + # }; + # identity_providers = { + # oidc = { + # claims_policies = { + # custom_claims = { + # is_nextcloud_admin = {}; + # }; + # }; + # scopes = { + # nextcloud_userinfo = { + # claims = ["is_nextcloud_admin"]; + # }; + # }; + # clients = [ + # { + # client_name = "Nextcloud"; + # client_id = "nextcloud"; + # client_secret = ''{{ secret "${config.sops.secrets."authelia/oidc/nextcloud/client_secret".path}" }}''; + # public = false; + # authorization_policy = "one_factor"; + # require_pkce = true; + # pkce_challenge_method = "S256"; + # claims_policy = "nextcloud_userinfo"; + # redirect_uris = [ + # "https://cloud.darksailor.dev/apps/oidc_login/oidc" + # ]; + # scopes = [ + # "openid" + # "profile" + # "email" + # "groups" + # "nextcloud_userinfo" + # ]; + # response_types = ["code"]; + # grant_types = ["authorization_code"]; + # # access_token_signed_response_alg = "none"; + # userinfo_signed_response_alg = "none"; + # token_endpoint_auth_method = "client_secret_basic"; + # } + # ]; + # }; + # }; + # }; + # }; + }; +} diff --git a/nixos/tako/services/paperless.nix b/nixos/tako/services/paperless.nix new file mode 100644 index 00000000..5bfdf1d5 --- /dev/null +++ b/nixos/tako/services/paperless.nix @@ -0,0 +1,102 @@ +{ + pkgs, + config, + lib, + ... +}: { + sops = { + secrets."paperless/adminpass".owner = config.users.users.paperless.name; + secrets."paperless/secret_key".owner = config.users.users.paperless.name; + secrets."authelia/oidc/paperless/client_id".owner = config.systemd.services.authelia-darksailor.serviceConfig.User; + secrets."authelia/oidc/paperless/client_secret".owner = config.systemd.services.authelia-darksailor.serviceConfig.User; + templates = { + "PAPERLESS.env" = { + content = '' + PAPERLESS_SOCIALACCOUNT_PROVIDERS='${config.sops.templates."PAPERLESS_SOCIALACCOUNT_PROVIDERS.json".content}' + ''; + restartUnits = ["paperless-web.service" "authelia-darksailor.service"]; + }; + "PAPERLESS_SOCIALACCOUNT_PROVIDERS.json" = { + content = + /* + json + */ + builtins.toJSON + { + authelia = { + OAUTH_PKCE_ENABLED = "True"; + APPS = [ + { + provider_id = "authelia"; + name = "Authelia"; + "client_id" = "${config.sops.placeholder."authelia/oidc/paperless/client_id"}"; + "secret" = "${config.sops.placeholder."authelia/oidc/paperless/client_secret"}"; + "settings" = { + "server_url" = "https://auth.darksailor.dev/.well-known/openid-configuration"; + }; + } + ]; + }; + }; + restartUnits = ["paperless-web.service" "authelia-darksailor.service"]; + }; + }; + }; + # systemd.services.paperless-web.script = lib.mkBefore '' + # oidcSecret=$(< ${config.sops.secrets."authelia/oidc/paperless/client_secret".path}) + # export PAPERLESS_SOCIALACCOUNT_PROVIDERS=$( + # ${pkgs.jq}/bin/jq <<< "$PAPERLESS_SOCIALACCOUNT_PROVIDERS" \ + # --compact-output \ + # --arg oidcSecret "$oidcSecret" '.openid_connect.APPS.[0].secret = $oidcSecret' + # ) + # ''; + services = { + paperless = { + enable = true; + passwordFile = config.sops.secrets."paperless/adminpass".path; + settings = { + PAPERLESS_APPS = "allauth.socialaccount.providers.openid_connect"; + PAPERLESS_SOCIAL_AUTO_SIGNUP = "True"; + PAPERLESS_DISABLE_REGULAR_LOGIN = "True"; + PAPERLESS_SOCIALACCOUNT_ALLOW_SIGNUPS = "True"; + PAPERLESS_URL = "https://paperless.darksailor.dev"; + }; + environmentFile = "${config.sops.templates."PAPERLESS.env".path}"; + }; + caddy = { + virtualHosts."paperless.darksailor.dev".extraConfig = '' + reverse_proxy localhost:28981 + ''; + }; + + authelia = { + instances.darksailor = { + settings = { + identity_providers = { + oidc = { + clients = [ + { + client_name = "paperless"; + client_id = ''{{ secret "${config.sops.secrets."authelia/oidc/paperless/client_id".path}" }}''; + client_secret = ''{{ secret "${config.sops.secrets."authelia/oidc/paperless/client_secret".path}" }}''; + public = false; + authorization_policy = "one_factor"; + require_pkce = false; + redirect_uris = [ + "https://paperless.darksailor.dev/auth/login" + ]; + scopes = ["openid" "profile" "email"]; + response_types = ["code"]; + grant_types = ["authorization_code"]; + # access_token_signed_response_alg = "none"; + userinfo_signed_response_alg = "none"; + token_endpoint_auth_method = "client_secret_post"; + } + ]; + }; + }; + }; + }; + }; + }; +} diff --git a/nixos/tako/services/polaris.nix b/nixos/tako/services/polaris.nix new file mode 100644 index 00000000..57b6f8e4 --- /dev/null +++ b/nixos/tako/services/polaris.nix @@ -0,0 +1,21 @@ +{...}: { + services = { + polaris = { + enable = false; + port = 5050; + settings = { + mount_dirs = [ + { + name = "Music"; + source = "/media/music"; + } + ]; + }; + }; + caddy = { + virtualHosts."music.darksailor.dev".extraConfig = '' + reverse_proxy localhost:5050 + ''; + }; + }; +} diff --git a/nixos/tako/services/prowlarr.nix b/nixos/tako/services/prowlarr.nix new file mode 100644 index 00000000..d66ba13c --- /dev/null +++ b/nixos/tako/services/prowlarr.nix @@ -0,0 +1,13 @@ +{...}: { + services = { + prowlarr = { + enable = true; + settings = { + auth = { + authentication_enabled = true; + authentication_method = "External"; + }; + }; + }; + }; +} diff --git a/nixos/tako/services/resolved.nix b/nixos/tako/services/resolved.nix new file mode 100644 index 00000000..e5a1ef14 --- /dev/null +++ b/nixos/tako/services/resolved.nix @@ -0,0 +1,9 @@ +{...}: { + services.resolved = { + enable = true; + dnssec = "true"; + dnsovertls = "true"; + domains = ["lemur-newton.ts.net"]; + fallbackDns = ["1.1.1.1"]; + }; +} diff --git a/nixos/tako/services/seafile.nix b/nixos/tako/services/seafile.nix new file mode 100644 index 00000000..ba72606a --- /dev/null +++ b/nixos/tako/services/seafile.nix @@ -0,0 +1,66 @@ +{config, ...}: { + sops = { + secrets."nextcloud/adminpass".owner = config.users.users.caddy.name; + }; + services = { + seafile = { + enable = true; + # group = config.services.caddy.group; + adminEmail = "admin@darksailor.dev"; + initialAdminPassword = "foobar"; + + seahubExtraConf = + /* + python + */ + '' + ENABLE_REMOTE_USER_AUTHENTICATION = True + # Optional, HTTP header, which is configured in your web server conf file, + # used for Seafile to get user's unique id, default value is 'HTTP_REMOTE_USER'. + REMOTE_USER_HEADER = "HTTP_REMOTE_USER" + # Optional, when the value of HTTP_REMOTE_USER is not a valid email address, + # Seafile will build a email-like unique id from the value of 'REMOTE_USER_HEADER' + # and this domain, e.g. user1@example.com. + REMOTE_USER_DOMAIN = "darksailor.dev" + # Optional, whether to create new user in Seafile system, default value is True. + # If this setting is disabled, users doesn't preexist in the Seafile DB cannot login. + # The admin has to first import the users from external systems like LDAP. + REMOTE_USER_CREATE_UNKNOWN_USER = True + # Optional, whether to activate new user in Seafile system, default value is True. + # If this setting is disabled, user will be unable to login by default. + # the administrator needs to manually activate this user. + REMOTE_USER_ACTIVATE_USER_AFTER_CREATION = True + ''; + ccnetSettings = { + General.SERVICE_URL = "https://cloud.darksailor.dev"; + }; + }; + caddy = { + virtualHosts."cloud.darksailor.dev".extraConfig = '' + import auth + reverse_proxy unix//run/seahub/gunicorn.sock + ''; + }; + authelia = { + instances.darksailor = { + settings = { + access_control = { + rules = [ + { + domain = "cloud.darksailor.dev"; + policy = "bypass"; + resources = [ + "^/(api2|seafhttp)([/?].*)?$" + ]; + } + { + domain = "cloud.darksailor.dev"; + policy = "one_factor"; + } + ]; + }; + }; + }; + }; + }; +} diff --git a/nixos/tako/services/searxng.nix b/nixos/tako/services/searxng.nix new file mode 100644 index 00000000..77368b2a --- /dev/null +++ b/nixos/tako/services/searxng.nix @@ -0,0 +1,31 @@ +{ + config, + pkgs, + ... +}: { + systemd.services.websurfx = { + description = "Websurfx"; + wantedBy = ["multi-user.target"]; + after = ["network.target"]; + serviceConfig = { + Type = "simple"; + ExecStart = "${pkgs.websurfx}/bin/websurfx"; + Restart = "always"; + RestartSec = 5; + User = "websurfx"; + Group = "websurfx"; + }; + }; + users.users.websurfx = { + group = "websurfx"; + home = "/var/lib/websurfx"; + isSystemUser = true; + # uid = config.ids.uids.websurfx; + }; + users.groups.websurfx = { + # gid = config.ids.gids.websurfx; + }; + services.caddy.virtualHosts."search.darksailor.dev".extraConfig = '' + reverse_proxy localhost:8080 + ''; +} diff --git a/nixos/tako/services/shitpost.nix b/nixos/tako/services/shitpost.nix new file mode 100644 index 00000000..cb29ad0a --- /dev/null +++ b/nixos/tako/services/shitpost.nix @@ -0,0 +1,13 @@ +{pkgs, ...}: let + src = pkgs.fetchgit { + url = "https://git.darksailor.dev/servius/adarkdayinmylife.public"; + # repo = "adarkdayinmy.life"; + rev = "68d972f68cab8f68916b94df05b7ab6a7da4a1da"; + sha256 = "sha256-EVis06rmHq1jJK0FVsbgi7TOru7GtEUpbx0PjU2AKEo="; + }; +in { + services.caddy.virtualHosts."adarkdayinmy.life".extraConfig = '' + root * ${src}/ + file_server + ''; +} diff --git a/nixos/tako/services/syncthing.nix b/nixos/tako/services/syncthing.nix new file mode 100644 index 00000000..89a230ab --- /dev/null +++ b/nixos/tako/services/syncthing.nix @@ -0,0 +1,15 @@ +{ + pkgs, + device, + xdg, + ... +}: { + services.syncthing = { + enable = true; + openDefaultPorts = true; + user = "${device.user}"; + group = "${device.user}"; + dataDir = xdg.dataDirs.syncthing; + configDir = xdg.configDirs.syncthing; + }; +} diff --git a/nixos/tako/services/tailscale.nix b/nixos/tako/services/tailscale.nix new file mode 100644 index 00000000..a4c03225 --- /dev/null +++ b/nixos/tako/services/tailscale.nix @@ -0,0 +1,11 @@ +{masterPkgs, ...}: { + services.tailscale = { + enable = true; + useRoutingFeatures = "server"; + extraUpFlags = "--advertise-exit-node"; + package = masterPkgs.tailscale; + }; + networking.firewall.trustedInterfaces = [ + "tailscale0" + ]; +} diff --git a/nixos/tako/services/vscode.nix b/nixos/tako/services/vscode.nix new file mode 100644 index 00000000..d37c9d83 --- /dev/null +++ b/nixos/tako/services/vscode.nix @@ -0,0 +1,17 @@ +{pkgs, ...}: { + services = { + openvscode-server = { + enable = true; + port = 3000; + host = "0.0.0.0"; + extraPackages = with pkgs; []; + withoutConnectionToken = true; + }; + caddy = { + virtualHosts."code.darksailor.dev".extraConfig = '' + import auth + reverse_proxy localhost:3000 + ''; + }; + }; +} diff --git a/nixos/tako/services/zerotier.nix b/nixos/tako/services/zerotier.nix new file mode 100644 index 00000000..8110d4fb --- /dev/null +++ b/nixos/tako/services/zerotier.nix @@ -0,0 +1,24 @@ +{config, ...}: { + # sops = { + # secrets."zerotier/api_key".owner = config.systemd.services.zeronsd-abfd31bd4766754d.serviceConfig.User; + # }; + # services.zerotierone = { + # enable = true; + # port = 9994; + # joinNetworks = [ + # "abfd31bd4766754d" + # ]; + # }; + # services.zeronsd = { + # servedNetworks = { + # abfd31bd4766754d = { + # settings = { + # log_level = "trace"; + # local_url = "http://127.0.0.1:9994"; + # domain = "zt.darksailor.dev"; + # token = config.sops.secrets."zerotier/api_key".path; + # }; + # }; + # }; + # }; +} diff --git a/nixos/tako/tako.nix b/nixos/tako/tako.nix new file mode 100644 index 00000000..ec39b35c --- /dev/null +++ b/nixos/tako/tako.nix @@ -0,0 +1,64 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ./disk-config.nix + ]; + + boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci"]; + boot.initrd.kernelModules = ["dm-snapshot"]; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; + boot.binfmt.emulatedSystems = ["aarch64-linux"]; + + fileSystems."/var/lib/nextcloud" = { + device = "/media/nextcloud"; + options = [ + "bind" + ]; + }; + fileSystems."/var/lib/docker" = { + device = "/media/docker"; + options = [ + "bind" + ]; + }; + + fileSystems."/home".neededForBoot = true; + + # fileSystems."/" = { + # device = "/dev/disk/by-uuid/8f805d1b-a469-4db8-9ee1-b98ea220714a"; + # fsType = "ext4"; + # }; + # + # fileSystems."/boot" = { + # device = "/dev/disk/by-uuid/D840-A590"; + # fsType = "vfat"; + # options = ["fmask=0022" "dmask=0022"]; + # }; + # + # fileSystems."/media" = { + # device = "/dev/disk/by-uuid/cad22fc7-08d2-4650-8d5e-a101e3fd1bd1"; + # fsType = "ext4"; + # }; + + swapDevices = []; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp6s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/tsuba/configuration.nix b/nixos/tsuba/configuration.nix index d6504944..78055dc2 100644 --- a/nixos/tsuba/configuration.nix +++ b/nixos/tsuba/configuration.nix @@ -40,7 +40,7 @@ package = pkgs.nixVersions.latest; distributedBuilds = true; buildMachines = [ - ../../builders/mirai.nix + ../../builders/tako.nix ../../builders/shiro.nix ../../builders/tsuba.nix ]; diff --git a/nixos/tsuba/services/servarr.nix b/nixos/tsuba/services/servarr.nix index 915200f0..8b0f91a4 100644 --- a/nixos/tsuba/services/servarr.nix +++ b/nixos/tsuba/services/servarr.nix @@ -59,7 +59,7 @@ "prowlarr.tsuba.darksailor.dev".extraConfig = '' import hetzner import auth - reverse_proxy mirai.darksailor.dev:9696 + reverse_proxy tako.darksailor.dev:9696 ''; }; };