diff options
Diffstat (limited to 'shared')
-rw-r--r-- | shared/1systems/wolf.nix | 18 | ||||
-rw-r--r-- | shared/2configs/graphite.nix | 20 | ||||
-rw-r--r-- | shared/2configs/shack/bincache.nix | 6 | ||||
-rw-r--r-- | shared/2configs/shack/mqtt_sub.nix | 4 | ||||
-rw-r--r-- | shared/2configs/shack/nix-cacher.nix | 3 | ||||
-rw-r--r-- | shared/2configs/shack/radioactive.nix | 35 | ||||
-rw-r--r-- | shared/2configs/shack/worlddomination.nix | 67 |
7 files changed, 146 insertions, 7 deletions
diff --git a/shared/1systems/wolf.nix b/shared/1systems/wolf.nix index 9acc589..584ee03 100644 --- a/shared/1systems/wolf.nix +++ b/shared/1systems/wolf.nix @@ -7,7 +7,6 @@ in ../. <nixpkgs/nixos/modules/profiles/qemu-guest.nix> ../2configs/collectd-base.nix - ../2configs/shack/share.nix ../2configs/central-stats-client.nix ../2configs/save-diskspace.nix @@ -15,11 +14,14 @@ in ../2configs/graphite.nix ../2configs/repo-sync.nix ../2configs/shared-buildbot.nix - ../2configs/shack/drivedroid.nix - ../2configs/shack/nix-cacher.nix + ../2configs/shack/worlddomination.nix + ../2configs/shack/drivedroid.nix + # ../2configs/shack/nix-cacher.nix ../2configs/shack/mqtt_sub.nix ../2configs/shack/muell_caller.nix + ../2configs/shack/radioactive.nix + ../2configs/shack/share.nix ]; # use your own binary cache, fallback use cache.nixos.org (which is used by @@ -42,7 +44,6 @@ in nix = { binaryCaches = [ - "http://localhost:3142/nixos" "http://cache.prism.r" "https://cache.nixos.org/" ]; @@ -90,6 +91,15 @@ in swapDevices = [ { device = "/dev/disk/by-label/swap"; } ]; + # fallout of ipv6calypse + networking.extraHosts = '' + hass.shack 10.42.2.191 + heidi.shack 10.42.2.135 + ''; + + users.extraUsers.root.openssh.authorizedKeys.keys = [ + config.krebs.users.ulrich.pubkey + ]; time.timeZone = "Europe/Berlin"; sound.enable = false; diff --git a/shared/2configs/graphite.nix b/shared/2configs/graphite.nix index 689aedd..64222e4 100644 --- a/shared/2configs/graphite.nix +++ b/shared/2configs/graphite.nix @@ -10,7 +10,7 @@ with import <stockholm/lib>; imports = [ ]; services.graphite = { - web = { + api = { enable = true; listenAddress = "0.0.0.0"; }; @@ -23,7 +23,15 @@ with import <stockholm/lib>; MAX_UPDATES_PER_SECOND = 1 MAX_CREATES_PER_MINUTE = 50 MAX_UPDATES_PER_SECOND_ONSHUTDOWN = 9001 + + LOG_CACHE_HITS = False + LOG_CACHE_QUEUE_SORTS = False + LOG_UPDATES = False + LOG_LISTENER_CONNECTIONS = False + LOG_CREATES = True ''; + storageAggregation = '' + ''; storageSchemas = '' [carbon] pattern = ^carbon\. @@ -66,10 +74,20 @@ with import <stockholm/lib>; pattern = ^elchos\. retentions = 10s:14d,1m:90d,10m:5y + [icinga_default] + pattern = ^icinga + retentions = 10s:14d,5m:90d,10m:5y + + [icinga_internals] + pattern = ^icinga.*\.(max_check_attempts|reachable|current_attempt|execution_time|latency|state|state_type) + retentions = 5m:7d + [default] pattern = .* retentions = 60s:30d,300s:1y ''; }; }; + systemd.services.carbonCache.serviceConfig.Restart="always"; + systemd.services.graphiteApi.serviceConfig.Restart="always"; } diff --git a/shared/2configs/shack/bincache.nix b/shared/2configs/shack/bincache.nix new file mode 100644 index 0000000..9cd7fae --- /dev/null +++ b/shared/2configs/shack/bincache.nix @@ -0,0 +1,6 @@ +{...}: +{ + nix.binaryCaches = [ + "http://wolf.shack:3142/nixos" + ]; +} diff --git a/shared/2configs/shack/mqtt_sub.nix b/shared/2configs/shack/mqtt_sub.nix index dafa06b..a8427dd 100644 --- a/shared/2configs/shack/mqtt_sub.nix +++ b/shared/2configs/shack/mqtt_sub.nix @@ -6,8 +6,8 @@ let name = "mqtt2graphite-2017-05-29"; src = pkgs.fetchgit { url = "https://github.com/shackspace/mqtt2graphite/"; - rev = "8c060e6"; - sha256 = "06x7a1j6sfyvvdxg0366fcslhn478anqh4m5hljyf0z29knvz7pg"; + rev = "117179d"; + sha256 = "1334jbbzlqizyp7zcn4hdswhhrnkj1p4p435n5nph82lzffrsi44"; }; buildInputs = [ (pkgs.python35.withPackages (pythonPackages: with pythonPackages; [ diff --git a/shared/2configs/shack/nix-cacher.nix b/shared/2configs/shack/nix-cacher.nix index 4fcbf3a..8feeca9 100644 --- a/shared/2configs/shack/nix-cacher.nix +++ b/shared/2configs/shack/nix-cacher.nix @@ -4,6 +4,9 @@ let cfg = config.krebs.apt-cacher-ng; in { + imports = [ + ./bincache.nix + ]; krebs.apt-cacher-ng = { enable = true; port = 3142; diff --git a/shared/2configs/shack/radioactive.nix b/shared/2configs/shack/radioactive.nix new file mode 100644 index 0000000..378b540 --- /dev/null +++ b/shared/2configs/shack/radioactive.nix @@ -0,0 +1,35 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; +let + pkg = pkgs.stdenv.mkDerivation { + name = "radioactive-2017-06-01"; + src = pkgs.fetchgit { + url = "https://github.com/makefu/nagios-radioactiveathome-plugins/"; + rev = "955f614"; + sha256 = "0ql6npl3n6shvij0ly6a52yjmf7dc31c5x29y927k9lvp8ygin20"; + }; + buildInputs = [ + (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [ + docopt + requests2 + python + ])) + ]; + installPhase = '' + install -m755 -D add_many_points.py $out/bin/radioactive-add-many + ''; + }; +in { + systemd.services.radioactive = { + description = "radioactive"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "nobody"; # TODO separate user + ExecStart = "${pkg}/bin/radioactive-add-many loop 60"; + Restart = "always"; + PrivateTmp = true; + PermissionsStartOnly = true; + }; + }; +} diff --git a/shared/2configs/shack/worlddomination.nix b/shared/2configs/shack/worlddomination.nix new file mode 100644 index 0000000..d0f9f5f --- /dev/null +++ b/shared/2configs/shack/worlddomination.nix @@ -0,0 +1,67 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; +let + pythonPackages = pkgs.python3Packages; + # https://github.com/chrysn/aiocoap + aiocoap = pythonPackages.buildPythonPackage { + name = "aiocoap-0.3"; + src = pkgs.fetchurl { url = "https://pypi.python.org/packages/9c/f6/d839e4b14258d76e74a39810829c13f8dd31de2bfe0915579b2a609d1bbe/aiocoap-0.3.tar.gz"; sha256 = "402d4151db6d8d0b1d66af5b6e10e0de1521decbf12140637e5b8d2aa9c5aef6"; }; + propagatedBuildInputs = [ ]; + doCheck = false; # 2 errors, dunnolol + meta = with pkgs.stdenv.lib; { + homepage = ""; + license = licenses.mit; + description = "Python CoAP library"; + }; + }; + LinkHeader = pythonPackages.buildPythonPackage { + name = "LinkHeader-0.4.3"; + src = pkgs.fetchurl { url = "https://pypi.python.org/packages/27/d4/eb1da743b2dc825e936ef1d9e04356b5701e3a9ea022c7aaffdf4f6b0594/LinkHeader-0.4.3.tar.gz"; sha256 = "7fbbc35c0ba3fbbc530571db7e1c886e7db3d718b29b345848ac9686f21b50c3"; }; + propagatedBuildInputs = [ ]; + meta = with pkgs.stdenv.lib; { + homepage = ""; + license = licenses.bsdOriginal; + description = "Parse and format link headers according to RFC 5988 \"Web Linking\""; + }; + }; + pkg = pkgs.stdenv.mkDerivation { + name = "worlddomination-2017-06-10"; + src = pkgs.fetchgit { + url = "https://github.com/shackspace/worlddomination/"; + rev = "72fc9b5"; + sha256 = "05h500rswzypcxy4i22qc1vkc8izbzfqa9m86xg289hjxh133xyf"; + }; + buildInputs = [ + (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [ + docopt + LinkHeader + aiocoap + requests2 + paramiko + python + ])) + ]; + installPhase = '' + install -m755 -D backend/push_led.py $out/bin/push-led + install -m755 -D backend/loop_single.py $out/bin/loop-single + # copy the provided file to the package + install -m755 -D backend/wd.lst $out/${wdpath} + ''; + }; + wdpath = "/usr/worlddomination/wd.lst"; + esphost = "10.42.24.7"; # esp8266 + timeout = 10; # minutes +in { + systemd.services.worlddomination = { + description = "run worlddomination"; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + User = "nobody"; # TODO separate user + ExecStart = "${pkg}/bin/push-led ${esphost} ${pkg}/${wdpath} loop ${toString timeout}"; + Restart = "always"; + PrivateTmp = true; + PermissionsStartOnly = true; + }; + }; +} |