summaryrefslogtreecommitdiffstats
path: root/makefu
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2017-01-05 19:13:29 +0100
committertv <tv@krebsco.de>2017-01-05 19:13:29 +0100
commit62372f917e483bffb78d7e8560a667221e2a160d (patch)
tree622b5117a7b70d4998e9e976340647359c21288e /makefu
parent0d4911ce2f7b44af8e04bfd37f25593aa1c33eda (diff)
parent2e9d5f604c32c9c938a90c3211d5b7726d17f9ee (diff)
Merge remote-tracking branch 'prism/lassulus'
Diffstat (limited to 'makefu')
-rw-r--r--makefu/2configs/elchos/irc-token.nix27
-rw-r--r--makefu/2configs/elchos/stats.nix59
2 files changed, 77 insertions, 9 deletions
diff --git a/makefu/2configs/elchos/irc-token.nix b/makefu/2configs/elchos/irc-token.nix
index 3f3c4ffc3..a91223b28 100644
--- a/makefu/2configs/elchos/irc-token.nix
+++ b/makefu/2configs/elchos/irc-token.nix
@@ -3,19 +3,20 @@ with import <stockholm/lib>;
let
secret = (import <secrets/elchos-token.nix>);
in {
- systemd.services.elchos-irctoken = {
- startAt = "*:0/30";
+ systemd.services.elchos-irctoken2 = {
+ startAt = "*:0/5";
serviceConfig = {
RuntimeMaxSec = "20";
};
script = ''
set -euf
now=$(date -u +%Y-%m-%dT%H:%M)
- sec=$(echo -n "${secret}$now" | md5sum | cut -d\ -f1)
- message="The secret valid for 30 minutes is $sec"
- echo "token for $now (UTC) is $sec"
+ sleep 5
+ sec=$(cat /tmp/irc-secret)
+ message="The current secret is $sec"
+ echo "$message"
LOGNAME=sec-announcer
- HOSTNAME=$(${pkgs.systemd}/bin/hostnamectl --static)
+ HOSTNAME=$(${pkgs.systemd}/bin/hostnamectl --transient)
IRC_SERVER=irc.freenode.net
IRC_PORT=6667
IRC_NICK=$HOSTNAME-$$
@@ -59,4 +60,18 @@ in {
| ${pkgs.netcat}/bin/netcat "$IRC_SERVER" "$IRC_PORT" |tee -a ircin
'';
};
+ systemd.services.elchos-create-token = {
+ startAt = "*:0/30";
+ serviceConfig = {
+ RuntimeMaxSec = "20";
+ };
+ script = ''
+ set -euf
+ now=$(date -u +%Y-%m-%dT%H:%M)
+ sec=$(echo -n "${secret}$now" | md5sum | cut -d\ -f1)
+ message="The secret valid for 30 minutes is $sec"
+ echo -n "$sec" > /tmp/irc-secret
+ echo "token for $now (UTC) is $sec"
+ '';
+ };
}
diff --git a/makefu/2configs/elchos/stats.nix b/makefu/2configs/elchos/stats.nix
index b6133205f..feb8c5bae 100644
--- a/makefu/2configs/elchos/stats.nix
+++ b/makefu/2configs/elchos/stats.nix
@@ -39,8 +39,57 @@ with import <stockholm/lib>;
};
services.graphite = {
- api = {
+ beacon = {
enable = true;
+ config = {
+ graphite_url = "http://localhost:18080";
+
+ no_data = "critical";
+ loading_error = "normal";
+
+ prefix = "[elchos]";
+
+ cli = {
+ command = ''${pkgs.irc-announce}/bin/irc-announce irc.freenode.org 6667 alert0r \#elchos ' [elchos] ''${level} ''${name} ''${value}' '';
+ };
+ #smtp = {
+ # from = "beacon@mors.r";
+ # to = [
+ # "lass@mors.r"
+ # ];
+ #};
+ normal_handlers = [
+ # "smtp"
+ "cli"
+ ];
+ warning_handlers = [
+ # "smtp"
+ "cli"
+ ];
+ critical_handlers = [
+ # "smtp"
+ "cli"
+ ];
+ alerts = let
+ high-load = hostid: let
+ host = "elch-${toString hostid}"; in {
+ name = "high-cpu-load-${host}";
+ query = "aliasByNode(perSecond(elchos.${host}.cpu.0.cpu.idle),1)";
+ method = "average";
+ interval = "1minute";
+ logging = "info";
+ repeat_interval = "5minute";
+ rules = [
+ # "warning: < 30.0"
+ "critical: < 1.0"
+ ];
+ };
+ in map high-load [ 1 2 3 4 5 6 7 8 ];
+ };
+ };
+ api = {
+ enable = true;
+ package = pkgs.graphiteApi;
listenAddress = "127.0.0.1";
port = 18080;
};
@@ -50,8 +99,8 @@ with import <stockholm/lib>;
config = ''
[cache]
MAX_CACHE_SIZE = inf
- MAX_UPDATES_PER_SECOND = 1
- MAX_CREATES_PER_MINUTE = 500
+ MAX_UPDATES_PER_SECOND = 10
+ MAX_CREATES_PER_MINUTE = 5000
'';
storageSchemas = ''
[carbon]
@@ -62,6 +111,10 @@ with import <stockholm/lib>;
patterhn = ^elchos\.
retentions = 10s:30d,60s:3y
+
+ [default]
+ pattern = ^krebs\.
+ retentions = 1s:30d,30s:3m,300s:1y
[default]
pattern = .*
retentions = 30s:30d,300s:1y