diff options
author | tv <tv@krebsco.de> | 2017-01-05 19:13:29 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2017-01-05 19:13:29 +0100 |
commit | 62372f917e483bffb78d7e8560a667221e2a160d (patch) | |
tree | 622b5117a7b70d4998e9e976340647359c21288e /makefu | |
parent | 0d4911ce2f7b44af8e04bfd37f25593aa1c33eda (diff) | |
parent | 2e9d5f604c32c9c938a90c3211d5b7726d17f9ee (diff) |
Merge remote-tracking branch 'prism/lassulus'
Diffstat (limited to 'makefu')
-rw-r--r-- | makefu/2configs/elchos/irc-token.nix | 27 | ||||
-rw-r--r-- | makefu/2configs/elchos/stats.nix | 59 |
2 files changed, 77 insertions, 9 deletions
diff --git a/makefu/2configs/elchos/irc-token.nix b/makefu/2configs/elchos/irc-token.nix index 3f3c4ffc3..a91223b28 100644 --- a/makefu/2configs/elchos/irc-token.nix +++ b/makefu/2configs/elchos/irc-token.nix @@ -3,19 +3,20 @@ with import <stockholm/lib>; let secret = (import <secrets/elchos-token.nix>); in { - systemd.services.elchos-irctoken = { - startAt = "*:0/30"; + systemd.services.elchos-irctoken2 = { + startAt = "*:0/5"; serviceConfig = { RuntimeMaxSec = "20"; }; script = '' set -euf now=$(date -u +%Y-%m-%dT%H:%M) - sec=$(echo -n "${secret}$now" | md5sum | cut -d\ -f1) - message="The secret valid for 30 minutes is $sec" - echo "token for $now (UTC) is $sec" + sleep 5 + sec=$(cat /tmp/irc-secret) + message="The current secret is $sec" + echo "$message" LOGNAME=sec-announcer - HOSTNAME=$(${pkgs.systemd}/bin/hostnamectl --static) + HOSTNAME=$(${pkgs.systemd}/bin/hostnamectl --transient) IRC_SERVER=irc.freenode.net IRC_PORT=6667 IRC_NICK=$HOSTNAME-$$ @@ -59,4 +60,18 @@ in { | ${pkgs.netcat}/bin/netcat "$IRC_SERVER" "$IRC_PORT" |tee -a ircin ''; }; + systemd.services.elchos-create-token = { + startAt = "*:0/30"; + serviceConfig = { + RuntimeMaxSec = "20"; + }; + script = '' + set -euf + now=$(date -u +%Y-%m-%dT%H:%M) + sec=$(echo -n "${secret}$now" | md5sum | cut -d\ -f1) + message="The secret valid for 30 minutes is $sec" + echo -n "$sec" > /tmp/irc-secret + echo "token for $now (UTC) is $sec" + ''; + }; } diff --git a/makefu/2configs/elchos/stats.nix b/makefu/2configs/elchos/stats.nix index b6133205f..feb8c5bae 100644 --- a/makefu/2configs/elchos/stats.nix +++ b/makefu/2configs/elchos/stats.nix @@ -39,8 +39,57 @@ with import <stockholm/lib>; }; services.graphite = { - api = { + beacon = { enable = true; + config = { + graphite_url = "http://localhost:18080"; + + no_data = "critical"; + loading_error = "normal"; + + prefix = "[elchos]"; + + cli = { + command = ''${pkgs.irc-announce}/bin/irc-announce irc.freenode.org 6667 alert0r \#elchos ' [elchos] ''${level} ''${name} ''${value}' ''; + }; + #smtp = { + # from = "beacon@mors.r"; + # to = [ + # "lass@mors.r" + # ]; + #}; + normal_handlers = [ + # "smtp" + "cli" + ]; + warning_handlers = [ + # "smtp" + "cli" + ]; + critical_handlers = [ + # "smtp" + "cli" + ]; + alerts = let + high-load = hostid: let + host = "elch-${toString hostid}"; in { + name = "high-cpu-load-${host}"; + query = "aliasByNode(perSecond(elchos.${host}.cpu.0.cpu.idle),1)"; + method = "average"; + interval = "1minute"; + logging = "info"; + repeat_interval = "5minute"; + rules = [ + # "warning: < 30.0" + "critical: < 1.0" + ]; + }; + in map high-load [ 1 2 3 4 5 6 7 8 ]; + }; + }; + api = { + enable = true; + package = pkgs.graphiteApi; listenAddress = "127.0.0.1"; port = 18080; }; @@ -50,8 +99,8 @@ with import <stockholm/lib>; config = '' [cache] MAX_CACHE_SIZE = inf - MAX_UPDATES_PER_SECOND = 1 - MAX_CREATES_PER_MINUTE = 500 + MAX_UPDATES_PER_SECOND = 10 + MAX_CREATES_PER_MINUTE = 5000 ''; storageSchemas = '' [carbon] @@ -62,6 +111,10 @@ with import <stockholm/lib>; patterhn = ^elchos\. retentions = 10s:30d,60s:3y + + [default] + pattern = ^krebs\. + retentions = 1s:30d,30s:3m,300s:1y [default] pattern = .* retentions = 30s:30d,300s:1y |