From 3ede04179629932bc7b90c53924047b10791dc58 Mon Sep 17 00:00:00 2001 From: Adithya Nair Date: Sun, 17 Nov 2024 14:06:41 +0530 Subject: [PATCH] all: more cleanup --- hosts/layne/services/apps/bazarr.nix | 2 - hosts/layne/services/apps/jellyfin.nix | 8 +-- hosts/layne/services/apps/lidarr.nix | 7 +-- hosts/layne/services/apps/prowlarr.nix | 2 - hosts/layne/services/apps/radarr.nix | 7 +-- hosts/layne/services/apps/readarr.nix | 7 +-- hosts/layne/services/apps/sonarr.nix | 7 +-- hosts/layne/services/apps/transmission.nix | 7 +-- hosts/rico1/services/apps/blocky.nix | 7 +-- hosts/rico1/services/apps/default.nix | 10 +--- hosts/rico1/services/apps/loki/default.nix | 7 +-- hosts/rico1/services/apps/prometheus.nix | 70 +++++++++------------- hosts/rico1/services/apps/redis.nix | 12 ++-- hosts/rico2/network/wireguard.nix | 2 +- hosts/rico2/services/apps/alertmanager.nix | 7 +-- hosts/rico2/services/apps/blocky.nix | 7 +-- hosts/rico2/services/apps/grafana.nix | 7 +-- hosts/rico2/services/apps/homepage.nix | 2 - hosts/shared/caddy.nix | 1 + hosts/shared/prometheus-exporters.nix | 41 ++----------- hosts/wynne/services/apps/ntfy.nix | 22 +------ hosts/wynne/services/apps/postgresql.nix | 2 +- 22 files changed, 53 insertions(+), 191 deletions(-) diff --git a/hosts/layne/services/apps/bazarr.nix b/hosts/layne/services/apps/bazarr.nix index d42673b..3eb9978 100644 --- a/hosts/layne/services/apps/bazarr.nix +++ b/hosts/layne/services/apps/bazarr.nix @@ -1,6 +1,5 @@ { pkgs, lib, ... }: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; user = "mediaserver"; group = "mediaserver"; dataDir = "/mnt/data/bazarr"; @@ -8,7 +7,6 @@ let in { services.caddy.virtualHosts."bazarr.labs.adtya.xyz" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:${toString port} ''; diff --git a/hosts/layne/services/apps/jellyfin.nix b/hosts/layne/services/apps/jellyfin.nix index 18cbd57..bc9fc10 100644 --- a/hosts/layne/services/apps/jellyfin.nix +++ b/hosts/layne/services/apps/jellyfin.nix @@ -1,19 +1,13 @@ -_: -let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; -in -{ +_: { services = { caddy = { virtualHosts = { "jellyfin.local.adtya.xyz" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:8096 ''; }; "jellyfin.labs.adtya.xyz" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:8096 ''; diff --git a/hosts/layne/services/apps/lidarr.nix b/hosts/layne/services/apps/lidarr.nix index b1ecc63..ad51b30 100644 --- a/hosts/layne/services/apps/lidarr.nix +++ b/hosts/layne/services/apps/lidarr.nix @@ -1,11 +1,6 @@ -_: -let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; -in -{ +_: { services = { caddy.virtualHosts."lidarr.labs.adtya.xyz" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:8686 ''; diff --git a/hosts/layne/services/apps/prowlarr.nix b/hosts/layne/services/apps/prowlarr.nix index 9dbad57..5525138 100644 --- a/hosts/layne/services/apps/prowlarr.nix +++ b/hosts/layne/services/apps/prowlarr.nix @@ -1,13 +1,11 @@ { pkgs, lib, ... }: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; user = "mediaserver"; group = "mediaserver"; dataDir = "/mnt/data/prowlarr"; in { services.caddy.virtualHosts."prowlarr.labs.adtya.xyz" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:9696 ''; diff --git a/hosts/layne/services/apps/radarr.nix b/hosts/layne/services/apps/radarr.nix index d881380..8c5ddd9 100644 --- a/hosts/layne/services/apps/radarr.nix +++ b/hosts/layne/services/apps/radarr.nix @@ -1,11 +1,6 @@ -_: -let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; -in -{ +_: { services = { caddy.virtualHosts."radarr.labs.adtya.xyz" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:7878 ''; diff --git a/hosts/layne/services/apps/readarr.nix b/hosts/layne/services/apps/readarr.nix index 046319d..c1ecf7b 100644 --- a/hosts/layne/services/apps/readarr.nix +++ b/hosts/layne/services/apps/readarr.nix @@ -1,11 +1,6 @@ -_: -let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; -in -{ +_: { services = { caddy.virtualHosts."readarr.labs.adtya.xyz" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:8787 ''; diff --git a/hosts/layne/services/apps/sonarr.nix b/hosts/layne/services/apps/sonarr.nix index 083f0b0..744592a 100644 --- a/hosts/layne/services/apps/sonarr.nix +++ b/hosts/layne/services/apps/sonarr.nix @@ -1,11 +1,6 @@ -_: -let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; -in -{ +_: { services = { caddy.virtualHosts."sonarr.labs.adtya.xyz" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:8989 ''; diff --git a/hosts/layne/services/apps/transmission.nix b/hosts/layne/services/apps/transmission.nix index 561396d..48f1bd8 100644 --- a/hosts/layne/services/apps/transmission.nix +++ b/hosts/layne/services/apps/transmission.nix @@ -1,12 +1,7 @@ -{ pkgs, ... }: -let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; -in -{ +{ pkgs, ... }: { services = { caddy = { virtualHosts."transmission.labs.adtya.xyz" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:9091 ''; diff --git a/hosts/rico1/services/apps/blocky.nix b/hosts/rico1/services/apps/blocky.nix index 51eca18..3e5d74e 100644 --- a/hosts/rico1/services/apps/blocky.nix +++ b/hosts/rico1/services/apps/blocky.nix @@ -1,16 +1,11 @@ _: -let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; - domainName = "blocky.rico1.labs.adtya.xyz"; -in -{ +let domainName = "blocky.rico1.labs.adtya.xyz"; in { imports = [ ../../../shared/blocky.nix ]; services = { caddy = { virtualHosts."${domainName}" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:8080 ''; diff --git a/hosts/rico1/services/apps/default.nix b/hosts/rico1/services/apps/default.nix index 6f776e6..42b2bb2 100644 --- a/hosts/rico1/services/apps/default.nix +++ b/hosts/rico1/services/apps/default.nix @@ -1,8 +1,4 @@ -_: -let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; -in -{ +_: { imports = [ ./blocky.nix ./prometheus.nix @@ -14,25 +10,21 @@ in services.caddy = { virtualHosts = { "gateway.labs.adtya.xyz" = { - inherit logFormat; extraConfig = '' reverse_proxy 192.168.0.1:80 ''; }; "ap1.labs.adtya.xyz" = { - inherit logFormat; extraConfig = '' reverse_proxy 192.168.1.1:80 ''; }; "ap2.labs.adtya.xyz" = { - inherit logFormat; extraConfig = '' reverse_proxy 192.168.1.2:80 ''; }; "switch.labs.adtya.xyz" = { - inherit logFormat; extraConfig = '' reverse_proxy 192.168.1.3:80 ''; diff --git a/hosts/rico1/services/apps/loki/default.nix b/hosts/rico1/services/apps/loki/default.nix index 629ef5b..fb51be8 100644 --- a/hosts/rico1/services/apps/loki/default.nix +++ b/hosts/rico1/services/apps/loki/default.nix @@ -1,13 +1,8 @@ _: -let - inherit (import ../../../../shared/caddy-helpers.nix) logFormat; - domainName = "loki.labs.adtya.xyz"; -in -{ +let domainName = "loki.labs.adtya.xyz"; in { services = { caddy = { virtualHosts."${domainName}" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:3100 ''; diff --git a/hosts/rico1/services/apps/prometheus.nix b/hosts/rico1/services/apps/prometheus.nix index 1566f12..047aab9 100644 --- a/hosts/rico1/services/apps/prometheus.nix +++ b/hosts/rico1/services/apps/prometheus.nix @@ -1,13 +1,8 @@ _: -let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; - domainName = "prometheus.labs.adtya.xyz"; -in -{ +let domainName = "prometheus.labs.adtya.xyz"; in { services = { caddy = { virtualHosts."${domainName}" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:9090 ''; @@ -32,66 +27,57 @@ in scrapeConfigs = [ { job_name = "ntfy"; - scheme = "https"; - metrics_path = "/ntfy-metrics"; static_configs = [ - { targets = [ "wynne.labs.adtya.xyz" ]; } + { targets = [ "10.10.10.13:8081" ]; } ]; } { job_name = "caddy"; - scheme = "https"; - metrics_path = "/caddy-metrics"; static_configs = [ - { targets = [ "rico0.labs.adtya.xyz" ]; } - { targets = [ "rico1.labs.adtya.xyz" ]; } - { targets = [ "rico2.labs.adtya.xyz" ]; } - { targets = [ "wynne.labs.adtya.xyz" ]; } - { targets = [ "layne.labs.adtya.xyz" ]; } + { targets = [ "10.10.10.1:2019" ]; } + { targets = [ "10.10.10.10:2019" ]; } + { targets = [ "10.10.10.11:2019" ]; } + { targets = [ "10.10.10.12:2019" ]; } + { targets = [ "10.10.10.13:2019" ]; } + { targets = [ "10.10.10.14:2019" ]; } ]; } { job_name = "postgres"; - scheme = "https"; - metrics_path = "/postgres-metrics"; static_configs = [ - { targets = [ "wynne.labs.adtya.xyz" ]; } + { targets = [ "10.10.10.13:9187" ]; } ]; } { job_name = "systemd"; - scheme = "https"; - metrics_path = "/systemd-metrics"; static_configs = [ - { targets = [ "rico0.labs.adtya.xyz" ]; } - { targets = [ "rico1.labs.adtya.xyz" ]; } - { targets = [ "rico2.labs.adtya.xyz" ]; } - { targets = [ "wynne.labs.adtya.xyz" ]; } - { targets = [ "layne.labs.adtya.xyz" ]; } + { targets = [ "10.10.10.1:9558" ]; } + { targets = [ "10.10.10.10:9558" ]; } + { targets = [ "10.10.10.11:9558" ]; } + { targets = [ "10.10.10.12:9558" ]; } + { targets = [ "10.10.10.13:9558" ]; } + { targets = [ "10.10.10.14:9558" ]; } ]; } { job_name = "smartctl"; - scheme = "https"; - metrics_path = "/smartctl-metrics"; static_configs = [ - { targets = [ "rico0.labs.adtya.xyz" ]; } - { targets = [ "rico1.labs.adtya.xyz" ]; } - { targets = [ "rico2.labs.adtya.xyz" ]; } - { targets = [ "wynne.labs.adtya.xyz" ]; } - { targets = [ "wynne.labs.adtya.xyz" ]; } - { targets = [ "layne.labs.adtya.xyz" ]; } + { targets = [ "10.10.10.10:9633" ]; } + { targets = [ "10.10.10.11:9633" ]; } + { targets = [ "10.10.10.12:9633" ]; } + { targets = [ "10.10.10.13:9633" ]; } + { targets = [ "10.10.10.14:9633" ]; } ]; } { job_name = "node"; - scheme = "https"; static_configs = [ - { targets = [ "rico0.labs.adtya.xyz" ]; } - { targets = [ "rico1.labs.adtya.xyz" ]; } - { targets = [ "rico2.labs.adtya.xyz" ]; } - { targets = [ "wynne.labs.adtya.xyz" ]; } - { targets = [ "layne.labs.adtya.xyz" ]; } + { targets = [ "10.10.10.1:9100" ]; } + { targets = [ "10.10.10.10:9100" ]; } + { targets = [ "10.10.10.11:9100" ]; } + { targets = [ "10.10.10.12:9100" ]; } + { targets = [ "10.10.10.13:9100" ]; } + { targets = [ "10.10.10.14:9100" ]; } ]; } { @@ -104,10 +90,8 @@ in } { job_name = "redis"; - scheme = "https"; - metrics_path = "/redis-metrics"; static_configs = [ - { targets = [ "rico1.labs.adtya.xyz" ]; } + { targets = [ "10.10.10.11:9121" ]; } ]; } ]; diff --git a/hosts/rico1/services/apps/redis.nix b/hosts/rico1/services/apps/redis.nix index 206dfdf..5f4013f 100644 --- a/hosts/rico1/services/apps/redis.nix +++ b/hosts/rico1/services/apps/redis.nix @@ -1,20 +1,16 @@ -_: { +{ config, ... }: { services = { prometheus.exporters.redis = { enable = true; - listenAddress = "127.0.0.1"; + listenAddress = config.nodeconfig.facts.wireguard-ip; port = 9121; }; redis.servers = { - blocky = { + default = { enable = true; bind = "10.10.10.11"; port = 6379; - }; - caddy = { - enable = true; - bind = "10.10.10.11"; - port = 6380; + extraParams = [ "--protected-mode no" ]; }; }; }; diff --git a/hosts/rico2/network/wireguard.nix b/hosts/rico2/network/wireguard.nix index 79bf461..ea4a1a8 100644 --- a/hosts/rico2/network/wireguard.nix +++ b/hosts/rico2/network/wireguard.nix @@ -1,5 +1,5 @@ { config, ... }: -let wireguard-peers = import ../shared/wireguard-peers.nix; in { +let wireguard-peers = import ../../shared/wireguard-peers.nix; in { sops.secrets = { "wireguard/rico2/pk" = { mode = "400"; diff --git a/hosts/rico2/services/apps/alertmanager.nix b/hosts/rico2/services/apps/alertmanager.nix index b39e78e..ea9f648 100644 --- a/hosts/rico2/services/apps/alertmanager.nix +++ b/hosts/rico2/services/apps/alertmanager.nix @@ -1,13 +1,8 @@ _: -let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; - domainName = "alertmanager.labs.adtya.xyz"; -in -{ +let domainName = "alertmanager.labs.adtya.xyz"; in { services = { caddy = { virtualHosts."${domainName}" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:9093 ''; diff --git a/hosts/rico2/services/apps/blocky.nix b/hosts/rico2/services/apps/blocky.nix index dd2ba16..4f8ff47 100644 --- a/hosts/rico2/services/apps/blocky.nix +++ b/hosts/rico2/services/apps/blocky.nix @@ -1,16 +1,11 @@ _: -let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; - domainName = "blocky.rico2.labs.adtya.xyz"; -in -{ +let domainName = "blocky.rico2.labs.adtya.xyz"; in { imports = [ ../../../shared/blocky.nix ]; services = { caddy = { virtualHosts."${domainName}" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:8080 ''; diff --git a/hosts/rico2/services/apps/grafana.nix b/hosts/rico2/services/apps/grafana.nix index 2f50c6e..1981961 100644 --- a/hosts/rico2/services/apps/grafana.nix +++ b/hosts/rico2/services/apps/grafana.nix @@ -1,13 +1,8 @@ _: -let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; - domainName = "grafana.labs.adtya.xyz"; -in -{ +let domainName = "grafana.labs.adtya.xyz"; in { services = { caddy = { virtualHosts."${domainName}" = { - inherit logFormat; extraConfig = '' reverse_proxy 127.0.0.1:9091 ''; diff --git a/hosts/rico2/services/apps/homepage.nix b/hosts/rico2/services/apps/homepage.nix index b9d0b1b..beb85db 100644 --- a/hosts/rico2/services/apps/homepage.nix +++ b/hosts/rico2/services/apps/homepage.nix @@ -1,6 +1,5 @@ { config, ... }: let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; domainName = "homepage.labs.adtya.xyz"; cfg = config.services.glance; in @@ -8,7 +7,6 @@ in services = { caddy = { virtualHosts."${domainName}" = { - inherit logFormat; extraConfig = '' reverse_proxy ${cfg.settings.server.host}:${toString cfg.settings.server.port} ''; diff --git a/hosts/shared/caddy.nix b/hosts/shared/caddy.nix index 01c0a3e..997c736 100644 --- a/hosts/shared/caddy.nix +++ b/hosts/shared/caddy.nix @@ -12,6 +12,7 @@ enable = true; package = inputs.caddy.packages.${pkgs.system}.caddy; email = "admin@acomputer.lol"; + enableReload = false; globalConfig = '' admin ${config.nodeconfig.facts.wireguard-ip}:2019 acme_dns hetzner {env.HETZNER_ACCESS_TOKEN} diff --git a/hosts/shared/prometheus-exporters.nix b/hosts/shared/prometheus-exporters.nix index 09c650a..4840c39 100644 --- a/hosts/shared/prometheus-exporters.nix +++ b/hosts/shared/prometheus-exporters.nix @@ -1,53 +1,20 @@ -{ lib, config, ... }: { +{ config, ... }: { services = { - caddy = - let - vHost = "${config.networking.hostName}.labs.adtya.xyz"; - in - { - virtualHosts."${vHost}" = { - extraConfig = '' - handle /metrics { - reverse_proxy ${config.services.prometheus.exporters.node.listenAddress}:${toString config.services.prometheus.exporters.node.port} - } - handle /smartctl-metrics { - uri replace /smartctl-metrics /metrics - reverse_proxy ${config.services.prometheus.exporters.smartctl.listenAddress}:${toString config.services.prometheus.exporters.smartctl.port} - } - handle /systemd-metrics { - uri replace /systemd-metrics /metrics - reverse_proxy ${config.services.prometheus.exporters.systemd.listenAddress}:${toString config.services.prometheus.exporters.systemd.port} - } - ${lib.optionalString config.services.prometheus.exporters.postgres.enable '' - handle /postgres-metrics { - uri replace /postgres-metrics /metrics - reverse_proxy ${config.services.prometheus.exporters.postgres.listenAddress}:${toString config.services.prometheus.exporters.postgres.port} - } - ''} - ${lib.optionalString config.services.prometheus.exporters.redis.enable '' - handle /redis-metrics { - uri replace /redis-metrics /metrics - reverse_proxy ${config.services.prometheus.exporters.redis.listenAddress}:${toString config.services.prometheus.exporters.redis.port} - } - ''} - ''; - }; - }; prometheus.exporters = { node = { enable = true; - listenAddress = "127.0.0.1"; + listenAddress = config.nodeconfig.facts.wireguard-ip; port = 9100; enabledCollectors = [ "systemd" "processes" ]; }; smartctl = { enable = true; - listenAddress = "127.0.0.1"; + listenAddress = config.nodeconfig.facts.wireguard-ip; port = 9633; }; systemd = { enable = true; - listenAddress = "127.0.0.1"; + listenAddress = config.nodeconfig.facts.wireguard-ip; port = 9558; }; diff --git a/hosts/wynne/services/apps/ntfy.nix b/hosts/wynne/services/apps/ntfy.nix index d3eb5f0..f56bbd6 100644 --- a/hosts/wynne/services/apps/ntfy.nix +++ b/hosts/wynne/services/apps/ntfy.nix @@ -1,28 +1,12 @@ -{ lib, config, ... }: -let - inherit (import ../../../shared/caddy-helpers.nix) logFormat; - domainName = "ntfy.acomputer.lol"; -in -{ +{ lib, ... }: +let domainName = "ntfy.acomputer.lol"; in { services = { - caddy.virtualHosts = { - "${config.networking.hostName}.labs.adtya.xyz" = { - inherit logFormat; - extraConfig = '' - handle /ntfy-metrics { - uri replace /ntfy-metrics /metrics - reverse_proxy ${config.services.ntfy-sh.settings.metrics-listen-http} - } - ''; - }; - }; - ntfy-sh = { enable = true; settings = { base-url = "https://${domainName}"; listen-http = "10.10.10.13:8080"; - metrics-listen-http = "127.0.0.1:8081"; + metrics-listen-http = "10.10.10.13:8081"; auth-file = "/mnt/data/ntfy-sh/user.db"; attachment-cache-dir = "/mnt/data/ntfy-sh/attachments"; cache-file = "/mnt/data/ntfy-sh/cache-file.db"; diff --git a/hosts/wynne/services/apps/postgresql.nix b/hosts/wynne/services/apps/postgresql.nix index b410c5d..01a4c08 100644 --- a/hosts/wynne/services/apps/postgresql.nix +++ b/hosts/wynne/services/apps/postgresql.nix @@ -2,7 +2,7 @@ services = { prometheus.exporters.postgres = { enable = true; - listenAddress = "127.0.0.1"; + listenAddress = config.nodeconfig.facts.wireguard-ip; port = 9187; runAsLocalSuperUser = true; };