commit 7ef56cd862f7ebb889562304b9137e32369c22c4 · krasovs.ky/homelab

+11

configs/alloy/config.alloy

···

       96
       96
        
           { __address__ = "host.containers.internal:9558" },

     

       97
       97
        
           { __address__ = "host.containers.internal:9091" }, // LiveKit

     

       98
       98
        
           { __address__ = "prometheus-podman-exporter:9882" },

     

       99
       99
       +
           { __address__ = "victoria:8428" },

     

       100
       100
       +
           { __address__ = "victoria:9428" },

     

       101
       101
       +
           { __address__ = "victoria:10428" },

     

       99
       102
        
           { __address__ = "immich:8081" },

     

       100
       103
        
           { __address__ = "immich:8082" },

     

       101
       104
        
           { __address__ = "opencloud:9205" },

     
···

       120
       123
        
         output {

     

       121
       124
        
           metrics = [otelcol.processor.batch.default.input]

     

       122
       125
        
           logs    = [otelcol.processor.batch.default.input]

     

       126
       126
       +
           traces  = [otelcol.processor.batch.default.input]

     

       123
       127
        
         }

     

       124
       128
        
       }

     

       125
       129
        
       

     
···

       127
       131
        
         output {

     

       128
       132
        
           metrics = [otelcol.exporter.otlphttp.victoria_metrics.input]

     

       129
       133
        
           logs    = [otelcol.exporter.otlphttp.victoria_logs.input]

     

       134
       134
       +
           traces  = [otelcol.exporter.otlphttp.victoria_traces.input]

     

       130
       135
        
         }

     

       131
       136
        
       }

     

       132
       137
        
       

     
···

       141
       146
        
           endpoint = "http://victoria:9428/insert/opentelemetry"

     

       142
       147
        
         }

     

       143
       148
        
       }

     

       149
       149
       +
       

     

       150
       150
       +
       otelcol.exporter.otlphttp "victoria_traces" {

     

       151
       151
       +
         client {

     

       152
       152
       +
           endpoint = "http://victoria:10428/insert/opentelemetry"

     

       153
       153
       +
         }

     

       154
       154
       +
       }

+1 -1

configs/containers/systemd/element-call.container.tftpl

···

       2
       2
        
       Description=Element Call Quadlet

     

       3
       3
        
       

     

       4
       4
        
       [Container]

     

       5
       5
       -
       Image=ghcr.io/element-hq/element-call:v0.16.1

     

       5
       5
       +
       Image=ghcr.io/element-hq/element-call:v0.16.3

     

       6
       6
        
       AutoUpdate=registry

     

       7
       7
        
       ContainerName=element-call

     

       8
       8

+1 -1

configs/containers/systemd/element-web.container.tftpl

···

       2
       2
        
       Description=Element Web Quadlet

     

       3
       3
        
       

     

       4
       4
        
       [Container]

     

       5
       5
       -
       Image=docker.io/vectorim/element-web:v1.12.4

     

       5
       5
       +
       Image=docker.io/vectorim/element-web:v1.12.6

     

       6
       6
        
       AutoUpdate=registry

     

       7
       7
        
       ContainerName=element-web

     

       8
       8

+1 -1

configs/containers/systemd/matrix-rtc/matrix-rtc-jwt.container.tftpl

···

       2
       2
        
       Description=MatrixRTC Authorization Service Quadlet

     

       3
       3
        
       

     

       4
       4
        
       [Container]

     

       5
       5
       -
       Image=ghcr.io/element-hq/lk-jwt-service:0.3.0

     

       5
       5
       +
       Image=ghcr.io/element-hq/lk-jwt-service:0.4.0

     

       6
       6
        
       AutoUpdate=registry

     

       7
       7
        
       ContainerName=matrix-rtc-jwt

     

       8
       8

+1 -1

configs/containers/systemd/matrix-rtc/matrix-rtc-sfu.container.tftpl

···

       4
       4
        
       After=matrix-rtc-valkey.service

     

       5
       5
        
       

     

       6
       6
        
       [Container]

     

       7
       7
       -
       Image=docker.io/livekit/livekit-server:v1.9.4

     

       7
       7
       +
       Image=docker.io/livekit/livekit-server:v1.9.7

     

       8
       8
        
       AutoUpdate=registry

     

       9
       9
        
       ContainerName=matrix-rtc-sfu

     

       10
       10

+1 -1

configs/containers/systemd/victoria/victoria-logs.container.tftpl

···

       8
       8
        
       User=1000:1000

     

       9
       9
        
       

     

       10
       10
        
       Label="glance.name=VictoriaLogs"

     

       11
       11
       -
       Label="glance.icon=di:victoriametrics-light"

     

       11
       11
       +
       Label="glance.icon=di:victorialogs"

     

       12
       12
        
       Label="glance.url=https://logs.${base_domain}"

     

       13
       13
        
       Label="glance.description=Logs Storage"

     

       14
       14
        
       Label="glance.hide=false"

+25

configs/containers/systemd/victoria/victoria-traces.container.tftpl

···

       1
       1
       +
       [Unit]

     

       2
       2
       +
       Description=Victoria Traces Quadlet

     

       3
       3
       +
       

     

       4
       4
       +
       [Container]

     

       5
       5
       +
       Image=docker.io/victoriametrics/victoria-traces:v0.5.1

     

       6
       6
       +
       ContainerName=victoria-traces

     

       7
       7
       +
       

     

       8
       8
       +
       User=1000:1000

     

       9
       9
       +
       

     

       10
       10
       +
       Label="glance.name=VictoriaTraces"

     

       11
       11
       +
       Label="glance.icon=di:victoriametrics-light"

     

       12
       12
       +
       Label="glance.url=https://traces.${base_domain}"

     

       13
       13
       +
       Label="glance.description=Tracing Data Storage"

     

       14
       14
       +
       Label="glance.hide=false"

     

       15
       15
       +
       

     

       16
       16
       +
       Volume=/var/mnt/observability/traces:/victoria-traces-data:Z

     

       17
       17
       +
       

     

       18
       18
       +
       Pod=victoria.pod

     

       19
       19
       +
       

     

       20
       20
       +
       [Service]

     

       21
       21
       +
       TimeoutStartSec=900

     

       22
       22
       +
       Restart=always

     

       23
       23
       +
       

     

       24
       24
       +
       [Install]

     

       25
       25
       +
       WantedBy=multi-user.target default.target

+3 -3

configs/containers/systemd/victoria/victoria-vmauth.container.tftpl

···

       13
       13
        
       Label="glance.hide=false"

     

       14
       14
        
       

     

       15
       15
        
       Label="traefik.enable=true"

     

       16
       16
       -
       Label="traefik.http.routers.vm.rule=Host(`metrics.${base_domain}`) || Host(`logs.${base_domain}`)"

     

       16
       16
       +
       Label="traefik.http.routers.vm.rule=Host(`metrics.${base_domain}`) || Host(`logs.${base_domain}`) || Host(`traces.${base_domain}`)"

     

       17
       17
        
       Label="traefik.http.routers.vm.middlewares=oauth2-proxy@file,add-victoria-bearer"

     

       18
       18
        
       Label="traefik.http.routers.vm.priority=1"

     

       19
       19
        
       Label="traefik.http.services.vm.loadbalancer.server.port=8427"

     

       20
       20
       -
       Label="traefik.http.routers.vm-auth.rule=(Host(`metrics.${base_domain}`) || Host(`logs.${base_domain}`)) && PathPrefix(`/oauth2/`)"

     

       20
       20
       +
       Label="traefik.http.routers.vm-auth.rule=(Host(`metrics.${base_domain}`) || Host(`logs.${base_domain}`) || Host(`traces.${base_domain}`)) && PathPrefix(`/oauth2/`)"

     

       21
       21
        
       Label="traefik.http.routers.vm-auth.service=oauth2-proxy"

     

       22
       22
        
       Label="traefik.http.middlewares.add-victoria-bearer.headers.customRequestHeaders.Authorization=Bearer ${secrets.vmauth_traefik_bearer_token}"

     

       23
       23
       -
       Label="traefik.http.routers.vm-api.rule=(Host(`metrics.${base_domain}`) || Host(`logs.${base_domain}`)) && (HeaderRegexp(`Authorization`, `^Bearer .*$`) || HeaderRegexp(`Authorization`, `^Token .*$`))"

     

       23
       23
       +
       Label="traefik.http.routers.vm-api.rule=(Host(`metrics.${base_domain}`) || Host(`logs.${base_domain}`) || Host(`traces.${base_domain}`)) && (HeaderRegexp(`Authorization`, `^Bearer .*$`) || HeaderRegexp(`Authorization`, `^Token .*$`))"

     

       24
       24
        
       Label="traefik.http.routers.vm-api.priority=2"

     

       25
       25
        
       

     

       26
       26
        
       Exec="--auth.config=/etc/auth.yml"

+1

configs/matrix/mas.yaml.tftpl

···

       80
       80
        
           token_endpoint_auth_method: client_secret_basic

     

       81
       81
        
           scope: "email openid profile"

     

       82
       82
        
           claims_imports:

     

       83
       83
       +
             skip_confirmation: true

     

       83
       84
        
             localpart:

     

       84
       85
        
               action: require

     

       85
       86
        
               template: '{{ user.preferred_username }}'

+3

configs/vmauth/auth.yml

···

       8
       8
        
             - src_hosts:

     

       9
       9
        
               - "logs\\.${replace(base_domain, ".", "\\\\.")}"

     

       10
       10
        
               url_prefix: "http://victoria-logs:9428/"

     

       11
       11
       +
             - src_hosts:

     

       12
       12
       +
               - "traces\\.${replace(base_domain, ".", "\\\\.")}"

     

       13
       13
       +
               url_prefix: "http://victoria-traces:10428/"

     

       11
       14
        
         # Proxmox

     

       12
       15
        
         - bearer_token: "${secrets.vmauth_proxmox_bearer_token}"

     

       13
       16
        
           url_map: