commit bc2c1ea7e8fff295b4f30d9db2046b52afc5e5d1 · soopy.moe/gensokyo

+4 -4

nix.code-workspace

···

       8
       8
        
       		}

     

       9
       9
        
       	],

     

       10
       10
        
       	"settings": {

     

       11
       11
       -
           "deno.enable": true,

     

       11
       11
       +
       		"deno.enable": true,

     

       12
       12
        
       		"deno.lint": true,

     

       13
       13
        
       		"deno.unstable": false,

     

       14
       14
       -
           "files.exclude": {

     

       15
       15
       -
             "result": true

     

       16
       16
       -
           }

     

       14
       14
       +
       		"files.exclude": {

     

       15
       15
       +
       			"result": true

     

       16
       16
       +
       		}

     

       17
       17
        
       	}

     

       18
       18
        
       }

+19 -19

systems/koumakan/default.nix

···

       4
       4
        
         inputs,

     

       5
       5
        
         sopsDir,

     

       6
       6
        
         ...

     

       7
       7
       -
       }:

     

       8
       8
       -
       lib.nixosSystem {

     

       7
       7
       +
       }: let

     

       9
       8
        
         system = "x86_64-linux";

     

       9
       9
       +
       in

     

       10
       10
       +
         lib.nixosSystem {

     

       11
       11
       +
           inherit system;

     

       10
       12
        
       

     

       11
       11
       -
         # see docs/tips_n_tricks.md#extra_opts for syntax

     

       12
       12
       -
         # see docs/utils.md for functions

     

       13
       13
       -
         specialArgs = {

     

       14
       14
       -
           inherit inputs sopsDir;

     

       15
       15
       -
           _utils = utils {

     

       16
       16
       -
             inherit inputs;

     

       17
       17
       -
             system = "x86_64-linux";

     

       13
       13
       +
           # see docs/tips_n_tricks.md#extra_opts for syntax

     

       14
       14
       +
           # see docs/utils.md for functions

     

       15
       15
       +
           specialArgs = {

     

       16
       16
       +
             inherit inputs sopsDir;

     

       17
       17
       +
             _utils = utils {

     

       18
       18
       +
               inherit inputs system;

     

       19
       19
       +
             };

     

       18
       20
        
           };

     

       19
       19
       -
         };

     

       20
       21
        
       

     

       21
       21
       -
         modules = [

     

       22
       22
       -
           inputs.lanzaboote.nixosModules.lanzaboote

     

       23
       23
       -
           inputs.attic.nixosModules.atticd

     

       24
       24
       -
           inputs.sops-nix.nixosModules.sops

     

       25
       25
       -
           inputs.mystia.nixosModules.fixups

     

       26
       26
       -
           inputs.mystia.nixosModules.vmauth

     

       22
       22
       +
           modules = [

     

       23
       23
       +
             inputs.lanzaboote.nixosModules.lanzaboote

     

       24
       24
       +
             inputs.attic.nixosModules.atticd

     

       25
       25
       +
             inputs.mystia.nixosModules.fixups

     

       26
       26
       +
             inputs.mystia.nixosModules.vmauth

     

       27
       27
        
       

     

       28
       28
       -
           ./configuration.nix

     

       29
       29
       -
         ];

     

       30
       30
       -
       }

     

       28
       28
       +
             ./configuration.nix

     

       29
       29
       +
           ];

     

       30
       30
       +
         }

+7 -5

systems/koumakan/services/telemetry/grafana/provisioning.nix

···

       19
       19
        
           dashboards.settings = {

     

       20
       20
        
             apiVersion = 1; # same as above

     

       21
       21
        
       

     

       22
       22
       -
             providers = [{

     

       23
       23
       -
               name = "flake";

     

       24
       24
       -
               allowUiUpdates = false;

     

       25
       25
       -
               options.path = ./dashboards;

     

       26
       26
       -
             }];

     

       22
       22
       +
             providers = [

     

       23
       23
       +
               {

     

       24
       24
       +
                 name = "flake";

     

       25
       25
       +
                 allowUiUpdates = false;

     

       26
       26
       +
                 options.path = ./dashboards;

     

       27
       27
       +
               }

     

       28
       28
       +
             ];

     

       27
       29
        
           };

     

       28
       30
        
         };

     

       29
       31
        
       }

+22 -9

systems/koumakan/services/telemetry/victoriametrics.nix

···

       53
       53
        
                 job_name = "node";

     

       54
       54
        
                 scrape_interval = "15s";

     

       55
       55
        
                 static_configs = [{targets = ["localhost:${builtins.toString config.services.prometheus.exporters.node.port}"];}];

     

       56
       56
       -
                 relabel_configs = [{target_label = "instance"; replacement = "koumakan";}];

     

       56
       56
       +
                 relabel_configs = [

     

       57
       57
       +
                   {

     

       58
       58
       +
                     target_label = "instance";

     

       59
       59
       +
                     replacement = "koumakan";

     

       60
       60
       +
                   }

     

       61
       61
       +
                 ];

     

       57
       62
        
               }

     

       58
       63
        
       

     

       59
       64
        
               # external nodes uses remote write

     
···

       63
       68
        
               {

     

       64
       69
        
                 job_name = "nginx";

     

       65
       70
        
                 static_configs = [{targets = ["localhost:${builtins.toString config.services.prometheus.exporters.nginx.port}"];}];

     

       66
       66
       -
                 relabel_configs = [{target_label = "instance"; replacement = "koumakan";}];

     

       71
       71
       +
                 relabel_configs = [

     

       72
       72
       +
                   {

     

       73
       73
       +
                     target_label = "instance";

     

       74
       74
       +
                     replacement = "koumakan";

     

       75
       75
       +
                   }

     

       76
       76
       +
                 ];

     

       67
       77
        
               }

     

       68
       78
        
       

     

       69
       79
        
               {

     
···

       88
       98
        
           enable = true;

     

       89
       99
        
           listenAddress = "127.0.0.1:21000";

     

       90
       100
        
           authConfig = {

     

       91
       91
       -
             users = builtins.concatMap (token: [{

     

       92
       92
       -
               bearer_token = token;

     

       93
       93
       -
               url_prefix = "http://${config.services.victoriametrics.listenAddress}"; # send directly to vm

     

       94
       94
       -
             }]) [

     

       95
       95
       -
               "%{AUTH_MAIL_TOKEN}"

     

       96
       96
       -
               "%{AUTH_GATEWAY_TOKEN}"

     

       97
       97
       -
             ];

     

       101
       101
       +
             users =

     

       102
       102
       +
               builtins.concatMap (token: [

     

       103
       103
       +
                 {

     

       104
       104
       +
                   bearer_token = token;

     

       105
       105
       +
                   url_prefix = "http://${config.services.victoriametrics.listenAddress}"; # send directly to vm

     

       106
       106
       +
                 }

     

       107
       107
       +
               ]) [

     

       108
       108
       +
                 "%{AUTH_MAIL_TOKEN}"

     

       109
       109
       +
                 "%{AUTH_GATEWAY_TOKEN}"

     

       110
       110
       +
               ];

     

       98
       111
        
           };

     

       99
       112
        
           environmentFile = secrets.getTemplate "vmauth.env";

     

       100
       113
        
         };