From ee2f34867bafe2e097dc75ac2e9748462dd5f49b Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Fri, 24 Feb 2023 02:01:18 +0100 Subject: [PATCH] add telegraf and fix iowait problems --- nixos/machines/pepe/configuration.nix | 3 ++- nixos/machines/pepe/prometheus.nix | 12 +++++++++ nixos/machines/pepe/telegraf.nix | 30 +++++++++++++++++++++ nixos/machines/robi/jellyfin.nix | 39 +++++++++++++++------------ nixos/machines/robi/syncthing.nix | 6 +++++ scripts/disko-config-cream.nix | 4 +-- 6 files changed, 74 insertions(+), 20 deletions(-) create mode 100644 nixos/machines/pepe/telegraf.nix diff --git a/nixos/machines/pepe/configuration.nix b/nixos/machines/pepe/configuration.nix index 642d12f..e3b83e9 100644 --- a/nixos/machines/pepe/configuration.nix +++ b/nixos/machines/pepe/configuration.nix @@ -20,9 +20,10 @@ ./grocy.nix ./taskwarrior-pushover.nix #./neo4j.nix - ./jellyfin.nix + #./jellyfin.nix ./wireguard.nix #./tts.nix + ./telegraf.nix # logging ./loki.nix diff --git a/nixos/machines/pepe/prometheus.nix b/nixos/machines/pepe/prometheus.nix index 461c0a4..9202fd1 100644 --- a/nixos/machines/pepe/prometheus.nix +++ b/nixos/machines/pepe/prometheus.nix @@ -66,6 +66,18 @@ }; }]; } + { + # see https://www.home-assistant.io/integrations/prometheus/ + job_name = "telgraf"; + metrics_path = "/metrics"; + static_configs = [{ + targets = [ "localhost:9273" ]; + labels = { + service = "telegraf"; + server = "pepe"; + }; + }]; + } ]; }; } diff --git a/nixos/machines/pepe/telegraf.nix b/nixos/machines/pepe/telegraf.nix new file mode 100644 index 0000000..1c404e2 --- /dev/null +++ b/nixos/machines/pepe/telegraf.nix @@ -0,0 +1,30 @@ +let + urls = [ + "https://bitwarden.ingolf-wagner.de" + "https://flix.ingolf-wagner.de" + "https://git.ingolf-wagner.de" + "https://ingolf-wagner.de" + "https://nextcloud.ingolf-wagner.de" + "https://nextcloud.ingolf-wagner.de" + "https://tech.ingolf-wagner.de" + ]; +in +{ + services.telegraf = { + enable = true; + extraConfig = { + outputs.prometheus_client = { + listen = ":9273"; + metric_version = 2; + }; + # https://github.com/influxdata/telegraf/tree/master/plugins/inputs < all them plugins + inputs = { + x509_cert = [{ + sources = (map (url: "${url}:443") urls); + interval = "30m"; # agent.interval = "10s" is default + }]; + http_response = [{ inherit urls; }]; + }; + }; + }; +} diff --git a/nixos/machines/robi/jellyfin.nix b/nixos/machines/robi/jellyfin.nix index 210ae6e..574f916 100644 --- a/nixos/machines/robi/jellyfin.nix +++ b/nixos/machines/robi/jellyfin.nix @@ -8,23 +8,28 @@ driSupport = true; driSupport32Bit = true; }; - services.nginx = { - enable = true; - virtualHosts. "flix.ingolf-wagner.de" = { - forceSSL = true; - enableACME = true; - extraConfig = '' - # Security / XSS Mitigation Headers - # NOTE: X-Frame-Options may cause issues with the webOS app - add_header X-Frame-Options "SAMEORIGIN"; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Content-Type-Options "nosniff"; - ''; - locations."/" = { - recommendedProxySettings = true; - proxyWebsockets = true; - proxyPass = "http://localhost:8096"; + services.nginx = + let + flixConfig = { + forceSSL = true; + enableACME = true; + extraConfig = '' + # Security / XSS Mitigation Headers + # NOTE: X-Frame-Options may cause issues with the webOS app + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Content-Type-Options "nosniff"; + ''; + locations."/" = { + recommendedProxySettings = true; + proxyWebsockets = true; + proxyPass = "http://localhost:8096"; + }; }; + in + { + enable = true; + virtualHosts. "flix.ingolf-wagner.de" = flixConfig; + virtualHosts. "video.ingolf-wagner.de" = flixConfig; }; - }; } diff --git a/nixos/machines/robi/syncthing.nix b/nixos/machines/robi/syncthing.nix index f4658d9..0cc8960 100644 --- a/nixos/machines/robi/syncthing.nix +++ b/nixos/machines/robi/syncthing.nix @@ -39,16 +39,19 @@ lost-fotos = { enable = true; path = "/media/syncthing/lost-fotos.ct"; + rescanInterval = 40 * 24 * 3600; }; movies = { enable = true; watch = true; path = "/media/syncthing/movies"; + rescanInterval = 16 * 3600; }; music-library = { enable = true; watch = true; path = "/media/syncthing/music"; + rescanInterval = 2 * 24 * 3600; }; music-projects = { enable = true; @@ -59,16 +62,19 @@ enable = true; watch = true; path = "/media/syncthing/nextcloud_backup"; + rescanInterval = 23 * 3600; }; samples = { enable = true; watch = true; path = "/media/syncthing/samples"; + rescanInterval = 41 * 24 * 3600; }; series = { enable = true; watch = true; path = "/media/syncthing/series"; + rescanInterval = 15 * 3600; }; }; diff --git a/scripts/disko-config-cream.nix b/scripts/disko-config-cream.nix index d8ed243..9222931 100644 --- a/scripts/disko-config-cream.nix +++ b/scripts/disko-config-cream.nix @@ -79,7 +79,7 @@ lvs = { root = { type = "lvm_lv"; - size = "100G"; + size = "200G"; content = { type = "filesystem"; format = "ext4"; @@ -91,7 +91,7 @@ }; home = { type = "lvm_lv"; - size = "150G"; + size = "250G"; content = { type = "filesystem"; format = "ext4";