tracktrain: update
This is the initial version for this year's run of absurd train operations. I won't dare to call it a release for at least another month or so, so no version number. Changes done in our nixfiles: - tracktrain now needs ntfy-sh so people (read: I) can get push notifications if things break or at least look a little weird - I removed the grafana instance; seems like somewhere in the last year they changed how to host it under a sub-path (ours was at /metrics), so it broke, and I'm not feeling any particular urge to fix it - last year's database contents have been yoten - also manually updated the gtfs (though I intend to implement logic for fetching it in tracktrain, I first need to drag Ilztalbahn into actually publishing up-to-date versions again first)
This commit is contained in:
parent
8662943183
commit
27b8ef6784
3 changed files with 15 additions and 59 deletions
|
@ -228,11 +228,11 @@
|
|||
"tracktrain": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1688154251,
|
||||
"narHash": "sha256-iv2xUUYhjIcKWs1+l7h43z7v/a9/OamBKXi/gcl4ppI=",
|
||||
"lastModified": 1714552989,
|
||||
"narHash": "sha256-I/Lml1AWvuvnFqlzJ017MymKTD2N1oGwNu2eEf6K/O4=",
|
||||
"ref": "main",
|
||||
"rev": "a995dabf07574a32c1ae62ad23b96ba7d8e076ee",
|
||||
"revCount": 92,
|
||||
"rev": "203d9555b6915d834e9107db4e4ccfa5c99c3631",
|
||||
"revCount": 101,
|
||||
"type": "git",
|
||||
"url": "https://stuebinm.eu/git/tracktrain"
|
||||
},
|
||||
|
|
|
@ -14,6 +14,10 @@ let
|
|||
url: https://login.infra4future.de
|
||||
clientname: tracktrain
|
||||
# clientsecret defined in env file
|
||||
|
||||
logging:
|
||||
ntfytopic: ping.stuebinm.eu/monit
|
||||
name: ilztalbahn
|
||||
'';
|
||||
in
|
||||
{
|
||||
|
@ -44,13 +48,6 @@ in
|
|||
bindSecrets = true;
|
||||
|
||||
config = { config, lib, pkgs, ... }: {
|
||||
system.stateVersion = "21.11";
|
||||
|
||||
users.users.tracktrain = {
|
||||
group = "tracktrain";
|
||||
isSystemUser = true;
|
||||
};
|
||||
users.groups.tracktrain = {};
|
||||
|
||||
systemd.services.tracktrain = {
|
||||
enable = true;
|
||||
|
@ -62,22 +59,18 @@ in
|
|||
serviceConfig = {
|
||||
Type = "simple";
|
||||
EnvironmentFile = "/secrets/env";
|
||||
User = "tracktrain";
|
||||
Group = "tracktrain";
|
||||
DynamicUser = true;
|
||||
};
|
||||
path = [ pkgs.wget ];
|
||||
path = [ pkgs.wget pkgs.ntfy-sh ];
|
||||
script = ''
|
||||
mkdir -p /persist/tracktrain
|
||||
cd /persist/tracktrain
|
||||
cd /tmp
|
||||
ln -sf ${pkgs.writeText "tracktrain-config.yaml" tracktrain-config} config.yaml
|
||||
wget "https://ilztalbahn.eu/wp-content/uploads/2020/07/gtfs.zip" || sleep 4; wget "https://ilztalbahn.eu/wp-content/uploads/2020/07/gtfs.zip"
|
||||
${pkgs.tracktrain}/bin/tracktrain +RTS -T
|
||||
'';
|
||||
};
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
|
||||
package = pkgs.postgresql_15;
|
||||
ensureDatabases = [ "tracktrain" ];
|
||||
ensureUsers = [ {
|
||||
|
@ -85,8 +78,7 @@ in
|
|||
ensureDBOwnership = true;
|
||||
} ];
|
||||
authentication = ''
|
||||
local all all trust
|
||||
host all all 127.0.0.1/32 trust
|
||||
local all all trust
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -101,42 +93,6 @@ in
|
|||
} ];
|
||||
};
|
||||
|
||||
services.grafana = {
|
||||
enable = true;
|
||||
settings.server = {
|
||||
serve_from_sub_path = true;
|
||||
domain = "tracktrain.ilztalbahn.eu";
|
||||
root_url = "https://%(domain)s/metrics/";
|
||||
http_port = 2342;
|
||||
http_addr = "0.0.0.0";
|
||||
};
|
||||
|
||||
settings."auth.generic_oauth" = {
|
||||
name = "uffd";
|
||||
enabled = true;
|
||||
allow_sign_up = true;
|
||||
empty_scopes = true;
|
||||
client_id = "ilztalbahn-grafana";
|
||||
client_secret = "\${GRAFANA_CLIENT_SECRET}";
|
||||
auth_url = "https://login.infra4future.de/oauth2/authorize";
|
||||
token_url = "https://login.infra4future.de/oauth2/token";
|
||||
api_url = "https://login.infra4future.de/oauth2/userinfo";
|
||||
};
|
||||
# disables the default login screen. comment out if for some
|
||||
# reason you do need it
|
||||
settings.auth.oauth_auto_login = true;
|
||||
settings.users.auto_assign_org_role = "Admin";
|
||||
|
||||
provision = {
|
||||
enable = true;
|
||||
datasources.settings.datasources = [ {
|
||||
url = "http://localhost:9001";
|
||||
type = "prometheus";
|
||||
name = "prometheus";
|
||||
} ];
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.grafana.serviceConfig.EnvironmentFile =
|
||||
"/secrets/env";
|
||||
hacc.bindToPersist = [ "/var/lib/grafana" ];
|
||||
|
|
|
@ -3,7 +3,7 @@ hedgedoc-hacc:
|
|||
mattermost:
|
||||
env: ENC[AES256_GCM,data:4GcV8UOYmVUjZoYc0Nq/vEWtxtYNV81zVTEyFnZIfY1k/Ar1MU+fn5A99JLIMc8U84/QupDU7TcneiN/wqPv2jYqGS7ixSNTk+x5uUPMarzKZ04ynav6FCWEvlSF0Sz4/5s/Pvp1Qi3zdv16ZVGUHbM8/wCcaZBkSS0ofwBTIXVsVYSRPFxLehtBgwjAnD46qS+YJmszmd7V5N/adWWF34vAdfLiO6Y7KDB3jnMLOPU6Drtw9L83AW6NuOtk8crZrI1dkTD/xUC07IvMhZpZVc9ktQJqIvlk/ADs5aIp/QYrjICdYvb8xC16oV7jC/7yzXzC/UuYbCvS5gnHGMK/CsBkmM9HXmQ6mWjrfuOJEkMHSefS7O8HyrNoNDSXq0ivCr6KJmwrz7NXNAE6a6xx9LMjs5DJ8H5fda1l5TGVAdA2tg==,iv:dG4cnEtUgUxw7zS2k15p+6//Bl19WquTfFIiz5Vi/0M=,tag:cMBU8CtFBBjfcfpO709Kpg==,type:str]
|
||||
tracktrain:
|
||||
env: ENC[AES256_GCM,data:jaq039FNxBrsPfG/q+InYpiyl1LBdY++DlLM6UpSAwKlINucooTrHz51QrdRWhAZDqXhVTHM55Q/Zm4wazweCABiNjkXDFoZgxc5YJX+pvBct6M533xl109yD6KiYOXDqPY03u71aop8OmOAnKDp1JlzPS1otdlaN8Vd56G+,iv:nYU2rgMMG4QcJo5DnZpYZm1zr82idd7r1uTsqNiXLdA=,tag:9rdxAneYUREacXNunpTuHw==,type:str]
|
||||
env: ENC[AES256_GCM,data:W3+8qWomPgGJt5u50aAm9x/dilMpqKY11I2AdaIBTz5posc25ts0LB5S/Sxe1ROz4itpDK3QvjoFUTRhS39k4dwMr5lqXV8Ln4B+sPpvh7oBM8A5zydP8Jj1J1YqRt8++RTUmb4z41DIwb/yaZKMu6z0guXIu1yuYzcbCuk0xe/iOp6UUpfjOzzWTvxY54zY6kWcjHLiCSwD31Cd+MxMPfbUEkHt+0W+sBmYXGeEFI/6ULSB6FnGjNW6F9g=,iv:3ymah8HG+Yg6VYZZA/MRRjHDYvYJz01ezvhfQiftegg=,tag:trht+PRYfKgWJkg2wRwISQ==,type:str]
|
||||
vaultwarden:
|
||||
env: ENC[AES256_GCM,data:hdm91tI8WBd3es+IUbdBO69kh1pNZTNvZNFIdSZO8lm4yYMPE+Jm7EzVqwOaZRbpQaVDBg7uh5P4ODc=,iv:no7U0wQCwZOeL2pwXf2pUIgrEsEOYwqOT04LvpCl614=,tag:AGSu5M7H69x6pDM062bC6g==,type:str]
|
||||
auamost:
|
||||
|
@ -98,8 +98,8 @@ sops:
|
|||
bndBTXJhQVE2OVlKeGNTbzJlL0duUzAKIWdesesYvBIN/m36fhzxq30+IT8qp/pF
|
||||
S6i7QqZF75y2BpEoupRCqNIAsHrouUE+U9ZQJZO8m9J591mWvbVJIw==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-04-09T18:13:36Z"
|
||||
mac: ENC[AES256_GCM,data:oKKQC09MGj+ng9LQqQefY1/xZGRPD3NzyILgB/pzeQT0JjlzXx27JzedmOvx2IPDgJQWPfwevoWdai4HAZeRQQk4yFDePSM/ZJqSn2NnQdUJ9mSQEu5iSrseez/OiotVHZ85ZFhu3thk34rzu0ImHhqYoSqWx5d/tnjC4wPdJlY=,iv:Hm27YPP0U7t7ZiGqMynBTCSHdpJ1dEhBz5HGS5RKgdw=,tag:WJZVcs3t+FV7FmsQVag5/w==,type:str]
|
||||
lastmodified: "2024-05-01T01:20:25Z"
|
||||
mac: ENC[AES256_GCM,data:2fVIskFTMl1jefsa3A9fbBBUBK3Ni9XpUjLbwgewEUEKDhwzHY7vjlauzEVtcFJhYkorG/I/0YkPE6PjHta8Qk4mAOfXeVeLDrwH0dmIoPxw+J4kCgRNgNGdhkvmSUBQKwmhfvG3owZnGvq6JfcKZW8HodXyZ+GQQNknGzoX1wQ=,iv:fIXw7lsLwMHsNpZyv9nil7pdXrYNm18UV87KY0Z2zJ4=,tag:L/zymgljJWopKN1q7rpPhg==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.8.1
|
||||
|
|
Loading…
Reference in a new issue