working tracktrain + monitoring

This commit is contained in:
stuebinm 2023-01-22 20:03:11 +01:00
parent 9af819b4b8
commit 7a3e65a3f5
2 changed files with 100 additions and 57 deletions

View file

@ -840,11 +840,11 @@
"tracktrain": { "tracktrain": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1674348451, "lastModified": 1674405034,
"narHash": "sha256-fkVvjRe8wKKjEdLiRJV62nns0svy2pngE5jvsZjIlvE=", "narHash": "sha256-zKGuktcZ47kC+Jo0Mc0dvB1rMTZN1HprouZ7uRm9VoU=",
"ref": "main", "ref": "main",
"rev": "3d0980811d61a78f265ec06dd5bd4ef2cde1cbdf", "rev": "53e7884ec03e870431064062519d3a94302bc480",
"revCount": 78, "revCount": 80,
"type": "git", "type": "git",
"url": "https://stuebinm.eu/git/tracktrain" "url": "https://stuebinm.eu/git/tracktrain"
}, },

View file

@ -1,55 +1,43 @@
{ config, lib, pkgs, inputs, evalConfig, ... }: { config, lib, pkgs, inputs, evalConfig, ... }:
let
tracktrain-config = ''
dbstring: "dbname=tracktrain"
gtfs: ./gtfs.zip
warp:
port: 4000
login:
enable: true
url: https://login.infra4future.de
clientname: tracktrain
# clientsecret defined in env file
'';
in
{ {
services.nginx.virtualHosts."tracktrain.ilztalbahn.eu" = { services.nginx.virtualHosts."tracktrain.ilztalbahn.eu" = {
locations."/api" = { enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://192.168.42.41:4000"; proxyPass = "http://192.168.42.41:4000";
proxyWebsockets = true; proxyWebsockets = true;
extraConfig = '' extraConfig = ''
add_header 'Access-Control-Allow-Origin' '*' always; add_header 'Access-Control-Allow-Origin' '*' always;
''; '';
}; };
# locations."/metrics/" = { # note: this shadows the /metrics endpoint of tracktrain
# proxyPass = "http://localhost:2342"; # in case you remove this, please consider putting something
# proxyWebsockets = true; # else here to keep it from being publicly scrapable
# extraConfig = '' locations."/metrics/" = {
# rewrite ^/metrics/(.*) /$1 break; proxyPass = "http://192.168.42.41:2342";
# ''; proxyWebsockets = true;
# }; extraConfig = ''
enableACME = true; rewrite ^/metrics/(.*) /$1 break;
forceSSL = true; '';
};
}; };
# services.prometheus = {
# enable = true;
# port = 9001;
# scrapeConfigs = [ {
# job_name = "tracktrain";
# static_configs = [{
# targets = [ "192.168.42.41:4000" ];
# }];
# } ];
# };
# services.grafana = {
# enable = true;
# settings.server = {
# serve_from_sub_path = true;
# domain = "tracktrain.ilztalbahn.eu";
# root_url = "%(protocol)s://%(domain)s:/metrics/";
# http_port = 2342;
# http_addr = "0.0.0.0";
# };
# provision = {
# enable = true;
# datasources.settings.datasources = [ {
# url = "http://localhost:9001";
# type = "prometheus";
# name = "prometheus";
# } ];
# };
# };
networking.firewall.allowedTCPPorts = [ 443 ]; networking.firewall.allowedTCPPorts = [ 443 ];
@ -58,13 +46,13 @@
hostAddress = "192.168.42.40"; hostAddress = "192.168.42.40";
localAddress = "192.168.42.41"; localAddress = "192.168.42.41";
autoStart = true; autoStart = true;
bindMounts = { bindMounts = {
"/persist" = { "/persist" = {
hostPath = "/persist/containers/tracktrain"; hostPath = "/persist/containers/tracktrain";
isReadOnly = false; isReadOnly = false;
}; };
}; };
path = (evalConfig { path = (evalConfig {
hosts = { }; hosts = { };
groups = { }; groups = { };
@ -81,27 +69,32 @@
interface = "eth0"; interface = "eth0";
}; };
users.users.tracktrain = {
group = "tracktrain";
isSystemUser = true;
};
users.groups.tracktrain = {};
systemd.services.tracktrain = { systemd.services.tracktrain = {
enable = true; enable = true;
description = "tracks trains, hopefully"; description = "tracks trains, hopefully";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
after = [ "network.target" ]; after = [ "network.target" ];
serviceConfig.Type = "simple"; serviceConfig = {
Type = "simple";
EnvironmentFile = "/persist/secrets.env";
User = "tracktrain";
Group = "tracktrain";
};
path = [ pkgs.wget ]; path = [ pkgs.wget ];
script = '' script = ''
cd /tmp mkdir -p /persist/tracktrain
# wget "https://ilztalbahn.eu/wp-content/uploads/2020/07/gtfs.zip" cd /persist/tracktrain
${(pkgs.tracktrain ln -sf ${pkgs.writeText "tracktrain-config.yaml" tracktrain-config} config.yaml
# have to remove version constraints because some aren't in 22.05 wget "https://ilztalbahn.eu/wp-content/uploads/2020/07/gtfs.zip"
.overrideAttrs (old: { patchPhase = '' ${pkgs.tracktrain}/bin/tracktrain +RTS -T
sed -i "s/base.*/base/g" *.cabal
sed -i "s/^>=.*//g" *.cabal
sed -i "s/>=.*//g" *.cabal
''; }))
}/bin/tracktrain --dbString="dbname=tracktrain user=tracktrain" --warp.port=4000 +RTS -T
''; '';
startAt = "daily";
}; };
services.postgresql = { services.postgresql = {
@ -120,6 +113,56 @@
''; '';
}; };
services.prometheus = {
enable = true;
port = 9001;
scrapeConfigs = [ {
job_name = "tracktrain";
static_configs = [{
targets = [ "0.0.0.0:4000" ];
}];
} ];
};
services.grafana = {
enable = true;
settings.server = {
serve_from_sub_path = true;
domain = "tracktrain.ilztalbahn.eu";
root_url = "https://%(domain)s/metrics/";
http_port = 2342;
http_addr = "0.0.0.0";
};
settings."auth.generic_oauth" = {
name = "uffd";
enabled = true;
allow_sign_up = true;
empty_scopes = true;
client_id = "ilztalbahn-grafana";
client_secret = "\${GRAFANA_CLIENT_SECRET}";
auth_url = "https://login.infra4future.de/oauth2/authorize";
token_url = "https://login.infra4future.de/oauth2/token";
api_url = "https://login.infra4future.de/oauth2/userinfo";
};
# disables the default login screen. comment out if for some
# reason you do need it
settings.auth.oauth_auto_login = true;
settings.users.auto_assign_org_role = "Admin";
provision = {
enable = true;
datasources.settings.datasources = [ {
url = "http://localhost:9001";
type = "prometheus";
name = "prometheus";
} ];
};
};
systemd.services.grafana.serviceConfig.EnvironmentFile =
"/persist/secrets.env";
services.coredns = { services.coredns = {
enable = true; enable = true;
config = '' config = ''