forked from hacc/haccfiles
tracktrain: update
This is the initial version for this year's run of absurd train operations. I won't dare to call it a release for at least another month or so, so no version number. Changes done in our nixfiles: - tracktrain now needs ntfy-sh so people (read: I) can get push notifications if things break or at least look a little weird - I removed the grafana instance; seems like somewhere in the last year they changed how to host it under a sub-path (ours was at /metrics), so it broke, and I'm not feeling any particular urge to fix it - last year's database contents have been yoten - also manually updated the gtfs (though I intend to implement logic for fetching it in tracktrain, I first need to drag Ilztalbahn into actually publishing up-to-date versions again first)
This commit is contained in:
parent
8662943183
commit
27b8ef6784
3 changed files with 15 additions and 59 deletions
|
@ -228,11 +228,11 @@
|
||||||
"tracktrain": {
|
"tracktrain": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1688154251,
|
"lastModified": 1714552989,
|
||||||
"narHash": "sha256-iv2xUUYhjIcKWs1+l7h43z7v/a9/OamBKXi/gcl4ppI=",
|
"narHash": "sha256-I/Lml1AWvuvnFqlzJ017MymKTD2N1oGwNu2eEf6K/O4=",
|
||||||
"ref": "main",
|
"ref": "main",
|
||||||
"rev": "a995dabf07574a32c1ae62ad23b96ba7d8e076ee",
|
"rev": "203d9555b6915d834e9107db4e4ccfa5c99c3631",
|
||||||
"revCount": 92,
|
"revCount": 101,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://stuebinm.eu/git/tracktrain"
|
"url": "https://stuebinm.eu/git/tracktrain"
|
||||||
},
|
},
|
||||||
|
|
|
@ -14,6 +14,10 @@ let
|
||||||
url: https://login.infra4future.de
|
url: https://login.infra4future.de
|
||||||
clientname: tracktrain
|
clientname: tracktrain
|
||||||
# clientsecret defined in env file
|
# clientsecret defined in env file
|
||||||
|
|
||||||
|
logging:
|
||||||
|
ntfytopic: ping.stuebinm.eu/monit
|
||||||
|
name: ilztalbahn
|
||||||
'';
|
'';
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -44,13 +48,6 @@ in
|
||||||
bindSecrets = true;
|
bindSecrets = true;
|
||||||
|
|
||||||
config = { config, lib, pkgs, ... }: {
|
config = { config, lib, pkgs, ... }: {
|
||||||
system.stateVersion = "21.11";
|
|
||||||
|
|
||||||
users.users.tracktrain = {
|
|
||||||
group = "tracktrain";
|
|
||||||
isSystemUser = true;
|
|
||||||
};
|
|
||||||
users.groups.tracktrain = {};
|
|
||||||
|
|
||||||
systemd.services.tracktrain = {
|
systemd.services.tracktrain = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -62,22 +59,18 @@ in
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "simple";
|
Type = "simple";
|
||||||
EnvironmentFile = "/secrets/env";
|
EnvironmentFile = "/secrets/env";
|
||||||
User = "tracktrain";
|
DynamicUser = true;
|
||||||
Group = "tracktrain";
|
|
||||||
};
|
};
|
||||||
path = [ pkgs.wget ];
|
path = [ pkgs.wget pkgs.ntfy-sh ];
|
||||||
script = ''
|
script = ''
|
||||||
mkdir -p /persist/tracktrain
|
cd /tmp
|
||||||
cd /persist/tracktrain
|
|
||||||
ln -sf ${pkgs.writeText "tracktrain-config.yaml" tracktrain-config} config.yaml
|
ln -sf ${pkgs.writeText "tracktrain-config.yaml" tracktrain-config} config.yaml
|
||||||
wget "https://ilztalbahn.eu/wp-content/uploads/2020/07/gtfs.zip" || sleep 4; wget "https://ilztalbahn.eu/wp-content/uploads/2020/07/gtfs.zip"
|
|
||||||
${pkgs.tracktrain}/bin/tracktrain +RTS -T
|
${pkgs.tracktrain}/bin/tracktrain +RTS -T
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
services.postgresql = {
|
services.postgresql = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
package = pkgs.postgresql_15;
|
package = pkgs.postgresql_15;
|
||||||
ensureDatabases = [ "tracktrain" ];
|
ensureDatabases = [ "tracktrain" ];
|
||||||
ensureUsers = [ {
|
ensureUsers = [ {
|
||||||
|
@ -86,7 +79,6 @@ in
|
||||||
} ];
|
} ];
|
||||||
authentication = ''
|
authentication = ''
|
||||||
local all all trust
|
local all all trust
|
||||||
host all all 127.0.0.1/32 trust
|
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -101,42 +93,6 @@ in
|
||||||
} ];
|
} ];
|
||||||
};
|
};
|
||||||
|
|
||||||
services.grafana = {
|
|
||||||
enable = true;
|
|
||||||
settings.server = {
|
|
||||||
serve_from_sub_path = true;
|
|
||||||
domain = "tracktrain.ilztalbahn.eu";
|
|
||||||
root_url = "https://%(domain)s/metrics/";
|
|
||||||
http_port = 2342;
|
|
||||||
http_addr = "0.0.0.0";
|
|
||||||
};
|
|
||||||
|
|
||||||
settings."auth.generic_oauth" = {
|
|
||||||
name = "uffd";
|
|
||||||
enabled = true;
|
|
||||||
allow_sign_up = true;
|
|
||||||
empty_scopes = true;
|
|
||||||
client_id = "ilztalbahn-grafana";
|
|
||||||
client_secret = "\${GRAFANA_CLIENT_SECRET}";
|
|
||||||
auth_url = "https://login.infra4future.de/oauth2/authorize";
|
|
||||||
token_url = "https://login.infra4future.de/oauth2/token";
|
|
||||||
api_url = "https://login.infra4future.de/oauth2/userinfo";
|
|
||||||
};
|
|
||||||
# disables the default login screen. comment out if for some
|
|
||||||
# reason you do need it
|
|
||||||
settings.auth.oauth_auto_login = true;
|
|
||||||
settings.users.auto_assign_org_role = "Admin";
|
|
||||||
|
|
||||||
provision = {
|
|
||||||
enable = true;
|
|
||||||
datasources.settings.datasources = [ {
|
|
||||||
url = "http://localhost:9001";
|
|
||||||
type = "prometheus";
|
|
||||||
name = "prometheus";
|
|
||||||
} ];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services.grafana.serviceConfig.EnvironmentFile =
|
systemd.services.grafana.serviceConfig.EnvironmentFile =
|
||||||
"/secrets/env";
|
"/secrets/env";
|
||||||
hacc.bindToPersist = [ "/var/lib/grafana" ];
|
hacc.bindToPersist = [ "/var/lib/grafana" ];
|
||||||
|
|
|
@ -3,7 +3,7 @@ hedgedoc-hacc:
|
||||||
mattermost:
|
mattermost:
|
||||||
env: ENC[AES256_GCM,data:4GcV8UOYmVUjZoYc0Nq/vEWtxtYNV81zVTEyFnZIfY1k/Ar1MU+fn5A99JLIMc8U84/QupDU7TcneiN/wqPv2jYqGS7ixSNTk+x5uUPMarzKZ04ynav6FCWEvlSF0Sz4/5s/Pvp1Qi3zdv16ZVGUHbM8/wCcaZBkSS0ofwBTIXVsVYSRPFxLehtBgwjAnD46qS+YJmszmd7V5N/adWWF34vAdfLiO6Y7KDB3jnMLOPU6Drtw9L83AW6NuOtk8crZrI1dkTD/xUC07IvMhZpZVc9ktQJqIvlk/ADs5aIp/QYrjICdYvb8xC16oV7jC/7yzXzC/UuYbCvS5gnHGMK/CsBkmM9HXmQ6mWjrfuOJEkMHSefS7O8HyrNoNDSXq0ivCr6KJmwrz7NXNAE6a6xx9LMjs5DJ8H5fda1l5TGVAdA2tg==,iv:dG4cnEtUgUxw7zS2k15p+6//Bl19WquTfFIiz5Vi/0M=,tag:cMBU8CtFBBjfcfpO709Kpg==,type:str]
|
env: ENC[AES256_GCM,data:4GcV8UOYmVUjZoYc0Nq/vEWtxtYNV81zVTEyFnZIfY1k/Ar1MU+fn5A99JLIMc8U84/QupDU7TcneiN/wqPv2jYqGS7ixSNTk+x5uUPMarzKZ04ynav6FCWEvlSF0Sz4/5s/Pvp1Qi3zdv16ZVGUHbM8/wCcaZBkSS0ofwBTIXVsVYSRPFxLehtBgwjAnD46qS+YJmszmd7V5N/adWWF34vAdfLiO6Y7KDB3jnMLOPU6Drtw9L83AW6NuOtk8crZrI1dkTD/xUC07IvMhZpZVc9ktQJqIvlk/ADs5aIp/QYrjICdYvb8xC16oV7jC/7yzXzC/UuYbCvS5gnHGMK/CsBkmM9HXmQ6mWjrfuOJEkMHSefS7O8HyrNoNDSXq0ivCr6KJmwrz7NXNAE6a6xx9LMjs5DJ8H5fda1l5TGVAdA2tg==,iv:dG4cnEtUgUxw7zS2k15p+6//Bl19WquTfFIiz5Vi/0M=,tag:cMBU8CtFBBjfcfpO709Kpg==,type:str]
|
||||||
tracktrain:
|
tracktrain:
|
||||||
env: ENC[AES256_GCM,data:jaq039FNxBrsPfG/q+InYpiyl1LBdY++DlLM6UpSAwKlINucooTrHz51QrdRWhAZDqXhVTHM55Q/Zm4wazweCABiNjkXDFoZgxc5YJX+pvBct6M533xl109yD6KiYOXDqPY03u71aop8OmOAnKDp1JlzPS1otdlaN8Vd56G+,iv:nYU2rgMMG4QcJo5DnZpYZm1zr82idd7r1uTsqNiXLdA=,tag:9rdxAneYUREacXNunpTuHw==,type:str]
|
env: ENC[AES256_GCM,data:W3+8qWomPgGJt5u50aAm9x/dilMpqKY11I2AdaIBTz5posc25ts0LB5S/Sxe1ROz4itpDK3QvjoFUTRhS39k4dwMr5lqXV8Ln4B+sPpvh7oBM8A5zydP8Jj1J1YqRt8++RTUmb4z41DIwb/yaZKMu6z0guXIu1yuYzcbCuk0xe/iOp6UUpfjOzzWTvxY54zY6kWcjHLiCSwD31Cd+MxMPfbUEkHt+0W+sBmYXGeEFI/6ULSB6FnGjNW6F9g=,iv:3ymah8HG+Yg6VYZZA/MRRjHDYvYJz01ezvhfQiftegg=,tag:trht+PRYfKgWJkg2wRwISQ==,type:str]
|
||||||
vaultwarden:
|
vaultwarden:
|
||||||
env: ENC[AES256_GCM,data:hdm91tI8WBd3es+IUbdBO69kh1pNZTNvZNFIdSZO8lm4yYMPE+Jm7EzVqwOaZRbpQaVDBg7uh5P4ODc=,iv:no7U0wQCwZOeL2pwXf2pUIgrEsEOYwqOT04LvpCl614=,tag:AGSu5M7H69x6pDM062bC6g==,type:str]
|
env: ENC[AES256_GCM,data:hdm91tI8WBd3es+IUbdBO69kh1pNZTNvZNFIdSZO8lm4yYMPE+Jm7EzVqwOaZRbpQaVDBg7uh5P4ODc=,iv:no7U0wQCwZOeL2pwXf2pUIgrEsEOYwqOT04LvpCl614=,tag:AGSu5M7H69x6pDM062bC6g==,type:str]
|
||||||
auamost:
|
auamost:
|
||||||
|
@ -98,8 +98,8 @@ sops:
|
||||||
bndBTXJhQVE2OVlKeGNTbzJlL0duUzAKIWdesesYvBIN/m36fhzxq30+IT8qp/pF
|
bndBTXJhQVE2OVlKeGNTbzJlL0duUzAKIWdesesYvBIN/m36fhzxq30+IT8qp/pF
|
||||||
S6i7QqZF75y2BpEoupRCqNIAsHrouUE+U9ZQJZO8m9J591mWvbVJIw==
|
S6i7QqZF75y2BpEoupRCqNIAsHrouUE+U9ZQJZO8m9J591mWvbVJIw==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-04-09T18:13:36Z"
|
lastmodified: "2024-05-01T01:20:25Z"
|
||||||
mac: ENC[AES256_GCM,data:oKKQC09MGj+ng9LQqQefY1/xZGRPD3NzyILgB/pzeQT0JjlzXx27JzedmOvx2IPDgJQWPfwevoWdai4HAZeRQQk4yFDePSM/ZJqSn2NnQdUJ9mSQEu5iSrseez/OiotVHZ85ZFhu3thk34rzu0ImHhqYoSqWx5d/tnjC4wPdJlY=,iv:Hm27YPP0U7t7ZiGqMynBTCSHdpJ1dEhBz5HGS5RKgdw=,tag:WJZVcs3t+FV7FmsQVag5/w==,type:str]
|
mac: ENC[AES256_GCM,data:2fVIskFTMl1jefsa3A9fbBBUBK3Ni9XpUjLbwgewEUEKDhwzHY7vjlauzEVtcFJhYkorG/I/0YkPE6PjHta8Qk4mAOfXeVeLDrwH0dmIoPxw+J4kCgRNgNGdhkvmSUBQKwmhfvG3owZnGvq6JfcKZW8HodXyZ+GQQNknGzoX1wQ=,iv:fIXw7lsLwMHsNpZyv9nil7pdXrYNm18UV87KY0Z2zJ4=,tag:L/zymgljJWopKN1q7rpPhg==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
Loading…
Reference in a new issue