forked from hacc/haccfiles
working tracktrain + monitoring
This commit is contained in:
parent
9af819b4b8
commit
7a3e65a3f5
2 changed files with 100 additions and 57 deletions
|
@ -840,11 +840,11 @@
|
||||||
"tracktrain": {
|
"tracktrain": {
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1674348451,
|
"lastModified": 1674405034,
|
||||||
"narHash": "sha256-fkVvjRe8wKKjEdLiRJV62nns0svy2pngE5jvsZjIlvE=",
|
"narHash": "sha256-zKGuktcZ47kC+Jo0Mc0dvB1rMTZN1HprouZ7uRm9VoU=",
|
||||||
"ref": "main",
|
"ref": "main",
|
||||||
"rev": "3d0980811d61a78f265ec06dd5bd4ef2cde1cbdf",
|
"rev": "53e7884ec03e870431064062519d3a94302bc480",
|
||||||
"revCount": 78,
|
"revCount": 80,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://stuebinm.eu/git/tracktrain"
|
"url": "https://stuebinm.eu/git/tracktrain"
|
||||||
},
|
},
|
||||||
|
|
|
@ -1,55 +1,43 @@
|
||||||
{ config, lib, pkgs, inputs, evalConfig, ... }:
|
{ config, lib, pkgs, inputs, evalConfig, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
tracktrain-config = ''
|
||||||
|
dbstring: "dbname=tracktrain"
|
||||||
|
gtfs: ./gtfs.zip
|
||||||
|
|
||||||
|
warp:
|
||||||
|
port: 4000
|
||||||
|
|
||||||
|
login:
|
||||||
|
enable: true
|
||||||
|
url: https://login.infra4future.de
|
||||||
|
clientname: tracktrain
|
||||||
|
# clientsecret defined in env file
|
||||||
|
'';
|
||||||
|
in
|
||||||
{
|
{
|
||||||
services.nginx.virtualHosts."tracktrain.ilztalbahn.eu" = {
|
services.nginx.virtualHosts."tracktrain.ilztalbahn.eu" = {
|
||||||
locations."/api" = {
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
locations."/" = {
|
||||||
proxyPass = "http://192.168.42.41:4000";
|
proxyPass = "http://192.168.42.41:4000";
|
||||||
proxyWebsockets = true;
|
proxyWebsockets = true;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
add_header 'Access-Control-Allow-Origin' '*' always;
|
add_header 'Access-Control-Allow-Origin' '*' always;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
# locations."/metrics/" = {
|
# note: this shadows the /metrics endpoint of tracktrain
|
||||||
# proxyPass = "http://localhost:2342";
|
# in case you remove this, please consider putting something
|
||||||
# proxyWebsockets = true;
|
# else here to keep it from being publicly scrapable
|
||||||
# extraConfig = ''
|
locations."/metrics/" = {
|
||||||
# rewrite ^/metrics/(.*) /$1 break;
|
proxyPass = "http://192.168.42.41:2342";
|
||||||
# '';
|
proxyWebsockets = true;
|
||||||
# };
|
extraConfig = ''
|
||||||
enableACME = true;
|
rewrite ^/metrics/(.*) /$1 break;
|
||||||
forceSSL = true;
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# services.prometheus = {
|
|
||||||
# enable = true;
|
|
||||||
# port = 9001;
|
|
||||||
# scrapeConfigs = [ {
|
|
||||||
# job_name = "tracktrain";
|
|
||||||
# static_configs = [{
|
|
||||||
# targets = [ "192.168.42.41:4000" ];
|
|
||||||
# }];
|
|
||||||
# } ];
|
|
||||||
# };
|
|
||||||
|
|
||||||
# services.grafana = {
|
|
||||||
# enable = true;
|
|
||||||
# settings.server = {
|
|
||||||
# serve_from_sub_path = true;
|
|
||||||
# domain = "tracktrain.ilztalbahn.eu";
|
|
||||||
# root_url = "%(protocol)s://%(domain)s:/metrics/";
|
|
||||||
# http_port = 2342;
|
|
||||||
# http_addr = "0.0.0.0";
|
|
||||||
# };
|
|
||||||
|
|
||||||
# provision = {
|
|
||||||
# enable = true;
|
|
||||||
# datasources.settings.datasources = [ {
|
|
||||||
# url = "http://localhost:9001";
|
|
||||||
# type = "prometheus";
|
|
||||||
# name = "prometheus";
|
|
||||||
# } ];
|
|
||||||
# };
|
|
||||||
# };
|
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ 443 ];
|
networking.firewall.allowedTCPPorts = [ 443 ];
|
||||||
|
|
||||||
|
@ -58,13 +46,13 @@
|
||||||
hostAddress = "192.168.42.40";
|
hostAddress = "192.168.42.40";
|
||||||
localAddress = "192.168.42.41";
|
localAddress = "192.168.42.41";
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
|
|
||||||
bindMounts = {
|
bindMounts = {
|
||||||
"/persist" = {
|
"/persist" = {
|
||||||
hostPath = "/persist/containers/tracktrain";
|
hostPath = "/persist/containers/tracktrain";
|
||||||
isReadOnly = false;
|
isReadOnly = false;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
path = (evalConfig {
|
path = (evalConfig {
|
||||||
hosts = { };
|
hosts = { };
|
||||||
groups = { };
|
groups = { };
|
||||||
|
@ -81,27 +69,32 @@
|
||||||
interface = "eth0";
|
interface = "eth0";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
users.users.tracktrain = {
|
||||||
|
group = "tracktrain";
|
||||||
|
isSystemUser = true;
|
||||||
|
};
|
||||||
|
users.groups.tracktrain = {};
|
||||||
|
|
||||||
systemd.services.tracktrain = {
|
systemd.services.tracktrain = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
description = "tracks trains, hopefully";
|
description = "tracks trains, hopefully";
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
after = [ "network.target" ];
|
after = [ "network.target" ];
|
||||||
serviceConfig.Type = "simple";
|
serviceConfig = {
|
||||||
|
Type = "simple";
|
||||||
|
EnvironmentFile = "/persist/secrets.env";
|
||||||
|
User = "tracktrain";
|
||||||
|
Group = "tracktrain";
|
||||||
|
};
|
||||||
path = [ pkgs.wget ];
|
path = [ pkgs.wget ];
|
||||||
script = ''
|
script = ''
|
||||||
cd /tmp
|
mkdir -p /persist/tracktrain
|
||||||
# wget "https://ilztalbahn.eu/wp-content/uploads/2020/07/gtfs.zip"
|
cd /persist/tracktrain
|
||||||
${(pkgs.tracktrain
|
ln -sf ${pkgs.writeText "tracktrain-config.yaml" tracktrain-config} config.yaml
|
||||||
# have to remove version constraints because some aren't in 22.05
|
wget "https://ilztalbahn.eu/wp-content/uploads/2020/07/gtfs.zip"
|
||||||
.overrideAttrs (old: { patchPhase = ''
|
${pkgs.tracktrain}/bin/tracktrain +RTS -T
|
||||||
sed -i "s/base.*/base/g" *.cabal
|
|
||||||
sed -i "s/^>=.*//g" *.cabal
|
|
||||||
sed -i "s/>=.*//g" *.cabal
|
|
||||||
''; }))
|
|
||||||
}/bin/tracktrain --dbString="dbname=tracktrain user=tracktrain" --warp.port=4000 +RTS -T
|
|
||||||
'';
|
'';
|
||||||
startAt = "daily";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
services.postgresql = {
|
services.postgresql = {
|
||||||
|
@ -120,6 +113,56 @@
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.prometheus = {
|
||||||
|
enable = true;
|
||||||
|
port = 9001;
|
||||||
|
scrapeConfigs = [ {
|
||||||
|
job_name = "tracktrain";
|
||||||
|
static_configs = [{
|
||||||
|
targets = [ "0.0.0.0:4000" ];
|
||||||
|
}];
|
||||||
|
} ];
|
||||||
|
};
|
||||||
|
|
||||||
|
services.grafana = {
|
||||||
|
enable = true;
|
||||||
|
settings.server = {
|
||||||
|
serve_from_sub_path = true;
|
||||||
|
domain = "tracktrain.ilztalbahn.eu";
|
||||||
|
root_url = "https://%(domain)s/metrics/";
|
||||||
|
http_port = 2342;
|
||||||
|
http_addr = "0.0.0.0";
|
||||||
|
};
|
||||||
|
|
||||||
|
settings."auth.generic_oauth" = {
|
||||||
|
name = "uffd";
|
||||||
|
enabled = true;
|
||||||
|
allow_sign_up = true;
|
||||||
|
empty_scopes = true;
|
||||||
|
client_id = "ilztalbahn-grafana";
|
||||||
|
client_secret = "\${GRAFANA_CLIENT_SECRET}";
|
||||||
|
auth_url = "https://login.infra4future.de/oauth2/authorize";
|
||||||
|
token_url = "https://login.infra4future.de/oauth2/token";
|
||||||
|
api_url = "https://login.infra4future.de/oauth2/userinfo";
|
||||||
|
};
|
||||||
|
# disables the default login screen. comment out if for some
|
||||||
|
# reason you do need it
|
||||||
|
settings.auth.oauth_auto_login = true;
|
||||||
|
settings.users.auto_assign_org_role = "Admin";
|
||||||
|
|
||||||
|
provision = {
|
||||||
|
enable = true;
|
||||||
|
datasources.settings.datasources = [ {
|
||||||
|
url = "http://localhost:9001";
|
||||||
|
type = "prometheus";
|
||||||
|
name = "prometheus";
|
||||||
|
} ];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.services.grafana.serviceConfig.EnvironmentFile =
|
||||||
|
"/persist/secrets.env";
|
||||||
|
|
||||||
services.coredns = {
|
services.coredns = {
|
||||||
enable = true;
|
enable = true;
|
||||||
config = ''
|
config = ''
|
||||||
|
|
Loading…
Reference in a new issue