forked from hacc/haccfiles
working tracktrain + monitoring
This commit is contained in:
parent
9af819b4b8
commit
7a3e65a3f5
2 changed files with 100 additions and 57 deletions
|
@ -840,11 +840,11 @@
|
|||
"tracktrain": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1674348451,
|
||||
"narHash": "sha256-fkVvjRe8wKKjEdLiRJV62nns0svy2pngE5jvsZjIlvE=",
|
||||
"lastModified": 1674405034,
|
||||
"narHash": "sha256-zKGuktcZ47kC+Jo0Mc0dvB1rMTZN1HprouZ7uRm9VoU=",
|
||||
"ref": "main",
|
||||
"rev": "3d0980811d61a78f265ec06dd5bd4ef2cde1cbdf",
|
||||
"revCount": 78,
|
||||
"rev": "53e7884ec03e870431064062519d3a94302bc480",
|
||||
"revCount": 80,
|
||||
"type": "git",
|
||||
"url": "https://stuebinm.eu/git/tracktrain"
|
||||
},
|
||||
|
|
|
@ -1,55 +1,43 @@
|
|||
{ config, lib, pkgs, inputs, evalConfig, ... }:
|
||||
|
||||
let
|
||||
tracktrain-config = ''
|
||||
dbstring: "dbname=tracktrain"
|
||||
gtfs: ./gtfs.zip
|
||||
|
||||
warp:
|
||||
port: 4000
|
||||
|
||||
login:
|
||||
enable: true
|
||||
url: https://login.infra4future.de
|
||||
clientname: tracktrain
|
||||
# clientsecret defined in env file
|
||||
'';
|
||||
in
|
||||
{
|
||||
services.nginx.virtualHosts."tracktrain.ilztalbahn.eu" = {
|
||||
locations."/api" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://192.168.42.41:4000";
|
||||
proxyWebsockets = true;
|
||||
extraConfig = ''
|
||||
add_header 'Access-Control-Allow-Origin' '*' always;
|
||||
'';
|
||||
};
|
||||
# locations."/metrics/" = {
|
||||
# proxyPass = "http://localhost:2342";
|
||||
# proxyWebsockets = true;
|
||||
# extraConfig = ''
|
||||
# rewrite ^/metrics/(.*) /$1 break;
|
||||
# '';
|
||||
# };
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
# note: this shadows the /metrics endpoint of tracktrain
|
||||
# in case you remove this, please consider putting something
|
||||
# else here to keep it from being publicly scrapable
|
||||
locations."/metrics/" = {
|
||||
proxyPass = "http://192.168.42.41:2342";
|
||||
proxyWebsockets = true;
|
||||
extraConfig = ''
|
||||
rewrite ^/metrics/(.*) /$1 break;
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
# services.prometheus = {
|
||||
# enable = true;
|
||||
# port = 9001;
|
||||
# scrapeConfigs = [ {
|
||||
# job_name = "tracktrain";
|
||||
# static_configs = [{
|
||||
# targets = [ "192.168.42.41:4000" ];
|
||||
# }];
|
||||
# } ];
|
||||
# };
|
||||
|
||||
# services.grafana = {
|
||||
# enable = true;
|
||||
# settings.server = {
|
||||
# serve_from_sub_path = true;
|
||||
# domain = "tracktrain.ilztalbahn.eu";
|
||||
# root_url = "%(protocol)s://%(domain)s:/metrics/";
|
||||
# http_port = 2342;
|
||||
# http_addr = "0.0.0.0";
|
||||
# };
|
||||
|
||||
# provision = {
|
||||
# enable = true;
|
||||
# datasources.settings.datasources = [ {
|
||||
# url = "http://localhost:9001";
|
||||
# type = "prometheus";
|
||||
# name = "prometheus";
|
||||
# } ];
|
||||
# };
|
||||
# };
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 443 ];
|
||||
|
||||
|
@ -58,13 +46,13 @@
|
|||
hostAddress = "192.168.42.40";
|
||||
localAddress = "192.168.42.41";
|
||||
autoStart = true;
|
||||
|
||||
bindMounts = {
|
||||
"/persist" = {
|
||||
hostPath = "/persist/containers/tracktrain";
|
||||
isReadOnly = false;
|
||||
};
|
||||
};
|
||||
|
||||
path = (evalConfig {
|
||||
hosts = { };
|
||||
groups = { };
|
||||
|
@ -81,27 +69,32 @@
|
|||
interface = "eth0";
|
||||
};
|
||||
|
||||
users.users.tracktrain = {
|
||||
group = "tracktrain";
|
||||
isSystemUser = true;
|
||||
};
|
||||
users.groups.tracktrain = {};
|
||||
|
||||
systemd.services.tracktrain = {
|
||||
enable = true;
|
||||
|
||||
description = "tracks trains, hopefully";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
serviceConfig.Type = "simple";
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
EnvironmentFile = "/persist/secrets.env";
|
||||
User = "tracktrain";
|
||||
Group = "tracktrain";
|
||||
};
|
||||
path = [ pkgs.wget ];
|
||||
script = ''
|
||||
cd /tmp
|
||||
# wget "https://ilztalbahn.eu/wp-content/uploads/2020/07/gtfs.zip"
|
||||
${(pkgs.tracktrain
|
||||
# have to remove version constraints because some aren't in 22.05
|
||||
.overrideAttrs (old: { patchPhase = ''
|
||||
sed -i "s/base.*/base/g" *.cabal
|
||||
sed -i "s/^>=.*//g" *.cabal
|
||||
sed -i "s/>=.*//g" *.cabal
|
||||
''; }))
|
||||
}/bin/tracktrain --dbString="dbname=tracktrain user=tracktrain" --warp.port=4000 +RTS -T
|
||||
mkdir -p /persist/tracktrain
|
||||
cd /persist/tracktrain
|
||||
ln -sf ${pkgs.writeText "tracktrain-config.yaml" tracktrain-config} config.yaml
|
||||
wget "https://ilztalbahn.eu/wp-content/uploads/2020/07/gtfs.zip"
|
||||
${pkgs.tracktrain}/bin/tracktrain +RTS -T
|
||||
'';
|
||||
startAt = "daily";
|
||||
};
|
||||
|
||||
services.postgresql = {
|
||||
|
@ -120,6 +113,56 @@
|
|||
'';
|
||||
};
|
||||
|
||||
services.prometheus = {
|
||||
enable = true;
|
||||
port = 9001;
|
||||
scrapeConfigs = [ {
|
||||
job_name = "tracktrain";
|
||||
static_configs = [{
|
||||
targets = [ "0.0.0.0:4000" ];
|
||||
}];
|
||||
} ];
|
||||
};
|
||||
|
||||
services.grafana = {
|
||||
enable = true;
|
||||
settings.server = {
|
||||
serve_from_sub_path = true;
|
||||
domain = "tracktrain.ilztalbahn.eu";
|
||||
root_url = "https://%(domain)s/metrics/";
|
||||
http_port = 2342;
|
||||
http_addr = "0.0.0.0";
|
||||
};
|
||||
|
||||
settings."auth.generic_oauth" = {
|
||||
name = "uffd";
|
||||
enabled = true;
|
||||
allow_sign_up = true;
|
||||
empty_scopes = true;
|
||||
client_id = "ilztalbahn-grafana";
|
||||
client_secret = "\${GRAFANA_CLIENT_SECRET}";
|
||||
auth_url = "https://login.infra4future.de/oauth2/authorize";
|
||||
token_url = "https://login.infra4future.de/oauth2/token";
|
||||
api_url = "https://login.infra4future.de/oauth2/userinfo";
|
||||
};
|
||||
# disables the default login screen. comment out if for some
|
||||
# reason you do need it
|
||||
settings.auth.oauth_auto_login = true;
|
||||
settings.users.auto_assign_org_role = "Admin";
|
||||
|
||||
provision = {
|
||||
enable = true;
|
||||
datasources.settings.datasources = [ {
|
||||
url = "http://localhost:9001";
|
||||
type = "prometheus";
|
||||
name = "prometheus";
|
||||
} ];
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.grafana.serviceConfig.EnvironmentFile =
|
||||
"/persist/secrets.env";
|
||||
|
||||
services.coredns = {
|
||||
enable = true;
|
||||
config = ''
|
||||
|
|
Loading…
Reference in a new issue