diff --git a/ops/nixos/lib/home-manager/common.nix b/ops/nixos/lib/home-manager/common.nix index 693eebba69..e9b042538b 100644 --- a/ops/nixos/lib/home-manager/common.nix +++ b/ops/nixos/lib/home-manager/common.nix @@ -37,13 +37,23 @@ in forwardAgent = true; matchBlocks = let allEventBlocks = (lib.concatStringsSep " " (builtins.map (n: "172.${toString n}.*.*") (lib.range 16 31))); + blast-tmpl = ip: { + user = "root"; + port = 888; + hostname = ip; + extraOptions.setEnv = "TERM=xterm-256color"; + }; in ({ marukuru.port = 20022; - sar1.hostname = "81.131.50.219"; + sar1 = { + hostname = "81.131.50.219"; + extraOptions.setEnv = "TERM=xterm-256color"; + }; sar1-mon1 = { user = "eng"; hostname = "172.16.0.9"; proxyJump = "sar1"; + extraOptions.setEnv = "TERM=xterm-256color"; }; su-cinema-ernie = { user = "lukegb"; @@ -55,8 +65,13 @@ in hostname = "su-cinema-ernie.su.ic.ac.uk"; port = 8080; }; + + blast-worker1 = blast-tmpl "10.200.69.10"; + blast-worker2 = blast-tmpl "10.200.69.11"; + blast-csgo1 = blast-tmpl "10.200.69.12"; + blast-csgo2 = blast-tmpl "10.200.69.13"; } // (builtins.listToAttrs [ - { name = allEventBlocks; value = { proxyJump = "sar1"; }; } + { name = allEventBlocks; value = { proxyJump = "sar1"; extraOptions.setEnv = "TERM=xterm-256color"; }; } ])); }; diff --git a/ops/nixos/porcorosso/blast.nix b/ops/nixos/porcorosso/blast.nix new file mode 100644 index 0000000000..ed567ee3f9 --- /dev/null +++ b/ops/nixos/porcorosso/blast.nix @@ -0,0 +1,59 @@ +{ depot, lib, ... }: + +{ + systemd.mounts = let + bindMount' = dir: { + unitConfig.RequiresMountsFor = dir; + options = "bind"; + what = "/persist${dir}"; + where = dir; + }; + bindMountSvc = dir: svc: (bindMount' dir) // { + bindsTo = [svc]; + partOf = [svc]; + }; + bindMount = dir: (bindMount' dir) // { + wantedBy = ["multi-user.target"]; + }; + in [ + (bindMountSvc "/var/lib/prometheus" "prometheus.service") + (bindMountSvc "/var/lib/grafana" "grafana.service") + ]; + + services.prometheus = { + enable = true; + stateDir = "prometheus"; + globalConfig.scrape_interval = "1s"; + scrapeConfigs = let + staticConfig = name: ip: { + targets = [ ip ]; + labels.host = name; + }; + workers = [ + (staticConfig "worker1" "10.200.69.10") + (staticConfig "worker2" "10.200.69.11") + ]; + gameservers = [ + (staticConfig "csgo1" "10.200.69.12") + (staticConfig "csgo2" "10.200.69.13") + ]; + allHosts = workers ++ gameservers; + withPort' = port: { targets, ... }@f: (f // { + targets = builtins.map (x: "${x}:${toString port}") f.targets; + }); + withPort = port: cfgs: builtins.map (withPort' port) cfgs; + in [ + { + job_name = "node_exporter"; + static_configs = withPort 9100 allHosts; + } + ]; + }; + + services.grafana = { + addr = "0.0.0.0"; + enable = true; + }; + + networking.firewall.allowedTCPPorts = lib.mkAfter [ 3000 ]; +} diff --git a/ops/nixos/porcorosso/default.nix b/ops/nixos/porcorosso/default.nix index d803215e1d..eab1fe436a 100644 --- a/ops/nixos/porcorosso/default.nix +++ b/ops/nixos/porcorosso/default.nix @@ -22,6 +22,8 @@ in { ../lib/whitby-distributed.nix ../lib/quotes.bfob.gg.nix + + ./blast.nix ]; boot.initrd.availableKernelModules = [ @@ -91,7 +93,7 @@ in { # Enable LXD virtualisation.lxd = { - enable = true; + enable = false; zfsSupport = true; recommendedSysctlSettings = true; };