ops/nixos: add blast configs

This commit is contained in:
Luke Granger-Brown 2021-11-25 17:14:03 +00:00
parent 47702fd028
commit 7cbd53de1a
3 changed files with 79 additions and 3 deletions

View file

@ -37,13 +37,23 @@ in
forwardAgent = true;
matchBlocks = let
allEventBlocks = (lib.concatStringsSep " " (builtins.map (n: "172.${toString n}.*.*") (lib.range 16 31)));
blast-tmpl = ip: {
user = "root";
port = 888;
hostname = ip;
extraOptions.setEnv = "TERM=xterm-256color";
};
in ({
marukuru.port = 20022;
sar1.hostname = "81.131.50.219";
sar1 = {
hostname = "81.131.50.219";
extraOptions.setEnv = "TERM=xterm-256color";
};
sar1-mon1 = {
user = "eng";
hostname = "172.16.0.9";
proxyJump = "sar1";
extraOptions.setEnv = "TERM=xterm-256color";
};
su-cinema-ernie = {
user = "lukegb";
@ -55,8 +65,13 @@ in
hostname = "su-cinema-ernie.su.ic.ac.uk";
port = 8080;
};
blast-worker1 = blast-tmpl "10.200.69.10";
blast-worker2 = blast-tmpl "10.200.69.11";
blast-csgo1 = blast-tmpl "10.200.69.12";
blast-csgo2 = blast-tmpl "10.200.69.13";
} // (builtins.listToAttrs [
{ name = allEventBlocks; value = { proxyJump = "sar1"; }; }
{ name = allEventBlocks; value = { proxyJump = "sar1"; extraOptions.setEnv = "TERM=xterm-256color"; }; }
]));
};

View file

@ -0,0 +1,59 @@
{ depot, lib, ... }:
{
systemd.mounts = let
bindMount' = dir: {
unitConfig.RequiresMountsFor = dir;
options = "bind";
what = "/persist${dir}";
where = dir;
};
bindMountSvc = dir: svc: (bindMount' dir) // {
bindsTo = [svc];
partOf = [svc];
};
bindMount = dir: (bindMount' dir) // {
wantedBy = ["multi-user.target"];
};
in [
(bindMountSvc "/var/lib/prometheus" "prometheus.service")
(bindMountSvc "/var/lib/grafana" "grafana.service")
];
services.prometheus = {
enable = true;
stateDir = "prometheus";
globalConfig.scrape_interval = "1s";
scrapeConfigs = let
staticConfig = name: ip: {
targets = [ ip ];
labels.host = name;
};
workers = [
(staticConfig "worker1" "10.200.69.10")
(staticConfig "worker2" "10.200.69.11")
];
gameservers = [
(staticConfig "csgo1" "10.200.69.12")
(staticConfig "csgo2" "10.200.69.13")
];
allHosts = workers ++ gameservers;
withPort' = port: { targets, ... }@f: (f // {
targets = builtins.map (x: "${x}:${toString port}") f.targets;
});
withPort = port: cfgs: builtins.map (withPort' port) cfgs;
in [
{
job_name = "node_exporter";
static_configs = withPort 9100 allHosts;
}
];
};
services.grafana = {
addr = "0.0.0.0";
enable = true;
};
networking.firewall.allowedTCPPorts = lib.mkAfter [ 3000 ];
}

View file

@ -22,6 +22,8 @@ in {
../lib/whitby-distributed.nix
../lib/quotes.bfob.gg.nix
./blast.nix
];
boot.initrd.availableKernelModules = [
@ -91,7 +93,7 @@ in {
# Enable LXD
virtualisation.lxd = {
enable = true;
enable = false;
zfsSupport = true;
recommendedSysctlSettings = true;
};