mirror of
https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git
synced 2026-02-20 17:07:51 +01:00
Compare commits
7 Commits
temmie-use
...
3ba1ea2e4f
| Author | SHA1 | Date | |
|---|---|---|---|
|
3ba1ea2e4f | ||
|
|
91de031896 | ||
|
|
c3ce6a40ea | ||
|
|
beee0ddc75 | ||
|
|
359f599655 | ||
|
|
5b1c6f16d1 | ||
|
|
cec69d89a8 |
24
flake.lock
generated
24
flake.lock
generated
@@ -233,11 +233,11 @@
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1769484787,
|
||||
"narHash": "sha256-ufhG9uSA8cCEk/97D/7xQEKcO/ftr4IPRH+HQFaKNdE=",
|
||||
"rev": "999ca0e5484922624254294ea1adc2b90081579e",
|
||||
"lastModified": 1769724120,
|
||||
"narHash": "sha256-oQBM04hQk1kotfv4qmIG1tHmuwODd1+hqRJE5TELeCE=",
|
||||
"rev": "8ec59ed5093c2a742d7744e9ecf58f358aa4a87d",
|
||||
"type": "tarball",
|
||||
"url": "https://releases.nixos.org/nixos/25.11-small/nixos-25.11.4804.999ca0e54849/nixexprs.tar.xz"
|
||||
"url": "https://releases.nixos.org/nixos/25.11-small/nixos-25.11.4961.8ec59ed5093c/nixexprs.tar.xz"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
@@ -261,11 +261,11 @@
|
||||
},
|
||||
"nixpkgs-unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1769434638,
|
||||
"narHash": "sha256-u19M4QdjvjEySkGhP4fUNyY6rqAbPCdQf/AFw04CkQU=",
|
||||
"rev": "9c2822d7024c032e66000a8b8a47e91b4e63ffc8",
|
||||
"lastModified": 1769813739,
|
||||
"narHash": "sha256-RmNWW1DQczvDwBHu11P0hGwJZxbngdoymVu7qkwq/2M=",
|
||||
"rev": "16a3cae5c2487b1afa240e5f2c1811f172419558",
|
||||
"type": "tarball",
|
||||
"url": "https://releases.nixos.org/nixos/unstable-small/nixos-26.05pre935000.9c2822d7024c/nixexprs.tar.xz"
|
||||
"url": "https://releases.nixos.org/nixos/unstable-small/nixos-26.05pre937548.16a3cae5c248/nixexprs.tar.xz"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
@@ -364,11 +364,11 @@
|
||||
"rust-overlay": "rust-overlay_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1769325266,
|
||||
"narHash": "sha256-q2G2NG7I1tvfFK4GDnn3vt1CCg0GN4ncdo0NSY+Q2Nc=",
|
||||
"lastModified": 1769834595,
|
||||
"narHash": "sha256-P1jrO7BxHyIKDuOXHuUb7bi4H2TuYnACW5eqf1gG47g=",
|
||||
"ref": "main",
|
||||
"rev": "23b163e828901cb981eec6f3262e922f437f850b",
|
||||
"revCount": 45,
|
||||
"rev": "def4eec2d59a69b4638b3f25d6d713b703b2fa56",
|
||||
"revCount": 49,
|
||||
"type": "git",
|
||||
"url": "https://git.pvv.ntnu.no/Projects/roowho2.git"
|
||||
},
|
||||
|
||||
@@ -56,6 +56,7 @@ in {
|
||||
rrsyncArgs.ro = true;
|
||||
authorizedKeysAttrs = [
|
||||
"restrict"
|
||||
"from=\"principal.pvv.ntnu.no,${values.hosts.principal.ipv6},${values.hosts.principal.ipv4}\""
|
||||
"no-agent-forwarding"
|
||||
"no-port-forwarding"
|
||||
"no-pty"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{ config, pkgs, lib, values, ... }:
|
||||
let
|
||||
cfg = config.services.vaultwarden;
|
||||
domain = "pw.pvv.ntnu.no";
|
||||
@@ -99,4 +99,21 @@ in {
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
services.rsync-pull-targets = {
|
||||
enable = true;
|
||||
locations."/var/lib/vaultwarden" = {
|
||||
user = "root";
|
||||
rrsyncArgs.ro = true;
|
||||
authorizedKeysAttrs = [
|
||||
"restrict"
|
||||
"from=\"principal.pvv.ntnu.no,${values.hosts.principal.ipv6},${values.hosts.principal.ipv4}\""
|
||||
"no-agent-forwarding"
|
||||
"no-port-forwarding"
|
||||
"no-pty"
|
||||
"no-X11-forwarding"
|
||||
];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB2cDaW52gBtLVaNqoGijvN2ZAVkAWlII5AXUzT3Dswj vaultwarden rsync backup";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
{ config, lib, fp, pkgs, ... }:
|
||||
{ config, lib, fp, pkgs, values, ... }:
|
||||
let
|
||||
cfg = config.services.snappymail;
|
||||
in {
|
||||
@@ -14,5 +14,21 @@ in {
|
||||
enableACME = true;
|
||||
kTLS = true;
|
||||
};
|
||||
}
|
||||
|
||||
services.rsync-pull-targets = {
|
||||
enable = true;
|
||||
locations.${cfg.dataDir} = {
|
||||
user = "root";
|
||||
rrsyncArgs.ro = true;
|
||||
authorizedKeysAttrs = [
|
||||
"restrict"
|
||||
"from=\"principal.pvv.ntnu.no,${values.hosts.principal.ipv6},${values.hosts.principal.ipv4}\""
|
||||
"no-agent-forwarding"
|
||||
"no-port-forwarding"
|
||||
"no-pty"
|
||||
"no-X11-forwarding"
|
||||
];
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJENMnuNsHEeA91oX+cj7Qpex2defSXP/lxznxCAqV03 snappymail rsync backup";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
@@ -34,6 +34,7 @@ in {
|
||||
rrsyncArgs.ro = true;
|
||||
authorizedKeysAttrs = [
|
||||
"restrict"
|
||||
"from=\"principal.pvv.ntnu.no,${values.hosts.principal.ipv6},${values.hosts.principal.ipv4}\""
|
||||
"no-agent-forwarding"
|
||||
"no-port-forwarding"
|
||||
"no-pty"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
{ config, lib, pkgs, values, ... }:
|
||||
let
|
||||
cfg = config.services.mysql;
|
||||
backupDir = "/data/mysql-backups";
|
||||
@@ -22,6 +22,7 @@ in
|
||||
rrsyncArgs.ro = true;
|
||||
authorizedKeysAttrs = [
|
||||
"restrict"
|
||||
"from=\"principal.pvv.ntnu.no,${values.hosts.principal.ipv6},${values.hosts.principal.ipv4}\""
|
||||
"no-agent-forwarding"
|
||||
"no-port-forwarding"
|
||||
"no-pty"
|
||||
@@ -56,8 +57,8 @@ in
|
||||
rm "$STATE_DIRECTORY/mysql-dump-latest.sql.zst" ||:
|
||||
ln -T "$OUT_FILE" "$STATE_DIRECTORY/mysql-dump-latest.sql.zst"
|
||||
|
||||
while [ $(find -type f -printf '.' "$STATE_DIRECTORY" | wc -c) -gt ${toString (rotations + 1)} ]; do
|
||||
rm $(find "$STATE_DIRECTORY" -type f -printf '%T+ %p\n' | sort | head -n 1 | cut -d' ' -f2)
|
||||
while [ "$(find "$STATE_DIRECTORY" -type f -printf '.' | wc -c)" -gt ${toString (rotations + 1)} ]; do
|
||||
rm "$(find "$STATE_DIRECTORY" -type f -printf '%T+ %p\n' | sort | head -n 1 | cut -d' ' -f2)"
|
||||
done
|
||||
'';
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
{ config, lib, pkgs, values, ... }:
|
||||
let
|
||||
cfg = config.services.postgresql;
|
||||
backupDir = "/data/postgresql-backups";
|
||||
@@ -23,6 +23,7 @@ in
|
||||
rrsyncArgs.ro = true;
|
||||
authorizedKeysAttrs = [
|
||||
"restrict"
|
||||
"from=\"principal.pvv.ntnu.no,${values.hosts.principal.ipv6},${values.hosts.principal.ipv4}\""
|
||||
"no-agent-forwarding"
|
||||
"no-port-forwarding"
|
||||
"no-pty"
|
||||
@@ -57,8 +58,8 @@ in
|
||||
rm "$STATE_DIRECTORY/postgresql-dump-latest.sql.zst" ||:
|
||||
ln -T "$OUT_FILE" "$STATE_DIRECTORY/postgresql-dump-latest.sql.zst"
|
||||
|
||||
while [ $(find -type f -printf '.' "$STATE_DIRECTORY" | wc -c) -gt ${toString (rotations + 1)} ]; do
|
||||
rm $(find "$STATE_DIRECTORY" -type f -printf '%T+ %p\n' | sort | head -n 1 | cut -d' ' -f2)
|
||||
while [ "$(find "$STATE_DIRECTORY" -type f -printf '.' | wc -c)" -gt ${toString (rotations + 1)} ]; do
|
||||
rm "$(find "$STATE_DIRECTORY" -type f -printf '%T+ %p\n' | sort | head -n 1 | cut -d' ' -f2)"
|
||||
done
|
||||
'';
|
||||
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -13,7 +13,7 @@
|
||||
]
|
||||
},
|
||||
"description": "",
|
||||
"editable": true,
|
||||
"editable": false,
|
||||
"gnetId": 11323,
|
||||
"graphTooltip": 1,
|
||||
"id": 31,
|
||||
@@ -1899,7 +1899,7 @@
|
||||
"dashes": false,
|
||||
"datasource": "$datasource",
|
||||
"decimals": 0,
|
||||
"description": "***System Memory***: Total Memory for the system.\\\n***InnoDB Buffer Pool Data***: InnoDB maintains a storage area called the buffer pool for caching data and indexes in memory.\\\n***TokuDB Cache Size***: Similar in function to the InnoDB Buffer Pool, TokuDB will allocate 50% of the installed RAM for its own cache.\\\n***Key Buffer Size***: Index blocks for MYISAM tables are buffered and are shared by all threads. key_buffer_size is the size of the buffer used for index blocks.\\\n***Adaptive Hash Index Size***: When InnoDB notices that some index values are being accessed very frequently, it builds a hash index for them in memory on top of B-Tree indexes.\\\n ***Query Cache Size***: The query cache stores the text of a SELECT statement together with the corresponding result that was sent to the client. The query cache has huge scalability problems in that only one thread can do an operation in the query cache at the same time.\\\n***InnoDB Dictionary Size***: The data dictionary is InnoDB 's internal catalog of tables. InnoDB stores the data dictionary on disk, and loads entries into memory while the server is running.\\\n***InnoDB Log Buffer Size***: The MySQL InnoDB log buffer allows transactions to run without having to write the log to disk before the transactions commit.",
|
||||
"description": "***System Memory***: Total Memory for the system.\\\n***InnoDB Buffer Pool Data***: InnoDB maintains a storage area called the buffer pool for caching data and indexes in memory.\\\n***TokuDB Cache Size***: Similar in function to the InnoDB Buffer Pool, TokuDB will allocate 50% of the installed RAM for its own cache.\\\n***Key Buffer Size***: Index blocks for MYISAM tables are buffered and are shared by all threads. key_buffer_size is the size of the buffer used for index blocks.\\\n***Adaptive Hash Index Size***: When InnoDB notices that some index values are being accessed very frequently, it builds a hash index for them in memory on top of B-Tree indexes.\\\n ***Query Cache Size***: The query cache stores the text of a SELECT statement together with the corresponding result that was sent to the client. The query cache has huge scalability problems in that only one thread can do an operation in the query cache at the same time.\\\n***InnoDB Dictionary Size***: The data dictionary is InnoDB ‘s internal catalog of tables. InnoDB stores the data dictionary on disk, and loads entries into memory while the server is running.\\\n***InnoDB Log Buffer Size***: The MySQL InnoDB log buffer allows transactions to run without having to write the log to disk before the transactions commit.",
|
||||
"editable": true,
|
||||
"error": false,
|
||||
"fieldConfig": {
|
||||
@@ -3690,7 +3690,7 @@
|
||||
},
|
||||
"hide": 0,
|
||||
"includeAll": false,
|
||||
"label": "Data Source",
|
||||
"label": "Data source",
|
||||
"multi": false,
|
||||
"name": "datasource",
|
||||
"options": [],
|
||||
@@ -3713,12 +3713,12 @@
|
||||
"definition": "label_values(mysql_up, job)",
|
||||
"hide": 0,
|
||||
"includeAll": true,
|
||||
"label": "job",
|
||||
"label": "Job",
|
||||
"multi": true,
|
||||
"name": "job",
|
||||
"options": [],
|
||||
"query": "label_values(mysql_up, job)",
|
||||
"refresh": 1,
|
||||
"refresh": 2,
|
||||
"regex": "",
|
||||
"skipUrlSync": false,
|
||||
"sort": 0,
|
||||
@@ -3742,12 +3742,12 @@
|
||||
"definition": "label_values(mysql_up, instance)",
|
||||
"hide": 0,
|
||||
"includeAll": true,
|
||||
"label": "instance",
|
||||
"label": "Instance",
|
||||
"multi": true,
|
||||
"name": "instance",
|
||||
"options": [],
|
||||
"query": "label_values(mysql_up, instance)",
|
||||
"refresh": 1,
|
||||
"refresh": 2,
|
||||
"regex": "",
|
||||
"skipUrlSync": false,
|
||||
"sort": 0,
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -328,7 +328,7 @@
|
||||
"rgba(50, 172, 45, 0.97)"
|
||||
],
|
||||
"datasource": "${DS_PROMETHEUS}",
|
||||
"format": "decbytes",
|
||||
"format": "short",
|
||||
"gauge": {
|
||||
"maxValue": 100,
|
||||
"minValue": 0,
|
||||
@@ -411,7 +411,7 @@
|
||||
"rgba(50, 172, 45, 0.97)"
|
||||
],
|
||||
"datasource": "${DS_PROMETHEUS}",
|
||||
"format": "decbytes",
|
||||
"format": "short",
|
||||
"gauge": {
|
||||
"maxValue": 100,
|
||||
"minValue": 0,
|
||||
@@ -1410,7 +1410,7 @@
|
||||
"tableColumn": "",
|
||||
"targets": [
|
||||
{
|
||||
"expr": "pg_settings_seq_page_cost",
|
||||
"expr": "pg_settings_seq_page_cost{instance=\"$instance\"}",
|
||||
"format": "time_series",
|
||||
"intervalFactor": 1,
|
||||
"refId": "A"
|
||||
@@ -1872,7 +1872,7 @@
|
||||
},
|
||||
"yaxes": [
|
||||
{
|
||||
"format": "bytes",
|
||||
"format": "short",
|
||||
"label": null,
|
||||
"logBase": 1,
|
||||
"max": null,
|
||||
@@ -1966,7 +1966,7 @@
|
||||
},
|
||||
"yaxes": [
|
||||
{
|
||||
"format": "bytes",
|
||||
"format": "short",
|
||||
"label": null,
|
||||
"logBase": 1,
|
||||
"max": null,
|
||||
@@ -2060,7 +2060,7 @@
|
||||
},
|
||||
"yaxes": [
|
||||
{
|
||||
"format": "bytes",
|
||||
"format": "short",
|
||||
"label": null,
|
||||
"logBase": 1,
|
||||
"max": null,
|
||||
@@ -2251,7 +2251,7 @@
|
||||
},
|
||||
"yaxes": [
|
||||
{
|
||||
"format": "bytes",
|
||||
"format": "short",
|
||||
"label": null,
|
||||
"logBase": 1,
|
||||
"max": null,
|
||||
@@ -2439,7 +2439,7 @@
|
||||
},
|
||||
"yaxes": [
|
||||
{
|
||||
"format": "bytes",
|
||||
"format": "short",
|
||||
"label": null,
|
||||
"logBase": 1,
|
||||
"max": null,
|
||||
@@ -2589,35 +2589,35 @@
|
||||
"steppedLine": false,
|
||||
"targets": [
|
||||
{
|
||||
"expr": "irate(pg_stat_bgwriter_buffers_backend{instance=\"$instance\"}[5m])",
|
||||
"expr": "irate(pg_stat_bgwriter_buffers_backend_total{instance=\"$instance\"}[5m])",
|
||||
"format": "time_series",
|
||||
"intervalFactor": 1,
|
||||
"legendFormat": "buffers_backend",
|
||||
"refId": "A"
|
||||
},
|
||||
{
|
||||
"expr": "irate(pg_stat_bgwriter_buffers_alloc{instance=\"$instance\"}[5m])",
|
||||
"expr": "irate(pg_stat_bgwriter_buffers_alloc_total{instance=\"$instance\"}[5m])",
|
||||
"format": "time_series",
|
||||
"intervalFactor": 1,
|
||||
"legendFormat": "buffers_alloc",
|
||||
"refId": "B"
|
||||
},
|
||||
{
|
||||
"expr": "irate(pg_stat_bgwriter_buffers_backend_fsync{instance=\"$instance\"}[5m])",
|
||||
"expr": "irate(pg_stat_bgwriter_buffers_backend_fsync_total{instance=\"$instance\"}[5m])",
|
||||
"format": "time_series",
|
||||
"intervalFactor": 1,
|
||||
"legendFormat": "backend_fsync",
|
||||
"refId": "C"
|
||||
},
|
||||
{
|
||||
"expr": "irate(pg_stat_bgwriter_buffers_checkpoint{instance=\"$instance\"}[5m])",
|
||||
"expr": "irate(pg_stat_bgwriter_buffers_checkpoint_total{instance=\"$instance\"}[5m])",
|
||||
"format": "time_series",
|
||||
"intervalFactor": 1,
|
||||
"legendFormat": "buffers_checkpoint",
|
||||
"refId": "D"
|
||||
},
|
||||
{
|
||||
"expr": "irate(pg_stat_bgwriter_buffers_clean{instance=\"$instance\"}[5m])",
|
||||
"expr": "irate(pg_stat_bgwriter_buffers_clean_total{instance=\"$instance\"}[5m])",
|
||||
"format": "time_series",
|
||||
"intervalFactor": 1,
|
||||
"legendFormat": "buffers_clean",
|
||||
@@ -2886,14 +2886,14 @@
|
||||
"steppedLine": false,
|
||||
"targets": [
|
||||
{
|
||||
"expr": "irate(pg_stat_bgwriter_checkpoint_write_time{instance=\"$instance\"}[5m])",
|
||||
"expr": "irate(pg_stat_bgwriter_checkpoint_write_time_total{instance=\"$instance\"}[5m])",
|
||||
"format": "time_series",
|
||||
"intervalFactor": 1,
|
||||
"legendFormat": "write_time - Total amount of time that has been spent in the portion of checkpoint processing where files are written to disk.",
|
||||
"refId": "B"
|
||||
},
|
||||
{
|
||||
"expr": "irate(pg_stat_bgwriter_checkpoint_sync_time{instance=\"$instance\"}[5m])",
|
||||
"expr": "irate(pg_stat_bgwriter_checkpoint_sync_time_total{instance=\"$instance\"}[5m])",
|
||||
"format": "time_series",
|
||||
"intervalFactor": 1,
|
||||
"legendFormat": "sync_time - Total amount of time that has been spent in the portion of checkpoint processing where files are synchronized to disk.",
|
||||
@@ -3164,4 +3164,4 @@
|
||||
"title": "PostgreSQL Database",
|
||||
"uid": "000000039",
|
||||
"version": 1
|
||||
}
|
||||
}
|
||||
File diff suppressed because it is too large
Load Diff
@@ -47,13 +47,13 @@ in {
|
||||
{
|
||||
name = "Node Exporter Full";
|
||||
type = "file";
|
||||
url = "https://grafana.com/api/dashboards/1860/revisions/29/download";
|
||||
url = "https://grafana.com/api/dashboards/1860/revisions/42/download";
|
||||
options.path = dashboards/node-exporter-full.json;
|
||||
}
|
||||
{
|
||||
name = "Matrix Synapse";
|
||||
type = "file";
|
||||
url = "https://raw.githubusercontent.com/matrix-org/synapse/develop/contrib/grafana/synapse.json";
|
||||
url = "https://github.com/element-hq/synapse/raw/refs/heads/develop/contrib/grafana/synapse.json";
|
||||
options.path = dashboards/synapse.json;
|
||||
}
|
||||
{
|
||||
@@ -65,15 +65,9 @@ in {
|
||||
{
|
||||
name = "Postgresql";
|
||||
type = "file";
|
||||
url = "https://grafana.com/api/dashboards/9628/revisions/7/download";
|
||||
url = "https://grafana.com/api/dashboards/9628/revisions/8/download";
|
||||
options.path = dashboards/postgres.json;
|
||||
}
|
||||
{
|
||||
name = "Go Processes (gogs)";
|
||||
type = "file";
|
||||
url = "https://grafana.com/api/dashboards/240/revisions/3/download";
|
||||
options.path = dashboards/go-processes.json;
|
||||
}
|
||||
{
|
||||
name = "Gitea Dashboard";
|
||||
type = "file";
|
||||
|
||||
@@ -202,6 +202,7 @@ in {
|
||||
rrsyncArgs.ro = true;
|
||||
authorizedKeysAttrs = [
|
||||
"restrict"
|
||||
"from=\"principal.pvv.ntnu.no,${values.hosts.principal.ipv6},${values.hosts.principal.ipv4}\""
|
||||
"no-agent-forwarding"
|
||||
"no-port-forwarding"
|
||||
"no-pty"
|
||||
|
||||
@@ -73,6 +73,10 @@ in rec {
|
||||
ipv4 = pvv-ipv4 179;
|
||||
ipv6 = pvv-ipv6 "1:2";
|
||||
};
|
||||
principal = {
|
||||
ipv4 = pvv-ipv4 233;
|
||||
ipv6 = pvv-ipv6 "4:233";
|
||||
};
|
||||
ustetind = {
|
||||
ipv4 = pvv-ipv4 234;
|
||||
ipv6 = pvv-ipv6 234;
|
||||
|
||||
Reference in New Issue
Block a user