diff --git a/hosts/h001/flake.nix b/hosts/h001/flake.nix index 53b2a8ed..cb31a798 100644 --- a/hosts/h001/flake.nix +++ b/hosts/h001/flake.nix @@ -17,6 +17,8 @@ common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common"; # secrets.url = "path:../../flakes/secrets"; secrets.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/secrets"; + # beszel.url = "path:../../flakes/beszel"; + beszel.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/beszel"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; @@ -29,6 +31,7 @@ home-manager, common, secrets, + beszel, ros_neovim, nixarr, ... @@ -38,6 +41,7 @@ system = "x86_64-linux"; stateVersion = "24.11"; primaryUser = "luser"; + overlayIp = "100.64.0.13"; lib = nixpkgs.lib; in { @@ -52,7 +56,7 @@ home-manager.nixosModules.default secrets.nixosModules.default - ros_neovim.nixosModules.default + ros_neovim.nixosModules.default ( { ... }: { @@ -71,6 +75,17 @@ common.nixosModules.tty_caps_esc common.nixosModules.zsh + beszel.nixosModules.agent + ( + { ... }: + { + beszelAgent = { + listen = "${overlayIp}:45876"; + token = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; + }; + } + ) + nixarr.nixosModules.default ./hardware-configuration.nix ./mods diff --git a/hosts/h001/mods/default.nix b/hosts/h001/mods/default.nix index 2f803725..3a476152 100644 --- a/hosts/h001/mods/default.nix +++ b/hosts/h001/mods/default.nix @@ -5,9 +5,7 @@ imports = [ ./litellm.nix ./nixarr.nix - # ./monitoring.nix # disabling ./monitoring_hub.nix - ./monitoring_agent.nix ./pinchflat.nix ./openwebui.nix ./trilium.nix diff --git a/hosts/h001/mods/monitoring.nix b/hosts/h001/mods/monitoring.nix deleted file mode 100644 index 544ffecd..00000000 --- a/hosts/h001/mods/monitoring.nix +++ /dev/null @@ -1,156 +0,0 @@ -{ - config, - ... -}: -{ - config = { - services.prometheus = { - enable = true; - scrapeConfigs = [ - { - job_name = "node"; - static_configs = [ - { - targets = [ "localhost:9100" ]; - labels.instance = config.networking.hostName; # h001 - } - { - targets = [ "lio.net.joshuabell.xyz:9100" ]; - labels.instance = "lio"; - } - { - targets = [ "oren.net.joshuabell.xyz:9100" ]; - labels.instance = "oren"; - } - { - targets = [ "gp3.net.joshuabell.xyz:9100" ]; - labels.instance = "gp3"; - } - { - targets = [ "h002.net.joshuabell.xyz:9100" ]; - labels.instance = "h002"; - } - { - targets = [ "o001.net.joshuabell.xyz:9100" ]; - labels.instance = "o001"; - } - ]; - } - ]; - }; - - services.grafana = { - enable = true; - dataDir = "/var/lib/grafana"; - settings = { - server = { - http_port = 3001; - http_addr = "127.0.0.1"; - serve_from_sub_path = true; - domain = "h001.net.joshuabell.xyz"; - root_url = "http://h001.net.joshuabell.xyz/grafana/"; - enforce_domain = true; - enable_gzip = true; - }; - }; - provision = { - datasources.settings.datasources = [ - { - name = "Prometheus"; - type = "prometheus"; - url = "http://localhost:9090"; - access = "proxy"; - isDefault = true; # Set as default, if you want - } - { - name = "Loki"; - type = "loki"; - url = "http://localhost:3100"; - access = "proxy"; - isDefault = false; - } - ]; - }; - }; - - # Loki for log aggregation - systemd.tmpfiles.rules = [ - "d /var/lib/loki 0755 loki loki -" - "d /var/lib/loki/chunks 0755 loki loki -" - "d /var/lib/loki/rules 0755 loki loki -" - "d /var/lib/loki/compactor 0755 loki loki -" - ]; - services.loki = { - enable = true; - configuration = { - auth_enabled = false; - - server = { - http_listen_port = 3100; - }; - - common = { - path_prefix = "/var/lib/loki"; - storage = { - filesystem = { - chunks_directory = "/var/lib/loki/chunks"; - rules_directory = "/var/lib/loki/rules"; - }; - }; - replication_factor = 1; - ring = { - kvstore = { - store = "inmemory"; - }; - }; - }; - - schema_config = { - configs = [ - { - from = "2023-01-01"; - store = "boltdb-shipper"; - object_store = "filesystem"; - schema = "v12"; # Updated schema version - index = { - prefix = "index_"; - period = "24h"; # Set to 24h period as recommended - }; - } - ]; - }; - - limits_config = { - allow_structured_metadata = false; # Disable structured metadata until we upgrade to v13 - }; - - ruler = { - storage = { - type = "local"; - local = { - directory = "/var/lib/loki/rules"; - }; - }; - rule_path = "/var/lib/loki/rules"; - ring = { - kvstore = { - store = "inmemory"; - }; - }; - }; - - compactor = { - working_directory = "/var/lib/loki/compactor"; # Set working directory - retention_enabled = true; - compaction_interval = "5m"; - delete_request_store = "filesystem"; # Add this line for retention configuration - delete_request_cancel_period = "24h"; - }; - - analytics = { - reporting_enabled = false; - }; - }; - }; - }; -} diff --git a/hosts/h001/mods/monitoring_agent.nix b/hosts/h001/mods/monitoring_agent.nix deleted file mode 100644 index 99116f48..00000000 --- a/hosts/h001/mods/monitoring_agent.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ - inputs, - config, - ... -}: -let - declaration = "services/monitoring/beszel-agent.nix"; - nixpkgs = inputs.beszel-nixpkgs; - pkgs = import nixpkgs { - system = "x86_64-linux"; - config.allowUnfree = true; - }; -in -{ - disabledModules = [ declaration ]; - imports = [ "${nixpkgs}/nixos/modules/${declaration}" ]; - config = { - services.beszel.agent = { - package = pkgs.beszel; - enable = true; - environment = { - SYSTEM_NAME = config.networking.hostName; - LISTEN = "100.64.0.13:45876"; - HUB_URL = "http://100.64.0.13:8090"; - # TODO this is only safe since I am running it in the overlay network only, rotate all keys if we change that. - TOKEN = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; - KEY = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcAr8fbW4XyfL/tCMeMtD+Ou/FFywCNfsHdyvYs3qXf"; - }; - }; - }; -} diff --git a/hosts/h003/flake.nix b/hosts/h003/flake.nix index 8405ca9f..541aac85 100644 --- a/hosts/h003/flake.nix +++ b/hosts/h003/flake.nix @@ -8,6 +8,8 @@ common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common"; # secrets.url = "path:../../flakes/secrets"; secrets.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/secrets"; + # beszel.url = "path:../../flakes/beszel"; + beszel.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/beszel"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; }; @@ -18,28 +20,25 @@ home-manager, common, secrets, + beszel, ros_neovim, ... }@inputs: let - hostConfig = { - configurationName = "h003"; - system = "x86_64-linux"; - stateVersion = "25.05"; - primaryUser = "luser"; - - overlayIp = "100.64.0.14"; - }; + configurationName = "h003"; + system = "x86_64-linux"; + stateVersion = "25.05"; + primaryUser = "luser"; + overlayIp = "100.64.0.14"; lib = nixpkgs.lib; in - with hostConfig; { nixosConfigurations = { "${configurationName}" = ( lib.nixosSystem { inherit system; specialArgs = { - inherit inputs hostConfig; + inherit inputs; }; modules = [ home-manager.nixosModules.default @@ -58,6 +57,17 @@ common.nixosModules.tty_caps_esc common.nixosModules.zsh + beszel.nixosModules.agent + ( + { ... }: + { + beszelAgent = { + listen = "${overlayIp}:45876"; + token = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; + }; + } + ) + ./hardware-configuration.nix ./mods ( diff --git a/hosts/h003/monitoring_agent.nix b/hosts/h003/monitoring_agent.nix deleted file mode 100644 index c1e7703c..00000000 --- a/hosts/h003/monitoring_agent.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - inputs, - config, - hostConfig, - ... -}: -let - declaration = "services/monitoring/beszel-agent.nix"; - nixpkgs = inputs.beszel-nixpkgs; - pkgs = import nixpkgs { - system = "x86_64-linux"; - config.allowUnfree = true; - }; -in -{ - disabledModules = [ declaration ]; - imports = [ "${nixpkgs}/nixos/modules/${declaration}" ]; - config = { - services.beszel.agent = { - package = pkgs.beszel; - enable = true; - environment = { - SYSTEM_NAME = config.networking.hostName; - LISTEN = "${hostConfig.overlayIp}:45876"; - HUB_URL = "http://100.64.0.13:8090"; - # TODO this is only safe since I am running it in the overlay network only, rotate all keys if we change that. - TOKEN = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; - KEY = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcAr8fbW4XyfL/tCMeMtD+Ou/FFywCNfsHdyvYs3qXf"; - }; - }; - }; -} diff --git a/hosts/linode/l001/monitoring_agent.nix b/hosts/linode/l001/monitoring_agent.nix deleted file mode 100644 index 99116f48..00000000 --- a/hosts/linode/l001/monitoring_agent.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ - inputs, - config, - ... -}: -let - declaration = "services/monitoring/beszel-agent.nix"; - nixpkgs = inputs.beszel-nixpkgs; - pkgs = import nixpkgs { - system = "x86_64-linux"; - config.allowUnfree = true; - }; -in -{ - disabledModules = [ declaration ]; - imports = [ "${nixpkgs}/nixos/modules/${declaration}" ]; - config = { - services.beszel.agent = { - package = pkgs.beszel; - enable = true; - environment = { - SYSTEM_NAME = config.networking.hostName; - LISTEN = "100.64.0.13:45876"; - HUB_URL = "http://100.64.0.13:8090"; - # TODO this is only safe since I am running it in the overlay network only, rotate all keys if we change that. - TOKEN = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; - KEY = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcAr8fbW4XyfL/tCMeMtD+Ou/FFywCNfsHdyvYs3qXf"; - }; - }; - }; -} diff --git a/hosts/lio/flake.nix b/hosts/lio/flake.nix index 2bbf0d80..59a1228b 100644 --- a/hosts/lio/flake.nix +++ b/hosts/lio/flake.nix @@ -33,6 +33,7 @@ configuration_name = "lio"; system = "x86_64-linux"; primaryUser = "josh"; + overlayIp = "100.64.0.1"; lib = nixpkgs.lib; in { @@ -82,7 +83,7 @@ { ... }: { beszelAgent = { - listen = "100.64.0.1:45876"; + listen = "${overlayIp}:45876"; token = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; }; } diff --git a/hosts/oracle/o001/flake.nix b/hosts/oracle/o001/flake.nix index 108673c7..67c6653f 100644 --- a/hosts/oracle/o001/flake.nix +++ b/hosts/oracle/o001/flake.nix @@ -10,6 +10,8 @@ common.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/common"; # secrets.url = "path:../../../flakes/secrets"; secrets.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/secrets"; + # beszel.url = "path:../../flakes/beszel"; + beszel.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/beszel"; }; outputs = @@ -19,6 +21,7 @@ home-manager, common, secrets, + beszel, ros_neovim, deploy-rs, ... @@ -28,6 +31,7 @@ system = "aarch64-linux"; stateVersion = "23.11"; primaryUser = "root"; + overlayIp = "100.64.0.11"; lib = nixpkgs.lib; in { @@ -66,6 +70,17 @@ common.nixosModules.tailnet common.nixosModules.zsh + beszel.nixosModules.agent + ( + { ... }: + { + beszelAgent = { + listen = "${overlayIp}:45876"; + token = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; + }; + } + ) + ros_neovim.nixosModules.default ./configuration.nix ./hardware-configuration.nix diff --git a/hosts/oracle/o001/monitoring_agent.nix b/hosts/oracle/o001/monitoring_agent.nix deleted file mode 100644 index 99116f48..00000000 --- a/hosts/oracle/o001/monitoring_agent.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ - inputs, - config, - ... -}: -let - declaration = "services/monitoring/beszel-agent.nix"; - nixpkgs = inputs.beszel-nixpkgs; - pkgs = import nixpkgs { - system = "x86_64-linux"; - config.allowUnfree = true; - }; -in -{ - disabledModules = [ declaration ]; - imports = [ "${nixpkgs}/nixos/modules/${declaration}" ]; - config = { - services.beszel.agent = { - package = pkgs.beszel; - enable = true; - environment = { - SYSTEM_NAME = config.networking.hostName; - LISTEN = "100.64.0.13:45876"; - HUB_URL = "http://100.64.0.13:8090"; - # TODO this is only safe since I am running it in the overlay network only, rotate all keys if we change that. - TOKEN = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; - KEY = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcAr8fbW4XyfL/tCMeMtD+Ou/FFywCNfsHdyvYs3qXf"; - }; - }; - }; -} diff --git a/hosts/oren/flake.nix b/hosts/oren/flake.nix index 3820519f..8a274720 100644 --- a/hosts/oren/flake.nix +++ b/hosts/oren/flake.nix @@ -12,6 +12,8 @@ flatpaks.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/flatpaks"; # hyprland.url = "path:../../flakes/hyprland"; hyprland.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/hyprland"; + # beszel.url = "path:../../flakes/beszel"; + beszel.url = "git+https://git.joshuabell.xyz/ringofstorms/dotfiles?dir=flakes/beszel"; ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim"; }; @@ -24,6 +26,7 @@ secrets, flatpaks, hyprland, + beszel, ros_neovim, ... }: @@ -32,6 +35,7 @@ system = "x86_64-linux"; stateVersion = "25.05"; primaryUser = "josh"; + overlayIp = "100.64.0.5"; lib = nixpkgs.lib; in { @@ -67,6 +71,17 @@ common.nixosModules.tty_caps_esc common.nixosModules.zsh + beszel.nixosModules.agent + ( + { ... }: + { + beszelAgent = { + listen = "${overlayIp}:45876"; + token = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; + }; + } + ) + ./configuration.nix ./hardware-configuration.nix # ./sway_customizations.nix diff --git a/hosts/oren/monitoring_agent.nix b/hosts/oren/monitoring_agent.nix deleted file mode 100644 index 99116f48..00000000 --- a/hosts/oren/monitoring_agent.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ - inputs, - config, - ... -}: -let - declaration = "services/monitoring/beszel-agent.nix"; - nixpkgs = inputs.beszel-nixpkgs; - pkgs = import nixpkgs { - system = "x86_64-linux"; - config.allowUnfree = true; - }; -in -{ - disabledModules = [ declaration ]; - imports = [ "${nixpkgs}/nixos/modules/${declaration}" ]; - config = { - services.beszel.agent = { - package = pkgs.beszel; - enable = true; - environment = { - SYSTEM_NAME = config.networking.hostName; - LISTEN = "100.64.0.13:45876"; - HUB_URL = "http://100.64.0.13:8090"; - # TODO this is only safe since I am running it in the overlay network only, rotate all keys if we change that. - TOKEN = "20208198-87c2-4bd1-ab09-b97c3b9c6a6e"; - KEY = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcAr8fbW4XyfL/tCMeMtD+Ou/FFywCNfsHdyvYs3qXf"; - }; - }; - }; -}