diff options
author | Azat Bahawi <azat@bahawi.net> | 2022-12-17 16:39:09 +0300 |
---|---|---|
committer | Azat Bahawi <azat@bahawi.net> | 2022-12-17 16:39:09 +0300 |
commit | 8f137c28230623259a964484adcf31fe00756594 (patch) | |
tree | 82bce6a13fda125087cf6d9dc80aa91d9230d6c4 /modules/nixfiles | |
parent | 3229e56e0d3620ddc735edcfbbefb167efa3b23f (diff) |
2022-12-17
Diffstat (limited to 'modules/nixfiles')
101 files changed, 380 insertions, 13640 deletions
diff --git a/modules/nixfiles/acme.nix b/modules/nixfiles/acme.nix deleted file mode 100644 index d3ad661..0000000 --- a/modules/nixfiles/acme.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.acme; -in { - imports = [ - (mkAliasOptionModule ["certs"] ["security" "acme" "certs"]) - ]; - - options.nixfiles.modules.acme = { - enable = mkEnableOption "ACME"; - - email = mkOption { - description = "Email for notifications."; - type = with types; str; - default = "admin+acme@${my.domain.shire}"; - }; - }; - - config = mkIf cfg.enable { - security.acme = { - acceptTerms = true; - defaults = { - inherit (cfg) email; - validMinDays = 60; - }; - }; - }; -} diff --git a/modules/nixfiles/alacritty.nix b/modules/nixfiles/alacritty.nix index 5f8833a..142f6c5 100644 --- a/modules/nixfiles/alacritty.nix +++ b/modules/nixfiles/alacritty.nix @@ -19,10 +19,7 @@ in { y = size; }; dynamic_padding = false; - decorations = - if kde.enable - then "full" - else "none"; + decorations = "full"; }; font = with config.fontScheme.monospaceFont; { normal = { diff --git a/modules/nixfiles/alertmanager.nix b/modules/nixfiles/alertmanager.nix deleted file mode 100644 index 871b0c4..0000000 --- a/modules/nixfiles/alertmanager.nix +++ /dev/null @@ -1,63 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.alertmanager; -in { - options.nixfiles.modules.alertmanager = { - enable = mkEnableOption "Alertmanager"; - - port = mkOption { - description = "Port."; - type = with types; port; - default = 30112; - }; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; nullOr str; - default = "alertmanager.${config.networking.domain}"; - }; - }; - - config = mkIf cfg.enable { - nixfiles.modules.nginx = with cfg; { - enable = true; - upstreams.alertmanager.servers."127.0.0.1:${toString cfg.port}" = {}; - virtualHosts.${cfg.domain} = { - locations."/".proxyPass = "http://alertmanager"; - extraConfig = nginxInternalOnly; - }; - }; - - services.prometheus.alertmanager = { - enable = true; - - listenAddress = "127.0.0.1"; - inherit (cfg) port; - - extraFlags = ["--web.external-url=https://${cfg.domain}"]; - - configuration = { - global = { - smtp_from = "alertmanager@${my.domain.shire}"; - smtp_smarthost = "${my.domain.shire}:584"; - }; - - route = { - receiver = my.username; - group_by = ["alertname"]; - }; - - receivers = [ - { - name = my.username; - email_configs = [{to = "${my.username}+alert@${my.domain.shire}";}]; - } - ]; - }; - }; - }; -} diff --git a/modules/nixfiles/android.nix b/modules/nixfiles/android.nix deleted file mode 100644 index 307490a..0000000 --- a/modules/nixfiles/android.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - config, - lib, - inputs, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.android; -in { - options.nixfiles.modules.android.enable = mkEnableOption "support for Android devices"; - - config = mkIf cfg.enable { - programs.adb.enable = true; - - my.extraGroups = ["adbusers"]; - }; -} diff --git a/modules/nixfiles/bat.nix b/modules/nixfiles/bat.nix index 4a98f99..2b31d16 100644 --- a/modules/nixfiles/bat.nix +++ b/modules/nixfiles/bat.nix @@ -7,7 +7,8 @@ with lib; let cfg = config.nixfiles.modules.bat; in { - options.nixfiles.modules.bat.enable = mkEnableOption "bat, an alternative to cat"; + options.nixfiles.modules.bat.enable = + mkEnableOption "bat, an alternative to cat"; config = mkIf cfg.enable { hm.programs = { diff --git a/modules/nixfiles/bluetooth.nix b/modules/nixfiles/bluetooth.nix deleted file mode 100644 index 8347361..0000000 --- a/modules/nixfiles/bluetooth.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.bluetooth; -in { - options.nixfiles.modules.bluetooth.enable = - mkEnableOption "Bluetooth support"; - - config = mkIf cfg.enable { - hardware.bluetooth = { - enable = true; - settings.General.FastConnectable = true; - }; - - environment = { - etc."bluetooth/input.conf".text = generators.toINI {} { - General = { - IdleTimeout = 15; - UserspaceHID = true; - }; - }; - }; - }; -} diff --git a/modules/nixfiles/chromium.nix b/modules/nixfiles/chromium.nix index 6a7c771..4f0ae12 100644 --- a/modules/nixfiles/chromium.nix +++ b/modules/nixfiles/chromium.nix @@ -23,7 +23,5 @@ in { ]; }; }; - - services.psd.enable = true; }; } diff --git a/modules/nixfiles/common/console.nix b/modules/nixfiles/common/console.nix deleted file mode 100644 index 3c73695..0000000 --- a/modules/nixfiles/common/console.nix +++ /dev/null @@ -1,6 +0,0 @@ -{config, ...}: { - console = { - earlySetup = true; - useXkbConfig = config.services.xserver.enable; - }; -} diff --git a/modules/nixfiles/common/default.nix b/modules/nixfiles/common/default.nix index 4f7a6c1..2bfe7e8 100644 --- a/modules/nixfiles/common/default.nix +++ b/modules/nixfiles/common/default.nix @@ -2,17 +2,10 @@ _: { imports = [ ./documentation.nix ./home-manager.nix - ./kernel.nix ./locale.nix ./networking.nix ./nix - ./secrets.nix - ./security.nix - ./services.nix ./shell - ./systemd.nix - ./tmp.nix ./users.nix - ./xdg.nix ]; } diff --git a/modules/nixfiles/common/documentation.nix b/modules/nixfiles/common/documentation.nix index 46ec9a5..55f6138 100644 --- a/modules/nixfiles/common/documentation.nix +++ b/modules/nixfiles/common/documentation.nix @@ -16,27 +16,8 @@ with lib; { documentation = { enable = true; - - dev.enable = true; doc.enable = false; info.enable = false; - nixos.enable = true; - - man.man-db.manualPages = - (pkgs.buildEnv { - name = "man-paths"; - paths = with config; - environment.systemPackages ++ hm.home.packages; - pathsToLink = ["/share/man"]; - extraOutputsToInstall = ["man"]; - ignoreCollisions = true; - }) - .overrideAttrs (_: _: {__contentAddressed = true;}); - }; - - environment.sessionVariables = { - MANOPT = "--no-hyphenation"; - MANPAGER = "${pkgs.less}/bin/less -+F"; }; }) (mkIf this.isHeadless { diff --git a/modules/nixfiles/common/home-manager.nix b/modules/nixfiles/common/home-manager.nix index 7ce872b..b28260a 100644 --- a/modules/nixfiles/common/home-manager.nix +++ b/modules/nixfiles/common/home-manager.nix @@ -1,18 +1,18 @@ { - config, inputs, lib, + localUsername ? lib.my.username, ... }: with lib; { imports = [ - inputs.home-manager.nixosModules.home-manager - (mkAliasOptionModule ["hm"] ["home-manager" "users" my.username]) + (mkAliasOptionModule ["hm"] ["home-manager" "users" localUsername]) ]; hm = { news.display = "silent"; - home = {inherit (config.system) stateVersion;}; + home.stateVersion = with builtins; + head (split "\n" (readFile "${inputs.nixpkgs}/.version")); }; home-manager = { @@ -21,6 +21,4 @@ with lib; { useGlobalPkgs = true; verbose = true; }; - - system.extraDependencies = [inputs.home-manager]; } diff --git a/modules/nixfiles/common/kernel.nix b/modules/nixfiles/common/kernel.nix deleted file mode 100644 index 2fdfeeb..0000000 --- a/modules/nixfiles/common/kernel.nix +++ /dev/null @@ -1,33 +0,0 @@ -{lib, ...}: -with lib; { - boot = { - # I don't use it even on laptops. - kernelParams = ["hibernate=no"]; - - kernel.sysctl = { - "fs.file-max" = pow 2 17; - "fs.inotify.max_user_watches" = pow 2 19; - "fs.suid_dumpable" = 0; - "kernel.core_uses_pid" = 1; - "kernel.exec-shield" = 1; - "kernel.kptr_restrict" = 1; - "kernel.maps_protect" = 1; - "kernel.msgmax" = pow 2 16; - "kernel.msgmnb" = pow 2 16; - "kernel.pid_max" = pow 2 16; - "kernel.randomize_va_space" = 2; - "kernel.shmall" = pow 2 28; - "kernel.shmmax" = pow 2 28; - "kernel.sysrq" = 0; - "vm.dirty_background_bytes" = pow 2 22; - "vm.dirty_background_ratio" = 5; - "vm.dirty_bytes" = pow 2 22; - "vm.dirty_ratio" = 30; - "vm.min_free_kbytes" = pow 2 16; - "vm.mmap_min_addr" = pow 2 12; - "vm.overcommit_memory" = mkDefault 0; - "vm.overcommit_ratio" = mkDefault 50; - "vm.vfs_cache_pressure" = 50; - }; - }; -} diff --git a/modules/nixfiles/common/locale.nix b/modules/nixfiles/common/locale.nix index 5f0d5ae..bcb577a 100644 --- a/modules/nixfiles/common/locale.nix +++ b/modules/nixfiles/common/locale.nix @@ -1,27 +1,6 @@ -{lib, ...}: -with lib; { - i18n = { - defaultLocale = mkDefault "en_GB.UTF-8"; - supportedLocales = [ - "C.UTF-8/UTF-8" - "en_GB.UTF-8/UTF-8" - "en_US.UTF-8/UTF-8" - "ja_JP.UTF-8/UTF-8" - "ru_RU.UTF-8/UTF-8" - ]; - }; - - time.timeZone = mkDefault "Europe/Moscow"; - - # TODO Fcitx or UIM as a Japanese IME. - services.xserver = { - layout = comcat ["us" "ru"]; - xkbVariant = comcat ["" "phonetic"]; - xkbOptions = comcat [ - "terminate:ctrl_alt_bksp" - "caps:escape" - "compose:menu" - "grp:win_space_toggle" - ]; +_: { + hm.home.language = { + collate = "C"; + messages = "C"; }; } diff --git a/modules/nixfiles/common/networking.nix b/modules/nixfiles/common/networking.nix index 8512d78..e5d27d8 100644 --- a/modules/nixfiles/common/networking.nix +++ b/modules/nixfiles/common/networking.nix @@ -1,100 +1,3 @@ -{ - config, - lib, - pkgs, - this, - ... -}: -with lib; { - hm.home.file.".digrc".text = '' - +answer - +multiline - +recurse - ''; - - # TODO Support multiple interfaces and IP addresses. - networking = mkMerge [ - { - domain = my.domain.shire; - - hostName = this.hostname; - hostId = substring 0 8 (builtins.hashString "md5" this.hostname); - - # Remove default hostname mappings. This is required at least by the current - # implementation of the montoring module. - hosts = { - "127.0.0.2" = mkForce []; - "::1" = mkForce []; - }; - - nameservers = mkDefault dns.const.quad9.default; - - useDHCP = false; - - firewall = { - enable = true; - - rejectPackets = false; - - allowPing = true; - pingLimit = "--limit 1/minute --limit-burst 5"; - - logRefusedConnections = false; - logRefusedPackets = false; - logRefusedUnicastsOnly = false; - logReversePathDrops = false; - }; - } - (let - interface = "eth0"; # This assumes `usePredictableInterfaceNames` is false. - in - mkIf (hasAttr "ipv4" this && hasAttr "ipv6" this) { - usePredictableInterfaceNames = false; # NOTE This can break something! - interfaces.${interface} = { - ipv4.addresses = with this.ipv4; - optional (isString address && isInt prefixLength) { - inherit address prefixLength; - }; - - ipv6.addresses = with this.ipv6; - optional (isString address && isInt prefixLength) { - inherit address prefixLength; - }; - }; - defaultGateway = with this.ipv4; - mkIf (isString gatewayAddress) { - inherit interface; - address = gatewayAddress; - }; - defaultGateway6 = with this.ipv6; - mkIf (isString gatewayAddress) { - inherit interface; - address = gatewayAddress; - }; - }) - ]; - - environment = { - systemPackages = with pkgs; [myip]; - - shellAliases = listToAttrs (map - ({ - name, - value, - }: - nameValuePair name "${pkgs.iproute2}/bin/${value}") [ - { - name = "bridge"; - value = "bridge -color=always"; - } - { - name = "ip"; - value = "ip -color=always"; - } - { - name = "tc"; - value = "tc -color=always"; - } - ]); - }; +{pkgs, ...}: { + environment.systemPackages = with pkgs; [myip]; } diff --git a/modules/nixfiles/common/nix/default.nix b/modules/nixfiles/common/nix/default.nix index c9d3b04..aeb25bd 100644 --- a/modules/nixfiles/common/nix/default.nix +++ b/modules/nixfiles/common/nix/default.nix @@ -2,12 +2,8 @@ config, inputs, lib, + localUsername ? lib.my.username, pkgs, - pkgsLocal, - pkgsMaster, - pkgsPR, - pkgsRev, - pkgsStabe, this, ... }: @@ -62,10 +58,11 @@ with lib; { // {nixfiles.flake = inputs.self;}; settings = { - trusted-users = ["root" "@wheel"]; + trusted-users = ["root" localUsername]; substituters = [ "https://azahi.cachix.org" + "https://cache.iog.io" "https://cachix.cachix.org" "https://nix-community.cachix.org" "https://pre-commit-hooks.cachix.org" @@ -73,6 +70,7 @@ with lib; { trusted-public-keys = [ "azahi.cachix.org-1:2bayb+iWYMAVw3ZdEpVg+NPOHCXncw7WMQ0ElX1GO3s=" "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" + "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "pre-commit-hooks.cachix.org-1:Pkk3Panw5AW24TOv6kz3PvLhlH8puAsJTBbOPmBo7Rc=" ]; @@ -114,45 +112,25 @@ with lib; { inherit (np) yaml-language-server; json-language-server = np.vscode-json-languageserver-bin; k3d = kube3d; + kubelogin = kubelogin-oidc; lua-language-server = sumneko-lua-language-server; nix-language-server = rnix-lsp; omnisharp = omnisharp-roslyn; + telepresence = telepresence2; tor-browser = tor-browser-bundle-bin; })) - agenix.overlay emacs-overlay.overlay # nil.overlays.default - # nix-minecraft-servers.overlays.default nur.overlay # pollymc.overlay - xmonad-ng.overlays.default ]; - system = { - stateVersion = builtins.readFile "${inputs.nixpkgs}/.version"; - - extraDependencies = with inputs; [ - nixos-hardware - nixpkgs - nixpkgs-master - nixpkgs-stable - nur + environment.systemPackages = with pkgs; + optionals this.isHeadful [ + nix-du + nix-top + nix-tree ]; - }; - - environment = { - sessionVariables.NIX_SHELL_PRESERVE_PROMPT = "1"; - - localBinInPath = true; - - defaultPackages = []; - systemPackages = with pkgs; - optionals this.isHeadful [ - nix-du - nix-top - nix-tree - ]; - }; hm.home = { packages = with pkgs; [nix-index]; diff --git a/modules/nixfiles/common/secrets.nix b/modules/nixfiles/common/secrets.nix deleted file mode 100644 index 9e59716..0000000 --- a/modules/nixfiles/common/secrets.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ - config, - inputs, - lib, - pkgs, - this, - ... -}: -with lib; { - imports = [ - inputs.agenix.nixosModule - (mkAliasOptionModule ["secrets"] ["age" "secrets"]) - ]; - - config = { - age = { - identityPaths = - if this.isHeadful - then ["${config.my.home}/.ssh/id_${my.ssh.type}"] - else - map (attr: attr.path) (filter (attr: attr.type == my.ssh.type) - config.services.openssh.hostKeys); - - # This can be used to auto-add all secrets, thus eleminating the need to - # specify path to each envrypted file. The drawback is that this will - # expose *all* secrets to all machines and try to decrypt them all even on - # machines where the secret will not be used. - # - # secrets = - # let - # secretsSourceDir = "${inputs.self}/age"; - # in - # mapAttrs' - # (name: _: - # nameValuePair name { - # file = "${secretsSourceDir}/${name}"; - # owner = mkDefault my.username; - # group = mkDefault config.my.group; - # }) - # (builtins.readDir secretsSourceDir); - }; - - environment.systemPackages = with pkgs; [agenix]; - - system.extraDependencies = [inputs.agenix]; - }; -} diff --git a/modules/nixfiles/common/security.nix b/modules/nixfiles/common/security.nix deleted file mode 100644 index 09c5da1..0000000 --- a/modules/nixfiles/common/security.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - inputs, - lib, - ... -}: -with lib; { - security = { - sudo = { - enable = true; - execWheelOnly = true; - wheelNeedsPassword = false; - # https://mwl.io/archives/1000 - extraConfig = '' - Defaults env_keep += "SSH_CLIENT SSH_CONNECTION SSH_TTY SSH_AUTH_SOCK" - ''; - }; - - polkit = { - enable = true; - # https://wiki.archlinux.org/title/Polkit#Bypass_password_prompt - extraConfig = '' - polkit.addRule(function (action, subject) { - if (subject.isInGroup('wheel')) - return polkit.Result.YES; - }); - ''; - }; - }; -} diff --git a/modules/nixfiles/common/services.nix b/modules/nixfiles/common/services.nix deleted file mode 100644 index 376c87d..0000000 --- a/modules/nixfiles/common/services.nix +++ /dev/null @@ -1,9 +0,0 @@ -_: { - services = { - earlyoom.enable = true; - haveged.enable = true; - irqbalance.enable = true; - }; - - hardware.ksm.enable = true; -} diff --git a/modules/nixfiles/common/shell/default.nix b/modules/nixfiles/common/shell/default.nix index 8ed2e99..9425578 100644 --- a/modules/nixfiles/common/shell/default.nix +++ b/modules/nixfiles/common/shell/default.nix @@ -40,6 +40,72 @@ with lib; { fi ''; + shellAliases = + listToAttrs + (map + ({ + name, + value, + }: + nameValuePair name (with pkgs; let + pkg = + if this.isHeadful + then + (coreutils.overrideAttrs (_: super: { + patches = + super.patches + ++ [ + (fetchpatch { + url = "https://raw.githubusercontent.com/jarun/advcpmv/ea268d870b475edd5960dcd55d5378abc9705958/advcpmv-0.9-9.1.patch"; + hash = "sha256-d+SRT/R4xmfHLAdOr7m4R3WFiW64P5ZH6iqDvErYCyg="; + }) + ]; + })) + else coreutils; + in "${pkg}/bin/coreutils --coreutils-prog=${value}")) + ( + let + mkAlias = { + name ? head command, + command, + }: { + inherit name; + value = concatStringsSep " " command; + }; + + progressBar = optionalString this.isHeadful "--progress-bar"; + in [ + (mkAlias { + command = ["cp" "--interactive" "--recursive" progressBar]; + }) + (mkAlias {command = ["mv" "--interactive" progressBar];}) + (mkAlias {command = ["rm" "--interactive=once"];}) + (mkAlias {command = ["ln" "--interactive"];}) + (mkAlias {command = ["mkdir" "--parents"];}) + (mkAlias {command = ["rmdir" "--parents"];}) + (mkAlias { + name = "lower"; + command = ["tr" "'[:upper:]'" "'[:lower:]'"]; + }) + (mkAlias { + name = "upper"; + command = ["tr" "'[:lower:]'" "'[:upper:]'"]; + }) + (mkAlias { + name = "disk"; + command = [ + "df" + "--human-readable" + "--exclude-type=tmpfs" + "--exclude-type=devtmpfs" + "2>/dev/null" + ]; + }) + ] + )) + // genAttrs ["grep" "egrep" "fgrep"] + (name: "${pkgs.gnugrep}/bin/${name} --color=always"); + historyControl = ["ignoredups" "ignorespace"]; }; @@ -51,82 +117,12 @@ with lib; { home.packages = with pkgs; [grc]; }; - programs.command-not-found.enable = false; - - environment = { - shellAliases = - listToAttrs - (map - ({ - name, - value, - }: - nameValuePair name (with pkgs; let - pkg = - if this.isHeadful - then - (coreutils.overrideAttrs (_: super: { - patches = - super.patches - ++ [ - (fetchpatch { - url = "https://raw.githubusercontent.com/jarun/advcpmv/ea268d870b475edd5960dcd55d5378abc9705958/advcpmv-0.9-9.1.patch"; - hash = "sha256-d+SRT/R4xmfHLAdOr7m4R3WFiW64P5ZH6iqDvErYCyg="; - }) - ]; - })) - else coreutils; - in "${pkg}/bin/coreutils --coreutils-prog=${value}")) - ( - let - mkAlias = { - name ? head command, - command, - }: { - inherit name; - value = concatStringsSep " " command; - }; - - progressBar = optionalString this.isHeadful "--progress-bar"; - in [ - (mkAlias { - command = ["cp" "--interactive" "--recursive" progressBar]; - }) - (mkAlias {command = ["mv" "--interactive" progressBar];}) - (mkAlias {command = ["rm" "--interactive=once"];}) - (mkAlias {command = ["ln" "--interactive"];}) - (mkAlias {command = ["mkdir" "--parents"];}) - (mkAlias {command = ["rmdir" "--parents"];}) - (mkAlias { - name = "lower"; - command = ["tr" "'[:upper:]'" "'[:lower:]'"]; - }) - (mkAlias { - name = "upper"; - command = ["tr" "'[:lower:]'" "'[:upper:]'"]; - }) - (mkAlias { - name = "disk"; - command = [ - "df" - "--human-readable" - "--exclude-type=tmpfs" - "--exclude-type=devtmpfs" - "2>/dev/null" - ]; - }) - ] - )) - // genAttrs ["grep" "egrep" "fgrep"] - (name: "${pkgs.gnugrep}/bin/${name} --color=always"); - - systemPackages = with pkgs; [ - bash-completion - bc - gawk - hr - moreutils - pv - ]; - }; + environment.systemPackages = with pkgs; [ + bash-completion + bc + gawk + hr + moreutils + pv + ]; } diff --git a/modules/nixfiles/common/systemd.nix b/modules/nixfiles/common/systemd.nix deleted file mode 100644 index 5c7282d..0000000 --- a/modules/nixfiles/common/systemd.nix +++ /dev/null @@ -1,22 +0,0 @@ -{pkgs, ...}: { - hm.systemd.user.startServices = "sd-switch"; - - services.journald.extraConfig = '' - SystemMaxUse=5G - ''; - - systemd = let - extraConfig = '' - DefaultTimeoutStartSec=30s - DefaultTimeoutStopSec=15s - ''; - in { - inherit extraConfig; - user = {inherit extraConfig;}; - }; - - environment.sessionVariables = { - SYSTEMD_PAGER = "${pkgs.less}/bin/less"; - SYSTEMD_LESS = "FRSXMK"; - }; -} diff --git a/modules/nixfiles/common/tmp.nix b/modules/nixfiles/common/tmp.nix deleted file mode 100644 index d56e2b6..0000000 --- a/modules/nixfiles/common/tmp.nix +++ /dev/null @@ -1,18 +0,0 @@ -_: { - systemd.mounts = [ - { - type = "tmpfs"; - what = "tmpfs"; - where = "/tmp"; - mountConfig.Options = [ - "huge=within_size" - "mode=1777" - "noatime" - "nodev" - "nosuid" - "rw" - "size=25%" - ]; - } - ]; -} diff --git a/modules/nixfiles/common/users.nix b/modules/nixfiles/common/users.nix index fb85c1b..aee0e38 100644 --- a/modules/nixfiles/common/users.nix +++ b/modules/nixfiles/common/users.nix @@ -1,21 +1,8 @@ -{lib, ...}: +{ + lib, + localUsername ? lib.my.username, + ... +}: with lib; { - imports = [(mkAliasOptionModule ["my"] ["users" "users" my.username])]; - - users = { - mutableUsers = false; - - users = { - root.hashedPassword = "@HASHED_PASSWORD@"; - - ${my.username} = { - isNormalUser = true; - uid = 1000; - description = my.fullname; - inherit (my) hashedPassword; - openssh.authorizedKeys.keys = [my.ssh.key]; - extraGroups = ["wheel"]; - }; - }; - }; + imports = [(mkAliasOptionModule ["my"] ["users" "users" localUsername])]; } diff --git a/modules/nixfiles/common/xdg.nix b/modules/nixfiles/common/xdg.nix deleted file mode 100644 index 8ddf1ac..0000000 --- a/modules/nixfiles/common/xdg.nix +++ /dev/null @@ -1,87 +0,0 @@ -{ - config, - lib, - this, - ... -}: -with lib; { - imports = let - withBase = s: ["home-manager" "users" my.username "xdg" s]; - in [ - (mkAliasOptionModule ["dirs" "cache"] (withBase "cacheHome")) - (mkAliasOptionModule ["dirs" "config"] (withBase "configHome")) - (mkAliasOptionModule ["dirs" "data"] (withBase "dataHome")) - (mkAliasOptionModule ["dirs" "state"] (withBase "stateHome")) - (mkAliasOptionModule ["userDirs"] (withBase "userDirs")) - ]; - - hm.xdg = mkMerge [ - { - enable = true; - - userDirs = let - inherit (config.my) home; - tmp = home + "/tmp"; - in { - enable = true; - - desktop = tmp; - documents = "${home}/doc"; - download = tmp; - music = tmp; - pictures = tmp; - publicShare = "${home}/share"; - templates = tmp; - videos = tmp; - }; - } - (mkIf this.isHeadful { - mimeApps = { - enable = true; - defaultApplications = mkMerge (mapAttrsToList - (n: v: genAttrs v (_: ["${n}.desktop"])) - { - emacsclient = [ - "application/json" - "application/vnd.ms-publisher" - "application/x-desktop" - "application/x-shellscript" - "application/x-trash" - "application/x-wine-extension-ini" - "application/xml" - "text/markdown" - "text/plain" - ]; - firefox = [ - "text/html" - "x-scheme-handler/http" - "x-scheme-handler/https" - ]; - imv = [ - "image/bmp" - "image/gif" - "image/jpeg" - "image/jpg" - "image/png" - "image/svg+xml" - "image/tiff" - "image/webp" - ]; - mpv = [ - "audio/aac" - "audio/flac" - "audio/mp3" - "audio/ogg" - "audio/wav" - "audio/webm" - "video/mkv" - "video/mp4" - "video/ogg" - "video/webm" - "video/x-matroska" - ]; - }); - }; - }) - ]; -} diff --git a/modules/nixfiles/default.nix b/modules/nixfiles/default.nix index 82ccc27..d4e5e26 100644 --- a/modules/nixfiles/default.nix +++ b/modules/nixfiles/default.nix @@ -1,78 +1,31 @@ -{...}: { +_: { imports = [ - ./acme.nix ./alacritty.nix - ./alertmanager.nix - ./android.nix ./aria2.nix ./bat.nix ./beets.nix - ./bluetooth.nix ./chromium.nix ./common ./curl.nix ./direnv.nix - ./docker.nix - ./dwm.nix ./emacs - ./endlessh-go.nix - ./endlessh.nix - ./fail2ban.nix ./firefox ./fonts.nix - ./games ./git.nix ./gnupg.nix - ./gotify.nix - ./grafana.nix ./htop.nix - ./hydra.nix - ./ipfs.nix - ./kde.nix - ./libvirtd.nix - ./lidarr.nix - ./loki.nix - ./lxc.nix - ./matrix - ./monitoring ./mpd.nix ./mpv.nix - ./nextcloud.nix - ./nginx.nix ./nmap.nix - ./node-exporter.nix - ./nsd.nix ./openssh.nix ./password-store.nix - ./podman.nix - ./postgresql.nix ./profiles - ./prometheus.nix - ./promtail.nix - ./psd.nix ./qutebrowser.nix - ./radarr.nix - ./radicale.nix - ./rss-bridge.nix - ./rtorrent.nix - ./searx.nix - ./shadowsocks.nix - ./soju.nix - ./solaar.nix - ./sonarr.nix - ./sound.nix ./subversion.nix - ./syncthing.nix - ./throttled.nix ./tmux.nix - ./unbound.nix - ./vaultwarden.nix ./vim ./vscode.nix ./wget.nix - ./wireguard.nix - ./x11.nix - ./xmonad.nix ./zathura.nix ]; } diff --git a/modules/nixfiles/discord.nix b/modules/nixfiles/discord.nix new file mode 100644 index 0000000..190b5fc --- /dev/null +++ b/modules/nixfiles/discord.nix @@ -0,0 +1,22 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; let + cfg = config.nixfiles.modules.discord; +in { + options.nixfiles.modules.discord.enable = + mkEnableOption "Steam runtime"; + + config = mkIf cfg.enable { + nixfiles.modules.common.nix.allowedUnfreePackages = ["discord"]; + + hm.home.packages = with pkgs; [ + (discord.override { + withOpenASAR = true; + }) + ]; + }; +} diff --git a/modules/nixfiles/docker.nix b/modules/nixfiles/docker.nix deleted file mode 100644 index e642030..0000000 --- a/modules/nixfiles/docker.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ - config, - inputs, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.docker; -in { - options.nixfiles.modules.docker.enable = mkEnableOption "Docker"; - - config = mkIf cfg.enable { - assertions = [ - { - assertion = !config.nixfiles.modules.podman.enable; - message = "Pick only one!"; - } - ]; - - secrets.containers-auth = { - file = "${inputs.self}/secrets/containers-auth"; - path = "${config.my.home}/.docker/config.json"; - owner = my.username; - inherit (config.my) group; - }; - - virtualisation.docker.enable = true; - - environment.systemPackages = with pkgs; [docker-compose]; - - my.extraGroups = ["docker"]; - - hm.programs.bash = { - shellAliases.d = "${pkgs.docker}/bin/docker"; - initExtra = mkAfter '' - _complete_alias d _docker docker - ''; - }; - }; -} diff --git a/modules/nixfiles/dwm.nix b/modules/nixfiles/dwm.nix deleted file mode 100644 index 618d8ed..0000000 --- a/modules/nixfiles/dwm.nix +++ /dev/null @@ -1,159 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.dwm; -in { - options.nixfiles.modules.dwm.enable = mkEnableOption "dwm"; - - config = mkIf cfg.enable { - nixfiles.modules.x11.enable = true; - - hm.xsession = { - enable = true; - - windowManager.command = let - pkg = pkgs.dwm.override { - conf = let - font = with config.fontScheme.monospaceFont; "${family}:size=${toString size}"; - colour = config.colourScheme; - in '' - static const unsigned int borderpx = 1; - static const unsigned int snap = 32; - static const int showbar = 1; - static const int topbar = 1; - - static const char *fonts[] = { - "${font}" - }; - - static const char *colors[][3] = { - [SchemeNorm] = { - "${colour.white}", - "${colour.black}", - "${colour.black}", - }, - [SchemeSel] = { - "${colour.black}", - "${colour.white}", - "${colour.white}", - }, - }; - - static const char *tags[] = { - "1", - "2", - "3", - "4", - "5", - "6", - "7", - "8", - "9" - }; - - static const Rule rules[] = { - { "Emacs", NULL, NULL, 1 << 0, 0, -1 }, - }; - - static const float mfact = 0.666; - static const int nmaster = 1; - static const int resizehints = 0; - static const int lockfullscreen = 1; - - static const Layout layouts[] = { - { "[]=", tile }, - { "><>", NULL }, - { "[M]", monocle }, - }; - - #define MODKEY Mod4Mask - #define TAGKEYS(KEY,TAG) \ - { MODKEY, KEY, view, { .ui = 1 << TAG } }, \ - { MODKEY|ControlMask, KEY, toggleview, { .ui = 1 << TAG } }, \ - { MODKEY|ShiftMask, KEY, tag, { .ui = 1 << TAG } }, \ - { MODKEY|ControlMask|ShiftMask, KEY, toggletag, { .ui = 1 << TAG } }, - - static char dmenumon[2] = "0"; - static const char *dmenucmd[] = { - "${pkgs.dmenu}/bin/dmenu_run", - "-m", dmenumon, - "-fn", "${font}", - "-nb", "${colour.black}", - "-nf", "${colour.white}", - "-sb", "${colour.white}", - "-sf", "${colour.black}", - NULL, - }; - static const char *termcmd[] = { - "${pkgs.alacritty}/bin/alacritty", - NULL, - }; - - static const Key keys[] = { - { MODKEY, XK_x, spawn, {.v = dmenucmd } }, - { MODKEY, XK_Return, spawn, {.v = termcmd } }, - { MODKEY, XK_b, togglebar, {0} }, - { MODKEY, XK_j, focusstack, {.i = +1 } }, - { MODKEY, XK_k, focusstack, {.i = -1 } }, - { MODKEY|ShiftMask, XK_k, incnmaster, {.i = +1 } }, - { MODKEY|ShiftMask, XK_j, incnmaster, {.i = -1 } }, - { MODKEY, XK_comma, setmfact, {.f = -0.05} }, - { MODKEY, XK_period, setmfact, {.f = +0.05} }, - { MODKEY, XK_p, zoom, {0} }, - { MODKEY, XK_Tab, view, {0} }, - { MODKEY, XK_d, killclient, {0} }, - { MODKEY, XK_t, setlayout, {.v = &layouts[0]} }, - { MODKEY, XK_m, setlayout, {.v = &layouts[1]} }, - { MODKEY, XK_f, setlayout, {.v = &layouts[2]} }, - { MODKEY, XK_o, togglefloating, {0} }, - { MODKEY, XK_0, view, {.ui = ~0 } }, - { MODKEY|ShiftMask, XK_0, tag, {.ui = ~0 } }, - { MODKEY, XK_h, focusmon, {.i = -1 } }, - { MODKEY, XK_l, focusmon, {.i = +1 } }, - { MODKEY|ShiftMask, XK_h, tagmon, {.i = -1 } }, - { MODKEY|ShiftMask, XK_l, tagmon, {.i = +1 } }, - TAGKEYS( XK_1, 0) - TAGKEYS( XK_2, 1) - TAGKEYS( XK_3, 2) - TAGKEYS( XK_4, 3) - TAGKEYS( XK_5, 4) - TAGKEYS( XK_6, 5) - TAGKEYS( XK_7, 6) - TAGKEYS( XK_8, 7) - TAGKEYS( XK_9, 8) - { MODKEY|ShiftMask, XK_q, quit, {0} }, - }; - - static const Button buttons[] = { - { ClkLtSymbol, 0, Button1, setlayout, {0} }, - { ClkLtSymbol, 0, Button3, setlayout, {.v = &layouts[2]} }, - { ClkWinTitle, 0, Button2, zoom, {0} }, - { ClkStatusText, 0, Button2, spawn, {.v = termcmd } }, - { ClkClientWin, MODKEY, Button1, movemouse, {0} }, - { ClkClientWin, MODKEY, Button2, togglefloating, {0} }, - { ClkClientWin, MODKEY, Button3, resizemouse, {0} }, - { ClkTagBar, 0, Button1, view, {0} }, - { ClkTagBar, 0, Button3, toggleview, {0} }, - { ClkTagBar, MODKEY, Button1, tag, {0} }, - { ClkTagBar, MODKEY, Button3, toggletag, {0} }, - }; - ''; - }; - in "${pkg}/bin/dwm"; - }; - - hm.services.dwm-status = { - enable = true; - # package = pkgs.dwm-status.override { - # enableAlsaUtils = false; - # }; - order = ["audio" "backlight" "battery" "cpu_load" "network" "time"]; - }; - - services.xserver.displayManager.startx.enable = true; - }; -} diff --git a/modules/nixfiles/emacs/default.nix b/modules/nixfiles/emacs/default.nix index 0ae2bf9..933a32e 100644 --- a/modules/nixfiles/emacs/default.nix +++ b/modules/nixfiles/emacs/default.nix @@ -11,17 +11,10 @@ in { options.nixfiles.modules.emacs.enable = mkEnableOption "GNU Emacs"; config = mkIf cfg.enable { - secrets.authinfo = { - file = "${inputs.self}/secrets/authinfo"; - owner = my.username; - inherit (config.my) group; - }; - nixfiles.modules = { fonts.enable = true; git.client.enable = true; gnupg.enable = true; - x11.enable = true; }; hm = { @@ -65,7 +58,6 @@ in { gore # :lang go gotests # :lang go graphviz # :lang (org +roam2) :lang plantuml - grip # :lang (markdown +grip) haskell-language-server # :lang (haskell +lsp) haskellPackages.brittany # :lang haskell :editor format haskellPackages.cabal-fmt # :lang haskell :editor format @@ -97,10 +89,6 @@ in { texlive.combined.scheme-full # :lang org tex unzip # :tools debugger wordnet # :tools (lookup +dictionary +offline) - xclip # :app everywhere - xdotool # :app everywhere - xorg.xprop # :app everywhere - xorg.xwininfo # :app everywhere yaml-language-server # :lang (yaml +lsp) zls # :lang (zig +lsp) zstd # :emacs undo @@ -117,13 +105,11 @@ in { (setq custom-file (file-name-concat doom-emacs-dir "custom.el")) - ;; Font must be set to n+2 because otherwise it looks too small. + Font must be set to n+2 because otherwise it looks too small. (setq doom-font (font-spec :family "${config.fontScheme.monospaceFont.family}" :size ${toString (config.fontScheme.monospaceFont.size + 2)}) doom-unicode-font doom-font) - (appendq! auth-sources '("${config.secrets.authinfo.path}")) - (setq user-full-name "${my.fullname}" user-mail-address "${my.email}") @@ -142,16 +128,6 @@ in { (setq skk-large-jisyo "${pkgs.skk-dicts}/share/skk/SKK-JISYO.L") ''; }; - - services.emacs = { - enable = true; - client.enable = true; - }; }; - - system.extraDependencies = with inputs; [ - emacs-overlay - nix-doom-emacs - ]; }; } diff --git a/modules/nixfiles/emacs/doom/init.el b/modules/nixfiles/emacs/doom/init.el index ef663a0..efb831e 100644 --- a/modules/nixfiles/emacs/doom/init.el +++ b/modules/nixfiles/emacs/doom/init.el @@ -20,7 +20,7 @@ ophints (popup +defaults) ;; tabs - (treemacs +lsp) + ;; (treemacs +lsp) ;; unicode (vc-gutter +diff-hl +pretty) window-select @@ -91,7 +91,7 @@ (javascript +lsp +tree-sitter) json (latex +lsp +tree-sittter) - (lua +lsp +tree-sitter) + ;; (lua +lsp +tree-sitter) (markdown +lsp +tree-sitter) (nix +lsp) (org +pandoc +roam2) @@ -99,7 +99,7 @@ (python +lsp +tree-sitter) ;; (racket +lsp +tree-sitter) ;; rst - (rust +lsp +tree-sitter) + ;; (rust +lsp +tree-sitter) ;; (scheme +lsp +tree-sitter +racket) (sh +lsp +tree-sitter) web @@ -112,7 +112,7 @@ :app calendar ;; emms - everywhere + ;; everywhere irc (rss +org) diff --git a/modules/nixfiles/endlessh-go.nix b/modules/nixfiles/endlessh-go.nix deleted file mode 100644 index 9ceb4e4..0000000 --- a/modules/nixfiles/endlessh-go.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - inputs, - lib, - pkgs, - this, - ... -}: -with lib; let - cfg = config.nixfiles.modules.endlessh-go; -in { - options.nixfiles.modules.endlessh-go.enable = mkEnableOption "endlessh-go"; - - config = let - port = 22; - in - mkIf cfg.enable { - services.endlessh-go = { - enable = true; - listenAddress = "0.0.0.0"; - inherit port; - prometheus = { - enable = true; - listenAddress = this.wireguard.ipv4.address; - port = 9229; - }; - extraOptions = ["-geoip_supplier=ip-api" "-v=1"]; - }; - - networking.firewall.allowedTCPPorts = [port]; - }; -} diff --git a/modules/nixfiles/endlessh.nix b/modules/nixfiles/endlessh.nix deleted file mode 100644 index c66d8b3..0000000 --- a/modules/nixfiles/endlessh.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.endlessh; -in { - options.nixfiles.modules.endlessh.enable = - mkEnableOption "endlessh"; - - config = let - port = 22; - in - mkIf cfg.enable { - assertions = [ - { - assertion = !(any (x: x == port) config.services.openssh.ports); - message = "Port ${toString port} is already occupied by OpenSSH"; - } - ]; - - systemd.services.endlessh = { - description = "Endlessh SSH Tarpit"; - requires = ["network-online.target"]; - serviceConfig = { - Restart = "always"; - ExecStart = concatStringsSep " " [ - "${pkgs.endlessh}/bin/endlessh" - "-v" - "-4" - "-p ${toString port}" - ]; - KillSignal = "SIGTERM"; - AmbientCapabilities = "CAP_NET_BIND_SERVICE"; - DynamicUser = true; - StateDirectory = "endlessh"; - }; - wantedBy = ["multi-user.target"]; - }; - - networking.firewall.allowedTCPPorts = [port]; - }; -} diff --git a/modules/nixfiles/fail2ban.nix b/modules/nixfiles/fail2ban.nix deleted file mode 100644 index 5ac3c9c..0000000 --- a/modules/nixfiles/fail2ban.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - lib, - this, - ... -}: -with lib; let - cfg = config.nixfiles.modules.fail2ban; -in { - options.nixfiles.modules.fail2ban.enable = - mkEnableOption "fail2ban"; - - config = mkIf cfg.enable { - services.fail2ban = { - enable = true; - - bantime-increment = { - enable = true; - maxtime = "24h"; - rndtime = "8m"; - }; - - ignoreIP = - optionals (hasAttr "wireguard" this) - (with config.nixfiles.modules.wireguard; [ipv4.subnet ipv6.subnet]); - - jails.DEFAULT = '' - blocktype = DROP - ''; - }; - }; -} diff --git a/modules/nixfiles/firefox/default.nix b/modules/nixfiles/firefox/default.nix index 8557d64..cd651a6 100644 --- a/modules/nixfiles/firefox/default.nix +++ b/modules/nixfiles/firefox/default.nix @@ -276,23 +276,17 @@ in { }; }; - extensions = with pkgs.nur.repos.rycee.firefox-addons; - [ - bitwarden - consent-o-matic - darkreader - localcdn - noscript - privacy-redirect - ublock-origin - violentmonkey - ] - ++ optional config.nixfiles.modules.ipfs.enable ipfs-companion; + extensions = with pkgs.nur.repos.rycee.firefox-addons; [ + bitwarden + consent-o-matic + darkreader + localcdn + noscript + privacy-redirect + ublock-origin + violentmonkey + ]; }; }; - - services.psd.enable = true; - - system.extraDependencies = [inputs.arkenfox-nixos]; }; } diff --git a/modules/nixfiles/firefox/userChrome.css b/modules/nixfiles/firefox/userChrome.css index 23fc336..5300d17 100644 --- a/modules/nixfiles/firefox/userChrome.css +++ b/modules/nixfiles/firefox/userChrome.css @@ -94,8 +94,8 @@ min-width: 1.6em; } - #back-button, #forward-button, + #back-button, #context-bookmarklink, #context-inspect-a11y, #context-navigation, @@ -117,7 +117,8 @@ #context_moveTabOptions, #context_reopenInContainer, #context_selectAllTabs, - #context_sendTabToDevice { + #context_sendTabToDevice, + #webrtcIndicator { display: none !important; } } diff --git a/modules/nixfiles/fonts.nix b/modules/nixfiles/fonts.nix index dbae282..483de0d 100644 --- a/modules/nixfiles/fonts.nix +++ b/modules/nixfiles/fonts.nix @@ -80,51 +80,12 @@ in { }; }; - config = mkMerge [ - (mkIf cfg.enable { - hm.fonts.fontconfig.enable = true; - - fonts = { - fonts = with pkgs; [ - iosevka-bin - (iosevka-bin.override {variant = "aile";}) - (iosevka-bin.override {variant = "etoile";}) - sarasa-gothic - ]; - - fontconfig = { - enable = true; - - defaultFonts = { - monospace = [ - "Iosevka" - "Sarasa Mono K" - "Sarasa Mono J" - "Sarasa Mono SC" - "Sarasa Mono CL" - ]; - sansSerif = [ - "Iosevka Aile" - "Sarasa Gothic K" - "Sarasa Gothic J" - "Sarasa Gothic SC" - "Sarasa Gothic CL" - ]; - serif = [ - "Iosevka Etoile" - "Sarasa Gothic K" - "Sarasa Gothic J" - "Sarasa Gothic SC" - "Sarasa Gothic CL" - ]; - }; - }; - }; - }) - (mkIf (!cfg.enable) { - # Disable fonts for headless profiles. - hm.fonts.fontconfig.enable = mkForce false; - fonts.fontconfig.enable = mkForce false; - }) - ]; + config = mkIf cfg.enable { + fonts.fonts = with pkgs; [ + iosevka-bin + (iosevka-bin.override {variant = "aile";}) + (iosevka-bin.override {variant = "etoile";}) + sarasa-gothic + ]; + }; } diff --git a/modules/nixfiles/games/default.nix b/modules/nixfiles/games/default.nix deleted file mode 100644 index 1c5766b..0000000 --- a/modules/nixfiles/games/default.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.games; -in { - imports = [ - ./gamemode.nix - ./gog.nix - ./lutris.nix - ./mangohud.nix - ./minecraft.nix - ./steam-run.nix - ./steam.nix - ]; - - options.nixfiles.modules.games.enable32BitSupport = - mkEnableOption "support for games"; - - config = mkIf cfg.enable32BitSupport { - services = { - jack.alsa.support32Bit = config.services.jack.alsa.enable; - - pipewire.alsa.support32Bit = config.services.pipewire.alsa.enable; - }; - - hardware = { - opengl = mkIf config.hardware.opengl.enable { - extraPackages32 = config.hardware.opengl.extraPackages; - driSupport32Bit = config.hardware.opengl.driSupport; - }; - - pulseaudio.support32Bit = config.hardware.pulseaudio.enable; - }; - }; -} diff --git a/modules/nixfiles/games/gamemode.nix b/modules/nixfiles/games/gamemode.nix deleted file mode 100644 index 051d12e..0000000 --- a/modules/nixfiles/games/gamemode.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.games.gamemode; -in { - options.nixfiles.modules.games.gamemode.enable = - mkEnableOption "Feral GameMode"; - - config = mkIf cfg.enable {programs.gamemode.enable = true;}; -} diff --git a/modules/nixfiles/games/gog.nix b/modules/nixfiles/games/gog.nix deleted file mode 100644 index 86039f1..0000000 --- a/modules/nixfiles/games/gog.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.games.gog; -in { - options.nixfiles.modules.games.gog.enable = - mkEnableOption "stand-alone GOG clients and the ability to run GOG games"; - - config = mkIf cfg.enable { - nixfiles.modules.games.steam-run.enable = true; - - hm.home.packages = with pkgs; [lgogdownloader]; - }; -} diff --git a/modules/nixfiles/games/lutris.nix b/modules/nixfiles/games/lutris.nix deleted file mode 100644 index e7faef3..0000000 --- a/modules/nixfiles/games/lutris.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.games.lutris; -in { - options.nixfiles.modules.games.lutris.enable = mkEnableOption "Lutris"; - - config = mkIf cfg.enable { - nixfiles.modules.games = { - gamemode.enable = true; - mangohud.enable = true; - steam-run.enable = true; - }; - - # This removes the annoying warning. - boot.kernel.sysctl."dev.i915.perf_stream_paranoid" = 0; - - hm.home.packages = with pkgs; [ - (lutris.override { - lutris-unwrapped = lutris-unwrapped.override { - wine = buildFHSUserEnv { - # We don't really need Wine because Lutris downloads the required - # runtime for us. - name = "empty"; - }; - }; - steamSupport = false; - }) - ]; - }; -} diff --git a/modules/nixfiles/games/mangohud.nix b/modules/nixfiles/games/mangohud.nix deleted file mode 100644 index b521687..0000000 --- a/modules/nixfiles/games/mangohud.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.games.mangohud; -in { - options.nixfiles.modules.games.mangohud.enable = mkEnableOption "MangoHud"; - - config = mkIf cfg.enable { - hm.programs.mangohud = { - enable = true; - settings = { - fps = true; - gpu_stats = true; - gpu_temp = true; - cpu_stats = true; - cpu_temp = true; - }; - settingsPerApplication = { - mpv.no_display = true; - }; - }; - }; -} diff --git a/modules/nixfiles/games/minecraft.nix b/modules/nixfiles/games/minecraft.nix deleted file mode 100644 index 47279f8..0000000 --- a/modules/nixfiles/games/minecraft.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.games.minecraft; -in { - options.nixfiles.modules.games.minecraft = { - client.enable = mkEnableOption "Minecraft client"; - server = { - enable = mkEnableOption "Minecraft server"; - - memory = mkOption { - description = "Amount of RAM to allocate."; - type = types.str; - default = "2G"; - }; - }; - }; - - config = mkMerge [ - (mkIf cfg.client.enable { - hm.home.packages = with pkgs; [pollymc]; - - system.extraDependencies = [inputs.pollymc]; - }) - (mkIf cfg.server.enable { - # Configurations, opslist, whitelist and plugins are managed imperatively. - # TODO Make it declarative. - services.minecraft-server = { - enable = true; - eula = true; - - package = pkgs.minecraftServers.purpur_1_19_2; - - # TODO Make a PR fixing trailing whitespace on this. - jvmOpts = - (concatStringsSep " " [ - "-Xmx${cfg.server.memory}" - "-Xms${cfg.server.memory}" - "--add-modules=jdk.incubator.vector" - ]) - + " "; - }; - - # Defined in /var/lib/minecraft/server.properties. - networking.firewall.allowedTCPPorts = [55565]; - - system.extraDependencies = [inputs.nix-minecraft-servers]; - }) - ]; -} diff --git a/modules/nixfiles/games/steam-run.nix b/modules/nixfiles/games/steam-run.nix deleted file mode 100644 index 4731fd6..0000000 --- a/modules/nixfiles/games/steam-run.nix +++ /dev/null @@ -1,69 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.games.steam-run; -in { - options.nixfiles.modules.games.steam-run = { - enable = mkEnableOption "native Steam runtime"; - - quirks = { - mountandblade = mkEnableOption ''fixes for "Mount & Blade: Warband" issues''; - }; - }; - - config = mkIf cfg.enable { - nixfiles.modules = { - games = { - enable32BitSupport = true; - gamemode.enable = true; - }; - }; - - hm.home.packages = with pkgs; [ - (steam.override { - extraLibraries = _: - with cfg.quirks; - optionals mountandblade [ - (glew.overrideAttrs (_: super: let - opname = super.pname; - in rec { - pname = "${opname}-mbw"; - inherit (super) version; - src = fetchurl { - url = "mirror://sourceforge/${opname}/${opname}-${version}.tgz"; - hash = "sha256-BN6R5+Z2MDm8EZQAlc2cf4gLq6ghlqd2X3J6wFqZPJU="; - }; - })) - (fmodex.overrideAttrs (_: super: let - opname = super.pname; - in rec { - pname = "${opname}-mbw"; - inherit (super) version; - installPhase = let - libPath = makeLibraryPath [ - alsa-lib - libpulseaudio - stdenv.cc.cc - ]; - in '' - install -Dm755 api/lib/libfmodex64-${version}.so $out/lib/libfmodex64.so - patchelf --set-rpath ${libPath} $out/lib/libfmodex64.so - ''; - })) - ]; - }) - .run - ]; - - nixpkgs.config.allowUnfreePredicate = p: - elem (getName p) [ - "steam" - "steam-original" - "steam-run" - ]; - }; -} diff --git a/modules/nixfiles/games/steam.nix b/modules/nixfiles/games/steam.nix deleted file mode 100644 index bbd01f6..0000000 --- a/modules/nixfiles/games/steam.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.games.steam; -in { - options.nixfiles.modules.games.steam.enable = - mkEnableOption "Steam runtime"; - - config = mkIf cfg.enable { - nixfiles.modules.games = { - enable32BitSupport = true; - gamemode.enable = true; - }; - - hm.home.packages = with pkgs; [steam]; - - nixpkgs.config.allowUnfreePredicate = p: - elem (getName p) [ - "steam" - "steam-original" - "steam-run" - ]; - }; -} diff --git a/modules/nixfiles/git.nix b/modules/nixfiles/git.nix index facff2f..2c1dd1f 100644 --- a/modules/nixfiles/git.nix +++ b/modules/nixfiles/git.nix @@ -1,224 +1,117 @@ { config, lib, - inputs, pkgs, ... }: with lib; let cfg = config.nixfiles.modules.git; in { - options.nixfiles.modules.git = { - client.enable = mkEnableOption "Git client"; - server = { - enable = mkEnableOption "Git server"; + options.nixfiles.modules.git.client.enable = + mkEnableOption "Git client"; - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; nullOr str; - default = "git.${config.networking.domain}"; - }; - - package = mkOption { - description = "Package."; - type = types.package; - default = pkgs.cgit-pink; - }; - }; - }; - - config = mkMerge [ - (mkIf cfg.client.enable { - secrets = { - glab-cli-config = { - file = "${inputs.self}/secrets/glab-cli-config"; - path = "${config.dirs.config}/glab-cli/config.yml"; - owner = my.username; - inherit (config.my) group; - }; - gh-hosts = { - file = "${inputs.self}/secrets/gh-hosts"; - path = "${config.dirs.config}/gh/hosts.yml"; - owner = my.username; - inherit (config.my) group; - }; - hut = { - file = "${inputs.self}/secrets/hut"; - path = "${config.dirs.config}/hut/config"; - owner = my.username; - inherit (config.my) group; - }; - }; - - hm = { - home.packages = with pkgs; [glab hut]; - - programs = { - git = { - enable = true; - - package = pkgs.git.override { - doInstallCheck = false; - pythonSupport = false; - sendEmailSupport = true; - withLibsecret = false; - withSsh = true; - }; - - userName = my.fullname; - userEmail = my.email; - signing = { - inherit (my.pgp) key; - signByDefault = true; - }; - - extraConfig = - { - advice.detachedHead = false; - color.ui = true; - core.whitespace = "trailing-space"; - diff = { - mnemonicPrefix = true; - renames = "copies"; - submodule = "log"; - }; - init.defaultBranch = "master"; - status.submoduleSummary = true; - github.user = my.username; - gitlab.user = my.username; - } - // mapAttrs' - (n: v: nameValuePair ''url "git@${v}:"'' {insteadOf = "${n}:";}) { - "alpine" = "gitlab.alpinelinux.org"; - "bitbucket" = "bitbucket.com"; - "codeberg" = "codeberg.org"; - "freedesktop" = "gitlab.freedesktop.org"; - "github" = "github.com"; - "gitlab" = "gitlab.com"; - "gnome" = "gitlab.gnome.org"; - "haskell" = "gitlab.haskell.org"; - "kde" = "invent.kde.org"; - "notabug" = "notabug.org"; - "opencode" = "opencode.net"; - "sourcehut" = "git.sr.ht"; - "videolan" = "code.videolan.org"; - }; + config = mkIf cfg.client.enable { + hm = { + home.packages = with pkgs; [glab hut]; - aliases = let - git = "${config.hm.programs.git.package}/bin/git"; - curl = "${pkgs.curl}/bin/curl"; - in { - fuck = "!${git} reset --hard && ${git} clean -fdx"; - gud = ''commit -m "git gud"''; - wtc = "!${curl} -sq whatthecommit.com/index.txt | ${git} commit -F -"; - }; + programs = { + git = { + enable = true; - # All helper tools/editor generated files should go here. This must - # be kept relatively clean and void of any project-specific residual - # files. - ignores = [ - "*~" - ".cache/clangd/" - ".ccls-cache/" - ".dir-locals.el" - ".gdb_history" - ".netrwhist" - ".projectile" - "[._]*.s[a-v][a-z]" - "[._]*.sw[a-p]" - "[._]s[a-rt-v][a-z]" - "[._]ss[a-gi-z]" - "[._]sw[a-p]" - "\#*\#" - "compile_commands*.json" - "cscope.*" - "vgcore.*" - ]; + package = pkgs.git.override { + doInstallCheck = false; + pythonSupport = false; + sendEmailSupport = true; + withLibsecret = false; + withSsh = true; }; - gh = { - enable = true; - settings.git_protocol = "ssh"; + userName = my.fullname; + userEmail = my.email; + signing = { + inherit (my.pgp) key; + signByDefault = true; }; - bash = { - shellAliases = { - gl = "${pkgs.glab}/bin/glab"; - ht = "${pkgs.hut}/bin/hut"; + extraConfig = + { + advice.detachedHead = false; + color.ui = true; + core.whitespace = "trailing-space"; + diff = { + mnemonicPrefix = true; + renames = "copies"; + submodule = "log"; + }; + init.defaultBranch = "master"; + status.submoduleSummary = true; + } + // mapAttrs' + (n: v: nameValuePair ''url "git@${v}:"'' {insteadOf = "${n}:";}) { + "alpine" = "gitlab.alpinelinux.org"; + "bitbucket" = "bitbucket.com"; + "codeberg" = "codeberg.org"; + "freedesktop" = "gitlab.freedesktop.org"; + "github" = "github.com"; + "gitlab" = "gitlab.com"; + "gnome" = "gitlab.gnome.org"; + "haskell" = "gitlab.haskell.org"; + "kde" = "invent.kde.org"; + "notabug" = "notabug.org"; + "opencode" = "opencode.net"; + "sourcehut" = "git.sr.ht"; + "videolan" = "code.videolan.org"; }; - initExtra = mkAfter '' - _complete_alias gl __start_glab glab - _complete_alias ht __start_hut hut - ''; - }; - }; - }; - }) - (mkIf cfg.server.enable { - nixfiles.modules.nginx = { - enable = true; - virtualHosts.${cfg.server.domain} = { - locations = { - "/".extraConfig = let - cgitrc = pkgs.writeText "cgitrc" '' - root-title=azahi’s git stuff - root-desc=鯛も一人はうまからず - - about-filter=${cfg.server.package}/lib/cgit/filters/about-formatting.sh - source-filter=${cfg.server.package}/lib/cgit/filters/syntax-highlighting.py - commit-filter=${cfg.server.package}/lib/cgit/filters/commit-links.sh - - enable-git-config=1 - enable-gitweb-owner=1 - remove-suffix=1 - snapshots=tar.gz tar.bz2 zip - - readme=:README - readme=:README.md - readme=:README.org - readme=:README.txt - readme=:readme - readme=:readme.md - readme=:readme.org - readme=:readme.txt - - scan-path=${config.services.gitolite.dataDir}/repositories - ''; - in '' - include ${config.services.nginx.package}/conf/fastcgi_params; - fastcgi_split_path_info ^(/?)(.+)$; - fastcgi_pass unix:${config.services.fcgiwrap.socketAddress}; - fastcgi_param SCRIPT_FILENAME ${cfg.server.package}/cgit/cgit.cgi; - fastcgi_param CGIT_CONFIG ${cgitrc}; - fastcgi_param PATH_INFO $uri; - fastcgi_param QUERY_STRING $args; - fastcgi_param HTTP_HOST $server_name; - ''; - # FIXME This breaks sources previewing for these files. - "~* ^/(.+.(ico|css|png))$".extraConfig = '' - alias ${cfg.server.package}/cgit/$1; - ''; + aliases = let + git = "${config.hm.programs.git.package}/bin/git"; + curl = "${pkgs.curl}/bin/curl"; + in { + fuck = "!${git} reset --hard && ${git} clean -fdx"; + gud = ''commit -m "git gud"''; + wtc = "!${curl} -sq whatthecommit.com/index.txt | ${git} commit -F -"; }; + + # All helper tools/editor generated files should go here. This must + # be kept relatively clean and void of any project-specific residual + # files. + ignores = [ + "*~" + ".DS_Store" + ".cache/clangd/" + ".ccls-cache/" + ".dir-locals.el" + ".gdb_history" + ".netrwhist" + ".projectile" + "[._]*.s[a-v][a-z]" + "[._]*.sw[a-p]" + "[._]s[a-rt-v][a-z]" + "[._]ss[a-gi-z]" + "[._]sw[a-p]" + "\#*\#" + "compile_commands*.json" + "cscope.*" + "vgcore.*" + ]; }; - }; - services = let - user = "git"; - group = "git"; - in { - gitolite = { - # TODO Make the configuration purely declarative. + gh = { enable = true; - inherit user group; - adminPubkey = my.ssh.key; + settings.git_protocol = "ssh"; }; - fcgiwrap = { - enable = true; - inherit user group; + bash = { + shellAliases = { + gl = "${pkgs.glab}/bin/glab"; + ht = "${pkgs.hut}/bin/hut"; + }; + initExtra = mkAfter '' + _complete_alias gl __start_glab glab + _complete_alias ht __start_hut hut + ''; }; }; - }) - ]; + }; + }; } diff --git a/modules/nixfiles/gnupg.nix b/modules/nixfiles/gnupg.nix index c1419e4..c0f10f9 100644 --- a/modules/nixfiles/gnupg.nix +++ b/modules/nixfiles/gnupg.nix @@ -6,83 +6,53 @@ with lib; let cfg = config.nixfiles.modules.gnupg; in { - options.nixfiles.modules.gnupg = { - enable = mkEnableOption "GnuPG"; - - pinentry = mkOption { - description = "Name of a pinentry implementation."; - type = types.str; - default = "curses"; - }; - }; + options.nixfiles.modules.gnupg.enable = mkEnableOption "GnuPG"; config = mkIf cfg.enable { - hm = { - programs.gpg = { - enable = true; - - homedir = "${config.dirs.data}/gnupg"; - - settings = - { - display-charset = "utf-8"; - enable-progress-filter = true; - fixed-list-mode = true; - keyid-format = "0xlong"; - no-comments = true; - no-emit-version = true; - no-greeting = true; - with-fingerprint = true; - throw-keyids = false; - - use-agent = true; - - armor = true; - - no-random-seed-file = true; - - list-options = "show-uid-validity"; - verify-options = "show-uid-validity"; - } - // (let - cipherAlgos = ["AES256" "AES192" "AES"]; - compressionAlgos = ["ZLIB" "BZIP2" "ZIP" "Uncompressed"]; - digestAlgos = ["SHA512" "SHA384" "SHA256" "SHA224"]; - - cs = concatStringsSep " "; - in { - default-preference-list = - cs (digestAlgos ++ cipherAlgos ++ compressionAlgos); - - personal-cipher-preferences = cs cipherAlgos; - personal-compress-preferences = cs compressionAlgos; - personal-digest-preferences = cs digestAlgos; - - s2k-cipher-algo = head cipherAlgos; - s2k-digest-algo = head digestAlgos; - - digest-algo = head digestAlgos; - cert-digest-algo = head digestAlgos; - }); - }; - - services.gpg-agent = { - enable = true; - - enableSshSupport = true; - enableScDaemon = false; - - defaultCacheTtl = 999999; - defaultCacheTtlSsh = 999999; - maxCacheTtl = 999999; - maxCacheTtlSsh = 999999; - - grabKeyboardAndMouse = true; - - sshKeys = [my.pgp.grip]; - - pinentryFlavor = cfg.pinentry; - }; + hm.programs.gpg = { + enable = true; + + settings = + { + display-charset = "utf-8"; + enable-progress-filter = true; + fixed-list-mode = true; + keyid-format = "0xlong"; + no-comments = true; + no-emit-version = true; + no-greeting = true; + with-fingerprint = true; + throw-keyids = false; + + use-agent = true; + + armor = true; + + no-random-seed-file = true; + + list-options = "show-uid-validity"; + verify-options = "show-uid-validity"; + } + // (let + cipherAlgos = ["AES256" "AES192" "AES"]; + digestAlgos = ["SHA512" "SHA384" "SHA256" "SHA224"]; + compressionAlgos = ["ZLIB" "BZIP2" "ZIP" "Uncompressed"]; + + cs = concatStringsSep " "; + in { + default-preference-list = + cs (cipherAlgos ++ digestAlgos ++ compressionAlgos); + + personal-cipher-preferences = cs cipherAlgos; + personal-digest-preferences = cs digestAlgos; + personal-compress-preferences = cs compressionAlgos; + + s2k-cipher-algo = head cipherAlgos; + s2k-digest-algo = head digestAlgos; + + digest-algo = head digestAlgos; + cert-digest-algo = head digestAlgos; + }); }; }; } diff --git a/modules/nixfiles/gotify.nix b/modules/nixfiles/gotify.nix deleted file mode 100644 index db47bb4..0000000 --- a/modules/nixfiles/gotify.nix +++ /dev/null @@ -1,75 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.gotify; -in { - options.nixfiles.modules.gotify = { - enable = mkEnableOption "Gotify"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "gotify.${config.networking.domain}"; - }; - }; - - config = let - db = "gotify"; - in - mkIf cfg.enable { - nixfiles.modules = { - nginx = { - enable = true; - upstreams.gotify.servers."127.0.0.1:${toString config.services.gotify.port}" = {}; - virtualHosts.${cfg.domain} = { - locations."/" = { - proxyPass = "http://gotify"; - proxyWebsockets = true; - }; - extraConfig = nginxInternalOnly; - }; - }; - postgresql = { - enable = true; - extraPostStart = [ - '' - $PSQL "${db}" -tAc 'GRANT ALL ON SCHEMA "public" TO "${db}"' - '' - ]; - }; - }; - - services = { - gotify = { - enable = true; - port = 7665; - }; - - postgresql = { - ensureDatabases = [db]; - ensureUsers = [ - { - name = db; - ensurePermissions."DATABASE \"${db}\"" = "ALL"; - } - ]; - }; - }; - - systemd.services.gotify-server = { - after = ["network-online.target" "postgresql.service"]; - environment = { - GOTIFY_DATABASE_DIALECT = "postgres"; - GOTIFY_DATABASE_CONNECTION = concatStringsSep " " [ - "host=/run/postgresql" - "user=${db}" - "dbname=${db}" - "sslmode=disable" - ]; - }; - }; - }; -} diff --git a/modules/nixfiles/grafana.nix b/modules/nixfiles/grafana.nix deleted file mode 100644 index a614502..0000000 --- a/modules/nixfiles/grafana.nix +++ /dev/null @@ -1,119 +0,0 @@ -{ - config, - inputs, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.grafana; -in { - options.nixfiles.modules.grafana = { - enable = mkEnableOption "Grafana"; - - port = mkOption { - description = "Port."; - type = with types; port; - default = 30101; - }; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; nullOr str; - default = "grafana.${config.networking.domain}"; - }; - }; - - config = let - db = "grafana"; - in - mkIf cfg.enable { - secrets = { - grafana-key = { - file = "${inputs.self}/secrets/grafana-key"; - owner = "grafana"; - group = "grafana"; - }; - grafana-admin-password = { - file = "${inputs.self}/secrets/grafana-admin-password"; - owner = "grafana"; - group = "grafana"; - }; - grafana-smtp-password = { - file = "${inputs.self}/secrets/grafana-smtp-password"; - owner = "grafana"; - group = "grafana"; - }; - }; - - nixfiles.modules = { - nginx = { - enable = true; - upstreams.grafana.servers."127.0.0.1:${toString cfg.port}" = {}; - virtualHosts.${cfg.domain} = { - locations."/" = { - proxyPass = "http://grafana"; - proxyWebsockets = true; - }; - extraConfig = nginxInternalOnly; - }; - }; - postgresql = { - enable = true; - extraPostStart = [ - '' - $PSQL "${db}" -tAc 'GRANT ALL ON SCHEMA "public" TO "${db}"' - '' - ]; - }; - }; - - services = { - grafana = { - enable = true; - - settings = { - server = with cfg; { - protocol = "http"; - http_addr = "127.0.0.1"; - http_port = port; - inherit domain; - enable_gzip = true; - }; - database = { - type = "postgres"; - host = "/run/postgresql"; - name = db; - user = db; - }; - smtp = { - enable = true; - user = "azahi@shire.me"; - host = my.domain.shire; - password = "$__file{${config.secrets.grafana-smtp-password.path}}"; - }; - user = { - allow_org_create = false; - allow_sign_up = false; - auto_assign_org = false; - auto_assign_org_role = "Viewer"; - }; - security = with config.secrets; { - secret_key = grafana-key.path; - admin_password = grafana-admin-password.path; - }; - analytics.reporting_enable = false; - }; - }; - - postgresql = { - ensureDatabases = [db]; - ensureUsers = [ - { - name = db; - ensurePermissions."DATABASE \"${db}\"" = "ALL"; - } - ]; - }; - }; - }; -} diff --git a/modules/nixfiles/hydra.nix b/modules/nixfiles/hydra.nix deleted file mode 100644 index 590fecb..0000000 --- a/modules/nixfiles/hydra.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.hydra; -in { - options.nixfiles.modules.hydra = { - enable = mkEnableOption "Hydra"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "hydra.${config.networking.domain}"; - }; - - port = mkOption { - description = "Port."; - type = with types; port; - default = 7754; - }; - }; - - config = mkIf cfg.enable { - nixfiles.modules = { - nginx = { - enable = true; - upstreams.hydra.servers."127.0.0.1:${toString cfg.port}" = {}; - virtualHosts.${cfg.domain}.locations."/".proxyPass = "http://hydra"; - }; - postgresql.enable = true; - }; - - services = let - db = "hydra"; - in { - hydra = { - enable = true; - listenHost = "127.0.0.1"; - inherit (cfg) port; - dbi = "dbi:Pg:dbname=${db};user=${db}"; - hydraURL = cfg.domain; - }; - - postgresql = { - ensureDatabases = [db]; - ensureUsers = [ - { - name = db; - ensurePermissions."DATABASE \"${db}\"" = "ALL"; - } - ]; - }; - }; - }; -} diff --git a/modules/nixfiles/ipfs.nix b/modules/nixfiles/ipfs.nix deleted file mode 100644 index 0ec64e5..0000000 --- a/modules/nixfiles/ipfs.nix +++ /dev/null @@ -1,167 +0,0 @@ -{ - config, - lib, - this, - ... -}: -with lib; let - cfg = config.nixfiles.modules.ipfs; - - swarmDefaultPort = 4001; - apiDefaultPort = 5001; - gatewayDefaultPort = 6001; -in { - options.nixfiles.modules.ipfs = { - enable = mkEnableOption "IPFS daemon"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "ipfs.${config.networking.fqdn}"; - }; - - swarmPort = mkOption { - description = "Swarm port."; - type = with types; port; - default = - if this.isHeadless - then swarmDefaultPort + 990 - else swarmDefaultPort; - }; - - apiPort = mkOption { - description = "API port."; - type = with types; port; - default = - if this.isHeadless - then apiDefaultPort + 990 - else apiDefaultPort; - }; - - gatewayPort = mkOption { - description = "Gateway port."; - type = with types; port; - default = - if this.isHeadless - then gatewayDefaultPort + 990 - else gatewayDefaultPort; - }; - }; - - config = mkIf cfg.enable (mkMerge [ - { - services.ipfs = { - enable = true; - - user = my.username; - inherit (config.my) group; - - dataDir = "${config.dirs.data}/ipfs"; - - swarmAddress = let - port = toString cfg.swarmPort; - in - if this.isHeadless - then [ - "/ip4/127.0.0.1/tcp/${port}" - "/ip4/127.0.0.1/udp/${port}/quic" - ] - else [ - "/ip4/0.0.0.0/tcp/${port}" - "/ip6/::/tcp/${port}" - "/ip4/0.0.0.0/udp/${port}/quic" - "/ip6/::/udp/${port}/quic" - ]; - apiAddress = "/ip4/127.0.0.1/tcp/${toString cfg.apiPort}"; - gatewayAddress = "/ip4/127.0.0.1/tcp/${toString cfg.gatewayPort}"; - - autoMigrate = true; - autoMount = true; - emptyRepo = true; - enableGC = true; - - extraConfig = mkMerge [ - (let - filterAddresses = - [ - "/ip4/100.64.0.0/ipcidr/10" - "/ip4/169.254.0.0/ipcidr/16" - "/ip4/172.16.0.0/ipcidr/12" - "/ip4/192.0.0.0/ipcidr/24" - "/ip4/192.0.2.0/ipcidr/24" - "/ip4/192.168.0.0/ipcidr/16" - "/ip4/198.18.0.0/ipcidr/15" - "/ip4/198.51.100.0/ipcidr/24" - "/ip4/203.0.113.0/ipcidr/24" - "/ip4/240.0.0.0/ipcidr/4" - "/ip6/100::/ipcidr/64" - "/ip6/2001:2::/ipcidr/48" - "/ip6/2001:db8::/ipcidr/32" - "/ip6/fe80::/ipcidr/10" - ] - ++ optionals (!hasAttr "wireguard" this) [ - "/ip4/10.0.0.0/ipcidr/8" - "/ip6/fc00::/ipcidr/7" - ]; - in { - Addresses = with config.services.ipfs; { - # https://github.com/NixOS/nixpkgs/pull/165259 - # I think this shit broke inheritance... Gotta test more and make - # a PR I guess. - API = apiAddress; - Gateway = gatewayAddress; - Swarm = swarmAddress; - - NoAnnounce = filterAddresses; - }; - Swarm.AddrFilters = filterAddresses; - API.HTTPHeaders.Access-Control-Allow-Methods = ["GET" "POST" "PUT"]; - }) - (mkIf this.isHeadful { - API.HTTPHeaders.Access-Control-Allow-Origin = ["*"]; - }) - (mkIf this.isHeadless { - API.HTTPHeaders.Access-Control-Allow-Origin = ["https://${cfg.domain}" "https://api.${cfg.domain}"]; - }) - ]; - }; - - networking.firewall = rec { - allowedTCPPorts = [swarmDefaultPort]; - allowedUDPPorts = allowedTCPPorts; - }; - } - (mkIf this.isHeadless { - nixfiles.modules.nginx = { - enable = true; - upstreams = { - ipfs_gateway.servers."127.0.0.1:${toString cfg.gatewayPort}" = {}; - ipfs_swarm.servers."127.0.0.1:${toString cfg.swarmPort}" = {}; - ipfs_api.servers."127.0.0.1:${toString cfg.apiPort}" = {}; - }; - virtualHosts = { - ${cfg.domain}.locations."/".proxyPass = "http://ipfs_gateway"; - "swarm.${cfg.domain}" = { - serverName = cfg.domain; - listen = [ - { - addr = "0.0.0.0"; - port = swarmDefaultPort; - } - { - addr = "[::0]"; - port = swarmDefaultPort; - } - ]; - locations."/".proxyPass = "http://ipfs_swarm"; - }; - "api.${cfg.domain}" = { - # TODO Redirect "/" to "/webui" but keep other endpoints. - locations."/".proxyPass = "http://ipfs_api"; - extraConfig = nginxInternalOnly; - }; - }; - }; - }) - ]); -} diff --git a/modules/nixfiles/kde.nix b/modules/nixfiles/kde.nix deleted file mode 100644 index a430294..0000000 --- a/modules/nixfiles/kde.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.kde; -in { - options.nixfiles.modules.kde.enable = mkEnableOption "KDE Plasma"; - - config = mkIf cfg.enable { - nixfiles.modules = { - gnupg.pinentry = "qt"; - sound.enable = true; - x11.enable = true; - }; - - hm = { - home.sessionVariables.GTK_USE_PORTAL = 1; - - programs.firefox.profiles.default.settings = { - "widget.use-xdg-desktop-portal.file-picker" = 1; - "widget.use-xdg-desktop-portal.mime-handler" = 1; - }; - }; - - services.xserver = { - desktopManager.plasma5 = { - enable = true; - excludePackages = with pkgs.plasma5Packages; [ - elisa - gwenview - khelpcenter - okular - print-manager - ]; - }; - displayManager = { - sddm.enable = true; - - # NOTE https://github.com/NixOS/nixpkgs/pull/199881 - setupCommands = lib.mkForce ""; - }; - }; - - environment.systemPackages = with pkgs; [pinentry-qt]; - }; -} diff --git a/modules/nixfiles/libvirtd.nix b/modules/nixfiles/libvirtd.nix deleted file mode 100644 index ae8b336..0000000 --- a/modules/nixfiles/libvirtd.nix +++ /dev/null @@ -1,44 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.libvirtd; -in { - options.nixfiles.modules.libvirtd.enable = mkEnableOption "libvirtd"; - - config = mkIf cfg.enable { - virtualisation.libvirtd = { - enable = true; - - onBoot = "ignore"; - onShutdown = "shutdown"; - - extraConfig = '' - log_level = 4 - log_outputs = "4:stderr" - ''; - - qemu = { - package = pkgs.qemu_kvm; - runAsRoot = false; - - ovmf = { - enable = true; - packages = [pkgs.OVMFFull.fd]; - }; - - swtpm = { - enable = false; # Is this required for Windows 11? - package = pkgs.swtpm-tpm2; - }; - }; - }; - - environment.systemPackages = with pkgs; [virt-manager qemu-utils]; - - my.extraGroups = ["libvirtd"]; - }; -} diff --git a/modules/nixfiles/lidarr.nix b/modules/nixfiles/lidarr.nix deleted file mode 100644 index f73f917..0000000 --- a/modules/nixfiles/lidarr.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.lidarr; -in { - options.nixfiles.modules.lidarr = { - enable = mkEnableOption "Lidarr"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "lidarr.${config.networking.fqdn}"; - }; - }; - - config = mkIf cfg.enable { - nixfiles.modules.nginx = { - enable = true; - upstreams.lidarr.servers."127.0.0.1:8686" = {}; - virtualHosts.${cfg.domain}.locations."/".proxyPass = "http://lidarr"; - }; - - services.lidarr.enable = true; - }; -} diff --git a/modules/nixfiles/loki.nix b/modules/nixfiles/loki.nix deleted file mode 100644 index 1582164..0000000 --- a/modules/nixfiles/loki.nix +++ /dev/null @@ -1,102 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.loki; -in { - options.nixfiles.modules.loki = { - enable = mkEnableOption "Loki"; - - port = mkOption { - description = "Port."; - type = with types; port; - default = 30171; - }; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "loki.${config.networking.domain}"; - }; - }; - - config = mkIf cfg.enable { - nixfiles.modules.nginx = with cfg; { - enable = true; - upstreams.loki.servers."127.0.0.1:${toString cfg.port}" = {}; - virtualHosts.${domain} = { - locations."/".proxyPass = "http://loki"; - extraConfig = nginxInternalOnly; - }; - }; - - services.loki = { - enable = true; - - configuration = rec { - auth_enabled = false; - - server = rec { - http_listen_address = "127.0.0.1"; - http_listen_port = cfg.port; - - grpc_listen_address = "127.0.0.1"; - grpc_listen_port = http_listen_port + 1; - - log_level = "warn"; - }; - - common = rec { - path_prefix = "/var/lib/loki"; - storage.filesystem = { - chunks_directory = "${path_prefix}/chunker"; - rules_directory = "${path_prefix}/ruler"; - }; - replication_factor = 1; - instance_interface_names = ["lo"]; - ring = { - instance_addr = "127.0.0.1"; - kvstore.store = "inmemory"; - }; - }; - - ruler = { - rule_path = "${common.path_prefix}/ruler"; - storage = { - type = "local"; - local.directory = - pkgs.writeTextDir "ruler/ruler.yml" - (generators.toJSON {} {groups = [{name = "default";}];}); - }; - }; - - schema_config.configs = [ - { - from = "2020-01-01"; - store = "boltdb-shipper"; - object_store = "filesystem"; - schema = "v11"; - index = { - prefix = "index_"; - period = "24h"; - }; - chunks = { - prefix = "chunks_"; - period = "24h"; - }; - } - ]; - - analytics.reporting_enabled = false; - }; - }; - - systemd.tmpfiles.rules = [ - "d /var/lib/loki 0700 loki loki - -" - "d /var/lib/loki/ruler 0700 loki loki - -" - ]; - }; -} diff --git a/modules/nixfiles/lxc.nix b/modules/nixfiles/lxc.nix deleted file mode 100644 index 4f7805f..0000000 --- a/modules/nixfiles/lxc.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.lxc; -in { - options.nixfiles.modules.lxc.enable = - mkEnableOption "LXC/LXD"; - - config = mkIf cfg.enable { - virtualisation.lxd.enable = true; - my.extraGroups = "lxd"; - }; -} diff --git a/modules/nixfiles/matrix/default.nix b/modules/nixfiles/matrix/default.nix deleted file mode 100644 index bd221c4..0000000 --- a/modules/nixfiles/matrix/default.nix +++ /dev/null @@ -1 +0,0 @@ -_: {imports = [./dendrite.nix ./element.nix ./synapse.nix];} diff --git a/modules/nixfiles/matrix/dendrite.nix b/modules/nixfiles/matrix/dendrite.nix deleted file mode 100644 index 0fad5f2..0000000 --- a/modules/nixfiles/matrix/dendrite.nix +++ /dev/null @@ -1,157 +0,0 @@ -{ - config, - lib, - inputs, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.matrix.dendrite; -in { - options.nixfiles.modules.matrix.dendrite = { - enable = mkEnableOption "Dendrite Matrix server"; - - domain = mkOption { - type = types.str; - default = config.networking.domain; - description = "Domain name sans protocol scheme."; - }; - }; - - config = let - db = "dendrite"; - in - mkIf cfg.enable { - secrets.dendrite-private-key = { - file = "${inputs.self}/secrets/dendrite-private-key"; - mode = "0444"; # The user is dynamic so the file must be world-readable. - }; - secrets.dendrite-environment-file = { - file = "${inputs.self}/secrets/dendrite-environment-file"; - mode = "0444"; # The user is dynamic so the file must be world-readable. - }; - - nixfiles.modules = { - nginx = { - enable = true; - upstreams.dendrite.servers."127.0.0.1:${toString config.services.dendrite.httpPort}" = {}; - virtualHosts.${cfg.domain}.locations = { - "/_matrix".proxyPass = "http://dendrite"; - "= /.well-known/matrix/server" = { - extraConfig = '' - add_header Content-Type application/json; - ''; - return = "200 '${ - generators.toJSON {} {"m.server" = "${cfg.domain}:443";} - }'"; - }; - "= /.well-known/matrix/client" = { - extraConfig = '' - add_header Content-Type application/json; - add_header Access-Control-Allow-Origin *; - ''; - return = "200 '${ - generators.toJSON {} { - "m.homeserver".base_url = "https://${cfg.domain}"; - } - }'"; - }; - }; - }; - postgresql = { - enable = true; - extraPostStart = [ - '' - $PSQL "${db}" -tAc 'GRANT ALL ON SCHEMA "public" TO "${db}"' - '' - ]; - }; - }; - - services = { - dendrite = { - enable = true; - httpPort = 8008; - environmentFile = config.secrets.dendrite-environment-file.path; - settings = { - version = 2; - global = { - server_name = cfg.domain; - private_key = config.secrets.dendrite-private-key.path; - database = { - connection_string = "postgresql://${db}@/${db}?host=/run/postgresql"; - max_open_conns = 64; - max_idle_connections = 8; - }; - cache = { - max_size_estimated = "1gb"; - max_age = "1h"; - }; - trusted_third_party_id_servers = [ - "matrix.org" - "nixos.org" - "vector.im" - ]; - presence = { - enable_inbound = false; - enable_outbound = false; - }; - }; - client_api = { - registration_disabled = true; - guests_disabled = true; - registration_shared_secret = "$REGISTRATION_SHARED_SECRET"; - }; - media_api = { - max_file_size_bytes = 0; - dynamic_thumbnails = true; - max_thumbnail_generators = 8; - thumbnail_sizes = [ - { - width = 32; - height = 32; - method = "crop"; - } - { - width = 96; - height = 96; - method = "crop"; - } - { - width = 640; - height = 480; - method = "scale"; - } - ]; - }; - logging = [ - { - type = "std"; - level = "warn"; - } - ]; - }; - }; - - postgresql = { - ensureDatabases = [db]; - ensureUsers = [ - { - name = db; - ensurePermissions."DATABASE \"${db}\"" = "ALL"; - } - ]; - }; - }; - - systemd.services.dendrite.serviceConfig.ExecStart = - mkForce - (concatStringsSep " " [ - "${pkgs.dendrite}/bin/dendrite-monolith-server" - "--config /run/dendrite/dendrite.yaml" - "--http-bind-address 127.0.0.1:${ - toString config.services.dendrite.httpPort - }" - ]); - }; -} diff --git a/modules/nixfiles/matrix/element.nix b/modules/nixfiles/matrix/element.nix deleted file mode 100644 index 3d47800..0000000 --- a/modules/nixfiles/matrix/element.nix +++ /dev/null @@ -1,59 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.matrix.element; -in { - options.nixfiles.modules.matrix.element = { - enable = mkEnableOption "Element, a Matrix web interface"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; nullOr str; - default = "element.${config.networking.domain}"; - }; - - homeserver = mkOption { - description = "Default Matrix homeserver."; - type = with types; str; - default = my.domain.azahi; - }; - }; - - config = mkIf cfg.enable { - assertions = [ - { - assertion = with config.nixfiles.modules.matrix; - (synapse.enable || dendrite.enable) && !(!synapse.enable && !dendrite.enable); - message = "Synapse or Dendrite must be enabled"; - } - ]; - - nixfiles.modules.nginx = with cfg; { - enable = true; - virtualHosts.${domain}.locations."/".root = pkgs.element-web.override { - conf = { - default_server_config."m.homeserver" = { - base_url = "https://${homeserver}"; - server_name = homeserver; - }; - disable_custom_urls = true; - disable_guests = true; - disable_login_language_selector = true; - disable_3pid_login = true; - brand = homeserver; - branding.authFooterLinks = [ - { - text = "Hosted on NixOS"; - url = "https://nixos.org"; - } - ]; - default_theme = "dark"; - }; - }; - }; - }; -} diff --git a/modules/nixfiles/matrix/synapse.nix b/modules/nixfiles/matrix/synapse.nix deleted file mode 100644 index 6ff5e0d..0000000 --- a/modules/nixfiles/matrix/synapse.nix +++ /dev/null @@ -1,93 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.matrix.synapse; -in { - options.nixfiles.modules.matrix.synapse = { - enable = mkEnableOption "Synapse Matrix server"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = config.networking.domain; - }; - }; - - config = let - bind_address = "127.0.0.1"; - port = 8448; - in - mkIf cfg.enable { - nixfiles.modules = { - nginx = { - enable = true; - upstreams.synapse.servers."${bind_address}:${toString port}" = {}; - virtualHosts.${cfg.domain}.locations = { - "~ ^(/_matrix|/_synapse/client)".proxyPass = "http://synapse"; - "= /.well-known/matrix/server" = { - extraConfig = '' - add_header Content-Type application/json; - ''; - return = "200 '${ - generators.toJSON {} {"m.server" = "${cfg.domain}:443";} - }'"; - }; - "= /.well-known/matrix/client" = { - extraConfig = '' - add_header Content-Type application/json; - add_header Access-Control-Allow-Origin *; - ''; - return = "200 '${ - generators.toJSON {} { - "m.homeserver".base_url = "https://${cfg.domain}"; - } - }'"; - }; - }; - }; - postgresql.enable = true; - }; - - services = let - db = "synapse"; - in { - matrix-synapse = { - enable = true; - server_name = config.networking.domain; - - database_type = "psycopg2"; - database_name = db; - database_user = db; - - listeners = [ - { - inherit bind_address port; - type = "http"; - tls = false; - x_forwarded = true; - resources = [ - { - names = ["client" "federation"]; - compress = false; - } - ]; - } - ]; - }; - - postgresql = { - ensureDatabases = [db]; - ensureUsers = [ - { - name = db; - ensurePermissions."DATABASE \"${db}\"" = "ALL"; - } - ]; - }; - }; - }; -} diff --git a/modules/nixfiles/monitoring/dashboards/endlessh.json b/modules/nixfiles/monitoring/dashboards/endlessh.json deleted file mode 100644 index 0b47ee2..0000000 --- a/modules/nixfiles/monitoring/dashboards/endlessh.json +++ /dev/null @@ -1,1457 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "description": "", - "editable": true, - "fiscalYearStartMonth": 0, - "gnetId": 15156, - "graphTooltip": 0, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "type": "datasource", - "uid": "-- Dashboard --" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 0, - "y": 0 - }, - "id": 36, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "/^Total number connections that endlessh trapped$/", - "values": false - }, - "text": {}, - "textMode": "auto" - }, - "pluginVersion": "9.1.2", - "targets": [ - { - "datasource": { - "type": "datasource", - "uid": "-- Dashboard --" - }, - "panelId": 49, - "refId": "A" - } - ], - "title": "Connections", - "transformations": [ - { - "id": "filterByRefId", - "options": { - "include": "Seen" - } - }, - { - "id": "filterByValue", - "options": { - "filters": [ - { - "config": { - "id": "greaterOrEqual", - "options": { - "value": 0 - } - }, - "fieldName": "Value #Seen" - } - ], - "match": "any", - "type": "include" - } - }, - { - "id": "groupBy", - "options": { - "fields": { - "Value #Seen": { - "aggregations": [ - "sum" - ], - "operation": "aggregate" - }, - "ip": { - "aggregations": [], - "operation": "groupby" - } - } - } - }, - { - "id": "reduce", - "options": { - "includeTimeField": false, - "labelsToFields": false, - "mode": "reduceFields", - "reducers": [ - "sum" - ] - } - }, - { - "id": "organize", - "options": { - "excludeByName": {}, - "indexByName": {}, - "renameByName": { - "Value #Seen (sum)": "Total number connections that endlessh trapped" - } - } - } - ], - "type": "stat" - }, - { - "datasource": { - "type": "datasource", - "uid": "-- Dashboard --" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - } - ] - }, - "unit": "s" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 4, - "y": 0 - }, - "id": 42, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "/^Time spent on endlessh$/", - "values": false - }, - "text": {}, - "textMode": "auto" - }, - "pluginVersion": "9.1.2", - "targets": [ - { - "datasource": { - "type": "datasource", - "uid": "-- Dashboard --" - }, - "panelId": 49, - "refId": "A" - } - ], - "title": "Trapped Time", - "transformations": [ - { - "id": "filterByRefId", - "options": { - "include": "Trapped" - } - }, - { - "id": "filterByValue", - "options": { - "filters": [ - { - "config": { - "id": "greaterOrEqual", - "options": { - "value": 0 - } - }, - "fieldName": "Value #Trapped" - } - ], - "match": "all", - "type": "include" - } - }, - { - "id": "groupBy", - "options": { - "fields": { - "Value #Trapped": { - "aggregations": [ - "sum" - ], - "operation": "aggregate" - }, - "ip": { - "aggregations": [], - "operation": "groupby" - } - } - } - }, - { - "id": "reduce", - "options": { - "includeTimeField": false, - "labelsToFields": false, - "mode": "reduceFields", - "reducers": [ - "sum" - ] - } - }, - { - "id": "organize", - "options": { - "excludeByName": {}, - "indexByName": {}, - "renameByName": { - "Total": "Seconds spent on endlessh", - "Value #Trapped (sum)": "Time spent on endlessh" - } - } - } - ], - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 8, - "y": 0 - }, - "id": 18, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "text": {}, - "textMode": "auto" - }, - "pluginVersion": "9.1.2", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "exemplar": true, - "expr": "sum(increase(endlessh_sent_bytes_total{instance=~\"$host\",job=~\"$job\"}[$__range]))", - "hide": false, - "interval": "", - "legendFormat": "Bytes sent by endlessh", - "refId": "sent_bytes" - } - ], - "title": "Sent Bytes", - "type": "stat" - }, - { - "datasource": { - "type": "datasource", - "uid": "-- Dashboard --" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 12, - "y": 0 - }, - "id": 38, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "/^Unique IPs connected$/", - "values": false - }, - "text": {}, - "textMode": "auto" - }, - "pluginVersion": "9.1.2", - "targets": [ - { - "datasource": { - "type": "datasource", - "uid": "-- Dashboard --" - }, - "panelId": 49, - "refId": "A" - } - ], - "title": "Unique IPs", - "transformations": [ - { - "id": "filterByRefId", - "options": { - "include": "Seen" - } - }, - { - "id": "groupBy", - "options": { - "fields": { - "Value #Seen": { - "aggregations": [ - "sum" - ], - "operation": "aggregate" - }, - "ip": { - "aggregations": [], - "operation": "groupby" - } - } - } - }, - { - "id": "reduce", - "options": { - "includeTimeField": false, - "labelsToFields": false, - "mode": "reduceFields", - "reducers": [ - "count" - ] - } - }, - { - "id": "organize", - "options": { - "excludeByName": {}, - "indexByName": {}, - "renameByName": { - "Value #Seen (sum)": "Unique IPs connected", - "ip": "" - } - } - } - ], - "type": "stat" - }, - { - "datasource": { - "type": "datasource", - "uid": "-- Dashboard --" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "links": [ - { - "targetBlank": true, - "title": "whois", - "url": "https://search.arin.net/rdap/?query=${__value.text}" - } - ], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 16, - "y": 0 - }, - "id": 45, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "/^Client IP of the latest connection$/", - "values": false - }, - "text": {}, - "textMode": "value" - }, - "pluginVersion": "9.1.2", - "targets": [ - { - "datasource": { - "type": "datasource", - "uid": "-- Dashboard --" - }, - "panelId": 49, - "refId": "A" - } - ], - "title": "Latest Connection", - "transformations": [ - { - "id": "filterByRefId", - "options": { - "include": "Seen" - } - }, - { - "id": "filterByValue", - "options": { - "filters": [ - { - "config": { - "id": "greaterOrEqual", - "options": { - "value": 0 - } - }, - "fieldName": "Value #Seen" - } - ], - "match": "any", - "type": "include" - } - }, - { - "id": "groupBy", - "options": { - "fields": { - "Time": { - "aggregations": [ - "lastNotNull" - ], - "operation": "aggregate" - }, - "Value #Seen": { - "aggregations": [ - "sum" - ], - "operation": "aggregate" - }, - "ip": { - "aggregations": [], - "operation": "groupby" - } - } - } - }, - { - "id": "sortBy", - "options": { - "fields": {}, - "sort": [ - { - "field": "Time (lastNotNull)" - } - ] - } - }, - { - "id": "organize", - "options": { - "excludeByName": { - "instance": true, - "job": true - }, - "indexByName": {}, - "renameByName": { - "Time (lastNotNull)": "Time", - "Value #Seen (sum)": "Count", - "ip": "Client IP of the latest connection" - } - } - } - ], - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "#EAB839", - "value": 10 - }, - { - "color": "red", - "value": 20 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 20, - "y": 0 - }, - "id": 20, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "text": {}, - "textMode": "auto" - }, - "pluginVersion": "9.1.2", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "exemplar": true, - "expr": "sum((endlessh_client_open_count_total{instance=~\"$host\",job=~\"$job\"}) - (endlessh_client_closed_count_total{instance=~\"$host\",job=~\"$job\"} offset $__interval or endlessh_client_open_count_total{instance=~\"$host\",job=~\"$job\"} * 0))", - "instant": false, - "interval": "", - "legendFormat": "Open Connections", - "refId": "current_open" - } - ], - "title": "Current Connections", - "type": "stat" - }, - { - "datasource": { - "type": "datasource", - "uid": "-- Dashboard --" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 0, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "stepAfter", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "auto", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "min": -0.01, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 4, - "w": 12, - "x": 0, - "y": 3 - }, - "id": 30, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "datasource", - "uid": "-- Dashboard --" - }, - "panelId": 20, - "refId": "A" - } - ], - "title": "Concurrent Connections", - "type": "timeseries" - }, - { - "datasource": { - "type": "datasource", - "uid": "-- Dashboard --" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - } - }, - "mappings": [] - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 3 - }, - "id": 32, - "options": { - "displayLabels": [], - "legend": { - "displayMode": "table", - "placement": "right", - "showLegend": true, - "values": [ - "value", - "percent" - ] - }, - "pieType": "pie", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "targets": [ - { - "datasource": { - "type": "datasource", - "uid": "-- Dashboard --" - }, - "panelId": 49, - "refId": "A" - } - ], - "title": "Connections by country", - "transformations": [ - { - "id": "filterByRefId", - "options": { - "include": "Seen" - } - }, - { - "id": "filterByValue", - "options": { - "filters": [ - { - "config": { - "id": "greaterOrEqual", - "options": { - "value": 0 - } - }, - "fieldName": "Value #Seen" - } - ], - "match": "any", - "type": "include" - } - }, - { - "id": "groupBy", - "options": { - "fields": { - "Value #Seen": { - "aggregations": [ - "sum" - ], - "operation": "aggregate" - }, - "country": { - "aggregations": [ - "last" - ], - "operation": "aggregate" - }, - "ip": { - "aggregations": [], - "operation": "groupby" - } - } - } - }, - { - "id": "groupBy", - "options": { - "fields": { - "Value #Seen (sum)": { - "aggregations": [ - "sum" - ], - "operation": "aggregate" - }, - "country (last)": { - "aggregations": [], - "operation": "groupby" - } - } - } - }, - { - "id": "rowsToFields", - "options": {} - } - ], - "type": "piechart" - }, - { - "datasource": { - "type": "datasource", - "uid": "-- Dashboard --" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "continuous-GrYlRd" - }, - "custom": { - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "#96D98D", - "value": null - } - ] - } - }, - "overrides": [] - }, - "gridPos": { - "h": 12, - "w": 12, - "x": 0, - "y": 7 - }, - "id": 48, - "links": [], - "options": { - "basemap": { - "config": {}, - "name": "Layer 0", - "type": "default" - }, - "controls": { - "mouseWheelZoom": false, - "showAttribution": false, - "showDebug": false, - "showScale": false, - "showZoom": true - }, - "layers": [ - { - "config": { - "color": { - "field": "Connections", - "fixed": "dark-green" - }, - "fillOpacity": 0.4, - "shape": "circle", - "showLegend": false, - "size": { - "field": "Connections", - "fixed": 5, - "max": 10, - "min": 2 - }, - "style": { - "color": { - "field": "Connections", - "fixed": "dark-green" - }, - "size": { - "field": "Connections", - "fixed": 5, - "max": 9, - "min": 2 - }, - "text": { - "field": "location (lastNotNull) (lastNotNull)", - "fixed": "", - "mode": "fixed" - } - } - }, - "location": { - "geohash": "Geohash", - "mode": "geohash" - }, - "name": "Layer 1", - "type": "markers" - } - ], - "tooltip": { - "mode": "details" - }, - "view": { - "id": "zero", - "lat": 0, - "lon": 0, - "zoom": 1 - } - }, - "pluginVersion": "9.1.2", - "targets": [ - { - "datasource": { - "type": "datasource", - "uid": "-- Dashboard --" - }, - "panelId": 49, - "refId": "A" - } - ], - "title": "Locations", - "transformations": [ - { - "id": "filterByRefId", - "options": { - "include": "Seen" - } - }, - { - "id": "filterByValue", - "options": { - "filters": [ - { - "config": { - "id": "greaterOrEqual", - "options": { - "value": 0 - } - }, - "fieldName": "Value #Seen" - } - ], - "match": "any", - "type": "include" - } - }, - { - "id": "groupBy", - "options": { - "fields": { - "Value #Seen": { - "aggregations": [ - "sum" - ], - "operation": "aggregate" - }, - "geohash": { - "aggregations": [ - "lastNotNull" - ], - "operation": "groupby" - }, - "location": { - "aggregations": [ - "lastNotNull" - ], - "operation": "aggregate" - } - } - } - }, - { - "id": "organize", - "options": { - "excludeByName": {}, - "indexByName": { - "Value #geo (lastNotNull) (sum)": 2, - "geohash (lastNotNull)": 0, - "location (lastNotNull) (lastNotNull)": 1 - }, - "renameByName": { - "Value #Seen (sum)": "Connections", - "geohash": "Geohash", - "location (lastNotNull)": "Location" - } - } - } - ], - "type": "geomap" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "custom": { - "align": "auto", - "displayMode": "auto", - "filterable": true, - "inspect": false, - "minWidth": 50 - }, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - } - ] - } - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "Last Connection" - }, - "properties": [ - { - "id": "custom.minWidth", - "value": 150 - }, - { - "id": "unit", - "value": "dateTimeAsIso" - }, - { - "id": "custom.align", - "value": "left" - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "IP" - }, - "properties": [ - { - "id": "links", - "value": [ - { - "targetBlank": true, - "title": "search ARIN", - "url": "https://search.arin.net/rdap/?query=${__data.fields.IP}" - } - ] - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "Trapped Time" - }, - "properties": [ - { - "id": "unit", - "value": "s" - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 11 - }, - "id": 49, - "options": { - "footer": { - "fields": "", - "reducer": [ - "sum" - ], - "show": false - }, - "frameIndex": 0, - "showHeader": true, - "sortBy": [ - { - "desc": true, - "displayName": "Last Connection" - } - ] - }, - "pluginVersion": "9.1.2", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "exemplar": true, - "expr": "(endlessh_client_open_count{instance=~\"$host\",job=~\"$job\"} - endlessh_client_open_count{instance=~\"$host\",job=~\"$job\"} offset $__interval) > 0 or (endlessh_client_open_count{instance=~\"$host\",job=~\"$job\"}!=0 unless endlessh_client_open_count{instance=~\"$host\",job=~\"$job\"} offset $__interval)", - "format": "table", - "hide": false, - "interval": "", - "legendFormat": "Seen {{ip}}", - "refId": "Seen" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "exemplar": true, - "expr": "(endlessh_client_trapped_time_seconds{instance=~\"$host\",job=~\"$job\"} - endlessh_client_trapped_time_seconds{instance=~\"$host\",job=~\"$job\"} offset $__interval) > 0 or (endlessh_client_trapped_time_seconds{instance=~\"$host\",job=~\"$job\"}!=0 unless endlessh_client_trapped_time_seconds{instance=~\"$host\",job=~\"$job\"} offset $__interval)", - "format": "table", - "hide": false, - "interval": "", - "legendFormat": "Trapped {{ip}}", - "refId": "Trapped" - } - ], - "title": "Clients", - "transformations": [ - { - "id": "filterByValue", - "options": { - "filters": [ - { - "config": { - "id": "greaterOrEqual", - "options": { - "value": 0 - } - }, - "fieldName": "Value #Seen" - }, - { - "config": { - "id": "greaterOrEqual", - "options": { - "value": 0 - } - }, - "fieldName": "Value #Trapped" - } - ], - "match": "any", - "type": "include" - } - }, - { - "id": "merge", - "options": {} - }, - { - "id": "calculateField", - "options": { - "alias": "Seen", - "mode": "reduceRow", - "reduce": { - "include": [ - "Value #Seen" - ], - "reducer": "sum" - } - } - }, - { - "id": "calculateField", - "options": { - "alias": "Trapped", - "mode": "reduceRow", - "reduce": { - "include": [ - "Value #Trapped" - ], - "reducer": "sum" - } - } - }, - { - "id": "filterByValue", - "options": { - "filters": [ - { - "config": { - "id": "greaterOrEqual", - "options": { - "value": 0 - } - }, - "fieldName": "Seen" - }, - { - "config": { - "id": "greaterOrEqual", - "options": { - "value": 0 - } - }, - "fieldName": "Trapped" - } - ], - "match": "all", - "type": "include" - } - }, - { - "id": "groupBy", - "options": { - "fields": { - "Seen": { - "aggregations": [ - "sum" - ], - "operation": "aggregate" - }, - "Time": { - "aggregations": [ - "max" - ], - "operation": "aggregate" - }, - "Trapped": { - "aggregations": [ - "sum" - ], - "operation": "aggregate" - }, - "country": { - "aggregations": [ - "lastNotNull" - ], - "operation": "aggregate" - }, - "ip": { - "aggregations": [], - "operation": "groupby" - } - } - } - }, - { - "id": "filterByValue", - "options": { - "filters": [ - { - "config": { - "id": "isNull", - "options": {} - }, - "fieldName": "ip" - } - ], - "match": "any", - "type": "exclude" - } - }, - { - "id": "organize", - "options": { - "excludeByName": {}, - "indexByName": { - "Seen (sum)": 3, - "Time (max)": 0, - "Trapped (sum)": 4, - "country (lastNotNull)": 2, - "ip": 1 - }, - "renameByName": { - "Seen (sum)": "Connections", - "Time (max)": "Last Connection", - "Trapped (sum)": "Trapped Time", - "country (lastNotNull)": "Country", - "ip": "IP" - } - } - } - ], - "type": "table" - } - ], - "refresh": "", - "schemaVersion": 37, - "style": "dark", - "tags": [], - "templating": { - "list": [ - { - "current": { - "selected": false, - "text": "default", - "value": "default" - }, - "hide": 0, - "includeAll": false, - "label": "datasource", - "multi": false, - "name": "DS_PROMETHEUS", - "options": [], - "query": "prometheus", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - }, - { - "allValue": ".*", - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "definition": "label_values(endlessh_client_open_count_total, job)", - "hide": 0, - "includeAll": true, - "label": "Job", - "multi": true, - "name": "job", - "options": [], - "query": { - "query": "label_values(endlessh_client_open_count_total, job)", - "refId": "StandardVariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - }, - { - "allValue": ".*", - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "definition": "label_values(endlessh_client_open_count_total{job=~\"$job\"}, instance)", - "hide": 0, - "includeAll": true, - "label": "Host", - "multi": true, - "name": "host", - "options": [], - "query": { - "query": "label_values(endlessh_client_open_count_total{job=~\"$job\"}, instance)", - "refId": "StandardVariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - } - ] - }, - "time": { - "from": "now-24h", - "to": "now" - }, - "timepicker": {}, - "timezone": "", - "title": "Endlessh", - "uid": "ATIxYkO7k", - "version": 1, - "weekStart": "" -}
\ No newline at end of file diff --git a/modules/nixfiles/monitoring/dashboards/nginx.json b/modules/nixfiles/monitoring/dashboards/nginx.json deleted file mode 100644 index b2cc499..0000000 --- a/modules/nixfiles/monitoring/dashboards/nginx.json +++ /dev/null @@ -1,567 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "description": "", - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": 31, - "links": [], - "liveNow": false, - "panels": [ - { - "collapsed": false, - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 4, - "panels": [], - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "refId": "A" - } - ], - "title": "Status", - "type": "row" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "0": { - "text": "Down" - }, - "1": { - "text": "Up" - } - }, - "type": "value" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "#E02F44", - "value": null - }, - { - "color": "#FF9830", - "value": 1 - }, - { - "color": "#299c46", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 12, - "x": 0, - "y": 1 - }, - "id": 8, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "background", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "repeat": "instance", - "repeatDirection": "h", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "nginx_up{instance=~\"$instance\"}", - "format": "time_series", - "instant": false, - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "NGINX Status for $instance", - "type": "stat" - }, - { - "collapsed": false, - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 4 - }, - "id": 6, - "panels": [], - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "refId": "A" - } - ], - "title": "Metrics", - "type": "row" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "Connections (rate)", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 1, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 10, - "w": 12, - "x": 0, - "y": 5 - }, - "id": 10, - "links": [], - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "irate(nginx_connections_accepted{instance=~\"$instance\"}[$__range])", - "format": "time_series", - "instant": false, - "intervalFactor": 1, - "legendFormat": "{{instance}} accepted", - "refId": "A" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "irate(nginx_connections_handled{instance=~\"$instance\"}[$__range])", - "format": "time_series", - "instant": false, - "intervalFactor": 1, - "legendFormat": "{{instance}} handled", - "refId": "B" - } - ], - "title": "Processed connections", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "Connections", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 0, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 10, - "w": 12, - "x": 12, - "y": 5 - }, - "id": 12, - "links": [], - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "nginx_connections_active{instance=~\"$instance\"}", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "{{instance}} active", - "refId": "A" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "nginx_connections_reading{instance=~\"$instance\"}", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "{{instance}} reading", - "refId": "B" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "nginx_connections_waiting{instance=~\"$instance\"}", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "{{instance}} waiting", - "refId": "C" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "nginx_connections_writing{instance=~\"$instance\"}", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "{{instance}} writing", - "refId": "D" - } - ], - "title": "Active Connections", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 15 - }, - "id": 15, - "links": [], - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "irate(nginx_http_requests_total{instance=~\"$instance\"}[$__range])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "{{instance}} total requests", - "refId": "A" - } - ], - "title": "Total requests", - "type": "timeseries" - } - ], - "refresh": "5s", - "schemaVersion": 37, - "style": "dark", - "tags": [], - "templating": { - "list": [ - { - "current": { - "selected": false, - "text": "default", - "value": "default" - }, - "hide": 0, - "includeAll": false, - "label": "datasource", - "multi": false, - "name": "DS_PROMETHEUS", - "options": [], - "query": "prometheus", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - }, - { - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "definition": "label_values(nginx_up, instance)", - "hide": 0, - "includeAll": true, - "label": "", - "multi": true, - "name": "instance", - "options": [], - "query": { - "query": "label_values(nginx_up, instance)", - "refId": "StandardVariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - } - ] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": ["5m", "15m", "1h", "6h", "12h", "24h", "2d", "7d", "30d"] - }, - "timezone": "", - "title": "NGINX", - "uid": "Yoeroupho", - "version": 1, - "weekStart": "" -} diff --git a/modules/nixfiles/monitoring/dashboards/postgresql.json b/modules/nixfiles/monitoring/dashboards/postgresql.json deleted file mode 100644 index 4e533f7..0000000 --- a/modules/nixfiles/monitoring/dashboards/postgresql.json +++ /dev/null @@ -1,3086 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "description": "", - "editable": true, - "fiscalYearStartMonth": 0, - "graphTooltip": 0, - "id": 29, - "links": [], - "liveNow": false, - "panels": [ - { - "collapsed": false, - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 34, - "panels": [], - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "refId": "A" - } - ], - "title": "General Counters, CPU, Memory and File Descriptor Stats", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 2, - "w": 4, - "x": 0, - "y": 1 - }, - "id": 36, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "value", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["mean"], - "fields": "", - "values": false - }, - "textMode": "name" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "pg_static{instance=\"$instance\"}", - "format": "time_series", - "instant": true, - "intervalFactor": 1, - "legendFormat": "{{short_version}}", - "refId": "A" - } - ], - "title": "Version", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "description": "start time of the process", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "dateTimeFromNow" - }, - "overrides": [] - }, - "gridPos": { - "h": 2, - "w": 4, - "x": 4, - "y": 1 - }, - "id": 28, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["mean"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "pg_postmaster_start_time_seconds{instance=\"$instance\"} * 1000", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "", - "range": true, - "refId": "A" - } - ], - "title": "Start Time", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "decbytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 2, - "w": 4, - "x": 8, - "y": 1 - }, - "id": 10, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "SUM(pg_stat_database_tup_fetched{datname=~\"$datname\", instance=~\"$instance\"})", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 4 - } - ], - "title": "Current fetch data", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "decbytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 2, - "w": 4, - "x": 12, - "y": 1 - }, - "id": 11, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "SUM(pg_stat_database_tup_inserted{datname=~\"$datname\", instance=~\"$instance\"})", - "format": "time_series", - "intervalFactor": 2, - "range": true, - "refId": "A", - "step": 4 - } - ], - "title": "Current insert data", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "decbytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 2, - "w": 4, - "x": 16, - "y": 1 - }, - "id": 12, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "SUM(pg_stat_database_tup_updated{datname=~\"$datname\", instance=~\"$instance\"})", - "format": "time_series", - "intervalFactor": 2, - "refId": "A", - "step": 4 - } - ], - "title": "Current update data", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 2, - "w": 4, - "x": 20, - "y": 1 - }, - "id": 38, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["mean"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "pg_settings_max_connections{instance=\"$instance\"}", - "format": "time_series", - "intervalFactor": 1, - "range": true, - "refId": "A" - } - ], - "title": "Max Connections", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "description": "Average user and system CPU time spent in seconds.", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "s" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 3 - }, - "id": 22, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "max", "min"], - "displayMode": "table", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "avg(rate(process_cpu_seconds_total{instance=\"$instance\"}[$__range]) * 1000)", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "CPU Time", - "range": true, - "refId": "A" - } - ], - "title": "Average CPU Usage", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "description": "Virtual and Resident memory size in bytes, averages over 5 min interval", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "decbytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 3 - }, - "id": 24, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "max", "min"], - "displayMode": "table", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "avg(rate(process_resident_memory_bytes{instance=\"$instance\"}[$__range]))", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Resident Mem", - "range": true, - "refId": "A" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "avg(rate(process_virtual_memory_bytes{instance=\"$instance\"}[$__range]))", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Virtual Mem", - "range": true, - "refId": "B" - } - ], - "title": "Average Memory Usage", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "description": "Number of open file descriptors", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 3 - }, - "id": 26, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "max", "min"], - "displayMode": "table", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "process_open_fds{instance=\"$instance\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "Open FD", - "range": true, - "refId": "A" - } - ], - "title": "Open File Descriptors", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 10 - }, - "id": 32, - "panels": [], - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "refId": "A" - } - ], - "title": "Settings", - "type": "row" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 3, - "x": 0, - "y": 11 - }, - "id": 40, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_settings_shared_buffers_bytes{instance=\"$instance\"}", - "format": "time_series", - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "Shared Buffers", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 3, - "x": 3, - "y": 11 - }, - "id": 42, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_settings_effective_cache_size_bytes{instance=\"$instance\"}", - "format": "time_series", - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "Effective Cache", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 3, - "x": 6, - "y": 11 - }, - "id": 44, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_settings_maintenance_work_mem_bytes{instance=\"$instance\"}", - "format": "time_series", - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "Maintenance Work Mem", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 3, - "x": 9, - "y": 11 - }, - "id": 46, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_settings_work_mem_bytes{instance=\"$instance\"}", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "", - "refId": "A" - } - ], - "title": "Work Mem", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "decimals": 1, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 3, - "x": 12, - "y": 11 - }, - "id": 48, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_settings_max_wal_size_bytes{instance=\"$instance\"}", - "format": "time_series", - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "Max WAL Size", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 3, - "x": 15, - "y": 11 - }, - "id": 50, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_settings_random_page_cost{instance=\"$instance\"}", - "format": "time_series", - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "Random Page Cost", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 2, - "x": 18, - "y": 11 - }, - "id": 52, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_settings_seq_page_cost", - "format": "time_series", - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "Seq Page Cost", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 2, - "x": 20, - "y": 11 - }, - "id": 54, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["mean"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_settings_max_worker_processes{instance=\"$instance\"}", - "format": "time_series", - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "Max Worker Processes", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 2, - "x": 22, - "y": 11 - }, - "id": 56, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_settings_max_parallel_workers{instance=\"$instance\"}", - "format": "time_series", - "intervalFactor": 1, - "refId": "A" - } - ], - "title": "Max Parallel Workers", - "type": "stat" - }, - { - "collapsed": false, - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 14 - }, - "id": 30, - "panels": [], - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "refId": "A" - } - ], - "title": "Database Stats", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 0, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": true, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 0, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 15 - }, - "id": 1, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "max"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "pg_stat_activity_count{datname=~\"$datname\", instance=~\"$instance\", state=\"active\"} != 0", - "format": "time_series", - "interval": "", - "intervalFactor": 2, - "legendFormat": "{{datname}}, s: {{state}}", - "range": true, - "refId": "A", - "step": 2 - } - ], - "title": "Active sessions", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 15 - }, - "id": 60, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "sum"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "irate(pg_stat_database_xact_commit{instance=\"$instance\", datname=~\"$datname\"}[$__range])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "{{datname}} commits", - "refId": "A" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "irate(pg_stat_database_xact_rollback{instance=\"$instance\", datname=~\"$datname\"}[$__range])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "{{datname}} rollbacks", - "refId": "B" - } - ], - "title": "Transactions", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 15 - }, - "id": 8, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "sum"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_stat_database_tup_updated{datname=~\"$datname\", instance=~\"$instance\"} != 0", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{datname}}", - "refId": "A", - "step": 2 - } - ], - "title": "Update data", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 22 - }, - "id": 5, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "sum"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_stat_database_tup_fetched{datname=~\"$datname\", instance=~\"$instance\"} != 0", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{datname}}", - "refId": "A", - "step": 2 - } - ], - "title": "Fetch data", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 22 - }, - "id": 6, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "sum"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_stat_database_tup_inserted{datname=~\"$datname\", instance=~\"$instance\"} != 0", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{datname}}", - "refId": "A", - "step": 2 - } - ], - "title": "Insert data", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 0, - "links": [], - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 22 - }, - "id": 3, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "sum"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_locks_count{datname=~\"$datname\", instance=~\"$instance\", mode=~\"$mode\"} != 0", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{datname}},{{mode}}", - "refId": "A", - "step": 2 - } - ], - "title": "Lock tables", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 29 - }, - "id": 14, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "sum"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_stat_database_tup_returned{datname=~\"$datname\", instance=~\"$instance\"} != 0", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{datname}}", - "refId": "A", - "step": 2 - } - ], - "title": "Return data", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 29 - }, - "id": 4, - "links": [], - "options": { - "legend": { - "calcs": ["lastNotNull", "max"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_stat_activity_count{datname=~\"$datname\", instance=~\"$instance\", state=~\"idle|idle in transaction|idle in transaction (aborted)\"}", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{datname}}, s: {{state}}", - "refId": "A", - "step": 2 - } - ], - "title": "Idle sessions", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 29 - }, - "id": 7, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "sum"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_stat_database_tup_deleted{datname=~\"$datname\", instance=~\"$instance\"} != 0", - "format": "time_series", - "intervalFactor": 2, - "legendFormat": "{{datname}}", - "refId": "A", - "step": 2 - } - ], - "title": "Delete data", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "decimals": 4, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "percentunit" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 36 - }, - "id": 62, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "pg_stat_database_blks_hit{instance=\"$instance\", datname=~\"$datname\"} / (pg_stat_database_blks_read{instance=\"$instance\", datname=~\"$datname\"} + pg_stat_database_blks_hit{instance=\"$instance\", datname=~\"$datname\"})", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "{{ datname }}", - "refId": "A" - } - ], - "title": "Cache Hit Rate", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 8, - "y": 36 - }, - "id": 64, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "max", "min"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "irate(pg_stat_bgwriter_buffers_backend_total{instance=\"$instance\"}[$__range])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "buffers_backend", - "range": true, - "refId": "A" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "irate(pg_stat_bgwriter_buffers_alloc_total{instance=\"$instance\"}[$__range])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "buffers_alloc", - "range": true, - "refId": "B" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "irate(pg_stat_bgwriter_buffers_backend_fsync_total{instance=\"$instance\"}[$__range])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "backend_fsync", - "range": true, - "refId": "C" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "irate(pg_stat_bgwriter_buffers_checkpoint_total{instance=\"$instance\"}[$__range])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "buffers_checkpoint", - "range": true, - "refId": "D" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "irate(pg_stat_bgwriter_buffers_clean_total{instance=\"$instance\"}[$__range])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "buffers_clean", - "range": true, - "refId": "E" - } - ], - "title": "Buffers (bgwriter)", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 36 - }, - "id": 66, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "sum"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "irate(pg_stat_database_conflicts{instance=\"$instance\", datname=~\"$datname\"}[$__range])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "{{datname}} conflicts", - "refId": "B" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "irate(pg_stat_database_deadlocks{instance=\"$instance\", datname=~\"$datname\"}[$__range])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "{{datname}} deadlocks", - "refId": "A" - } - ], - "title": "Conflicts/Deadlocks", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total amount of data written to temporary files by queries in this database. All temporary files are counted, regardless of why the temporary file was created, and regardless of the log_temp_files setting.", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 0, - "y": 43 - }, - "id": 68, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "sum"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "irate(pg_stat_database_temp_bytes{instance=\"$instance\", datname=~\"$datname\"}[$__range])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "{{datname}}", - "range": true, - "refId": "A" - } - ], - "title": "Temp File (Bytes)", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "ms" - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 16, - "x": 8, - "y": 43 - }, - "id": 70, - "links": [], - "options": { - "legend": { - "calcs": ["mean", "lastNotNull", "max", "min"], - "displayMode": "table", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "irate(pg_stat_bgwriter_checkpoint_write_time_total{instance=\"$instance\"}[$__range])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "write_time - Total amount of time that has been spent in the portion of checkpoint processing where files are written to disk.", - "range": true, - "refId": "B" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "irate(pg_stat_bgwriter_checkpoint_sync_time_total{instance=\"$instance\"}[$__range])", - "format": "time_series", - "intervalFactor": 1, - "legendFormat": "sync_time - Total amount of time that has been spent in the portion of checkpoint processing where files are synchronized to disk.", - "range": true, - "refId": "A" - } - ], - "title": "Checkpoint Stats", - "type": "timeseries" - } - ], - "refresh": "5s", - "schemaVersion": 37, - "style": "dark", - "tags": [], - "templating": { - "list": [ - { - "current": { - "selected": false, - "text": "Prometheus", - "value": "Prometheus" - }, - "hide": 0, - "includeAll": false, - "label": "datasource", - "multi": false, - "name": "DS_PROMETHEUS", - "options": [], - "query": "prometheus", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - }, - { - "current": { - "selected": false, - "text": "manwe:9187", - "value": "manwe:9187" - }, - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "definition": "query_result(pg_up)", - "hide": 0, - "includeAll": false, - "label": "Instance", - "multi": false, - "name": "instance", - "options": [], - "query": { - "query": "query_result(pg_up)", - "refId": "StandardVariableQuery" - }, - "refresh": 1, - "regex": "/.*instance=\"([^\"]+).*/", - "skipUrlSync": false, - "sort": 1, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "definition": "label_values(datname)", - "hide": 0, - "includeAll": true, - "label": "Database", - "multi": true, - "name": "datname", - "options": [], - "query": { - "query": "label_values(datname)", - "refId": "StandardVariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "current": { - "selected": false, - "text": "All", - "value": "$__all" - }, - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "definition": "label_values({mode=~\"accessexclusivelock|accesssharelock|exclusivelock|rowexclusivelock|rowsharelock|sharelock|sharerowexclusivelock|shareupdateexclusivelock\"}, mode)", - "hide": 0, - "includeAll": true, - "label": "Lock table", - "multi": true, - "name": "mode", - "options": [], - "query": { - "query": "label_values({mode=~\"accessexclusivelock|accesssharelock|exclusivelock|rowexclusivelock|rowsharelock|sharelock|sharerowexclusivelock|shareupdateexclusivelock\"}, mode)", - "refId": "StandardVariableQuery" - }, - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - } - ] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": ["5m", "15m", "1h", "6h", "12h", "24h", "2d", "7d", "30d"] - }, - "timezone": "", - "title": "PostgreSQL", - "uid": "fiuGhahwi", - "version": 1, - "weekStart": "" -} diff --git a/modules/nixfiles/monitoring/dashboards/unbound.json b/modules/nixfiles/monitoring/dashboards/unbound.json deleted file mode 100644 index 8a0d503..0000000 --- a/modules/nixfiles/monitoring/dashboards/unbound.json +++ /dev/null @@ -1,2991 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "description": "", - "editable": true, - "fiscalYearStartMonth": 0, - "gnetId": 11705, - "graphTooltip": 0, - "id": 39, - "links": [], - "liveNow": false, - "panels": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries received at the selected time range.", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 0, - "y": 0 - }, - "id": 24, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["sum"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "sum(increase(unbound_queries_total{instance=\"$instance\"}[$__range]))", - "range": true, - "refId": "A" - } - ], - "title": "Queries", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 4, - "y": 0 - }, - "id": 26, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "sum(rate(unbound_queries_total{instance=\"$instance\"}[$__range]))", - "refId": "A" - } - ], - "title": "Queries per second", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries that were refused or dropped because they failed the access control settings at the selected time range.", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 8, - "y": 0 - }, - "id": 8, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["sum"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "increase(unbound_unwanted_queries_total{instance=\"$instance\"}[$__range])", - "range": true, - "refId": "A" - } - ], - "title": "Unwanted queries", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of replies that were unwanted or unsolicited at the selected time range.\n\nA sharp increase in unwanted traffic indicates a possible spoof run in progress.", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 12, - "y": 0 - }, - "id": 49, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["sum"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "increase(unbound_unwanted_replies_total{instance=\"$instance\"}[$__range])", - "refId": "A" - } - ], - "title": "Unwanted replies", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Max memory in use by caches at the selected time range.", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 16, - "y": 0 - }, - "id": 48, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "sum(rate(unbound_memory_caches_bytes{instance=\"$instance\"}[$__range]))", - "range": true, - "refId": "A" - } - ], - "title": "Memory cache size", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "The number of threads created to serve clients", - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 20, - "y": 0 - }, - "id": 2, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "none", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "unbound_num_threads{instance=\"$instance\"}", - "format": "time_series", - "instant": false, - "refId": "A" - } - ], - "title": "Threads", - "type": "stat" - }, - { - "cards": { - "cardPadding": 0 - }, - "color": { - "cardColor": "#3274D9", - "colorScale": "sqrt", - "colorScheme": "interpolateSpectral", - "exponent": 0.5, - "mode": "opacity" - }, - "dataFormat": "timeseries", - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "description": "Query response time in seconds", - "fieldConfig": { - "defaults": { - "custom": { - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "scaleDistribution": { - "type": "linear" - } - } - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 16, - "x": 0, - "y": 3 - }, - "heatmap": {}, - "hideZeroBuckets": false, - "highlightCards": true, - "id": 46, - "legend": { - "show": false - }, - "options": { - "calculate": true, - "calculation": {}, - "cellGap": 1, - "cellValues": {}, - "color": { - "exponent": 0.5, - "fill": "#3274D9", - "mode": "opacity", - "scale": "exponential", - "scheme": "Oranges", - "steps": 128 - }, - "exemplars": { - "color": "rgba(255,0,255,0.7)" - }, - "filterValues": { - "le": 1e-9 - }, - "legend": { - "show": false - }, - "rowsFrame": { - "layout": "ge" - }, - "showValue": "never", - "tooltip": { - "show": true, - "yHistogram": true - }, - "yAxis": { - "axisPlacement": "left", - "decimals": 0, - "min": "0", - "reverse": false, - "unit": "s" - } - }, - "pluginVersion": "9.1.0", - "reverseYBuckets": false, - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "rate(unbound_response_time_seconds_bucket{instance=\"$instance\", le=~\"0.001024|0.002048|0.004096|0.008192|0.016384|0.032768|0.065536|0.131072|0.262144|0.524288|1|2|4|8|16|32|64\"}[$__range])", - "format": "heatmap", - "instant": false, - "intervalFactor": 1, - "legendFormat": "{{le}}", - "refId": "A" - } - ], - "title": "Response time", - "tooltip": { - "show": true, - "showHistogram": true - }, - "type": "heatmap", - "xAxis": { - "show": true - }, - "yAxis": { - "decimals": 0, - "format": "s", - "logBase": 1, - "min": "0", - "show": true - }, - "yBucketBound": "upper" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - } - }, - "mappings": [] - }, - "overrides": [] - }, - "gridPos": { - "h": 7, - "w": 8, - "x": 16, - "y": 3 - }, - "id": 37, - "links": [], - "maxDataPoints": 3, - "options": { - "displayLabels": ["value"], - "legend": { - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "pieType": "pie", - "reduceOptions": { - "calcs": ["lastNotNull"], - "fields": "", - "values": false - }, - "tooltip": { - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.3.6", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "sum(increase(unbound_cache_hits_total{instance=\"$instance\"}[$__range]))", - "legendFormat": "Hits", - "range": true, - "refId": "A" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "exemplar": true, - "expr": "sum(increase(unbound_cache_misses_total{instance=\"$instance\"}[$__range]))", - "format": "time_series", - "interval": "", - "legendFormat": "Misses", - "range": true, - "refId": "B" - } - ], - "title": "Cache hit/miss ratio", - "type": "piechart" - }, - { - "collapsed": false, - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 10 - }, - "id": 12, - "panels": [], - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "refId": "A" - } - ], - "title": "Queries", - "type": "row" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries that were made using TCP towards the Unbound server at the selected time range.", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 5, - "x": 0, - "y": 11 - }, - "id": 16, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["sum"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "increase(unbound_query_tcp_total{instance=\"$instance\"}[$__range])", - "refId": "A" - } - ], - "title": "Incoming TCP queries", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries that were made using TCP towards the Unbound server at the selected time range.", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 5, - "x": 5, - "y": 11 - }, - "id": 22, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["sum"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "increase(unbound_query_tcp_out_total{instance=\"$instance\"}[$__range])", - "refId": "A" - } - ], - "title": "Outgoing TCP queries", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries that had been rate limited at the selected time range.", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 10, - "y": 11 - }, - "id": 50, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["sum"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "increase(unbound_query_ratelimited_total{instance=\"$instance\"}[$__range])", - "refId": "A" - } - ], - "title": "Rate limited queries", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries that were made using TLS towards the Unbound server at the selected time range.", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 5, - "x": 14, - "y": 11 - }, - "id": 18, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["sum"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "increase(unbound_query_tls_total{instance=\"$instance\"}[$__range])", - "refId": "A" - } - ], - "title": "Incoming TLS queries", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries that were made using TLS resumption at the selected time range.", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 5, - "x": 19, - "y": 11 - }, - "id": 19, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["sum"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "increase(unbound_query_tls_resume_total{instance=\"$instance\"}[$__range])", - "refId": "A" - } - ], - "title": "TLS resumption queries", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries that were made using IPv6 towards the Unbound server at the selected time range.", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 5, - "x": 0, - "y": 14 - }, - "id": 20, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["sum"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "increase(unbound_query_ipv6_total{instance=\"$instance\"}[$__range])", - "range": true, - "refId": "A" - } - ], - "title": "IPv6 queries", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total amount of answers that were secure (AD) at the selected time range.", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 5, - "x": 5, - "y": 14 - }, - "id": 51, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["sum"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "increase(unbound_answers_secure_total{instance=\"$instance\"}[$__range])", - "refId": "A" - } - ], - "title": "Secure answers", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total amount of answers that were bogus (withheld as SERVFAIL) at the selected time range.", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 10, - "y": 14 - }, - "id": 52, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["sum"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "increase(unbound_answers_bogus_total{instance=\"$instance\"}[$__range])", - "range": true, - "refId": "A" - } - ], - "title": "Bogus answers", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries that had an EDNS OPT record present at the selected time range.", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 5, - "x": 14, - "y": 14 - }, - "id": 17, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["sum"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "increase(unbound_query_edns_present_total{instance=\"$instance\"}[$__range])", - "refId": "A" - } - ], - "title": "EDNS OPT queries", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries that had an EDNS OPT record with the DO (DNSSEC OK) bit set present at the selected time range.", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "rgb(31, 120, 193)", - "mode": "fixed" - }, - "mappings": [ - { - "options": { - "match": "null", - "result": { - "text": "N/A" - } - }, - "type": "special" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 5, - "x": 19, - "y": 14 - }, - "id": 21, - "links": [], - "maxDataPoints": 100, - "options": { - "colorMode": "none", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "horizontal", - "reduceOptions": { - "calcs": ["sum"], - "fields": "", - "values": false - }, - "textMode": "auto" - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "increase(unbound_query_edns_DO_total{instance=\"$instance\"}[$__range])", - "refId": "A" - } - ], - "title": "EDNS OPT + DNSSEC OK queries", - "type": "stat" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries with a given query type", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "reqps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 17 - }, - "id": 35, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "rate(unbound_query_types_total{instance=\"$instance\"}[$__range])", - "legendFormat": "{{type}}", - "refId": "A" - } - ], - "title": "Total queries by type", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of answers by rcode", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "reqps" - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "NXDOMAIN" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "dark-orange", - "mode": "fixed" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "SERVFAIL" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "dark-red", - "mode": "fixed" - } - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 17 - }, - "id": 40, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "rate(unbound_answer_rcodes_total{instance=\"$instance\"}[$__range])", - "legendFormat": "{{rcode}}", - "refId": "A" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "rate(unbound_answers_secure_total{instance=\"$instance\"}[$__range])", - "legendFormat": "Secure (AD)", - "refId": "B" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "rate(unbound_answers_bogus_total{instance=\"$instance\"}[$__range])", - "legendFormat": "Bogus (SERVFAIL)", - "refId": "C" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "rate(unbound_rrset_bogus_total{instance=\"$instance\"}[$__range])", - "legendFormat": "RRset bogus", - "refId": "D" - } - ], - "title": "Total answers by rcode", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries with a given query class", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "reqps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 25 - }, - "id": 38, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "rate(unbound_query_classes_total{instance=\"$instance\"}[$__range])", - "legendFormat": "{{class}}", - "refId": "A" - } - ], - "title": "Total queries by class", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries with a given query opcode", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "reqps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 25 - }, - "id": 39, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "rate(unbound_query_opcodes_total{instance=\"$instance\"}[$__range])", - "legendFormat": "{{opcode}}", - "refId": "A" - } - ], - "title": "Total queries by opcode", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 33 - }, - "id": 54, - "panels": [], - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "refId": "A" - } - ], - "title": "Request list", - "type": "row" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Current size of the request list, including internally generated queries", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 24, - "x": 0, - "y": 34 - }, - "id": 55, - "options": { - "legend": { - "calcs": ["lastNotNull"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "sum(rate(unbound_request_list_current_all{instance=\"$instance\"}[$__range]))", - "legendFormat": "all", - "refId": "A" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "sum(rate(unbound_request_list_current_user{instance=\"$instance\"}[$__range]))", - "legendFormat": "user", - "refId": "B" - } - ], - "title": "Request list size", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "description": "Number of queries that were dropped because the request list was full", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 42 - }, - "id": 56, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "sum(rate(unbound_request_list_exceeded_total{instance=\"$instance\"}[$__range]))", - "legendFormat": "", - "range": true, - "refId": "A" - } - ], - "title": "Total exceeded queries", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of requests in the request list that were overwritten by newer entries", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 42 - }, - "id": 57, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "sum(rate(unbound_request_list_overwritten_total{instance=\"$instance\"}[$__range]))", - "legendFormat": "", - "range": true, - "refId": "A" - } - ], - "title": "Total overwritten queries", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 50 - }, - "id": 30, - "panels": [], - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "refId": "A" - } - ], - "title": "DNSCrypt", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries that were encrypted and successfully decapsulated by dnscrypt", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "reqps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 51 - }, - "id": 28, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "sum(rate(unbound_dnscrypt_valid_queries_total{instance=\"$instance\"}[$__range]))", - "range": true, - "refId": "A" - } - ], - "title": "Total successful queries", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries that were requesting dnscrypt certificates", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "reqps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 51 - }, - "id": 31, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "sum(irate(unbound_dnscrypt_cert_queries_total{instance=\"$instance\"}[$__range]))", - "refId": "A" - } - ], - "title": "Total certificate requesting queries", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of queries received on dnscrypt port that were cleartext and not a request for certificates", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "reqps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 59 - }, - "id": 32, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "sum(irate(unbound_dnscrypt_cleartext_queries_total{instance=\"$instance\"}[$__range]))", - "refId": "A" - } - ], - "title": "Total received cleartext queries", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Total number of requests that were neither cleartext, not valid dnscrypt messages", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "reqps" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 59 - }, - "id": 33, - "options": { - "legend": { - "calcs": [], - "displayMode": "list", - "placement": "bottom", - "showLegend": false - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "sum(irate(unbound_dnscrypt_malformed_queries_total{instance=\"$instance\"}[$__range]))", - "refId": "A" - } - ], - "title": "Total malformed queries", - "type": "timeseries" - }, - { - "collapsed": false, - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 67 - }, - "id": 43, - "panels": [], - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "refId": "A" - } - ], - "title": "Cache", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "${DS_PROMETHEUS}" - }, - "description": "Hits: total number of queries that were successfully answered using a cache lookup.\n\nMisses: total number of cache queries that needed recursive processing", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "min": 0, - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "ops" - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "hits" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "#73BF69", - "mode": "fixed" - } - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "misses" - }, - "properties": [ - { - "id": "color", - "value": { - "fixedColor": "#F2495C", - "mode": "fixed" - } - } - ] - } - ] - }, - "gridPos": { - "h": 7, - "w": 24, - "x": 0, - "y": 68 - }, - "id": 60, - "options": { - "legend": { - "calcs": ["mean", "lastNotNull"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "editorMode": "code", - "expr": "sum(irate(unbound_cache_hits_total{instance=\"$instance\"}[$__range]))", - "legendFormat": "hits", - "range": true, - "refId": "A" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "sum(irate(unbound_cache_misses_total{instance=\"$instance\"}[$__range]))", - "legendFormat": "misses", - "refId": "B" - } - ], - "title": "Cache hits / misses", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "Memory in bytes by caches", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "bytes" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 75 - }, - "id": 6, - "options": { - "legend": { - "calcs": ["lastNotNull"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "rate(unbound_memory_caches_bytes{instance=\"$instance\"}[$__range])", - "legendFormat": "{{cache}}", - "refId": "A" - } - ], - "title": "Cache size", - "type": "timeseries" - }, - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "description": "The number of cached entries", - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 10, - "gradientMode": "none", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "lineInterpolation": "linear", - "lineWidth": 1, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": false, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "links": [], - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 80 - } - ] - }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 75 - }, - "id": 41, - "options": { - "legend": { - "calcs": ["lastNotNull"], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "mode": "multi", - "sort": "none" - } - }, - "pluginVersion": "9.1.0", - "targets": [ - { - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "expr": "unbound_cache_count_total{instance=\"$instance\"}", - "legendFormat": "{{type}}", - "refId": "A" - } - ], - "title": "Cached entries", - "type": "timeseries" - } - ], - "refresh": "5s", - "schemaVersion": 37, - "style": "dark", - "tags": [], - "templating": { - "list": [ - { - "current": { - "selected": false, - "text": "manwe:9167", - "value": "manwe:9167" - }, - "datasource": { - "uid": "${DS_PROMETHEUS}" - }, - "definition": "label_values(unbound_up, instance)", - "hide": 0, - "includeAll": false, - "multi": false, - "name": "instance", - "options": [], - "query": { - "query": "label_values(unbound_up, instance)", - "refId": "Prometheus-instance-Variable-Query" - }, - "refresh": 2, - "regex": "", - "skipUrlSync": false, - "sort": 0, - "tagValuesQuery": "", - "tagsQuery": "", - "type": "query", - "useTags": false - }, - { - "current": { - "selected": false, - "text": "Prometheus", - "value": "Prometheus" - }, - "hide": 0, - "includeAll": false, - "label": "datasource", - "multi": false, - "name": "DS_PROMETHEUS", - "options": [], - "query": "prometheus", - "refresh": 1, - "regex": "", - "skipUrlSync": false, - "type": "datasource" - } - ] - }, - "time": { - "from": "now-1h", - "to": "now" - }, - "timepicker": { - "refresh_intervals": [ - "5s", - "10s", - "30s", - "1m", - "5m", - "15m", - "30m", - "1h", - "2h", - "1d" - ], - "time_options": ["5m", "15m", "1h", "6h", "12h", "24h", "2d", "7d", "30d"] - }, - "timezone": "", - "title": "Unbound", - "uid": "Eighooghi", - "version": 1, - "weekStart": "" -} diff --git a/modules/nixfiles/monitoring/default.nix b/modules/nixfiles/monitoring/default.nix deleted file mode 100644 index 4ff4c50..0000000 --- a/modules/nixfiles/monitoring/default.nix +++ /dev/null @@ -1,176 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.monitoring; -in { - options.nixfiles.modules.monitoring.enable = mkEnableOption '' - a custom monitoring stack bas on the Grafana Labs toolkit - ''; - - config = mkIf cfg.enable { - nixfiles.modules = { - grafana.enable = true; - loki.enable = true; - prometheus.enable = true; - alertmanager.enable = true; - }; - - services = { - grafana.provision = { - enable = true; - - # https://grafana.com/docs/grafana/latest/administration/provisioning/#data-sources - datasources.settings.datasources = with config.nixfiles.modules; [ - { - name = "Prometheus"; - type = "prometheus"; - access = "proxy"; - url = "https://${prometheus.domain}"; - isDefault = true; - } - { - name = "Loki"; - type = "loki"; - access = "proxy"; - url = "https://${loki.domain}"; - } - ]; - - # https://grafana.com/docs/grafana/latest/administration/provisioning/#dashboards - dashboards.settings.providers = [ - # System dashboard is imported manually from here[1]. Too bad - # provisioned dashboards cannot properly integrate dynamic datasources - # yet. - # - # [1]: https://grafana.com/grafana/dashboards/1860-node-exporter-full - { - name = "endlessh"; - options.path = ./dashboards/endlessh.json; - } - { - name = "unbound"; - options.path = ./dashboards/unbound.json; - } - { - name = "nginx"; - options.path = ./dashboards/nginx.json; - } - { - name = "postgersql"; - options.path = ./dashboards/postgresql.json; - } - ]; - }; - - loki.configuration.ruler.alertmanager_url = "https://${config.nixfiles.modules.alertmanager.domain}"; - - prometheus = { - # It would be nice if these could be generated dynamically. That would - # require a complete rework of how configurations are defined, though. - scrapeConfigs = let - mkTargets = hosts: port: map (host: "${host.hostname}:${toString port}") hosts; - in - with my.configurations; - with config.services.prometheus.exporters; [ - { - job_name = "endlessh-go"; - static_configs = [ - { - targets = - mkTargets - [ - manwe - varda - yavanna - ] - config.services.endlessh-go.prometheus.port; - } - ]; - } - { - job_name = "nginx"; - static_configs = [ - { - targets = - mkTargets - [ - manwe - varda - yavanna - ] - nginx.port; - } - ]; - } - { - job_name = "node"; - static_configs = [ - { - targets = - mkTargets - [ - manwe - varda - yavanna - ] - node.port; - } - ]; - } - { - job_name = "postgres"; - static_configs = [ - { - targets = - mkTargets - [ - manwe - ] - postgres.port; - } - ]; - } - { - job_name = "unbound"; - static_configs = [ - { - targets = - mkTargets - [ - manwe - ] - unbound.port; - } - ]; - } - { - job_name = "wireguard"; - static_configs = [ - { - targets = - mkTargets - [ - manwe - ] - wireguard.port; - } - ]; - } - ]; - - alertmanagers = [ - { - scheme = "https"; - static_configs = [ - {targets = [config.nixfiles.modules.alertmanager.domain];} - ]; - } - ]; - }; - }; - }; -} diff --git a/modules/nixfiles/nextcloud.nix b/modules/nixfiles/nextcloud.nix deleted file mode 100644 index 69bea8a..0000000 --- a/modules/nixfiles/nextcloud.nix +++ /dev/null @@ -1,133 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.nextcloud; -in { - options.nixfiles.modules.nextcloud = { - enable = mkEnableOption "Nextcloud"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "nextcloud.${config.networking.domain}"; - }; - }; - - config = mkIf cfg.enable { - nixfiles.modules = { - nginx = { - enable = true; - virtualHosts.${cfg.domain} = {}; - }; - postgresql.enable = true; - }; - - services = let - db = "nextcloud"; - in { - nextcloud = mkMerge [ - { - enable = true; - package = pkgs.nextcloud23; - - hostName = cfg.domain; - - appstoreEnable = false; - - config = { - adminpassFile = null; # This needs to be set as secret. - - dbtype = "pgsql"; - dbhost = "/run/postgresql"; - dbuser = db; - dbname = db; - - defaultPhoneRegion = "RU"; - }; - - extraApps = let - mkNextcloudApp = { - name, - version, - hash, - }: - pkgs.fetchNextcloudApp { - inherit name version hash; - url = "https://github.com/nextcloud/${name}/archive/refs/tags/v${version}.tar.gz"; - }; - in { - contacts = mkNextcloudApp { - name = "contacts"; - version = "4.0.1"; - sha256 = "sha256-dXKsG8KmlUojeY5dUn/XsMD3KaSh4QcZFOGDdcqlSvE="; - }; - calendar = mkNextcloudApp { - name = "calendar"; - version = "3.0.5"; - sha256 = "sha256-aKUKm7fWJQxOWwma56Tv+GGIo+p0n30Nhoyt4XoxsjI="; - }; - files_rightclick = mkNextcloudApp { - name = "files_rightclick"; - version = "23.0.1"; - sha256 = "sha256-VYODzkvvGrtpyRoug/8UPKhAgfCx1ltP1JdGPiB/lts="; - }; - unsplash = mkNextcloudApp { - name = "unsplash"; - version = "1.2.4"; - sha256 = "sha256-KGSkBOrNu0nK0YvAPYaxEL/kZNoJQD1oBV2aUBxh6cI="; - }; - previewgenerator = mkNextcloudApp { - name = "previewgenerator"; - version = "3.4.1"; - sha256 = "sha256-IUdj0xWt5zHxQoiMv1bYyYTzekuOFrsRIe530QOwC/w="; - }; - bruteforcesettings = mkNextcloudApp { - name = "bruteforcesettings"; - version = "2.3.0"; - sha256 = "sha256-J7ujmiPaw8GI7vDfVPXEum2XAMWvahciP8C6iXgckdE="; - }; - }; - } - (mkIf config.nixfiles.modules.acme.enable { - https = true; - config.overwriteProtocol = "https"; - }) - ]; - - postgresql = { - ensureDatabases = [db]; - ensureUsers = [ - { - name = db; - ensurePermissions."DATABASE \"${db}\"" = "ALL"; - } - ]; - }; - }; - - systemd = { - services = { - nextcloud-setup.after = ["network-online.target" "postgresql.service"]; - - nextcloud-preview-generate-cron.serviceConfig = { - Type = "oneshot"; - User = "nextcloud"; - ExecStart = "${config.services.nextcloud.occ}/bin/nextcloud-occ preview:pre-generate"; - }; - }; - - timers.nextcloud-preview-generate = { - wantedBy = ["timers.target"]; - timerConfig = { - OnBootSec = "15m"; - OnUnitActiveSec = "15m"; - Unit = "nextcloud-preview-generate-cron.service"; - }; - }; - }; - }; -} diff --git a/modules/nixfiles/nginx.nix b/modules/nixfiles/nginx.nix deleted file mode 100644 index b8ab24d..0000000 --- a/modules/nixfiles/nginx.nix +++ /dev/null @@ -1,99 +0,0 @@ -{ - config, - lib, - pkgs, - this, - ... -}: -with lib; let - cfg = config.nixfiles.modules.nginx; -in { - options.nixfiles.modules.nginx = { - enable = mkEnableOption "Nginx"; - - upstreams = mkOption { - description = "Defines a group of servers to use as proxy target."; - type = with types; anything; - default = null; - }; - - virtualHosts = mkOption { - description = "Attrset of virtual hosts."; - type = with types; anything; - default = null; - }; - }; - - config = mkIf cfg.enable { - services = { - nginx = { - enable = true; - enableReload = true; - - package = pkgs.nginxMainline; - - statusPage = true; - - serverTokens = false; - - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - - commonHttpConfig = concatStrings [ - '' - add_header X-Robots-Tag "noindex, nofollow, noarchive, nosnippet"; - '' - (optionalString (hasAttr "wireguard" this) - (with config.nixfiles.modules.wireguard; '' - geo $internal { - default 0; - 127.0.0.1/32 1; - ::1/128 1; - ${ipv4.subnet} 1; - ${ipv6.subnet} 1; - } - '')) - ]; - - inherit (cfg) upstreams; - - virtualHosts = - { - default = { - default = true; - rejectSSL = true; - locations."/".return = "444"; - }; - } - // (mkIf (cfg.virtualHosts != null) (mapAttrs (_: attr: - mkMerge [ - attr - (mkIf config.nixfiles.modules.acme.enable { - enableACME = true; - forceSSL = true; - }) - ]) - cfg.virtualHosts)); - }; - - fail2ban.jails = { - nginx-http-auth = '' - enabled = true - ''; - nginx-botsearch = '' - enabled = true - ''; - }; - - prometheus.exporters.nginx = { - enable = true; - listenAddress = mkDefault this.wireguard.ipv4.address; - port = mkDefault 9113; - }; - }; - - networking.firewall.allowedTCPPorts = [80 443]; - }; -} diff --git a/modules/nixfiles/nmap.nix b/modules/nixfiles/nmap.nix index 14ad007..65877be 100644 --- a/modules/nixfiles/nmap.nix +++ b/modules/nixfiles/nmap.nix @@ -55,10 +55,5 @@ in { ''; }; }; - - system.extraDependencies = with inputs; [ - nmap-vulners - nmap-vulscan - ]; }; } diff --git a/modules/nixfiles/node-exporter.nix b/modules/nixfiles/node-exporter.nix deleted file mode 100644 index 43f48f6..0000000 --- a/modules/nixfiles/node-exporter.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ - config, - lib, - this, - ... -}: -with lib; let - cfg = config.nixfiles.modules.node-exporter; -in { - options.nixfiles.modules.node-exporter.enable = mkEnableOption "Prometheus Node Exporter"; - - config = mkIf cfg.enable { - services.prometheus.exporters.node = { - enable = true; - listenAddress = mkDefault this.wireguard.ipv4.address; - port = 9100; - enabledCollectors = [ - "buddyinfo" - "cgroups" - "ethtool" - "interrupts" - "ksmd" - "lnstat" - "logind" - "mountstats" - "network_route" - "processes" - "qdisc" - "systemd" - "zoneinfo" - ]; - }; - }; -} diff --git a/modules/nixfiles/nsd.nix b/modules/nixfiles/nsd.nix deleted file mode 100644 index f5a7d84..0000000 --- a/modules/nixfiles/nsd.nix +++ /dev/null @@ -1,176 +0,0 @@ -{ - config, - inputs, - lib, - this, - ... -}: -with lib; let - cfg = config.nixfiles.modules.nsd; -in { - options.nixfiles.modules.nsd = { - enable = mkEnableOption "NSD"; - - fqdn = mkOption { - description = "FQDN of this nameserver."; - type = with types; str; - default = "ns.${config.networking.domain}"; - }; - }; - - config = mkIf cfg.enable { - services = { - nsd = { - enable = true; - interfaces = with this; [ipv4.address ipv6.address]; - ipTransparent = true; - ratelimit.enable = true; - - zones = let - dns = inputs.dns-nix.lib; - in - with dns.combinators; let - ips = hostname: - with my.configurations.${hostname}; { - A = [(a ipv4.address)]; - AAAA = [(aaaa ipv6.address)]; - }; - - mkEmailEntries = { - domain ? my.domain.shire, - dkimKey ? null, - }: { - MX = [(mx.mx 10 "${domain}.")]; - TXT = [(spf.strict ["a" "mx"])]; - DMARC = [ - { - p = "quarantine"; - sp = "quarantine"; - rua = ["mailto:admin+rua@${domain}"]; - ruf = ["mailto:admin+ruf@${domain}"]; - } - ]; - DKIM = optional (dkimKey != null) { - selector = "mail"; - p = dkimKey; - }; - }; - - mkZone = { - domain, - sldIps ? (ips "manwe"), - extra ? {}, - }: { - ${domain}.data = dns.toString domain (mkMerge [ - { - TTL = 60 * 60; - - SOA = { - nameServer = "${cfg.fqdn}."; - adminEmail = "admin+dns@${my.domain.shire}"; - serial = 2022091601; # Don't forget to bump the revision! - }; - - NS = with my.domain; [ - "ns1.${shire}" - # "ns2.${shire}" - ]; - - CAA = letsEncrypt "admin+caa@${my.domain.shire}"; - } - sldIps - extra - ]); - }; - - # https://ariadne.id/ - # https://docs.keyoxide.org/service-providers/dns/ - ariadneIdProof.TXT = ["openpgp4fpr:${my.pgp.fingerprint}"]; - in - mkMerge [ - (mkZone { - domain = my.domain.shire; - extra = mkMerge [ - (mkEmailEntries { - dkimKey = "@DKIM_KEY@"; - }) - { - subdomains = rec { - manwe = ips "manwe"; - "*.manwe" = manwe; - varda = ips "varda"; - "*.varda" = varda; - yavanna = ips "yavanna"; - "*.yavanna" = yavanna; - - ns1 = manwe; - # ns2 = varda; - - alertmanager = manwe; - bitwarden = manwe; - git = manwe; - gotify = manwe; - grafana = manwe; - loki = manwe; - prometheus = manwe; - radicale = manwe; - rss-bridge = manwe; - vaultwarden = manwe; - - minecraft = varda; - - flood = yavanna; - }; - } - ]; - }) - (mkZone { - domain = my.domain.azahi; - extra = mkMerge [ - (mkEmailEntries { - dkimKey = "@DKIM_KEY@"; - }) - ariadneIdProof - { - subdomains.git = ips "manwe"; - } - ]; - }) - (mkZone { - domain = my.domain.gondor; - extra = mkMerge [ - (mkEmailEntries { - dkimKey = "@DKIM_KEY@"; - }) - { - subdomains.frodo = ips "manwe" // ariadneIdProof; - } - ]; - }) - (mkZone { - domain = my.domain.rohan; - extra = mkMerge [ - (mkEmailEntries { - dkimKey = "@DKIM_KEY@"; - }) - { - subdomains.frodo = ips "manwe" // ariadneIdProof; - } - ]; - }) - ]; - }; - - fail2ban.jails.nsd = '' - enabled = true - ''; - }; - - networking.firewall = rec { - allowedTCPPorts = [53]; - allowedUDPPorts = allowedTCPPorts; - }; - - system.extraDependencies = [inputs.dns-nix]; - }; -} diff --git a/modules/nixfiles/openssh.nix b/modules/nixfiles/openssh.nix index bf470ca..4b80809 100644 --- a/modules/nixfiles/openssh.nix +++ b/modules/nixfiles/openssh.nix @@ -7,80 +7,52 @@ with lib; let cfg = config.nixfiles.modules.openssh; in { - options.nixfiles.modules.openssh = { - client.enable = mkEnableOption "OpenSSH client"; - server.enable = mkEnableOption "OpenSSH server"; + options.nixfiles.modules.openssh.client.enable = + mkEnableOption "OpenSSH client"; + + config = mkIf cfg.client.enable { + hm = { + home.packages = with pkgs; [mosh sshfs]; + + programs.ssh = { + enable = true; + + hashKnownHosts = true; + + controlMaster = "auto"; + controlPersist = "24H"; + + serverAliveCountMax = 30; + serverAliveInterval = 60; + + matchBlocks = let + mkBlock = name: { + hostname ? name, + port ? 22022, # NOTE This is not the default OpenSSH port. + user ? my.username, + identityFile ? "${config.my.home}/.ssh/${my.username}_${my.ssh.type}", + extraAttrs ? {}, + }: + nameValuePair name ({inherit hostname port user identityFile;} + // extraAttrs); + + internalServers = + mapAttrs' mkBlock + (mapAttrs (name: _: { + hostname = "${name}.${my.domain.shire}"; + }) (filterAttrs (_: attr: + hasAttr "wireguard" attr + && attr.isHeadless) + my.configurations)); + in + internalServers + // (mapAttrs' mkBlock { + gitolite = { + user = "git"; + hostname = "git.${my.domain.shire}"; + }; + }); + }; + }; }; - - config = let - port = 22022; # Port 22 should be occupied by endlessh. - in - mkMerge [ - (mkIf cfg.client.enable { - hm = { - home.packages = with pkgs; [mosh sshfs]; - - programs.ssh = { - enable = true; - - hashKnownHosts = true; - - controlMaster = "auto"; - controlPersist = "24H"; - - serverAliveCountMax = 30; - serverAliveInterval = 60; - - matchBlocks = let - mkBlock = name: { - hostname ? name, - port ? 22, - user ? my.username, - identityFile ? "${config.my.home}/.ssh/id_ed25519", - extraAttrs ? {}, - }: - nameValuePair name ({inherit hostname port user identityFile;} - // extraAttrs); - - internalServers = - mapAttrs' mkBlock - (mapAttrs (name: _: { - hostname = "${name}.${my.domain.shire}"; - inherit port; - }) (filterAttrs (_: attr: - hasAttr "wireguard" attr - && attr.isHeadless) - my.configurations)); - in - internalServers - // (mapAttrs' mkBlock { - gitolite = { - user = "git"; - hostname = "git.${my.domain.shire}"; - inherit port; - }; - }); - }; - }; - }) - (mkIf cfg.server.enable { - programs.mosh.enable = true; - - services = { - openssh = { - enable = true; - ports = [port]; - logLevel = "VERBOSE"; # Required by fail2ban. - permitRootLogin = "no"; - passwordAuthentication = false; - }; - - fail2ban.jails.sshd = '' - enabled = true - mode = aggressive - port = ${toString port} - ''; - }; - }) - ]; } diff --git a/modules/nixfiles/password-store.nix b/modules/nixfiles/password-store.nix index 7eac85e..1de8a55 100644 --- a/modules/nixfiles/password-store.nix +++ b/modules/nixfiles/password-store.nix @@ -7,7 +7,8 @@ with lib; let cfg = config.nixfiles.modules.password-store; in { - options.nixfiles.modules.password-store.enable = mkEnableOption "Unix pass"; + options.nixfiles.modules.password-store.enable = + mkEnableOption "the standard UNIX password manager"; config = mkIf cfg.enable { hm.programs = { @@ -16,7 +17,7 @@ in { package = pkgs.pass.withExtensions (p: with p; [pass-otp]); - settings.PASSWORD_STORE_DIR = "${config.dirs.data}/password-store"; + settings.PASSWORD_STORE_DIR = "${config.my.home}/.password-store"; }; # https://github.com/NixOS/nixpkgs/issues/183604 diff --git a/modules/nixfiles/podman.nix b/modules/nixfiles/podman.nix deleted file mode 100644 index 1c5378b..0000000 --- a/modules/nixfiles/podman.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ - config, - lib, - inputs, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.podman; -in { - options.nixfiles.modules.podman.enable = mkEnableOption "Podman"; - - config = mkIf cfg.enable { - assertions = [ - { - assertion = !config.nixfiles.modules.docker.enable; - message = "Pick only one!"; - } - ]; - - secrets.containers-auth = { - file = "${inputs.self}/secrets/containers-auth"; - path = "${config.dirs.config}/containers/auth.json"; - owner = my.username; - inherit (config.my) group; - }; - - virtualisation.podman.enable = true; - - environment.systemPackages = with pkgs; [podman-compose]; - - my.extraGroups = ["podman"]; - - hm.programs.bash = { - shellAliases.p = "${pkgs.podman}/bin/podman"; - initExtra = mkAfter '' - _complete_alias p __start_podman podman - ''; - }; - }; -} diff --git a/modules/nixfiles/postgresql.nix b/modules/nixfiles/postgresql.nix deleted file mode 100644 index df05e7e..0000000 --- a/modules/nixfiles/postgresql.nix +++ /dev/null @@ -1,87 +0,0 @@ -{ - config, - lib, - pkgs, - this, - ... -}: -with lib; let - cfg = config.nixfiles.modules.postgresql; -in { - options.nixfiles.modules.postgresql = { - enable = mkEnableOption "PostgreSQL"; - - package = mkOption { - type = types.package; - default = pkgs.postgresql_15; - description = "PostgreSQL package to use."; - }; - - extraPostStart = mkOption { - type = with types; listOf str; - default = []; - description = '' - Additional post-startup commands. - - This could be used to provide a crude interface to grant permissions and - such. - ''; - }; - }; - - config = mkIf cfg.enable { - assertions = [ - { - assertion = any (x: x == "en_GB.UTF-8/UTF-8") config.i18n.supportedLocales; - message = "The locale must be available"; - } - ]; - - services = { - postgresql = { - enable = true; - - inherit (cfg) package; - - initdbArgs = [ - "--encoding=UTF8" - "--locale-provider=icu" - "--icu-locale=en_GB@collation=posix" - "--locale=en_GB.UTF-8" - "--lc-collate=C" - "--lc-ctype=C" - ]; - - authentication = '' - local all all trust - ''; - }; - - prometheus.exporters.postgres = { - enable = true; - listenAddress = mkDefault this.wireguard.ipv4.address; - port = mkDefault 9187; - }; - }; - - systemd.services.postgresql.postStart = - optionalString (cfg.extraPostStart != []) - concatStringsSep "\n" - cfg.extraPostStart; - - environment.sessionVariables.PSQLRC = toString (pkgs.writeText "psqlrc" '' - \set QUIET 1 - - \timing - \x auto - \pset null '[NULL]' - \set PROMPT1 '%[%033[1m%]%M %n@%/%R%[%033[0m%]% λ ' - \set PROMPT2 ' … > ' - \set VERBOSITY verbose - \set HISTCONTROL ignoredups - \set HISTFILE /dev/null - - \unset QUIET - ''); - }; -} diff --git a/modules/nixfiles/profiles/default.nix b/modules/nixfiles/profiles/default.nix index 356413a..7d5ee8e 100644 --- a/modules/nixfiles/profiles/default.nix +++ b/modules/nixfiles/profiles/default.nix @@ -77,32 +77,14 @@ in { vim.enable = true; }; - # home-manager.users.root.home.file.".bash_history".source = - # config.hm.lib.file.mkOutOfStoreSymlink "/dev/null"; - - hm.home.language = { - collate = "C"; - messages = "C"; - }; - - programs.less = { - enable = true; - envVariables.LESSHISTFILE = "-"; - }; + time.timeZone = mkDefault "Europe/Moscow"; environment.systemPackages = with pkgs; [ - cryptsetup ddrescue file git gnupg - lshw - lsof - pciutils - psmisc tree - usbutils - util-linux ]; }; } diff --git a/modules/nixfiles/profiles/dev/containers.nix b/modules/nixfiles/profiles/dev/containers.nix index da7aa27..7ec6768 100644 --- a/modules/nixfiles/profiles/dev/containers.nix +++ b/modules/nixfiles/profiles/dev/containers.nix @@ -14,12 +14,9 @@ in { }; config = mkIf cfg.enable { - nixfiles.modules.podman.enable = true; - hm = { home = { sessionVariables = { - MINIKUBE_HOME = "${config.dirs.config}/minikube"; MINIKUBE_IN_STYLE = "false"; WERF_DEV = "true"; WERF_INSECURE_REGISTRY = "true"; @@ -31,15 +28,16 @@ in { }; packages = with pkgs; [ - buildah chart-testing cmctl datree helm kubectl kubectx + kubelogin kubescape kubespy + lima minikube skaffold skopeo @@ -49,12 +47,6 @@ in { ]; }; - xdg.dataFile."minikube/config/config.json".text = generators.toJSON {} { - config.Rootless = true; - driver = "podman"; - container-runtime = "cri-o"; - }; - programs.bash = { shellAliases = with pkgs; { b = "${buildah}/bin/buildah"; diff --git a/modules/nixfiles/profiles/dev/default.nix b/modules/nixfiles/profiles/dev/default.nix index 4656ade..b05aeac 100644 --- a/modules/nixfiles/profiles/dev/default.nix +++ b/modules/nixfiles/profiles/dev/default.nix @@ -2,6 +2,7 @@ config, lib, pkgs, + this, ... }: with lib; let @@ -34,7 +35,7 @@ in { ".ghc/ghci.conf".source = ./ghci.conf; - "${config.dirs.data}/stack/config.yaml".text = generators.toYAML {} { + ".stack/config.yaml".text = generators.toYAML {} { templates.params = rec { author-name = my.fullname; author-email = my.email; @@ -43,16 +44,14 @@ in { }; }; - "${config.dirs.data}/stack/global-project/stack.yaml".text = generators.toYAML {} { + ".stack/global-project/stack.yaml".text = generators.toYAML {} { packages = []; - resolver = "lts-19.28"; + resolver = "lts-20.3"; }; }; sessionVariables = with config.dirs; rec { - ANDROID_HOME = "${data}/android"; - - CABAL_DIR = "${data}/cabal"; + CABAL_DIR = "${config.my.home}/.cabal"; CABAL_CONFIG = pkgs.writeText "cabal-config" '' repository hackage.haskell.org url: https://hackage.haskell.org/ @@ -71,11 +70,11 @@ in { extra-prog-path: ${CABAL_DIR}/bin ''; - STACK_ROOT = "${data}/stack"; + STACK_ROOT = "${config.my.home}/.stack"; - CARGO_HOME = "${data}/cargo"; + CARGO_HOME = "${config.my.home}/.cargo"; - GOPATH = "${data}/go"; + GOPATH = "${config.my.home}/.go"; PYTHONSTARTUP = ./pystartup.py; }; @@ -86,7 +85,5 @@ in { yq ]; }; - - my.extraGroups = ["kvm"]; }; } diff --git a/modules/nixfiles/profiles/dev/sql.nix b/modules/nixfiles/profiles/dev/sql.nix index d6bcba8..7a2a09c 100644 --- a/modules/nixfiles/profiles/dev/sql.nix +++ b/modules/nixfiles/profiles/dev/sql.nix @@ -15,7 +15,11 @@ in { config = mkIf cfg.enable { hm = { - home.packages = with pkgs; [pgcli litecli]; + home.packages = with pkgs; [ + dbeaver + pgcli + litecli + ]; xdg = let mainSection = { diff --git a/modules/nixfiles/profiles/headful.nix b/modules/nixfiles/profiles/headful.nix index f3355b6..1c1f43b 100644 --- a/modules/nixfiles/profiles/headful.nix +++ b/modules/nixfiles/profiles/headful.nix @@ -17,44 +17,27 @@ in { alacritty.enable = true; aria2.enable = true; - chromium.enable = true; emacs.enable = true; - firefox.enable = true; mpv.enable = true; openssh.client.enable = true; password-store.enable = true; - sound.enable = true; - x11.enable = true; - - dwm.enable = mkDefault false; - kde.enable = mkDefault true; - xmonad.enable = mkDefault false; }; hm = { - home.packages = with pkgs; [ - # (openconnect.overrideAttrs (_: super: { - # version = "unstable-2022-10-23"; - # src = pkgs.fetchFromGitLab { - # owner = "openconnect"; - # repo = "openconnect"; - # rev = "acdfc753f7885b2a539f99036ac41ba1b78cc7ae"; - # hash = "sha256-ub+Z4WFD77h5YMQTb+TLc7EyY2KjBWglF1QVTirCHJM="; - # }; - # configureFlags = super.configureFlags ++ [ - # "--with-external-browser=${config.hm.programs.firefox.package}/bin/firefox" - # ]; - # })) - calibre - fd - imv - neochat - ripgrep - ripgrep-all - sd - tdesktop - tor-browser - ]; + home = { + file.".digrc".text = '' + +answer + +multiline + +recurse + ''; + + packages = with pkgs; [ + fd + ripgrep + ripgrep-all + sd + ]; + }; accounts.email = { maildirBasePath = "${config.my.home}/mail"; @@ -105,54 +88,19 @@ in { }; programs = { - bash.shellAliases.open = "${pkgs.xdg-utils}/bin/xdg-open"; mbsync.enable = true; msmtp.enable = true; mu.enable = true; }; }; - boot = { - kernelPackages = mkForce pkgs.linuxPackages_xanmod_latest; - - # There are (arguably) not a lot of reasons to keep mitigations enabled - # for on machine that is not web-facing. First of all, to completely - # mitigate any possible Spectre holes one would need to disable - # Hyperthreading altogether which will essentially put one's computer into - # the stone age by not being able to to effectively utilise multi-core its - # multicore capabilities. Secondly, by enabling mitigations, we introduce - # a plethora of performace overheads[1], which, albeit small, but still - # contribute to the overall speed of things. This is however still poses a - # security risk, which I am willing to take. - # - # [1]: https://www.phoronix.com/scan.php?page=article&item=spectre-meltdown-2&num=11 - kernelParams = ["mitigations=off"]; - }; - - hardware.opengl = { - enable = true; - driSupport = true; - }; - - programs = { - iftop.enable = true; - mtr.enable = true; - traceroute.enable = true; - }; - - services.upower.enable = true; - environment.systemPackages = with pkgs; [ arping dnsutils - ethtool inetutils ldns - nethogs socat tcpdump ]; - - my.extraGroups = ["audio" "video" "input"]; }; } diff --git a/modules/nixfiles/profiles/headless.nix b/modules/nixfiles/profiles/headless.nix index 520b97f..cc7c326 100644 --- a/modules/nixfiles/profiles/headless.nix +++ b/modules/nixfiles/profiles/headless.nix @@ -12,42 +12,12 @@ in { mkEnableOption "headless profile" // {default = this.isHeadless;}; config = mkIf cfg.enable { - nixfiles.modules = { - openssh.server.enable = true; - endlessh-go.enable = true; - - fail2ban.enable = true; - - node-exporter.enable = true; - promtail.enable = true; - }; - hm.home.file = { ".hushlogin".text = ""; ".bash_history".source = config.hm.lib.file.mkOutOfStoreSymlink "/dev/null"; }; - # Pin version to prevent any surprises. - boot.kernelPackages = pkgs.linuxPackages_5_15_hardened; - - nix = { - gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 30d"; - }; - - optimise = { - automatic = true; - dates = ["daily"]; - }; - }; - - services.udisks2.enable = false; - - xdg.sounds.enable = false; - environment.systemPackages = with pkgs; [alacritty.terminfo]; }; } diff --git a/modules/nixfiles/prometheus.nix b/modules/nixfiles/prometheus.nix deleted file mode 100644 index a75c151..0000000 --- a/modules/nixfiles/prometheus.nix +++ /dev/null @@ -1,49 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.prometheus; -in { - options.nixfiles.modules.prometheus = { - enable = mkEnableOption "Prometheus"; - - port = mkOption { - description = "Port."; - type = with types; port; - default = 30111; - }; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "prometheus.${config.networking.domain}"; - }; - }; - - config = mkIf cfg.enable { - nixfiles.modules.nginx = with cfg; { - enable = true; - upstreams.prometheus.servers."127.0.0.1:${toString cfg.port}" = {}; - virtualHosts.${domain} = { - locations."/".proxyPass = "http://prometheus"; - extraConfig = nginxInternalOnly; - }; - }; - - services.prometheus = with cfg; { - enable = true; - - listenAddress = "127.0.0.1"; - inherit port; - - extraFlags = [ - "--web.external-url=https://${domain}" - "--storage.tsdb.retention.size=50GB" - "--storage.tsdb.retention.time=1y" - "--storage.tsdb.wal-compression" - ]; - }; - }; -} diff --git a/modules/nixfiles/promtail.nix b/modules/nixfiles/promtail.nix deleted file mode 100644 index 552df82..0000000 --- a/modules/nixfiles/promtail.nix +++ /dev/null @@ -1,53 +0,0 @@ -{ - config, - lib, - this, - ... -}: -with lib; let - cfg = config.nixfiles.modules.promtail; -in { - options.nixfiles.modules.promtail = { - enable = mkEnableOption "Promtail"; - - loki = { - url = mkOption { - description = "Address of a listening Loki service."; - type = with types; str; - default = "https://${config.nixfiles.modules.loki.domain}"; - }; - }; - }; - - config = mkIf cfg.enable { - services.promtail = { - enable = true; - - configuration = { - server = rec { - http_listen_address = this.wireguard.ipv4.address; - http_listen_port = 30181; - - grpc_listen_address = this.wireguard.ipv4.address; - grpc_listen_port = http_listen_port + 1; - - log_level = "warn"; - }; - - clients = [{url = "${cfg.loki.url}/loki/api/v1/push";}]; - - positions.filename = "/tmp/positions.yaml"; - - scrape_configs = [ - { - job_name = "journal"; - journal = { - max_age = "24h"; - labels.job = "systemd-journal"; - }; - } - ]; - }; - }; - }; -} diff --git a/modules/nixfiles/psd.nix b/modules/nixfiles/psd.nix deleted file mode 100644 index 77d3c66..0000000 --- a/modules/nixfiles/psd.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.psd; -in { - options.nixfiles.modules.psd.enable = - mkEnableOption "Profile Sync Daemon"; - - config = mkIf cfg.enable { - hm = { - home.packages = with pkgs; [profile-sync-daemon]; - - xdg.configFile."psd/psd.conf".text = '' - USE_OVERLAYFS="yes" - ''; - }; - - systemd.user = { - services = { - psd = { - unitConfig = { - Description = "Profile-sync-daemon"; - Wants = ["psd-resync.service"]; - RequiresMountsFor = "/home/"; - After = ["local-fs.target"]; - }; - serviceConfig = { - RemainAfterExit = true; - ExecStart = "${pkgs.profile-sync-daemon}/bin/profile-sync-daemon startup"; - ExecStop = "${pkgs.profile-sync-daemon}/bin/profile-sync-daemon unsync"; - }; - wantedBy = ["graphical.target"]; - }; - - psd-resync = { - unitConfig = { - Description = "Profile-sync-daemon resync"; - After = ["psd.service"]; - Wants = ["psd-resync.timer"]; - BindsTo = ["psd.service"]; - }; - serviceConfig.ExecStart = "${pkgs.profile-sync-daemon}/bin/profile-sync-daemon resync"; - wantedBy = ["graphical.target"]; - }; - }; - - timers.psd-resync = { - unitConfig = { - Description = "Profile-sync-daemon resync timer"; - BindsTo = ["psd.service"]; - }; - timerConfig.OnUnitActiveSec = "1h"; - }; - }; - }; -} diff --git a/modules/nixfiles/qutebrowser.nix b/modules/nixfiles/qutebrowser.nix index 76f9f98..68a41a5 100644 --- a/modules/nixfiles/qutebrowser.nix +++ b/modules/nixfiles/qutebrowser.nix @@ -532,7 +532,5 @@ in { in concatStringsSep "\n" final + "\n"); }; - - services.psd.enable = true; }; } diff --git a/modules/nixfiles/radarr.nix b/modules/nixfiles/radarr.nix deleted file mode 100644 index 0abfdf2..0000000 --- a/modules/nixfiles/radarr.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.radarr; -in { - options.nixfiles.modules.radarr = { - enable = mkEnableOption "Radarr"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "radarr.${config.networking.fqdn}"; - }; - }; - - config = mkIf cfg.enable { - nixfiles.modules.nginx = { - enable = true; - upstreams.radarr.servers."127.0.0.1:7878" = {}; - virtualHosts.${cfg.domain}.locations."/".proxyPass = "http://radarr"; - }; - - services.radarr.enable = true; - }; -} diff --git a/modules/nixfiles/radicale.nix b/modules/nixfiles/radicale.nix deleted file mode 100644 index c903d39..0000000 --- a/modules/nixfiles/radicale.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ - config, - inputs, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.radicale; -in { - options.nixfiles.modules.radicale = { - enable = mkEnableOption "Radicale"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "radicale.${config.networking.domain}"; - }; - }; - - config = let - port = 5232; - in - mkIf cfg.enable { - secrets.radicale-htpasswd = { - file = "${inputs.self}/secrets/radicale-htpasswd"; - owner = "radicale"; - group = "radicale"; - }; - - nixfiles.modules.nginx = { - enable = true; - upstreams.radicale.servers."127.0.0.1:${toString port}" = {}; - virtualHosts.${cfg.domain} = { - locations."/".proxyPass = "http://radicale"; - extraConfig = nginxInternalOnly; - }; - }; - - services.radicale = { - enable = true; - settings = { - server.hosts = ["127.0.0.1:${toString port}"]; - web.type = "none"; - auth = { - type = "htpasswd"; - htpasswd_filename = config.secrets.radicale-htpasswd.path; - htpasswd_encryption = "bcrypt"; - }; - }; - }; - }; -} diff --git a/modules/nixfiles/rss-bridge.nix b/modules/nixfiles/rss-bridge.nix deleted file mode 100644 index fef1070..0000000 --- a/modules/nixfiles/rss-bridge.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.rss-bridge; -in { - options.nixfiles.modules.rss-bridge = { - enable = mkEnableOption "RSS-Bridge"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "rss-bridge.${config.networking.domain}"; - }; - }; - - config = mkIf cfg.enable { - nixfiles.modules.nginx = { - enable = true; - virtualHosts.${cfg.domain}.extraConfig = nginxInternalOnly; - }; - - services.rss-bridge = { - enable = true; - virtualHost = cfg.domain; - whitelist = ["*"]; - }; - }; -} diff --git a/modules/nixfiles/rtorrent.nix b/modules/nixfiles/rtorrent.nix deleted file mode 100644 index 4014a3b..0000000 --- a/modules/nixfiles/rtorrent.nix +++ /dev/null @@ -1,297 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.rtorrent; -in { - options.nixfiles.modules.rtorrent = { - enable = mkEnableOption "rTorrent"; - - flood = { - enable = mkEnableOption "Flood" // {default = cfg.enable;}; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "flood.${config.networking.domain}"; - }; - }; - }; - - config = let - user = "rtorrent"; - group = "rtorrent"; - baseDir = "/var/lib/rtorrent"; - rpcSocket = "${baseDir}/rpc.socket"; - in - mkIf cfg.enable (mkMerge [ - (let - port = 50000; - in { - systemd = { - services.rtorrent = { - description = "rTorrent"; - after = ["network.target" "local-fs.target"]; - serviceConfig = let - leechDir = "${baseDir}/leech"; - seedDir = "${baseDir}/seed"; - sessionDir = "${baseDir}/session"; - logDir = "${baseDir}/log"; - configFile = let - moveCompleted = let - pkg = pkgs.writeShellApplication { - name = "move-completed"; - runtimeInputs = with pkgs; [ - coreutils-full - gnused - findutils - ]; - text = '' - set -x - - leech_path="$1" - seed_path="$2" - # seed_path="$(echo "$2" | sed 's@+@ @g;s@%@\\x@g' | xargs -0 printf '%b')" - - mkdir -pv "$seed_path" - mv -fv "$leech_path" "$seed_path" - ''; - }; - in "${pkg}/bin/move-completed"; - in - pkgs.writeText "rtorrent.rc" '' - method.insert = cfg.leech, private|const|string, (cat, "${leechDir}") - method.insert = cfg.seed, private|const|string, (cat, "${seedDir}") - method.insert = cfg.session, private|const|string, (cat, "${sessionDir}") - method.insert = cfg.log, private|const|string, (cat, "${logDir}") - method.insert = cfg.rpcsocket, private|const|string, (cat, "${rpcSocket}") - - directory.default.set = (cat, (cfg.leech)) - session.path.set = (cat, (cfg.session)) - - network.port_range.set = ${toString port}-${toString port} - network.port_random.set = no - - dht.mode.set = disable - protocol.pex.set = no - - trackers.use_udp.set = no - - protocol.encryption.set = allow_incoming,try_outgoing,enable_retry - - pieces.memory.max.set = ${toString (pow 2 11)}M - pieces.preload.type.set = 2 - - network.xmlrpc.size_limit.set = ${toString (pow 2 17)} - - network.max_open_files.set = ${toString (pow 2 10)} - network.max_open_sockets.set = ${toString (pow 2 10)} - - network.http.max_open.set = ${toString (pow 2 8)} - - throttle.global_down.max_rate.set_kb = 0 - throttle.global_up.max_rate.set_kb = 0 - - encoding.add = UTF-8 - system.umask.set = 0027 - system.cwd.set = (directory.default) - - network.scgi.open_local = (cat, (cfg.rpcsocket)) - - method.insert = d.move_completed, simple, "\ - d.directory.set=$argument.1=;\ - execute=${moveCompleted}, $argument.0=, $argument.1=;\ - d.save_full_session=\ - " - method.insert = d.leech_path, simple, "\ - if=(d.is_multi_file),\ - (cat, (d.directory), /),\ - (cat, (d.directory), /, (d.name))\ - " - method.insert = d.seed_path, simple, "\ - cat=$cfg.seed=, /, $d.custom1=\ - " - method.set_key = event.download.finished, move_complete, "\ - d.move_completed=$d.leech_path=, $d.seed_path=\ - " - - log.open_file = "log", (cat, (cfg.log), "/", "default.log") - log.add_output = "info", "log" - log.execute = (cat, (cfg.log), "/", "execute.log") - ''; - in { - Restart = "on-failure"; - RestartSec = 3; - - KillMode = "process"; - KillSignal = "SIGHUP"; - - User = user; - Group = group; - - ExecStartPre = concatStringsSep " " [ - "${pkgs.coreutils-full}/bin/mkdir -p" - leechDir - seedDir - sessionDir - logDir - ]; - ExecStart = concatStringsSep " " [ - "${pkgs.rtorrent}/bin/rtorrent" - "-n" - "-o system.daemon.set=true" - "-o network.bind_address.set=0.0.0.0" - "-o import=${configFile}" - ]; - ExecStop = concatStringsSep " " [ - "${pkgs.coreutils-full}/bin/rm -rf" - rpcSocket - ]; - - RuntimeDirectory = "rtorrent"; - RuntimeDirectoryMode = 0750; - UMask = 0027; - AmbientCapabilities = [""]; - CapabilityBoundingSet = [""]; - LockPersonality = true; - MemoryDenyWriteExecute = true; - NoNewPrivileges = true; - PrivateDevices = true; - PrivateTmp = true; - PrivateUsers = true; - ProtectClock = true; - ProtectControlGroups = true; - ProtectHome = true; - ProtectHostname = true; - ProtectKernelLogs = true; - ProtectKernelModules = true; - ProtectKernelTunables = true; - ProcSubset = "pid"; - RemoveIPC = true; - RestrictAddressFamilies = ["AF_UNIX" "AF_INET" "AF_INET6"]; - RestrictNamespaces = true; - RestrictRealtime = true; - RestrictSUIDSGID = true; - SystemCallArchitectures = "native"; - SystemCallFilter = ["@system-service" "~@resources" "~@privileged"]; - }; - wantedBy = ["multi-user.target"]; - }; - - tmpfiles.rules = ["d '${baseDir}' 0750 ${user} ${group} -"]; - }; - - users = { - users.${user} = { - inherit group; - shell = pkgs.bashInteractive; - home = baseDir; - description = "rTorrent"; - isSystemUser = true; - }; - groups.${group} = {}; - }; - my.extraGroups = [group]; - - networking.firewall.allowedTCPPorts = [port]; - - boot.kernel.sysctl = { - "net.core.rmem_max" = mkOverride 500 (pow 2 24); - "net.core.wmem_max" = mkOverride 500 (pow 2 24); - "net.ipv4.tcp_fin_timeout" = mkOverride 500 30; - "net.ipv4.tcp_rmem" = mkOverride 500 (mkTcpMem 12 23 24); - "net.ipv4.tcp_slow_start_after_idle" = 0; - "net.ipv4.tcp_tw_recycle" = mkOverride 500 1; - "net.ipv4.tcp_tw_reuse" = mkOverride 500 1; - "net.ipv4.tcp_wmem" = mkOverride 500 (mkTcpMem 12 23 24); - }; - }) - (let - port = 50001; - pkg = pkgs.nodePackages.flood; - in - mkIf cfg.flood.enable { - nixfiles.modules.nginx = { - enable = true; - upstreams.flood.servers."127.0.0.1:${toString port}" = {}; - virtualHosts.${cfg.flood.domain} = { - root = "${pkg}/lib/node_modules/flood/dist/assets"; - locations = { - "/".tryFiles = "$uri /index.html"; - "/api" = { - proxyPass = "http://flood"; - extraConfig = '' - proxy_buffering off; - proxy_cache off; - ''; - }; - }; - extraConfig = nginxInternalOnly; - }; - }; - - systemd.services.flood = { - description = "Flood"; - after = ["network.target" "rtorrent.service"]; - path = with pkgs; [mediainfo]; - serviceConfig = { - Restart = "on-failure"; - RestartSec = 3; - - User = user; - Group = group; - - ExecStart = concatStringsSep " " [ - "${pkg}/bin/flood" - "--allowedpath=${baseDir}" - "--baseuri=/" - "--rundir=${baseDir}/flood" - "--host=127.0.0.1" - "--port=${toString port}" - "--rtsocket=${rpcSocket}" - "--ssl=false" - "--auth=none" - ]; - - RuntimeDirectory = "rtorrent"; - RuntimeDirectoryMode = 0750; - UMask = 0027; - AmbientCapabilities = [""]; - CapabilityBoundingSet = [""]; - LockPersonality = true; - NoNewPrivileges = true; - PrivateDevices = true; - PrivateTmp = true; - PrivateUsers = true; - ProtectClock = true; - ProtectControlGroups = true; - ProtectHome = true; - ProtectHostname = true; - ProtectKernelLogs = true; - ProtectKernelModules = true; - ProtectKernelTunables = true; - ProcSubset = "pid"; - ProtectProc = "invisible"; - RemoveIPC = true; - RestrictAddressFamilies = ["AF_UNIX" "AF_INET" "AF_INET6"]; - RestrictNamespaces = true; - RestrictRealtime = true; - RestrictSUIDSGID = true; - SystemCallArchitectures = "native"; - SystemCallFilter = [ - "~@cpu-emulation" - "~@debug" - "~@mount" - "~@obsolete" - "~@privileged" - "~@resources" - ]; - }; - wantedBy = ["multi-user.target"]; - }; - }) - ]); -} diff --git a/modules/nixfiles/searx.nix b/modules/nixfiles/searx.nix deleted file mode 100644 index 9462d5d..0000000 --- a/modules/nixfiles/searx.nix +++ /dev/null @@ -1,78 +0,0 @@ -{ - config, - inputs, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.searx; -in { - options.nixfiles.modules.searx = { - enable = mkEnableOption "SearX"; - - port = mkOption { - description = "Port."; - type = with types; port; - default = 61001; - }; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; nullOr str; - default = "searx.${config.networking.domain}"; - }; - }; - - config = mkIf cfg.enable { - secrets.searx-environment = { - file = "${inputs.self}/secrets/searx-environment"; - owner = "searx"; - group = "searx"; - }; - - nixfiles.modules.nginx = { - enable = true; - upstreams.searx.servers."127.0.0.1:${toString cfg.port}" = {}; - virtualHosts.${cfg.domain} = { - locations."/".proxyPass = "http://searx"; - extraConfig = nginxInternalOnly; - }; - }; - - services = { - searx = { - enable = true; - - settings = { - general = { - instance_name = cfg.domain; - contact_url = "mailto:admin+searx@${config.networking.domain}"; - git_url = false; - git_branch = false; - docs_url = false; - wiki_url = false; - twitter_url = false; - }; - server = { - bind_address = "127.0.0.1"; - inherit (cfg) port; - secret_key = "@SEARX_SECRET_KEY@"; - base_url = false; - image_proxy = false; - default_http_headers = { - Referrer-Policy = "no-referrer"; - X-Content-Type-Options = "nosniff"; - X-Download-Options = "noopen"; - X-Robots-Tag = "noindex, nofollow, nosnippet, noarchive"; - }; - }; - search = { - safe_search = 0; - autocomplete = ""; - }; - }; - environmentFile = config.secrets.searx-environment.path; - }; - }; - }; -} diff --git a/modules/nixfiles/shadowsocks.nix b/modules/nixfiles/shadowsocks.nix deleted file mode 100644 index b59359c..0000000 --- a/modules/nixfiles/shadowsocks.nix +++ /dev/null @@ -1,116 +0,0 @@ -{ - config, - inputs, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.shadowsocks; -in { - options.nixfiles.modules.shadowsocks = { - enable = mkEnableOption "Shadowsocks"; - - port = mkOption { - type = with types; port; - default = 8388; - description = "Port."; - }; - }; - - config = mkIf cfg.enable { - secrets.shadowsocks-password.file = "${inputs.self}/secrets/shadowsocks-password"; - - services = { - shadowsocks = { - enable = true; - passwordFile = config.secrets.shadowsocks-password.path; - localAddress = ["0.0.0.0"]; - mode = "tcp_only"; - }; - - fail2ban.jails.shadowsocks-libev = '' - enabled = true - filter = shadowsocks-libev - port = ${toString cfg.port} - ''; - }; - - systemd.services.shadowsocks-libev.path = with pkgs; - mkForce [ - (writeShellApplication { - name = "ss-server"; - runtimeInputs = [shadowsocks-libev]; - text = let - # https://github.com/shadowsocks/shadowsocks-libev/blob/master/acl/server_block_local.acl - aclFile = writeText "outbound_block_list.acl" '' - [outbound_block_list] - 0.0.0.0/8 - 10.0.0.0/8 - 100.64.0.0/10 - 127.0.0.0/8 - 169.254.0.0/16 - 172.16.0.0/12 - 192.0.0.0/24 - 192.0.2.0/24 - 192.88.99.0/24 - 192.168.0.0/16 - 198.18.0.0/15 - 198.51.100.0/24 - 203.0.113.0/24 - 224.0.0.0/4 - 240.0.0.0/4 - 255.255.255.255/32 - ::1/128 - ::ffff:127.0.0.1/104 - fc00::/7 - fe80::/10 - ''; - in '' - ss-server --acl ${aclFile} "$@" - ''; - }) - coreutils-full - jq - ]; - - environment.etc = mkIf config.nixfiles.modules.fail2ban.enable { - "fail2ban/filter.d/shadowsocks-libev.conf".text = '' - [Definition] - failregex = ^.*failed to handshake with <ADDR>: authentication error$ - ignoreregex = - journalmatch = _SYSTEMD_UNIT=shadowsocks-libev.service - ''; - }; - - networking.firewall = { - allowedTCPPorts = [cfg.port]; - extraCommands = '' - iptables -A nixos-fw -p tcp --syn --dport ${ - toString cfg.port - } -m connlimit --connlimit-above 32 -j nixos-fw-refuse - ''; - }; - - boot.kernel.sysctl = { - "net.core.rmem_max" = mkOverride 100 (pow 2 26); - "net.core.wmem_max" = mkOverride 100 (pow 2 26); - "net.core.netdev_max_backlog" = pow 2 18; - "net.core.somaxconn" = pow 2 12; - "net.ipv4.tcp_syncookies" = 1; - "net.ipv4.tcp_tw_reuse" = mkOverride 100 1; - "net.ipv4.tcp_tw_recycle" = mkOverride 100 0; - "net.ipv4.tcp_fin_timeout" = mkOverride 100 30; - "net.ipv4.tcp_keepalive_time" = 60 * 20; - "net.ipv4.ip_local_port_range" = "10000 65000"; - "net.ipv4.tcp_max_syn_backlog" = pow 2 13; - "net.ipv4.tcp_max_tw_buckets" = pow 2 12; - "net.ipv4.tcp_fastopen" = 3; - "net.ipv4.tcp_mem" = mkOverride 100 (mkTcpMem 15 16 17); - "net.ipv4.tcp_rmem" = mkOverride 100 (mkTcpMem 12 16 26); - "net.ipv4.tcp_wmem" = mkOverride 100 (mkTcpMem 12 16 26); - "net.ipv4.tcp_mtu_probing" = 1; - "net.ipv4.tcp_congestion_control" = "hybla"; - }; - }; -} diff --git a/modules/nixfiles/soju.nix b/modules/nixfiles/soju.nix deleted file mode 100644 index 14faf00..0000000 --- a/modules/nixfiles/soju.nix +++ /dev/null @@ -1,117 +0,0 @@ -{ - config, - lib, - pkgs, - this, - ... -}: -with lib; let - cfg = config.nixfiles.modules.soju; -in { - options.nixfiles.modules.soju = { - enable = mkEnableOption "soju"; - - protocol = mkOption { - description = "Port."; - type = with types; enum ["ircs" "irc+insecure"]; - default = "irc+insecure"; - }; - - address = mkOption { - description = "Address."; - type = with types; str; - default = this.wireguard.ipv4.address; - }; - - port = mkOption { - description = "Port."; - type = with types; port; - default = 6667; - }; - - domain = mkOption { - description = "Domain."; - type = with types; str; - default = config.networking.fqdn; - }; - }; - - config = let - db = "soju"; - in - mkIf cfg.enable { - nixfiles.modules.postgresql = { - enable = true; - extraPostStart = [ - '' - $PSQL "${db}" -tAc 'GRANT ALL ON SCHEMA "public" TO "${db}"' - '' - ]; - }; - - services.postgresql = { - ensureDatabases = [db]; - ensureUsers = [ - { - name = db; - ensurePermissions."DATABASE \"${db}\"" = "ALL"; - } - ]; - }; - - systemd.services.soju = { - description = "soju IRC bouncer"; - wantedBy = ["multi-user.target"]; - after = ["network-online.target" "postgresql.service"]; - serviceConfig = { - ExecStart = let - # https://soju.im/doc/soju.1.html - configFile = pkgs.writeText "soju.conf" '' - listen ${cfg.protocol}://${cfg.address}:${toString cfg.port} - db postgres ${ - concatStringsSep " " [ - "host=/run/postgresql" - "user=${db}" - "dbname=${db}" - "sslmode=disable" - ] - } - hostname ${cfg.domain} - title ${cfg.domain} - ''; - in - concatStringsSep " " [ - "${pkgs.soju}/bin/soju" - "-config ${configFile}" - ]; - DynamicUser = true; - AmbientCapabilities = [""]; - CapabilityBoundingSet = [""]; - UMask = "0077"; - LockPersonality = true; - MemoryDenyWriteExecute = true; - NoNewPrivileges = true; - PrivateDevices = true; - PrivateTmp = true; - PrivateUsers = true; - ProtectClock = true; - ProtectControlGroups = true; - ProtectHome = true; - ProtectHostname = true; - ProtectKernelLogs = true; - ProtectKernelModules = true; - ProtectKernelTunables = true; - ProtectSystem = "strict"; - ProtectProc = "invisible"; - ProcSubset = "pid"; - RemoveIPC = true; - RestrictAddressFamilies = ["AF_UNIX" "AF_INET" "AF_INET6"]; - RestrictNamespaces = true; - RestrictRealtime = true; - RestrictSUIDSGID = true; - SystemCallArchitectures = "native"; - SystemCallFilter = ["@system-service" "~@privileged"]; - }; - }; - }; -} diff --git a/modules/nixfiles/solaar.nix b/modules/nixfiles/solaar.nix deleted file mode 100644 index ceff23d..0000000 --- a/modules/nixfiles/solaar.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.solaar; -in { - options.nixfiles.modules.solaar = { - enable = mkEnableOption "Solaar"; - }; - - config = mkIf cfg.enable { - hm = { - home.packages = with pkgs; [solaar]; - - systemd.user.services.solaar = { - Unit = { - Description = "Device manager for Logitech devices"; - After = ["graphical-session-pre.target"]; - PartOf = ["graphical-session.target"]; - }; - Service = { - # The dirtiest hack I've ever implemented... I should be ashamed of - # it. Regardless, that shit still doesn't work because each reconnect, - # /dev/hidraw* is recreated and has default permissions which breaks - # Solaar. Fuck this shit. - ExecStartPre = let - pkg = pkgs.writeShellApplication { - name = "solaar-pre"; - text = '' - for i in /dev/hidraw*; do - if [ -c "$i" ]; then - sudo chown root:input "$i" - sudo chmod 0660 "$i" - fi - done - ''; - }; - in "${pkg}/bin/solaar-pre"; - ExecStart = "${pkgs.solaar}/bin/solaar --window=hide"; - }; - Install.WantedBy = ["graphical-session.target"]; - }; - }; - - boot.kernelModules = ["hid_logitech_dj" "hid_logitech_hidpp"]; - - hardware.uinput.enable = true; - - my.extraGroups = ["uinput" "input"]; - }; -} diff --git a/modules/nixfiles/sonarr.nix b/modules/nixfiles/sonarr.nix deleted file mode 100644 index 8c79175..0000000 --- a/modules/nixfiles/sonarr.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.sonarr; -in { - options.nixfiles.modules.sonarr = { - enable = mkEnableOption "Sonarr"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "sonarr.${config.networking.fqdn}"; - }; - }; - - config = mkIf cfg.enable { - nixfiles.modules.nginx = { - enable = true; - upstreams.sonarr.servers."127.0.0.1:8989" = {}; - virtualHosts.${cfg.domain}.locations."/".proxyPass = "http://sonarr"; - }; - - services.sonarr.enable = true; - }; -} diff --git a/modules/nixfiles/sound.nix b/modules/nixfiles/sound.nix deleted file mode 100644 index ae35e44..0000000 --- a/modules/nixfiles/sound.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.sound; -in { - options.nixfiles.modules.sound.enable = - mkEnableOption "sound support"; - - config = mkIf cfg.enable { - services.pipewire = { - enable = true; - - alsa.enable = false; - jack.enable = false; - pulse.enable = true; - }; - }; -} diff --git a/modules/nixfiles/syncthing.nix b/modules/nixfiles/syncthing.nix deleted file mode 100644 index b690ab4..0000000 --- a/modules/nixfiles/syncthing.nix +++ /dev/null @@ -1,145 +0,0 @@ -{ - config, - inputs, - lib, - pkgs, - this, - ... -}: -with lib; let - cfg = config.nixfiles.modules.syncthing; -in { - options.nixfiles.modules.syncthing = { - enable = mkEnableOption "Syncthing"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "syncthing.${config.networking.fqdn}"; - }; - }; - - config = mkIf cfg.enable (mkMerge [ - { - secrets = { - "syncthing-cert-${this.hostname}" = with config.services.syncthing; { - file = "${inputs.self}/secrets/syncthing-cert-${this.hostname}"; - owner = user; - inherit group; - }; - - "syncthing-key-${this.hostname}" = with config.services.syncthing; { - file = "${inputs.self}/secrets/syncthing-key-${this.hostname}"; - owner = user; - inherit group; - }; - }; - - services.syncthing = { - enable = true; - - user = my.username; - inherit (config.my) group; - - dataDir = config.my.home; - - guiAddress = "127.0.0.1:8384"; - - cert = config.secrets."syncthing-cert-${this.hostname}".path; - key = config.secrets."syncthing-key-${this.hostname}".path; - - overrideDevices = true; - devices = mapAttrs (name: attr: - mkIf (attr.syncthing.id != null && hasAttr "wireguard" attr) { - inherit (attr.syncthing) id; - addresses = ["tcp://${name}.${config.networking.domain}:22000"]; - introducer = this.isHeadless; - }) - my.configurations; - - overrideFolders = true; - folders = let - filterDevices = f: - attrNames (filterAttrs (_: attr: - (attr.hostname != this.hostname) - && (attr.syncthing.id != null) - && f attr) - my.configurations); - all = filterDevices (_: true); - notHeadless = filterDevices (attr: !attr.isHeadless); - notOther = filterDevices (attr: !attr.isOther); - - simple = { - type = "simple"; - params.keep = "5"; - }; - trashcan = { - type = "trashcan"; - params.cleanoutDays = "7"; - }; - in - with config.hm.xdg.userDirs; { - share = { - path = publicShare; - devices = notHeadless; - versioning = trashcan; - }; - pass = { - path = config.hm.programs.password-store.settings.PASSWORD_STORE_DIR; - devices = notOther; - versioning = trashcan; - }; - org = { - path = "${documents}/org"; - devices = all; - versioning = simple; - }; - roam = { - path = "${documents}/roam"; - devices = notOther; - versioning = simple; - }; - elfeed = { - path = "${config.my.home}/.elfeed"; - devices = notOther; - versioning = trashcan; - }; - books = { - path = "${documents}/books"; - devices = notOther; - versioning = trashcan; - }; - }; - - extraOptions = { - gui = { - insecureAdminAccess = true; - insecureSkipHostcheck = this.isHeadless; - }; - options = { - autoUpgradeIntervalH = 0; - crashReportingEnabled = false; - globalAnnounceEnabled = false; - relaysEnabled = false; - setLowPriority = this.isHeadless; - stunKeepaliveMinS = 0; - stunKeepaliveStartS = 0; - urAccepted = -1; - }; - }; - }; - - systemd.services.syncthing.environment.STNODEFAULTFOLDER = "yes"; - } - (mkIf this.isHeadless { - nixfiles.modules.nginx = { - enable = true; - upstreams.syncthing.servers.${config.services.syncthing.guiAddress} = {}; - virtualHosts.${cfg.domain} = { - locations."/".proxyPass = "http://syncthing"; - extraConfig = nginxInternalOnly; - }; - }; - }) - ]); -} diff --git a/modules/nixfiles/throttled.nix b/modules/nixfiles/throttled.nix deleted file mode 100644 index f182ee1..0000000 --- a/modules/nixfiles/throttled.nix +++ /dev/null @@ -1,119 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.throttled; -in { - options.nixfiles.modules.throttled.enable = mkEnableOption "Throttled"; - - config = mkIf cfg.enable { - # Disable the module we are trying to "override". - services.throttled.enable = mkForce false; - - environment.etc."throttled.conf".text = '' - [GENERAL] - # Enable or disable the script execution - Enabled: True - # SYSFS path for checking if the system is running on AC power - Sysfs_Power_Path: /sys/class/power_supply/AC*/online - # Auto reload config on changes - Autoreload: True - - ## Settings to apply while connected to Battery power - [BATTERY] - # Update the registers every this many seconds - Update_Rate_s: 30 - # Max package power for time window #1 - PL1_Tdp_W: 29 - # Time window #1 duration - PL1_Duration_s: 28 - # Max package power for time window #2 - PL2_Tdp_W: 44 - # Time window #2 duration - PL2_Duration_S: 0.002 - # Max allowed temperature before throttling - Trip_Temp_C: 85 - # Set cTDP to normal=0, down=1 or up=2 (EXPERIMENTAL) - cTDP: 0 - # Disable BDPROCHOT (EXPERIMENTAL) - Disable_BDPROCHOT: False - - ## Settings to apply while connected to AC power - [AC] - # Update the registers every this many seconds - Update_Rate_s: 5 - # Max package power for time window #1 - PL1_Tdp_W: 44 - # Time window #1 duration - PL1_Duration_s: 28 - # Max package power for time window #2 - PL2_Tdp_W: 44 - # Time window #2 duration - PL2_Duration_S: 0.002 - # Max allowed temperature before throttling - Trip_Temp_C: 95 - # Set HWP energy performance hints to 'performance' on high load (EXPERIMENTAL) - # Uncomment only if you really want to use it - # HWP_Mode: False - # Set cTDP to normal=0, down=1 or up=2 (EXPERIMENTAL) - cTDP: 0 - # Disable BDPROCHOT (EXPERIMENTAL) - Disable_BDPROCHOT: False - - # All voltage values are expressed in mV and *MUST* be negative (i.e. undervolt)! - [UNDERVOLT.BATTERY] - # CPU core voltage offset (mV) - CORE: 0 - # Integrated GPU voltage offset (mV) - GPU: 0 - # CPU cache voltage offset (mV) - CACHE: 0 - # System Agent voltage offset (mV) - UNCORE: 0 - # Analog I/O voltage offset (mV) - ANALOGIO: 0 - - # All voltage values are expressed in mV and *MUST* be negative (i.e. undervolt)! - [UNDERVOLT.AC] - # CPU core voltage offset (mV) - CORE: 0 - # Integrated GPU voltage offset (mV) - GPU: 0 - # CPU cache voltage offset (mV) - CACHE: 0 - # System Agent voltage offset (mV) - UNCORE: 0 - # Analog I/O voltage offset (mV) - ANALOGIO: 0 - - # [ICCMAX.AC] - # # CPU core max current (A) - # CORE: - # # Integrated GPU max current (A) - # GPU: - # # CPU cache max current (A) - # CACHE: - - # [ICCMAX.BATTERY] - # # CPU core max current (A) - # CORE: - # # Integrated GPU max current (A) - # GPU: - # # CPU cache max current (A) - # CACHE: - ''; - - systemd.services.throttled = { - description = "Stop Intel throttling"; - serviceConfig = { - Type = "simple"; - ExecStart = "${pkgs.throttled}/opt/throttled/throttled.py"; - }; - environment.PYTHONUNBUFFERED = "1"; - wantedBy = ["multi-user.target"]; - }; - }; -} diff --git a/modules/nixfiles/unbound.nix b/modules/nixfiles/unbound.nix deleted file mode 100644 index 8c40291..0000000 --- a/modules/nixfiles/unbound.nix +++ /dev/null @@ -1,197 +0,0 @@ -{ - config, - lib, - pkgs, - this, - ... -}: -with lib; let - cfg = config.nixfiles.modules.unbound; -in { - options.nixfiles.modules.unbound = { - enable = mkEnableOption "Unbound"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = config.networking.domain; - }; - }; - - config = let - adblock-conf = "${config.services.unbound.stateDir}/adblock.conf"; - in - mkIf cfg.enable { - services = { - unbound = { - enable = true; - - package = pkgs.unbound-with-systemd.override { - withRedis = true; - withTFO = true; - }; - - settings = { - server = { - interface = with this.wireguard; [ - "127.0.0.1" - "::1" - ipv4.address - ipv6.address - ]; - - local-zone = - concatLists - (mapAttrsToList (h: _: [''"${h}.${cfg.domain}" redirect'']) - my.configurations); - local-data = concatLists (mapAttrsToList (hostname: let - domain = "${hostname}.${cfg.domain}"; - in - attr: (optionals (hasAttr "wireguard" attr) (with attr.wireguard; - [ - ''"${domain} 604800 IN A ${ipv4.address}"'' - ''"${domain} 604800 IN AAAA ${ipv6.address}"'' - ''"${domain}. A ${ipv4.address}"'' - ''"${domain}. AAAA ${ipv6.address}"'' - ] - ++ concatMap (domain: [ - ''"${domain}. A ${ipv4.address}"'' - ''"${domain}. AAAA ${ipv6.address}"'' - ]) - attr.domains))) - my.configurations); - local-data-ptr = concatLists (mapAttrsToList (hostname: let - domain = "${hostname}.${cfg.domain}"; - in - attr: (optionals (hasAttr "wireguard" attr) (with attr.wireguard; - [ - ''"${ipv4.address} ${domain}"'' - ''"${ipv6.address} ${domain}"'' - ] - ++ concatMap (domain: [ - ''"${ipv4.address} ${domain}"'' - ''"${ipv6.address} ${domain}"'' - ]) - attr.domains))) - my.configurations); - - access-control = with config.nixfiles.modules.wireguard; [ - "0.0.0.0/0 refuse" - "::/0 refuse" - "127.0.0.0/8 allow" - "::1/128 allow" - "${ipv4.subnet} allow" - "${ipv6.subnet} allow" - ]; - - private-domain = cfg.domain; - private-address = with config.nixfiles.modules.wireguard; [ - ipv4.subnet - ipv6.subnet - ]; - - domain-insecure = cfg.domain; - - prefetch = true; - prefetch-key = true; - - hide-identity = true; - hide-version = true; - - extended-statistics = true; - - include = ''"${adblock-conf}"''; - }; - - forward-zone = [ - { - name = "."; - forward-tls-upstream = true; - forward-addr = let - mkDnsOverTls = ips: auth: map (ip: concatStrings [ip "@" auth]) ips; - in - mkDnsOverTls dns.const.quad9.default "853#dns.quad9.net"; - } - ]; - - cachedb = with config.services.redis.servers.unbound; { - backend = "redis"; - redis-server-host = bind; - redis-server-port = port; - }; - }; - - localControlSocketPath = "/run/unbound/unbound.socket"; - }; - - redis = { - servers.unbound = { - enable = true; - bind = "127.0.0.1"; - port = 6379; - }; - vmOverCommit = mkForce true; - }; - - prometheus.exporters = { - unbound = { - enable = true; - listenAddress = mkDefault this.wireguard.ipv4.address; - port = 9167; - fetchType = "uds"; - controlInterface = config.services.unbound.localControlSocketPath; - inherit (config.services.unbound) group user; - }; - - redis = { - enable = true; - listenAddress = mkDefault this.wireguard.ipv4.address; - port = mkDefault 9121; - extraFlags = with config.services.redis.servers.unbound; [ - "--redis.addr=redis://${bind}:${toString port}" - "--redis.user=${user}" - ]; - }; - }; - }; - - systemd = { - services = { - unbound.after = ["unbound-adblock-update.service"]; - - unbound-adblock-update = { - serviceConfig = with config.services.unbound; { - Type = "oneshot"; - User = user; - Group = group; - ExecStart = let - pkg = with pkgs; - writeShellApplication { - name = "unbound-adblock-update"; - runtimeInputs = [curl package]; - text = '' - curl \ - "https://pgl.yoyo.org/adservers/serverlist.php?hostformat=unbound&showintro=0&mimetype=plaintext" \ - >${adblock-conf} - - if [[ -f "${localControlSocketPath}" ]]; then - unbound-control reload - fi - ''; - }; - in "${pkg}/bin/unbound-adblock-update"; - }; - }; - }; - - timers.unbound-adblock-update = { - requires = ["network-online.target"]; - timerConfig = { - OnUnitActiveSec = "1d"; - Unit = "unbound-adblock-update.service"; - }; - wantedBy = ["timers.target"]; - }; - }; - }; -} diff --git a/modules/nixfiles/vaultwarden.nix b/modules/nixfiles/vaultwarden.nix deleted file mode 100644 index 7d51667..0000000 --- a/modules/nixfiles/vaultwarden.nix +++ /dev/null @@ -1,134 +0,0 @@ -{ - config, - inputs, - lib, - ... -}: -with lib; let - cfg = config.nixfiles.modules.vaultwarden; -in { - options.nixfiles.modules.vaultwarden = { - enable = mkEnableOption "Vaultwarden"; - - domain = mkOption { - description = "Domain name sans protocol scheme."; - type = with types; str; - default = "vaultwarden.${config.networking.domain}"; - }; - }; - - config = let - db = "vaultwarden"; - in - mkIf cfg.enable { - secrets.vaultwarden-environment = { - file = "${inputs.self}/secrets/vaultwarden-environment"; - owner = "vaultwarden"; - group = "vaultwarden"; - }; - - nixfiles.modules = { - nginx = { - enable = true; - upstreams = with config.services.vaultwarden.config; { - vaultwarden_rocket.servers."${ROCKET_ADDRESS}:${toString ROCKET_PORT}" = {}; - vaultwarden_websocket.servers."${WEBSOCKET_ADDRESS}:${toString WEBSOCKET_PORT}" = {}; - }; - virtualHosts.${cfg.domain} = { - locations."/" = { - proxyPass = "http://vaultwarden_rocket"; - proxyWebsockets = true; - }; - locations."/notifications/hub" = { - proxyPass = "http://vaultwarden_websocket"; - proxyWebsockets = true; - }; - locations."/notifications/hub/negotiate" = { - proxyPass = "http://vaultwarden_rocket"; - proxyWebsockets = true; - }; - }; - }; - postgresql = { - enable = true; - extraPostStart = [ - '' - $PSQL "${db}" -tAc 'GRANT ALL ON SCHEMA "public" TO "${db}"' - '' - ]; - }; - }; - - services = { - vaultwarden = { - enable = true; - config = { - TZ = config.time.timeZone; - - WEB_VAULT_ENABLED = true; - - DOMAIN = optionalString (cfg.domain != null) "http://${cfg.domain}"; - - SIGNUPS_ALLOWED = false; - INVITATIONS_ALLOWED = false; - - ORG_CREATION_USERS = "none"; - - PASSWORD_HINTS_ALLOWED = false; - SHOW_PASSWORD_HINT = false; - - ROCKET_ADDRESS = "127.0.0.1"; - ROCKET_PORT = 8812; - - WEBSOCKET_ENABLED = true; - WEBSOCKET_ADDRESS = "127.0.0.1"; - WEBSOCKET_PORT = 8813; - - LOG_LEVEL = "error"; - - DATABASE_URL = "postgresql://${db}@/${db}"; - }; - dbBackend = "postgresql"; - environmentFile = config.secrets.vaultwarden-environment.path; - }; - - postgresql = { - ensureDatabases = [db]; - ensureUsers = [ - { - name = db; - ensurePermissions."DATABASE \"${db}\"" = "ALL"; - } - ]; - }; - - fail2ban.jails = mkIf config.nixfiles.modules.fail2ban.enable { - vaultwarden = '' - enabled = true - filter = vaultwarden - port = http,https - ''; - vaultwarden-admin = '' - enabled = true - filter = vaultwarden-admin - port = http,https - ''; - }; - }; - - environment.etc = mkIf config.nixfiles.modules.fail2ban.enable { - "fail2ban/filter.d/vaultwarden.conf".text = '' - [Definition] - failregex = ^.*Username or password is incorrect\. Try again\. IP: <ADDR>\. Username:.*$ - ignoreregex = - journalmatch = _SYSTEMD_UNIT=vaultwarden.service - ''; - "fail2ban/filter.d/vaultwarden-admin.conf".text = '' - [Definition] - failregex = ^.*Invalid admin token\. IP: <ADDR>.*$ - ignoreregex = - journalmatch = _SYSTEMD_UNIT=vaultwarden.service - ''; - }; - }; -} diff --git a/modules/nixfiles/vscode.nix b/modules/nixfiles/vscode.nix index 7175b36..6671973 100644 --- a/modules/nixfiles/vscode.nix +++ b/modules/nixfiles/vscode.nix @@ -34,16 +34,16 @@ in { extensions = with pkgs; with vscode-extensions; - [editorconfig.editorconfig file-icons.file-icons redhat.vscode-yaml] - ++ optional cfg.vim.enable vscodevim.vim - ++ vscode-utils.extensionsFromVscodeMarketplace [ - { - name = "vscode-xml"; - publisher = "redhat"; - version = "0.20.0"; - hash = "sha256-GKBrf9s8n7Wv14RSfwyDma1dM0fGMvRkU/7v2DAcB9A="; - } - ]; + [ + editorconfig.editorconfig + file-icons.file-icons + gitlab.gitlab-workflow + ms-kubernetes-tools.vscode-kubernetes-tools + redhat.vscode-xml + redhat.vscode-yaml + streetsidesoftware.code-spell-checker + ] + ++ optional cfg.vim.enable vscodevim.vim; userSettings = let font = config.fontScheme.monospaceFont; @@ -61,7 +61,7 @@ in { renderWhitespace = "trailing"; rulers = [80 120]; smoothScrolling = false; - tabCompletion = true; + tabCompletion = "on"; } // (let surround = 10; @@ -160,11 +160,6 @@ in { leader = " "; useSystemClipboard = true; - - autoSwitchInputMethod = let - inputMethod = config.i18n.inputMethod.enabled; - in - mkIf (inputMethod != null) applyInputMethod.${inputMethod}; }; }; }; diff --git a/modules/nixfiles/wget.nix b/modules/nixfiles/wget.nix index 6d7b1b2..9a16fcc 100644 --- a/modules/nixfiles/wget.nix +++ b/modules/nixfiles/wget.nix @@ -11,7 +11,7 @@ in { config = mkIf cfg.enable { hm = { - programs.bash.shellAliases.wget = "${pkgs.wget}/bin/wget --hsts-file=${config.dirs.data}/wget-hsts"; + programs.bash.shellAliases.wget = "${pkgs.wget}/bin/wget --hsts-file=/tmp/wget-hsts"; home.sessionVariables.WGETRC = pkgs.writeText "wgetrc" '' adjust_extension = on diff --git a/modules/nixfiles/wireguard.nix b/modules/nixfiles/wireguard.nix deleted file mode 100644 index d05c6ae..0000000 --- a/modules/nixfiles/wireguard.nix +++ /dev/null @@ -1,198 +0,0 @@ -{ - config, - inputs, - lib, - pkgs, - this, - ... -}: -with lib; let - cfg = config.nixfiles.modules.wireguard; -in { - options.nixfiles.modules.wireguard = { - client = { - enable = mkEnableOption "WireGuard client"; - - enableTrafficRouting = mkOption { - description = "Whether to enable traffic routing through the sever."; - type = with types; bool; - default = !this.isHeadless; - }; - }; - - server = { - enable = mkEnableOption "WireGuard server"; - - ipv4.address = mkOption { - description = "IPv4 address to bind to."; - type = with types; str; - default = my.configurations.manwe.wireguard.ipv4.address; - }; - - ipv6.address = mkOption { - description = "IPv4 address to bind to."; - type = with types; str; - default = my.configurations.manwe.wireguard.ipv6.address; - }; - - address = mkOption { - description = "Endpoint address to use"; - type = with types; str; - default = my.configurations.manwe.ipv4.address; - }; - - port = mkOption { - description = "Endpoint port to use."; - type = with types; int; - default = 6969; - }; - - publicKey = mkOption { - description = "Server's public key."; - type = with types; str; - default = my.configurations.manwe.wireguard.publicKey; - }; - - peers = mkOption { - description = "List of peers."; - type = with types; listOf attrs; - default = mapAttrsToList (_: attr: - with attr; { - inherit (wireguard) publicKey; - allowedIPs = with wireguard; [ - "${ipv4.address}/32" - "${ipv6.address}/128" - ]; - }) (filterAttrs (_: attr: - attr.hostname != this.hostname && hasAttr "wireguard" attr) - my.configurations); - }; - }; - - interface = mkOption { - description = "Name of the interface to use WireGuard with."; - type = with types; str; - default = "wg69"; - }; - - ipv4.subnet = mkOption { - description = "CIDR notation for the IPv4 subnet to use over WireGuard."; - type = with types; str; - default = "10.69.0.0/16"; - }; - - ipv6.subnet = mkOption { - description = "CIDR notation for the IPv6 subnet to use over WireGuard."; - type = with types; str; - default = "fd69::/16"; - }; - }; - - config = - { - assertions = [ - { - assertion = config.security.sudo.enable; - message = "Sudo is not enabled."; - } - { - assertion = any (x: x == "wheel") config.my.extraGroups; - message = ''User is not in the "wheel" group.''; - } - ]; - } - // mkMerge [ - (mkIf (cfg.client.enable || cfg.server.enable) { - secrets."wireguard-private-key-${this.hostname}".file = "${inputs.self}/secrets/wireguard-private-key-${this.hostname}"; - - networking.firewall.trustedInterfaces = [cfg.interface]; - }) - (mkIf cfg.client.enable { - networking.wg-quick.interfaces.${cfg.interface} = mkMerge [ - (with this.wireguard; { - privateKeyFile = config.secrets."wireguard-private-key-${this.hostname}".path; - address = ["${ipv4.address}/16" "${ipv6.address}/16"]; - }) - (with cfg.server; { - peers = [ - { - inherit publicKey; - endpoint = "${address}:${toString port}"; - allowedIPs = - if cfg.client.enableTrafficRouting - then [ - "0.0.0.0/0" - "::/0" - ] - else [ - cfg.ipv4.subnet - cfg.ipv6.subnet - ]; - persistentKeepalive = 25; - } - ]; - dns = [ - ipv4.address - ipv6.address - ]; # This assumes that the host has Unbound running. - }) - ]; - - environment.systemPackages = with pkgs; [ - (writeShellApplication { - name = "wg-toggle"; - runtimeInputs = [iproute2 jq wireguard-tools]; - text = '' - ip46() { - sudo ip -4 "$@" - sudo ip -6 "$@" - } - - fwmark=$(sudo wg show ${cfg.interface} fwmark) || exit - if ip -j rule list lookup "$fwmark" | jq -e 'length > 0' >/dev/null; then - ip46 rule del lookup main suppress_prefixlength 0 - ip46 rule del lookup "$fwmark" - else - ip46 rule add not fwmark "$fwmark" lookup "$fwmark" - ip46 rule add lookup main suppress_prefixlength 0 - fi - ''; - }) - ]; - }) - (mkIf cfg.server.enable { - networking = { - wireguard = { - enable = true; - interfaces.${cfg.interface} = with cfg.server; { - privateKeyFile = config.secrets."wireguard-private-key-${this.hostname}".path; - ips = ["${ipv4.address}/16" "${ipv6.address}/16"]; - listenPort = port; - inherit peers; - allowedIPsAsRoutes = false; - }; - }; - - nat = { - enable = true; - enableIPv6 = true; - - externalInterface = mkDefault "eth0"; - - internalInterfaces = [cfg.interface]; - internalIPs = [cfg.ipv4.subnet]; - internalIPv6s = [cfg.ipv6.subnet]; - }; - - firewall.allowedUDPPorts = [cfg.server.port]; - }; - - services.prometheus.exporters.wireguard = { - enable = true; - listenAddress = mkDefault this.wireguard.ipv4.address; - withRemoteIp = true; - port = 9586; - }; - }) - ]; -} diff --git a/modules/nixfiles/x11.nix b/modules/nixfiles/x11.nix deleted file mode 100644 index cd8dfbe..0000000 --- a/modules/nixfiles/x11.nix +++ /dev/null @@ -1,92 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.x11; -in { - options.nixfiles.modules.x11.enable = mkEnableOption "X11"; - - config = mkIf cfg.enable { - nixfiles.modules.fonts.enable = true; - - hm = { - home.sessionVariables = with config.dirs; { - XCOMPOSEFILE = "${cache}/XComposeFile"; - XCOMPOSECACHE = "${cache}/XComposeCache"; - }; - - xsession.scriptPath = ".xinitrc"; - - xresources.properties = - (let - font = with config.fontScheme.monospaceFont; "${family}:style=${style}:size=${toString size}"; - in { - "*.font" = font; - - "Xft.antialias" = 1; - "Xft.autohint" = 0; - "Xft.dpi" = 96; - "Xft.hinting" = 1; - "Xft.hintstyle" = "hintslight"; - "Xft.lcdfilter" = "lcddefault"; - "Xft.rgba" = "rgb"; - }) - // (with config.colourScheme; { - "*.color0" = black; - "*.color8" = brightBlack; - "*.color1" = red; - "*.color9" = brightRed; - "*.color2" = green; - "*.color10" = brightGreen; - "*.color3" = yellow; - "*.color11" = brightYellow; - "*.color4" = blue; - "*.color12" = brightBlue; - "*.color5" = magenta; - "*.color13" = brightMagenta; - "*.color6" = cyan; - "*.color14" = brightCyan; - "*.color7" = white; - "*.color15" = brightWhite; - - "*.background" = background; - "*.foreground" = foreground; - }); - }; - - services.xserver = { - enable = true; - - tty = mkDefault 1; - - autoRepeatDelay = 200; - autoRepeatInterval = 25; - - libinput.enable = true; - - monitorSection = '' - Option "DPMS" "false" - ''; - - serverFlagsSection = '' - Option "BlankTime" "0" - Option "OffTime" "0" - Option "StandbyTime" "0" - Option "SuspendTime" "0" - ''; - - inputClassSections = [ - '' - Identifier "Mouse" - MatchIsPointer "yes" - Option "AccelerationNumerator" "2" - Option "AccelerationDenominator" "1" - Option "AccelerationThreshold" "4" - '' - ]; - }; - }; -} diff --git a/modules/nixfiles/xmonad.nix b/modules/nixfiles/xmonad.nix deleted file mode 100644 index 847110e..0000000 --- a/modules/nixfiles/xmonad.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ - config, - inputs, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.nixfiles.modules.xmonad; -in { - options.nixfiles.modules.xmonad.enable = mkEnableOption "XMonad"; - - config = mkIf cfg.enable { - nixfiles.modules.x11.enable = true; - - hm = { - xsession = { - enable = true; - - scriptPath = ".xinitrc"; - - windowManager.command = "${pkgs.xmonad-ng}/bin/xmonad-ng"; - }; - }; - - services.xserver.displayManager.startx.enable = true; - - system.extraDependencies = [inputs.xmonad-ng]; - }; -} |