Compare commits
9 commits
af3918ffab
...
598c25d4bc
Author | SHA1 | Date | |
---|---|---|---|
Gabriel Simmer | 598c25d4bc | ||
Gabriel Simmer | 77b01a051b | ||
Gabriel Simmer | 0ca7cadef6 | ||
Gabriel Simmer | 9eb07d0c18 | ||
Gabriel Simmer | 3399178d3c | ||
Gabriel Simmer | 5a006b562e | ||
Gabriel Simmer | 55b04c7421 | ||
Gabriel Simmer | a5e7b2ecae | ||
Gabriel Simmer | 55f0bf49c8 |
|
@ -37,6 +37,7 @@
|
|||
"tools"
|
||||
"ytproxy"
|
||||
"nitter"
|
||||
"changedetect"
|
||||
] (name: {cname.data = "cluster";})
|
||||
// lib.attrsets.genAttrs [
|
||||
# Externally hosted applications with Tunnels
|
||||
|
|
54
flake.lock
54
flake.lock
|
@ -27,11 +27,11 @@
|
|||
"nixpkgs": "nixpkgs_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1672175240,
|
||||
"narHash": "sha256-znVCx+4j9961QJJGI5RHIFrv2SGFd799Hao+LRThm+I=",
|
||||
"lastModified": 1710590710,
|
||||
"narHash": "sha256-944FyFvgVl1fLUgWCdh6gS6Zi/Wmk7zusfMCoKTv2zE=",
|
||||
"owner": "alexbakker",
|
||||
"repo": "alertmanager-ntfy",
|
||||
"rev": "1e8a0901410207fa4357799f4e9f6d8f26e15626",
|
||||
"rev": "b60d1feee3844f091cfa911d9125bd836039dc08",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -183,11 +183,11 @@
|
|||
"systems": "systems_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709126324,
|
||||
"narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
|
||||
"lastModified": 1710146030,
|
||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "d465f4819400de7c8d874d50b982301f28a84605",
|
||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -239,11 +239,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709938482,
|
||||
"narHash": "sha256-2Vw2WOFmEXWQH8ziFNOr0U48Guh5FacuD6BOEIcE99s=",
|
||||
"lastModified": 1710532761,
|
||||
"narHash": "sha256-SUXGZNrXX05YA9G6EmgupxhOr3swI1gcxLUeDMUhrEY=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "17431970b4ebc75a92657101ccffcfc9e1f9d8f0",
|
||||
"rev": "206f457fffdb9a73596a4cb2211a471bd305243d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -279,11 +279,11 @@
|
|||
"nixpkgs-lib": "nixpkgs-lib"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709467759,
|
||||
"narHash": "sha256-ojIpNROGKk56wyvpMAlBVor3CvPez3pFMORrocxW4io=",
|
||||
"lastModified": 1710184940,
|
||||
"narHash": "sha256-FzYm4td3FJfzOAuEkCXt3KdUgZuA072OAQXqIq+IAMo=",
|
||||
"owner": "nix-community",
|
||||
"repo": "lib-aggregate",
|
||||
"rev": "206e40afdc468d0658e30e1644e2473dc6285cf2",
|
||||
"rev": "45b75bf534592c0c1c881a1c447f7fdb37a87eaf",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -355,11 +355,11 @@
|
|||
},
|
||||
"nixlib": {
|
||||
"locked": {
|
||||
"lastModified": 1709426687,
|
||||
"narHash": "sha256-jLBZmwXf0WYHzLkmEMq33bqhX55YtT5edvluFr0RcSA=",
|
||||
"lastModified": 1710031547,
|
||||
"narHash": "sha256-pkUg3hOKuGWMGF9WEMPPN/G4pqqdbNGJQ54yhyQYDVY=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixpkgs.lib",
|
||||
"rev": "7873d84a89ae6e4841528ff7f5697ddcb5bdfe6c",
|
||||
"rev": "630ebdc047ca96d8126e16bb664c7730dc52f6e6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -397,11 +397,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709887845,
|
||||
"narHash": "sha256-803UIoB8+vGkm/VK/g55aBAAOf/ncTGvxXyjTF4ydm0=",
|
||||
"lastModified": 1710398463,
|
||||
"narHash": "sha256-fQlYanU84E8uwBpcoTCcLCwU8cqn0eQ7nwTcrWfSngc=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixos-generators",
|
||||
"rev": "bef32a05496d9480b02be586fa7827748b9e597b",
|
||||
"rev": "efd4e38532b5abfaa5c9fc95c5a913157dc20ccb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -428,11 +428,11 @@
|
|||
},
|
||||
"nixpkgs-lib": {
|
||||
"locked": {
|
||||
"lastModified": 1709426687,
|
||||
"narHash": "sha256-jLBZmwXf0WYHzLkmEMq33bqhX55YtT5edvluFr0RcSA=",
|
||||
"lastModified": 1710031547,
|
||||
"narHash": "sha256-pkUg3hOKuGWMGF9WEMPPN/G4pqqdbNGJQ54yhyQYDVY=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixpkgs.lib",
|
||||
"rev": "7873d84a89ae6e4841528ff7f5697ddcb5bdfe6c",
|
||||
"rev": "630ebdc047ca96d8126e16bb664c7730dc52f6e6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -451,11 +451,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709975798,
|
||||
"narHash": "sha256-LdHYxpw7N7inGInX3i6Z6Rm3hl0ai7YXkbzJn+WV0l4=",
|
||||
"lastModified": 1710631003,
|
||||
"narHash": "sha256-6bOCj2BUwOYDO1Lq3DgwIfrdUiieKkm1fCHFQRkLK4Y=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixpkgs-wayland",
|
||||
"rev": "639141e297f4fe7c1bbf0662e1fde05fa964efa9",
|
||||
"rev": "bce941770aa96005f08c7b60851037352bf76156",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -514,11 +514,11 @@
|
|||
},
|
||||
"nixpkgs_5": {
|
||||
"locked": {
|
||||
"lastModified": 1709780214,
|
||||
"narHash": "sha256-p4iDKdveHMhfGAlpxmkCtfQO3WRzmlD11aIcThwPqhk=",
|
||||
"lastModified": 1710534455,
|
||||
"narHash": "sha256-huQT4Xs0y4EeFKn2BTBVYgEwJSv8SDlm82uWgMnCMmI=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "f945939fd679284d736112d3d5410eb867f3b31c",
|
||||
"rev": "9af9c1c87ed3e3ed271934cb896e0cdd33dae212",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
97
homelab/changedetection.nix
Normal file
97
homelab/changedetection.nix
Normal file
|
@ -0,0 +1,97 @@
|
|||
let
|
||||
appName = "changedetection";
|
||||
changedetection-Image = "dgtlmoon/changedetection.io:latest";
|
||||
browserless-Image = "browserless/chrome:latest";
|
||||
in
|
||||
{...}: {
|
||||
kubernetes.resources.services.changedetection = {
|
||||
spec = {
|
||||
selector.app = appName;
|
||||
ports.http = {
|
||||
port = 5000;
|
||||
targetPort = 5000;
|
||||
};
|
||||
};
|
||||
};
|
||||
kubernetes.resources.statefulSets.changedetection.spec = {
|
||||
selector.matchLabels.app = appName;
|
||||
serviceName = appName;
|
||||
template = {
|
||||
metadata.labels.app = appName;
|
||||
spec = {
|
||||
volumes = {
|
||||
config.configMap.name = appName;
|
||||
};
|
||||
containers = {
|
||||
changedetection = {
|
||||
image = changedetection-Image;
|
||||
imagePullPolicy = "Always";
|
||||
ports.http.containerPort = 5000;
|
||||
env = [
|
||||
{
|
||||
name = "PLAYWRIGHT_DRIVER_URL";
|
||||
value = "ws://localhost:3000";
|
||||
}
|
||||
];
|
||||
volumeMounts = [
|
||||
{
|
||||
name = "data";
|
||||
mountPath = "/datastore";
|
||||
}
|
||||
];
|
||||
};
|
||||
browserless = {
|
||||
image = browserless-Image;
|
||||
imagePullPolicy = "Always";
|
||||
ports.webdriver.containerPort = 3000;
|
||||
resources = {
|
||||
requests.memory = "768Mi";
|
||||
limits.memory = "2Gi";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
volumeClaimTemplates = [
|
||||
{
|
||||
metadata.name = "data";
|
||||
spec = {
|
||||
storageClassName = "nfs-client";
|
||||
accessModes = ["ReadWriteOnce"];
|
||||
resources.requests.storage = "1Gi";
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
kubernetes.resources.ingresses.changedetection = {
|
||||
metadata = {
|
||||
name = appName;
|
||||
annotations = {
|
||||
"cert-manager.io/issuer" = "le-issuer";
|
||||
};
|
||||
};
|
||||
spec = {
|
||||
tls = [
|
||||
{
|
||||
hosts = ["changedetect.gmem.ca"];
|
||||
secretName = "gmem-ca-wildcard";
|
||||
}
|
||||
];
|
||||
rules = [
|
||||
{
|
||||
host = "changedetect.gmem.ca";
|
||||
http.paths = [
|
||||
{
|
||||
path = "/";
|
||||
pathType = "Prefix";
|
||||
backend.service = {
|
||||
name = appName;
|
||||
port.name = "http";
|
||||
};
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
|
@ -7,7 +7,7 @@ spec:
|
|||
selector:
|
||||
matchLabels:
|
||||
app: cloudflared
|
||||
replicas: 1
|
||||
replicas: 3
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
|
@ -15,12 +15,15 @@ spec:
|
|||
spec:
|
||||
containers:
|
||||
- name: cloudflared
|
||||
image: cloudflare/cloudflared:2023.10.0-arm64
|
||||
image: cloudflare/cloudflared:2024.2.1
|
||||
args:
|
||||
- tunnel
|
||||
- --config
|
||||
- /etc/cloudflared/config/config.yaml
|
||||
- run
|
||||
ports:
|
||||
- containerPort: 2000
|
||||
name: metrics
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
# Cloudflared has a /ready endpoint which returns 200 if and only if
|
||||
|
@ -47,4 +50,29 @@ spec:
|
|||
items:
|
||||
- key: config.yaml
|
||||
path: config.yaml
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: cloudflared-metrics
|
||||
spec:
|
||||
selector:
|
||||
app: cloudflared
|
||||
ports:
|
||||
- name: metrics
|
||||
port: 2000
|
||||
targetPort: 2000
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: PodMonitor
|
||||
metadata:
|
||||
name: cloudflared
|
||||
labels:
|
||||
release: prometheus
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: cloudflared
|
||||
podMetricsEndpoints:
|
||||
- port: metrics
|
||||
interval: 30s
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
};
|
||||
# arbitrary attrset passed as values to the helm release
|
||||
values = {
|
||||
image.tag = "v1.95.1";
|
||||
image.tag = "v1.98.2";
|
||||
machine-learning.enabled = false;
|
||||
immich.persistence.library.existingClaim = "immich";
|
||||
redis.enabled = true;
|
||||
|
|
|
@ -22,5 +22,6 @@
|
|||
(import ./irc.nix)
|
||||
(import ./netboot.nix)
|
||||
(import ./nitter.nix)
|
||||
(import ./changedetection.nix)
|
||||
];
|
||||
}
|
||||
|
|
|
@ -3,52 +3,7 @@ prometheus:
|
|||
prometheusSpec:
|
||||
podMonitorSelectorNilUsesHelmValues: false
|
||||
serviceMonitorSelectorNilUsesHelmValues: false
|
||||
additionalScrapeConfigs:
|
||||
- job_name: kubernetes-service-endpoints
|
||||
kubernetes_sd_configs:
|
||||
- role: service
|
||||
relabel_configs:
|
||||
|
||||
# annotation 'prometheus.io/scrape' must be set to 'true'
|
||||
- action: keep
|
||||
regex: true
|
||||
source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scrape]
|
||||
|
||||
# service cannot be in kube-system or prom namespaces
|
||||
- action: drop
|
||||
regex: (kube-system|prom)
|
||||
source_labels: [__meta_kubernetes_namespace]
|
||||
|
||||
# service port name must end with word 'metrics'
|
||||
- action: keep
|
||||
regex: .*metrics
|
||||
source_labels: [__meta_kubernetes_service_port_name]
|
||||
|
||||
# allow override of http scheme
|
||||
- action: replace
|
||||
regex: (https?)
|
||||
source_labels: [__meta_kubernetes_service_annotation_prometheus_io_scheme]
|
||||
target_label: __scheme__
|
||||
|
||||
# allow override of default /metrics path
|
||||
- action: replace
|
||||
regex: (.+)
|
||||
source_labels: [__meta_kubernetes_service_annotation_prometheus_io_path]
|
||||
target_label: __metrics_path__
|
||||
|
||||
# allow override of default port
|
||||
- action: replace
|
||||
regex: ([^:]+)(?::\d+)?;(\d+)
|
||||
replacement: $1:$2
|
||||
source_labels: [__address__, __meta_kubernetes_service_annotation_prometheus_io_port]
|
||||
target_label: __address__
|
||||
- {action: labelmap, regex: __meta_kubernetes_service_label_(.+)}
|
||||
- action: replace
|
||||
source_labels: [__meta_kubernetes_namespace]
|
||||
target_label: kubernetes_namespace
|
||||
- action: replace
|
||||
source_labels: [__meta_kubernetes_service_name]
|
||||
target_label: kubernetes_name
|
||||
ruleSelectorNilUsesHelmValues: false
|
||||
remoteWrite:
|
||||
- name: monitoring
|
||||
url: http://grafana.gmem.ca:9001/api/v1/write
|
||||
|
|
|
@ -15,11 +15,7 @@ in {
|
|||
};
|
||||
};
|
||||
kubernetes.resources.services.tclip = {
|
||||
metadata.annotations = {
|
||||
"prometheus.io/port" = "9090";
|
||||
"prometheus.io/scrape" = "true";
|
||||
"prometheus.io/path" = "/metrics";
|
||||
};
|
||||
metadata.labels.app = appName;
|
||||
spec = {
|
||||
selector.app = appName;
|
||||
ports.metrics = {
|
||||
|
@ -90,7 +86,10 @@ in {
|
|||
}
|
||||
];
|
||||
envFrom = [{secretRef.name = "tclip-litestream-s3";}];
|
||||
ports.metrics.containerPort = 9090;
|
||||
ports.metrics = {
|
||||
containerPort = 9090;
|
||||
name = "metrics";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -33,7 +33,6 @@ spec:
|
|||
envFrom:
|
||||
- secretRef:
|
||||
name: vaultwarden-litestream-s3
|
||||
|
||||
containers:
|
||||
- name: vaultwarden
|
||||
image: docker.io/vaultwarden/server:testing
|
||||
|
@ -91,10 +90,8 @@ apiVersion: v1
|
|||
kind: Service
|
||||
metadata:
|
||||
name: vaultwarden
|
||||
annotations:
|
||||
prometheus.io/port: "9090"
|
||||
prometheus.io/scrape: "true"
|
||||
prometheus.io/path: "/metrics"
|
||||
labels:
|
||||
app: vaultwarden
|
||||
spec:
|
||||
selector:
|
||||
app: vaultwarden
|
||||
|
@ -104,7 +101,7 @@ spec:
|
|||
name: web
|
||||
- port: 9090
|
||||
targetPort: 9090
|
||||
name: litestream-metrics
|
||||
name: metrics
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
|
|
|
@ -14,11 +14,7 @@ in {
|
|||
};
|
||||
};
|
||||
kubernetes.resources.services.vrchat-prometheus-adapter = {
|
||||
metadata.annotations = {
|
||||
"prometheus.io/port" = "6534";
|
||||
"prometheus.io/scrape" = "true";
|
||||
"prometheus.io/path" = "/metrics";
|
||||
};
|
||||
metadata.labels.app = appName;
|
||||
spec = {
|
||||
selector.app = appName;
|
||||
ports.metrics = {
|
||||
|
|
|
@ -140,12 +140,11 @@
|
|||
xkb.layout = "us";
|
||||
xkb.variant = "";
|
||||
enable = true;
|
||||
desktopManager = {
|
||||
# plasma5.enable = true;
|
||||
plasma6.enable = true;
|
||||
};
|
||||
displayManager.sddm.enable = true;
|
||||
};
|
||||
desktopManager = {
|
||||
plasma6.enable = true;
|
||||
};
|
||||
pipewire = {
|
||||
enable = true;
|
||||
alsa.enable = true;
|
||||
|
@ -193,7 +192,7 @@
|
|||
xdg.portal.enable = true;
|
||||
|
||||
programs = {
|
||||
sway.enable = true;
|
||||
tmux.enable = true;
|
||||
gamemode.enable = true;
|
||||
zsh.enable = true;
|
||||
fish.enable = true;
|
||||
|
@ -207,7 +206,6 @@
|
|||
};
|
||||
gnupg.agent = {
|
||||
enable = true;
|
||||
pinentryFlavor = "qt";
|
||||
enableSSHSupport = false;
|
||||
};
|
||||
};
|
||||
|
@ -254,7 +252,6 @@
|
|||
pinentry-curses
|
||||
noisetorch
|
||||
nix-output-monitor
|
||||
pinentry-gnome
|
||||
xdg-utils
|
||||
dracula-theme
|
||||
yubikey-touch-detector
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
in [
|
||||
(import (builtins.fetchTarball {
|
||||
url = "https://github.com/nix-community/emacs-overlay/archive/master.tar.gz";
|
||||
sha256 = "0i972nkqhjfpy8g7dmryw2fvkfda43624zfhsh35k795zbx38jc7";
|
||||
sha256 = "0w843vgi0d7p2hmhlgq046r2gg7aid3xphnzibv17fp38wa1y6dm";
|
||||
}))
|
||||
discordOverlay
|
||||
];
|
||||
|
@ -45,6 +45,12 @@
|
|||
};
|
||||
|
||||
programs = {
|
||||
alacritty = {
|
||||
enable = true;
|
||||
settings = {
|
||||
import = [ "${pkgs.alacritty-theme}/breeze.toml" ];
|
||||
};
|
||||
};
|
||||
bash.enable = false;
|
||||
fish = {
|
||||
enable = true;
|
||||
|
@ -77,6 +83,7 @@
|
|||
gpgSign = true;
|
||||
};
|
||||
};
|
||||
difftastic.enable = true;
|
||||
};
|
||||
|
||||
emacs = {
|
||||
|
@ -89,8 +96,8 @@
|
|||
|
||||
eza = {
|
||||
enable = true;
|
||||
enableFishIntegration = true;
|
||||
};
|
||||
|
||||
bat = {
|
||||
enable = true;
|
||||
};
|
||||
|
@ -115,7 +122,6 @@
|
|||
thunderbird
|
||||
prismlauncher
|
||||
ripgrep
|
||||
kitty
|
||||
virt-manager
|
||||
jre8
|
||||
parsec-bin
|
||||
|
|
|
@ -23,7 +23,6 @@
|
|||
function fish_greeting; end
|
||||
function fish_title; end
|
||||
end
|
||||
atuin init fish | source
|
||||
'';
|
||||
loginShellInit = ''
|
||||
if test "$TERM" = "dumb"
|
||||
|
@ -45,15 +44,13 @@
|
|||
|
||||
programs.eza = {
|
||||
enable = true;
|
||||
enableAliases = true;
|
||||
enableFishIntegration = true;
|
||||
};
|
||||
|
||||
programs.bat = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
home.packages = with pkgs; [atuin];
|
||||
|
||||
# This value determines the Home Manager release that your
|
||||
# configuration is compatible with. This helps avoid breakage
|
||||
# when a new Home Manager release introduces backwards
|
||||
|
|
Loading…
Reference in a new issue