diff options
-rw-r--r-- | krebs/2configs/shack/prometheus/alert-rules.nix | 7 | ||||
-rw-r--r-- | makefu/2configs/ham/light/schlafzimmer.nix (renamed from makefu/2configs/ham/light/groups.nix) | 0 | ||||
-rw-r--r-- | makefu/2configs/share/anon-sftp.nix | 25 |
3 files changed, 29 insertions, 3 deletions
diff --git a/krebs/2configs/shack/prometheus/alert-rules.nix b/krebs/2configs/shack/prometheus/alert-rules.nix index 1c2d0b1ad..12c691466 100644 --- a/krebs/2configs/shack/prometheus/alert-rules.nix +++ b/krebs/2configs/shack/prometheus/alert-rules.nix @@ -14,7 +14,7 @@ in { labels.severity = "warning"; annotations.summary = "{{ $labels.alias }} root disk full"; annotations.url = "http://grafana.shack/d/hb7fSE0Zz/shack-system-dashboard?orgId=1&var-job=node&var-hostname=All&var-node=wolf.shack:9100&var-device=All&var-maxmount=%2F&var-show_hostname=wolf"; - annotations.description = ''The root disk of {{ $labels.alias }} has {{ $value | printf "%.2f" }}% free disk space (Threshold at ${disk_free_threshold}%).A vast number of shackspace services will stop working. CI for deploying new configuration will also seize working. Log in to the system and run `nix-collect-garbage -d` and clean up the shack share folder in `/home/share` .If this does not help you can check `du -hs /var/ | sort -h`, run `docker system prune` or if you are really desperate run `du -hs / | sort -h` and go through the folders recursively until you've found something to delete''; + annotations.description = ''The root disk of {{ $labels.alias }} has {{ $value | printf "%.2f" }}% free disk space (Threshold at ${disk_free_threshold}%). CI for deploying new configuration will seize working. Log in to the system and run `nix-collect-garbage -d` and clean up the shack share folder in `/home/share` .If this does not help you can check `du -hs /var/ | sort -h`, run `docker system prune` or if you are really desperate run `du -hs / | sort -h` and go through the folders recursively until you've found something to delete''; } { alert = "RootPartitionFull"; @@ -25,14 +25,15 @@ in { annotations.url = "http://grafana.shack/d/hb7fSE0Zz/shack-system-dashboard?orgId=1&var-job=node&var-hostname=All&var-node=wolf.shack:9100&var-device=All&var-maxmount=%2F&var-show_hostname=puyak"; annotations.description = ''The root disk of {{ $labels.alias }} has {{ $value | printf "%.2f" }}% free disk space (Threshold at ${disk_free_threshold}%).Prometheus will not be able to create new alerts and CI for deploying new configuration will also seize working. Log in to the system and run `nix-collect-garbage -d` and if this does not help you can check `du -hs /var/ | sort -h`, run `docker system prune` or if you are really desperate run `du -hs / | sort -h` and go through the folders recursively until you've found something to delete''; } + # wolf.shack is not worth supervising anymore { alert = "HostDown"; - expr = ''up{alias="wolf.shack"} == 0''; + expr = ''up{alias="infra01.shack"} == 0''; for = "5m"; labels.severity = "page"; annotations.summary = "Instance {{ $labels.alias }} down for 5 minutes"; annotations.url = "http://grafana.shack/d/hb7fSE0Zz/shack-system-dashboard?orgId=1&var-job=node&var-hostname=All&var-node=wolf.shack:9100&var-device=All&var-maxmount=%2F&var-show_hostname=wolf"; - annotations.description = ''Host {{ $labels.alias }} went down and has not been reconnected after 5 minutes. This is probably bad news, try to restart the host via naproxen ( http://naproxen.shack:8006 ). Wolf being down means that CI,glados automation, light management and a couple of other services will not work anymore.''; + annotations.description = ''Host {{ $labels.alias }} went down and has not been reconnected after 5 minutes. This is probably bad news, as the machine runs one of the DNS servers and the power broadcast proxy which is used to be able to turn off the light via puyak as well as the shutdown listener.''; } ]; } diff --git a/makefu/2configs/ham/light/groups.nix b/makefu/2configs/ham/light/schlafzimmer.nix index 274fd60a3..274fd60a3 100644 --- a/makefu/2configs/ham/light/groups.nix +++ b/makefu/2configs/ham/light/schlafzimmer.nix diff --git a/makefu/2configs/share/anon-sftp.nix b/makefu/2configs/share/anon-sftp.nix new file mode 100644 index 000000000..7cde9317a --- /dev/null +++ b/makefu/2configs/share/anon-sftp.nix @@ -0,0 +1,25 @@ +{ config, lib, pkgs, ... }: + +with import <stockholm/lib>; +{ + services.openssh = { + allowSFTP = true; + sftpFlags = [ "-l VERBOSE" ]; + extraConfig = '' + Match User anonymous + ForceCommand internal-sftp + AllowTcpForwarding no + X11Forwarding no + PasswordAuthentication no + ''; + }; + + users.users.anonymous = { + uid = genid "anonymous"; + useDefaultShell = false; + password = "anonymous"; + home = "/media/anon"; + createHome = true; + }; + +} |