diff --git a/inventory/group_vars/asgard/vars.yml b/inventory/group_vars/asgard/vars.yml index 0dd2685..b3fe2b2 100644 --- a/inventory/group_vars/asgard/vars.yml +++ b/inventory/group_vars/asgard/vars.yml @@ -1,11 +1,20 @@ --- # -------------------------------------------------------------------------------------------------- -# system:var +# system:base # -------------------------------------------------------------------------------------------------- system_etc_home_directory: "{{ system_etc_root_directory }}/services" system_var_data_directory: "{{ system_var_root_directory }}/data" system_var_containers_directory: "{{ system_var_root_directory }}/containers" +# -------------------------------------------------------------------------------------------------- +# system:extra +# -------------------------------------------------------------------------------------------------- +system_extra_netdata_inet_address: "{{ vpn_bridge_inet_address }}" +system_extra_netdata_inet6_address: "{{ vpn_bridge_inet6_address }}" +system_extra_netdata_registry_enabled: false +system_extra_netdata_registry_url: "{{ vault_system_extra_netdata_registry_url }}" +system_extra_netdata_stream_api_key: "{{ vault_system_extra_netdata_stream_api_key }}" + # -------------------------------------------------------------------------------------------------- # vpn:wireguard # -------------------------------------------------------------------------------------------------- diff --git a/inventory/host_vars/valkyrie/vars.yml b/inventory/host_vars/valkyrie/vars.yml index 2747433..63e259c 100644 --- a/inventory/host_vars/valkyrie/vars.yml +++ b/inventory/host_vars/valkyrie/vars.yml @@ -8,7 +8,10 @@ system_mail_smtp_pass: "{{ vault_system_mail_smtp_pass }}" # system:base # -------------------------------------------------------------------------------------------------- system_base_udp_ports: + - 546 # dhcpv6 - "{{ vpn_wireguard_port }}" +system_base_additional_tcp_ports: + - 19999 # netdata # -------------------------------------------------------------------------------------------------- # system:var diff --git a/inventory/host_vars/yggdrasil/vars.yml b/inventory/host_vars/yggdrasil/vars.yml index 0ae3a6a..2728a79 100644 --- a/inventory/host_vars/yggdrasil/vars.yml +++ b/inventory/host_vars/yggdrasil/vars.yml @@ -1,4 +1,9 @@ --- +# -------------------------------------------------------------------------------------------------- +# system:extra +# -------------------------------------------------------------------------------------------------- +system_extra_netdata_registry_enabled: true + # -------------------------------------------------------------------------------------------------- # system:zfs # -------------------------------------------------------------------------------------------------- @@ -31,6 +36,7 @@ system_base_udp_ports: system_base_additional_tcp_ports: - 139 # samba - 445 # samba + - 19999 # netdata system_base_unattended_upgrades_blacklist: - "linux-" - "zfs(utils)?-" @@ -138,7 +144,7 @@ services_host_services: lrproxy: inet_address: "{{ vpn_bridge_inet_prefix }}.2" inet6_address: "{{ vpn_bridge_inet6_prefix }}::2" - tcp: [80, 443] + tcp: [80, 443, 19999] restic: true database: inet_address: "{{ vpn_bridge_inet_prefix }}.3" diff --git a/playbooks/files/services/deploy/lrproxy/nginx-conf.d/netdata.valkyrie.thenineworlds.net.conf b/playbooks/files/services/deploy/lrproxy/nginx-conf.d/netdata.valkyrie.thenineworlds.net.conf new file mode 100644 index 0000000..d4f4d0b --- /dev/null +++ b/playbooks/files/services/deploy/lrproxy/nginx-conf.d/netdata.valkyrie.thenineworlds.net.conf @@ -0,0 +1,22 @@ +server { + listen [::]:19999; + listen 19999; + server_name netdata.valkyrie.thenineworlds.net; + + allow {{ local_inet_network }}; + allow {{ local_inet6_network }}; + deny all; + + location / { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Host $host; + proxy_pass http://netdata.valkyrie.thenineworlds.net:19999; + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + +} diff --git a/playbooks/files/services/deploy/lrproxy/nginx-conf.d/netdata.yggdrasil.thenineworlds.net.conf b/playbooks/files/services/deploy/lrproxy/nginx-conf.d/netdata.yggdrasil.thenineworlds.net.conf new file mode 100644 index 0000000..0be8f03 --- /dev/null +++ b/playbooks/files/services/deploy/lrproxy/nginx-conf.d/netdata.yggdrasil.thenineworlds.net.conf @@ -0,0 +1,22 @@ +server { + listen [::]:19999; + listen 19999; + server_name netdata.yggdrasil.thenineworlds.net; + + allow {{ local_inet_network }}; + allow {{ local_inet6_network }}; + deny all; + + location / { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Host $host; + proxy_pass http://netdata.yggdrasil.thenineworlds.net:19999; + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + +} diff --git a/playbooks/roles/services/deploy/rproxy/templates/hosts b/playbooks/roles/services/deploy/rproxy/templates/hosts index 75511c8..b4c8181 100644 --- a/playbooks/roles/services/deploy/rproxy/templates/hosts +++ b/playbooks/roles/services/deploy/rproxy/templates/hosts @@ -4,6 +4,11 @@ ff02::1 ip6-allnodes ff02::2 ip6-allrouters 127.0.1.1 {{ services_service_name }} +{% for netdata_host in ( services_deploy_netdata_hosts | dict2items ) %} + +{{ netdata_host.value.inet6_address }} {{ netdata_host.key }} +{{ netdata_host.value.inet_address }} {{ netdata_host.key }} +{% endfor %} {% for service in ( services_all_services | dict2items ) %} {{ service.value.inet6_address }} pod-{{ service.key }} diff --git a/playbooks/services.yml b/playbooks/services.yml index 23e66a3..37894fa 100644 --- a/playbooks/services.yml +++ b/playbooks/services.yml @@ -92,8 +92,17 @@ - "files/services/deploy/lrproxy/nginx-conf.d/database.thenineworlds.net.conf" - "files/services/deploy/lrproxy/nginx-conf.d/git.thenineworlds.net.conf" - "files/services/deploy/lrproxy/nginx-conf.d/music.thenineworlds.net.conf" + - "files/services/deploy/lrproxy/nginx-conf.d/netdata.valkyrie.thenineworlds.net.conf" + - "files/services/deploy/lrproxy/nginx-conf.d/netdata.yggdrasil.thenineworlds.net.conf" - "files/services/deploy/lrproxy/nginx-conf.d/notes.thenineworlds.net.conf" services_service_deploy_versions: "{{ services_deploy_versions.lrproxy }}" + services_deploy_netdata_hosts: + "netdata.valkyrie.thenineworlds.net": + inet_address: "{{ hostvars.valkyrie.system_extra_netdata_inet_address }}" + inet6_address: "{{ hostvars.valkyrie.system_extra_netdata_inet6_address }}" + "netdata.yggdrasil.thenineworlds.net": + inet_address: "{{ hostvars.yggdrasil.system_extra_netdata_inet_address }}" + inet6_address: "{{ hostvars.yggdrasil.system_extra_netdata_inet6_address }}" when: "'lrproxy' in services_host_services" tags: "always" diff --git a/playbooks/system.yml b/playbooks/system.yml index 7c8f48d..252677a 100644 --- a/playbooks/system.yml +++ b/playbooks/system.yml @@ -112,6 +112,21 @@ system_extra_libvirt_user_name: "{{ system_base_ssh_user }}" system_extra_libvirt_install_zfs_driver: "{{ 'zfs' in group_names }}" +- name: "system : valkyrie, yggdrasil" + hosts: + - "valkyrie" + - "yggdrasil" + roles: + - role: "system/extra/netdata" + tags: + - "system:extra" + - "system:extra:netdata" + vars: + system_extra_netdata_registry_inet_address: "\ + {{ hostvars.yggdrasil.system_extra_netdata_inet_address }}" + system_extra_netdata_registry_inet6_address: "\ + {{ hostvars.yggdrasil.system_extra_netdata_inet6_address }}" + - name: "system : asgard:&zfs" hosts: "asgard:&zfs" roles: diff --git a/roles b/roles index 9b57350..0f80516 160000 --- a/roles +++ b/roles @@ -1 +1 @@ -Subproject commit 9b57350d92f221571d6a075f3e7e403c33e436ad +Subproject commit 0f805168b6c3b6293378e75e061a8b6dbbf1f875