nixos: prelim plausible
This commit is contained in:
parent
a427307797
commit
7e06d5eeaf
18
flake.lock
18
flake.lock
|
@ -7,11 +7,11 @@
|
|||
"utils": "utils"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1632822684,
|
||||
"narHash": "sha256-lt7eayYmgsD5OQwpb1XYfHpxttn43bWo7G7hIJs+zJw=",
|
||||
"lastModified": 1638665590,
|
||||
"narHash": "sha256-nhtfL3z4TizWHemyZvgLvq11FhYX5Ya4ke+t6Np5PKQ=",
|
||||
"owner": "serokell",
|
||||
"repo": "deploy-rs",
|
||||
"rev": "9a02de4373e0ec272d08a417b269a28ac8b961b4",
|
||||
"rev": "715e92a13018bc1745fb680b5860af0c5641026a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -196,11 +196,11 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1637605846,
|
||||
"narHash": "sha256-Llelj1pYeAhGLftPxM2ixSgAfdPBAZOnpBZtpvaZ3Xo=",
|
||||
"lastModified": 1638918949,
|
||||
"narHash": "sha256-HDAM4N7dBB0zVgoflnWyVDrGx4oiIUaEjI8YDwk0FFU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "d00918ccaf7e1532d35db2f1e3d44db3da39b851",
|
||||
"rev": "4d07862ea6ed637ee85f868d1bf8a833878bc05e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -285,11 +285,11 @@
|
|||
"nixpkgs": "nixpkgs_4"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1637273221,
|
||||
"narHash": "sha256-ByBCiWlVprVgYGGy2ma7W0DKbtp4Xmj7S5whFrIzO3Q=",
|
||||
"lastModified": 1638383949,
|
||||
"narHash": "sha256-k7oMUrp1cMBj59uihyocJVqi4jbU16ycHQqGTJxH1b0=",
|
||||
"owner": "serokell",
|
||||
"repo": "serokell.nix",
|
||||
"rev": "1649eceabbe6e148b3c1b322b716e873d312599f",
|
||||
"rev": "faebe5b14155d045ae5d3f76193c8e99e664af1b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -82,6 +82,11 @@
|
|||
ip = "10.42.42.17";
|
||||
mac = "0A:06:5E:E7:9A:0C";
|
||||
}
|
||||
{
|
||||
hostname = "plausible";
|
||||
ip = "10.42.42.18";
|
||||
mac = "82:34:70:FA:44:6F";
|
||||
}
|
||||
{
|
||||
hostname = "victoriametrics";
|
||||
ip = "10.42.42.19";
|
||||
|
|
1
nixos/.gitignore
vendored
Normal file
1
nixos/.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
result/
|
|
@ -36,6 +36,7 @@ in {
|
|||
|
||||
# Additional packages
|
||||
environment.systemPackages = with pkgs; [
|
||||
binutils
|
||||
fix-vscode
|
||||
fluxcd
|
||||
k9s
|
||||
|
|
|
@ -8,10 +8,8 @@ let
|
|||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
k8s_proxy = proxy "http://10.42.42.150:8000/";
|
||||
k8s_proxy = proxy "http://10.42.42.10:8000/";
|
||||
in {
|
||||
imports = [ ];
|
||||
|
||||
networking.hostName = "nginx";
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
|
@ -34,7 +32,8 @@ in {
|
|||
|
||||
# Reverse Proxies
|
||||
virtualHosts."ha.0x76.dev" = proxy "http://10.42.42.8:8123/";
|
||||
virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://10.42.43.28:8085/";
|
||||
virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://eevee.olympus:8085/";
|
||||
virtualHosts."analytics.0x76.dev" = proxy "http://plausible.olympus:8000/";
|
||||
|
||||
# Kubernetes endpoints
|
||||
virtualHosts."0x76.dev" = k8s_proxy;
|
||||
|
@ -45,5 +44,5 @@ in {
|
|||
|
||||
security.acme.email = "victorheld12@gmail.com";
|
||||
security.acme.acceptTerms = true;
|
||||
security.acme.preliminarySelfsigned = false;
|
||||
security.acme.preliminarySelfsigned = true;
|
||||
}
|
||||
|
|
42
nixos/hosts/plausible/configuration.nix
Normal file
42
nixos/hosts/plausible/configuration.nix
Normal file
|
@ -0,0 +1,42 @@
|
|||
# Edit this configuration file to define what should be installed on
|
||||
# your system. Help is available in the configuration.nix(5) man page
|
||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, pkgs, ... }:
|
||||
let
|
||||
vs = config.vault-secrets.secrets;
|
||||
cfg = config.services.plausible;
|
||||
in {
|
||||
imports = [ ];
|
||||
|
||||
networking.hostName = "plausible";
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "21.11"; # Did you read the comment?
|
||||
|
||||
# Additional packages
|
||||
environment.systemPackages = with pkgs; [ ];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ cfg.server.port ];
|
||||
networking.firewall.allowedUDPPorts = [ ];
|
||||
|
||||
vault-secrets.secrets.plausible = { };
|
||||
|
||||
services.plausible = {
|
||||
enable = false;
|
||||
server = {
|
||||
baseUrl = "https://analytics.0x76.dev";
|
||||
secretKeybaseFile = "${vs.plausible}/secretkeybase";
|
||||
};
|
||||
adminUser = {
|
||||
activate = true;
|
||||
email = "plausible@xirion.net";
|
||||
passwordFile = "${vs.plausible}/password";
|
||||
};
|
||||
};
|
||||
}
|
1
nixos/pkgs/clickhouse/.gitignore
vendored
Normal file
1
nixos/pkgs/clickhouse/.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
result
|
1
nixos/pkgs/clickhouse/clickhouse.nix
Normal file
1
nixos/pkgs/clickhouse/clickhouse.nix
Normal file
|
@ -0,0 +1 @@
|
|||
let pkgs = import <nixpkgs> {}; in pkgs.callPackage (./default.nix) { }
|
49
nixos/pkgs/clickhouse/default.nix
Normal file
49
nixos/pkgs/clickhouse/default.nix
Normal file
|
@ -0,0 +1,49 @@
|
|||
{ stdenv, dpkg, autoPatchelfHook, fetchurl, lib, glibc }:
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "clickhouse";
|
||||
version = "21.11.5.33";
|
||||
|
||||
broken = stdenv.buildPlatform.is32bit;
|
||||
|
||||
sourceRoot = ".";
|
||||
|
||||
srcs = [
|
||||
(fetchurl {
|
||||
url =
|
||||
"https://github.com/ClickHouse/ClickHouse/releases/download/v${version}-stable/clickhouse-common-static-${version}.tgz";
|
||||
sha256 = "sha256-WYSxRQWj6We5v3trMZ0r9xr0kyApyEL444os7yTw8fI=";
|
||||
})
|
||||
(fetchurl {
|
||||
url =
|
||||
"https://github.com/ClickHouse/ClickHouse/releases/download/v${version}-stable/clickhouse-server-${version}.tgz";
|
||||
sha256 = "sha256-mxEObzTlW1A7p8END24H/ovxF/PsmmoPWvEjbRmS9X0=";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ autoPatchelfHook ];
|
||||
buildInputs = [
|
||||
glibc
|
||||
];
|
||||
# hardeningDisable = [ "format" ];
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/{bin,etc}
|
||||
cp -av clickhouse-server-${version}/usr/bin/* $out/bin/
|
||||
cp -av clickhouse-server-${version}/etc/clickhouse-server $out/etc/
|
||||
cp -av clickhouse-common-static-${version}/usr/bin/* $out/bin/
|
||||
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
postInstall = ''
|
||||
sed -i -e '\!<log>/var/log/clickhouse-server/clickhouse-server\.log</log>!d' $out/etc/clickhouse-server/config.xml
|
||||
substituteInPlace $out/etc/clickhouse-server/config.xml --replace "<errorlog>/var/log/clickhouse-server/clickhouse-server.err.log</errorlog>" "<console>1</console>"
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://clickhouse.tech/";
|
||||
description = "Column-oriented database management system";
|
||||
license = licenses.asl20;
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
|
@ -1,4 +1,6 @@
|
|||
final: prev: {
|
||||
clickhouse = prev.callPackage ./clickhouse { };
|
||||
|
||||
v = {
|
||||
unbound = prev.unbound.override {
|
||||
withSystemd = true;
|
||||
|
|
Loading…
Reference in a new issue