nixos: prelim plausible
This commit is contained in:
parent
a427307797
commit
7e06d5eeaf
18
flake.lock
18
flake.lock
|
@ -7,11 +7,11 @@
|
||||||
"utils": "utils"
|
"utils": "utils"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1632822684,
|
"lastModified": 1638665590,
|
||||||
"narHash": "sha256-lt7eayYmgsD5OQwpb1XYfHpxttn43bWo7G7hIJs+zJw=",
|
"narHash": "sha256-nhtfL3z4TizWHemyZvgLvq11FhYX5Ya4ke+t6Np5PKQ=",
|
||||||
"owner": "serokell",
|
"owner": "serokell",
|
||||||
"repo": "deploy-rs",
|
"repo": "deploy-rs",
|
||||||
"rev": "9a02de4373e0ec272d08a417b269a28ac8b961b4",
|
"rev": "715e92a13018bc1745fb680b5860af0c5641026a",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -196,11 +196,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1637605846,
|
"lastModified": 1638918949,
|
||||||
"narHash": "sha256-Llelj1pYeAhGLftPxM2ixSgAfdPBAZOnpBZtpvaZ3Xo=",
|
"narHash": "sha256-HDAM4N7dBB0zVgoflnWyVDrGx4oiIUaEjI8YDwk0FFU=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "d00918ccaf7e1532d35db2f1e3d44db3da39b851",
|
"rev": "4d07862ea6ed637ee85f868d1bf8a833878bc05e",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -285,11 +285,11 @@
|
||||||
"nixpkgs": "nixpkgs_4"
|
"nixpkgs": "nixpkgs_4"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1637273221,
|
"lastModified": 1638383949,
|
||||||
"narHash": "sha256-ByBCiWlVprVgYGGy2ma7W0DKbtp4Xmj7S5whFrIzO3Q=",
|
"narHash": "sha256-k7oMUrp1cMBj59uihyocJVqi4jbU16ycHQqGTJxH1b0=",
|
||||||
"owner": "serokell",
|
"owner": "serokell",
|
||||||
"repo": "serokell.nix",
|
"repo": "serokell.nix",
|
||||||
"rev": "1649eceabbe6e148b3c1b322b716e873d312599f",
|
"rev": "faebe5b14155d045ae5d3f76193c8e99e664af1b",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -82,6 +82,11 @@
|
||||||
ip = "10.42.42.17";
|
ip = "10.42.42.17";
|
||||||
mac = "0A:06:5E:E7:9A:0C";
|
mac = "0A:06:5E:E7:9A:0C";
|
||||||
}
|
}
|
||||||
|
{
|
||||||
|
hostname = "plausible";
|
||||||
|
ip = "10.42.42.18";
|
||||||
|
mac = "82:34:70:FA:44:6F";
|
||||||
|
}
|
||||||
{
|
{
|
||||||
hostname = "victoriametrics";
|
hostname = "victoriametrics";
|
||||||
ip = "10.42.42.19";
|
ip = "10.42.42.19";
|
||||||
|
|
1
nixos/.gitignore
vendored
Normal file
1
nixos/.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
result/
|
|
@ -36,6 +36,7 @@ in {
|
||||||
|
|
||||||
# Additional packages
|
# Additional packages
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
binutils
|
||||||
fix-vscode
|
fix-vscode
|
||||||
fluxcd
|
fluxcd
|
||||||
k9s
|
k9s
|
||||||
|
|
|
@ -8,10 +8,8 @@ let
|
||||||
proxyWebsockets = true;
|
proxyWebsockets = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
k8s_proxy = proxy "http://10.42.42.150:8000/";
|
k8s_proxy = proxy "http://10.42.42.10:8000/";
|
||||||
in {
|
in {
|
||||||
imports = [ ];
|
|
||||||
|
|
||||||
networking.hostName = "nginx";
|
networking.hostName = "nginx";
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
|
@ -34,7 +32,8 @@ in {
|
||||||
|
|
||||||
# Reverse Proxies
|
# Reverse Proxies
|
||||||
virtualHosts."ha.0x76.dev" = proxy "http://10.42.42.8:8123/";
|
virtualHosts."ha.0x76.dev" = proxy "http://10.42.42.8:8123/";
|
||||||
virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://10.42.43.28:8085/";
|
virtualHosts."zookeeper-dev.0x76.dev" = proxy "http://eevee.olympus:8085/";
|
||||||
|
virtualHosts."analytics.0x76.dev" = proxy "http://plausible.olympus:8000/";
|
||||||
|
|
||||||
# Kubernetes endpoints
|
# Kubernetes endpoints
|
||||||
virtualHosts."0x76.dev" = k8s_proxy;
|
virtualHosts."0x76.dev" = k8s_proxy;
|
||||||
|
@ -45,5 +44,5 @@ in {
|
||||||
|
|
||||||
security.acme.email = "victorheld12@gmail.com";
|
security.acme.email = "victorheld12@gmail.com";
|
||||||
security.acme.acceptTerms = true;
|
security.acme.acceptTerms = true;
|
||||||
security.acme.preliminarySelfsigned = false;
|
security.acme.preliminarySelfsigned = true;
|
||||||
}
|
}
|
||||||
|
|
42
nixos/hosts/plausible/configuration.nix
Normal file
42
nixos/hosts/plausible/configuration.nix
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
# Edit this configuration file to define what should be installed on
|
||||||
|
# your system. Help is available in the configuration.nix(5) man page
|
||||||
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||||
|
|
||||||
|
{ config, pkgs, ... }:
|
||||||
|
let
|
||||||
|
vs = config.vault-secrets.secrets;
|
||||||
|
cfg = config.services.plausible;
|
||||||
|
in {
|
||||||
|
imports = [ ];
|
||||||
|
|
||||||
|
networking.hostName = "plausible";
|
||||||
|
|
||||||
|
# This value determines the NixOS release from which the default
|
||||||
|
# settings for stateful data, like file locations and database versions
|
||||||
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||||
|
# this value at the release version of the first install of this system.
|
||||||
|
# Before changing this value read the documentation for this option
|
||||||
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
|
system.stateVersion = "21.11"; # Did you read the comment?
|
||||||
|
|
||||||
|
# Additional packages
|
||||||
|
environment.systemPackages = with pkgs; [ ];
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [ cfg.server.port ];
|
||||||
|
networking.firewall.allowedUDPPorts = [ ];
|
||||||
|
|
||||||
|
vault-secrets.secrets.plausible = { };
|
||||||
|
|
||||||
|
services.plausible = {
|
||||||
|
enable = false;
|
||||||
|
server = {
|
||||||
|
baseUrl = "https://analytics.0x76.dev";
|
||||||
|
secretKeybaseFile = "${vs.plausible}/secretkeybase";
|
||||||
|
};
|
||||||
|
adminUser = {
|
||||||
|
activate = true;
|
||||||
|
email = "plausible@xirion.net";
|
||||||
|
passwordFile = "${vs.plausible}/password";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
1
nixos/pkgs/clickhouse/.gitignore
vendored
Normal file
1
nixos/pkgs/clickhouse/.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
||||||
|
result
|
1
nixos/pkgs/clickhouse/clickhouse.nix
Normal file
1
nixos/pkgs/clickhouse/clickhouse.nix
Normal file
|
@ -0,0 +1 @@
|
||||||
|
let pkgs = import <nixpkgs> {}; in pkgs.callPackage (./default.nix) { }
|
49
nixos/pkgs/clickhouse/default.nix
Normal file
49
nixos/pkgs/clickhouse/default.nix
Normal file
|
@ -0,0 +1,49 @@
|
||||||
|
{ stdenv, dpkg, autoPatchelfHook, fetchurl, lib, glibc }:
|
||||||
|
stdenv.mkDerivation rec {
|
||||||
|
pname = "clickhouse";
|
||||||
|
version = "21.11.5.33";
|
||||||
|
|
||||||
|
broken = stdenv.buildPlatform.is32bit;
|
||||||
|
|
||||||
|
sourceRoot = ".";
|
||||||
|
|
||||||
|
srcs = [
|
||||||
|
(fetchurl {
|
||||||
|
url =
|
||||||
|
"https://github.com/ClickHouse/ClickHouse/releases/download/v${version}-stable/clickhouse-common-static-${version}.tgz";
|
||||||
|
sha256 = "sha256-WYSxRQWj6We5v3trMZ0r9xr0kyApyEL444os7yTw8fI=";
|
||||||
|
})
|
||||||
|
(fetchurl {
|
||||||
|
url =
|
||||||
|
"https://github.com/ClickHouse/ClickHouse/releases/download/v${version}-stable/clickhouse-server-${version}.tgz";
|
||||||
|
sha256 = "sha256-mxEObzTlW1A7p8END24H/ovxF/PsmmoPWvEjbRmS9X0=";
|
||||||
|
})
|
||||||
|
];
|
||||||
|
|
||||||
|
nativeBuildInputs = [ autoPatchelfHook ];
|
||||||
|
buildInputs = [
|
||||||
|
glibc
|
||||||
|
];
|
||||||
|
# hardeningDisable = [ "format" ];
|
||||||
|
|
||||||
|
installPhase = ''
|
||||||
|
mkdir -p $out/{bin,etc}
|
||||||
|
cp -av clickhouse-server-${version}/usr/bin/* $out/bin/
|
||||||
|
cp -av clickhouse-server-${version}/etc/clickhouse-server $out/etc/
|
||||||
|
cp -av clickhouse-common-static-${version}/usr/bin/* $out/bin/
|
||||||
|
|
||||||
|
runHook postInstall
|
||||||
|
'';
|
||||||
|
|
||||||
|
postInstall = ''
|
||||||
|
sed -i -e '\!<log>/var/log/clickhouse-server/clickhouse-server\.log</log>!d' $out/etc/clickhouse-server/config.xml
|
||||||
|
substituteInPlace $out/etc/clickhouse-server/config.xml --replace "<errorlog>/var/log/clickhouse-server/clickhouse-server.err.log</errorlog>" "<console>1</console>"
|
||||||
|
'';
|
||||||
|
|
||||||
|
meta = with lib; {
|
||||||
|
homepage = "https://clickhouse.tech/";
|
||||||
|
description = "Column-oriented database management system";
|
||||||
|
license = licenses.asl20;
|
||||||
|
platforms = platforms.linux;
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,4 +1,6 @@
|
||||||
final: prev: {
|
final: prev: {
|
||||||
|
clickhouse = prev.callPackage ./clickhouse { };
|
||||||
|
|
||||||
v = {
|
v = {
|
||||||
unbound = prev.unbound.override {
|
unbound = prev.unbound.override {
|
||||||
withSystemd = true;
|
withSystemd = true;
|
||||||
|
|
Loading…
Reference in a new issue