diff --git a/machines/kholinar/default.nix b/machines/kholinar/default.nix index 335843be..cbb9da7c 100644 --- a/machines/kholinar/default.nix +++ b/machines/kholinar/default.nix @@ -49,6 +49,4 @@ torrents.enable = true; }; }; - - services.telegraf.extraConfig.inputs.disk.mount_points = [ "/boot" ]; } diff --git a/machines/lasting-integrity/default.nix b/machines/lasting-integrity/default.nix index 7870bfb1..576c1e52 100644 --- a/machines/lasting-integrity/default.nix +++ b/machines/lasting-integrity/default.nix @@ -72,9 +72,7 @@ }; }; services = { - garmin-scraper.enable = true; git.enable = true; - grafana.enable = true; mail.enable = true; mastodon.enable = true; matrix.enable = true; @@ -139,5 +137,4 @@ }; }; programs.msmtp.enable = false; - services.telegraf.extraConfig.inputs.disk.mount_points = [ "/boot/ESP0" "/boot/ESP1" ]; } diff --git a/machines/urithiru/default.nix b/machines/urithiru/default.nix index 025b118f..ffbd697e 100644 --- a/machines/urithiru/default.nix +++ b/machines/urithiru/default.nix @@ -72,5 +72,4 @@ host = "socrates.machines.robbevp.be"; dataset = "zdata/data"; }; - services.telegraf.extraConfig.inputs.disk.mount_points = [ "/boot/ESP0" "/boot/ESP1" ]; } diff --git a/modules/nixos/base/default.nix b/modules/nixos/base/default.nix index b5b0c60b..74801a2a 100644 --- a/modules/nixos/base/default.nix +++ b/modules/nixos/base/default.nix @@ -10,7 +10,6 @@ ./smartd ./ssh ./sshd - ./telegraf ./tmux ./zfs ./zsh diff --git a/modules/nixos/base/telegraf/default.nix b/modules/nixos/base/telegraf/default.nix deleted file mode 100644 index e2f3e518..00000000 --- a/modules/nixos/base/telegraf/default.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - services.telegraf = { - enable = true; - extraConfig = { - agent = { - interval = "10s"; - round_interval = true; - metric_batch_size = 1000; - metric_buffer_limit = 10000; - collection_jitter = "0s"; - flush_interval = "10s"; - flush_jitter = "0s"; - precision = "0s"; - omit_hostname = false; - }; - outputs.influxdb_v2 = { - urls = [ "https://stats.chvp.be:8086" ]; - token = "$TOKEN"; - organization = "default"; - bucket = "default"; - }; - inputs = { - cpu = { - percpu = true; - totalcpu = true; - collect_cpu_time = false; - report_active = false; - }; - diskio = { }; - exec = { - commands = [ "${pkgs.zfs}/libexec/zfs/zpool_influxdb" ]; - timeout = "5s"; - data_format = "influx"; - }; - kernel = { }; - mem = { }; - processes = { }; - swap = { }; - system = { }; - }; - }; - environmentFiles = [ config.age.secrets."passwords/services/telegraf-env".path ]; - }; - age.secrets."passwords/services/telegraf-env" = { - file = ../../../../secrets/passwords/services/telegraf-env.age; - owner = "telegraf"; - }; -} diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix index 6a8f368b..70ef7c54 100644 --- a/modules/nixos/services/default.nix +++ b/modules/nixos/services/default.nix @@ -5,9 +5,7 @@ ./accentor ./containers ./data-access - ./garmin-scraper ./git - ./grafana ./mail ./mastodon ./matrix diff --git a/modules/nixos/services/garmin-scraper/default.nix b/modules/nixos/services/garmin-scraper/default.nix deleted file mode 100644 index c223736e..00000000 --- a/modules/nixos/services/garmin-scraper/default.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - garmin2influx = pkgs.writers.writePython3Bin "garmin2influx" - { - libraries = with pkgs.python3Packages; [ garminconnect influxdb-client ]; - } - (builtins.readFile ./garmin2influx.py); -in -{ - options.chvp.services.garmin-scraper.enable = lib.mkEnableOption "garmin scraper"; - - config = lib.mkIf config.chvp.services.garmin-scraper.enable { - # Install in environment to allow manual data collection - environment.systemPackages = [ garmin2influx ]; - systemd = { - services.garmin2influx = { - description = "Garmin health data importer"; - restartIfChanged = false; - unitConfig.X-StopOnRemoval = false; - serviceConfig = { - EnvironmentFile = config.age.secrets."passwords/services/garmin2influx-env".path; - Type = "oneshot"; - User = "charlotte"; - Group = "users"; - ExecStart = "${garmin2influx}/bin/garmin2influx"; - RestartSec = "5s"; - Restart = "on-failure"; - }; - startAt = "02/4:00"; - }; - timers.garmin2influx.timerConfig.RandomizedDelaySec = "30min"; - }; - age.secrets."passwords/services/garmin2influx-env" = { - file = ../../../../secrets/passwords/services/garmin2influx-env.age; - owner = "charlotte"; - }; - }; -} diff --git a/modules/nixos/services/garmin-scraper/garmin2influx.py b/modules/nixos/services/garmin-scraper/garmin2influx.py deleted file mode 100644 index e8f6c3c7..00000000 --- a/modules/nixos/services/garmin-scraper/garmin2influx.py +++ /dev/null @@ -1,88 +0,0 @@ -import os -import sys -from datetime import date, datetime, timedelta, timezone -from garminconnect import ( - Garmin, - GarminConnectConnectionError, - GarminConnectTooManyRequestsError, - GarminConnectAuthenticationError, - ) -from influxdb_client import InfluxDBClient, Point, WritePrecision -from influxdb_client.client.write_api import SYNCHRONOUS - -email = os.getenv('EMAIL') -password = os.getenv('PASSWORD') -token = os.getenv('TOKEN') -org = 'default' -bucket = 'default' - - -def hr2point(time, val): - return Point("health") \ - .field("heart_rate", val) \ - .time( - datetime.fromtimestamp(time / 1000, timezone.utc), - WritePrecision.S - ) - - -def stress2point(time, val): - return Point("health") \ - .field("stress", max(val, 0)) \ - .time( - datetime.fromtimestamp(time / 1000, timezone.utc), - WritePrecision.S - ) - - -def hr_for_date(api, date_to_fetch): - return api.get_heart_rates(date_to_fetch.isoformat())['heartRateValues'] - - -def stress_for_date(api, date_to_fetch): - return api.get_stress_data(date_to_fetch.isoformat())['stressValuesArray'] - - -date_to_fetch = date.today().isoformat() -if len(sys.argv) > 1: - date_to_fetch = sys.argv[1] - -date_to_fetch = date.fromisoformat(date_to_fetch) - -try: - api = Garmin(email, password) - api.login() - hr_points = list(map( - lambda p: hr2point(*p), - hr_for_date(api, date_to_fetch - timedelta(days=1)) - )) - stress_points = list(map( - lambda p: stress2point(*p), - stress_for_date(api, date_to_fetch - timedelta(days=1)) - )) - hr_points += list(map( - lambda p: hr2point(*p), - hr_for_date(api, date_to_fetch) - )) - stress_points += list(map( - lambda p: stress2point(*p), - stress_for_date(api, date_to_fetch) - )) - with InfluxDBClient( - url="https://stats.chvp.be:8086", - token=token, - org=org - ) as client: - write_api = client.write_api(write_options=SYNCHRONOUS) - write_api.write(bucket, org, hr_points) - write_api.write(bucket, org, stress_points) -except ( - GarminConnectConnectionError, - GarminConnectAuthenticationError, - GarminConnectTooManyRequestsError, -) as err: - print( - f'Error occured during Garmin Connect communication: {err}', - file=sys.stderr - ) - sys.exit(1) diff --git a/modules/nixos/services/grafana/default.nix b/modules/nixos/services/grafana/default.nix deleted file mode 100644 index 564332c7..00000000 --- a/modules/nixos/services/grafana/default.nix +++ /dev/null @@ -1,96 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - options.chvp.services.grafana.enable = lib.mkEnableOption "grafana"; - - config = lib.mkIf config.chvp.services.grafana.enable { - chvp.services.nginx.hosts = [{ - fqdn = "stats.chvp.be"; - options.locations."/" = { - proxyPass = "http://grafana"; - proxyWebsockets = true; - }; - }]; - users.users = { - influxdb2.extraGroups = [ "acme" ]; - nginx.extraGroups = [ "grafana" ]; - }; - networking.firewall.allowedTCPPorts = [ 8086 ]; - services = { - nginx.upstreams.grafana.servers = { "unix:/run/grafana/grafana.sock" = { }; }; - influxdb2 = { - enable = true; - settings = { - reporting-disabled = true; - tls-cert = "${config.security.acme.certs."vanpetegem.me".directory}/fullchain.pem"; - tls-key = "${config.security.acme.certs."vanpetegem.me".directory}/key.pem"; - }; - }; - grafana = { - enable = true; - dataDir = "${config.chvp.dataPrefix}/var/lib/grafana"; - settings = { - analytics.reporting_enabled = false; - "auth.anonymous" = { - enabled = "true"; - org_name = "Van Petegem"; - }; - database = { - user = "grafana"; - type = "postgres"; - host = "/run/postgresql/"; - name = "grafana"; - }; - security = { - admin_user = "chvp"; - admin_password = "$__file{${config.age.secrets."passwords/services/grafana/admin-password".path}}"; - secret_key = "$__file{${config.age.secrets."passwords/services/grafana/secret-key".path}}"; - }; - server = { - domain = "stats.chvp.be"; - http_port = 3000; - protocol = "socket"; - root_url = "https://stats.chvp.be"; - socket = "/run/grafana/grafana.sock"; - }; - smtp = { - enabled = true; - host = "mail.vanpetegem.me:25"; - user = "noreply@vanpetegem.me"; - from_address = "noreply@vanpetegem.me"; - password = "$__file{${config.age.secrets."passwords/services/grafana/smtp".path}}"; - }; - users = { - default_theme = "light"; - allow_sign_up = false; - }; - }; - }; - grafana-image-renderer = { - enable = true; - provisionGrafana = true; - chromium = pkgs.ungoogled-chromium; - }; - postgresql = { - enable = true; - ensureDatabases = [ "grafana" ]; - ensureUsers = [{ - name = "grafana"; - ensureDBOwnership = true; - }]; - }; - }; - age.secrets."passwords/services/grafana/smtp" = { - file = ../../../../secrets/passwords/services/grafana/smtp.age; - owner = "grafana"; - }; - age.secrets."passwords/services/grafana/admin-password" = { - file = ../../../../secrets/passwords/services/grafana/admin-password.age; - owner = "grafana"; - }; - age.secrets."passwords/services/grafana/secret-key" = { - file = ../../../../secrets/passwords/services/grafana/secret-key.age; - owner = "grafana"; - }; - }; -} diff --git a/secrets.nix b/secrets.nix index 50fd6243..6d147444 100644 --- a/secrets.nix +++ b/secrets.nix @@ -86,7 +86,6 @@ in "secrets/passwords/services/grafana/smtp.age".publicKeys = [ lasting-integrity ] ++ users; "secrets/passwords/services/grafana/admin-password.age".publicKeys = [ lasting-integrity ] ++ users; "secrets/passwords/services/grafana/secret-key.age".publicKeys = [ lasting-integrity ] ++ users; - "secrets/passwords/services/telegraf-env.age".publicKeys = hosts ++ users; "secrets/passwords/services/nextcloud-admin.age".publicKeys = [ lasting-integrity ] ++ users; diff --git a/secrets/passwords/services/garmin2influx-env.age b/secrets/passwords/services/garmin2influx-env.age deleted file mode 100644 index 74579ba6..00000000 Binary files a/secrets/passwords/services/garmin2influx-env.age and /dev/null differ diff --git a/secrets/passwords/services/grafana/admin-password.age b/secrets/passwords/services/grafana/admin-password.age deleted file mode 100644 index 919be5d5..00000000 Binary files a/secrets/passwords/services/grafana/admin-password.age and /dev/null differ diff --git a/secrets/passwords/services/grafana/secret-key.age b/secrets/passwords/services/grafana/secret-key.age deleted file mode 100644 index 1a4f705e..00000000 --- a/secrets/passwords/services/grafana/secret-key.age +++ /dev/null @@ -1,9 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 hKAFvQ 9woSTWa4luTKA2jfbkis7IMcsOP+cnuJR1gDH65hrDo -lpwWJCjHCteXj+rys2MEvuPs2f78NTSsdAuELHuTOjk --> ssh-ed25519 s9rb8g L85FiAeYwhFeomu4w3xcQro41m9oXqtGtUw0ZQx6MiY -k+ZMntX9x7g0a6UeDkDZ9uc359xzBl2HZa1pJdsbWh4 --> ssh-ed25519 +xxExQ giuRie5BEr/p9uq6vw79KQkmbAaGGkG30uBEfyPOCD8 -/Js0rmCKqXmhoFefkGoDYZEWpleTEcWFPBj3gRBQhdI ---- jCfREPXg1qBF6uly+ZMMm9e2rJLr/WAUUbl7h4Wuikk -B4=`އ~9`y{it=`aOi&)05?v`xyu26ɚ< \ No newline at end of file diff --git a/secrets/passwords/services/grafana/smtp.age b/secrets/passwords/services/grafana/smtp.age deleted file mode 100644 index c9956d2a..00000000 Binary files a/secrets/passwords/services/grafana/smtp.age and /dev/null differ diff --git a/secrets/passwords/services/telegraf-env.age b/secrets/passwords/services/telegraf-env.age deleted file mode 100644 index f2b419ac..00000000 --- a/secrets/passwords/services/telegraf-env.age +++ /dev/null @@ -1,20 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 Lbmdyg 86vJ4kz+a0FBs1Ur9u6+f+w+X3tOSQsX9xx0FV2+2mk -Y1nYUGS5PzkaoOUYCOg01B1W4lJhaL62jC886/5g6sY --> ssh-ed25519 aUd9Ng xv5Qp60hzeiW/8HU1WamQpKrpfiUSI0IAp6Ch2mqAmI -t3PXALWPAybiRm0q46DuP1LYG6f9tWFwkEritfEcJl4 --> ssh-ed25519 hKAFvQ 41w6PqLJ7OV6yHJRHpXwUAYc3PMxvmHtVBWp5AP3MUs -HTtTnX9RSgEdmjfQIF0cQusHzoQt7OF1O1GY3OOvXl0 --> ssh-ed25519 9+Fe5A l9+8Hj9EF1uO0lp+8UXEXG3nDihT+LnfIp/sQyLGlms -bKoJ+fCfNWjjbLtEgOvGrupQIPQZAZLtyaW9VVg+QvE --> ssh-ed25519 KOkamg PU2WBRNW3yii9F8nfDqUsW8A//P7kstaL55dPPk7Ojg -DfKavW0XzuGWBT/LVen12/wuhuH+q1w/RKTEHENm8iU --> ssh-ed25519 9PfEBQ o1OkgI6t8r/giSHSURyAp3AA/3pyxRrUk48Lw733B3I -KcPFudRarV+c5SXiVtjrTQt9VWDIcoyXb7XtcRYivUg --> ssh-ed25519 s9rb8g BANlY5LSIzNjUWD3htwFVZjPD82PU/NMAyoA3uO5mlo -Ss555AqqXTiYcGsaFrJ8i8Q17aCZVN44j6obHmxEJ1I --> ssh-ed25519 +xxExQ HqZ51lJE/h/4tOPAMqXZ87jz7J3CnE1tW4xjiU+3xCU -hd5HacBYc2Ozd9U5T1a2eo470Idc/jYJNjfpvdSfgtg ---- RFMlPyLIVqChyduvRrhMm7Fl8NiZLzUuxGgzbWeRTeU -CD8vC|¶FȺS J1B+⍀i-Hs8gq.=u8m -.PS?j\7ه[:#iQ<@*7 \ No newline at end of file