iamthefij
/
homelab-nomad
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
568 Commits 14 Branches 0 Tags 2 MiB
Commit Graph

129 Commits

Author SHA1 Message Date
IamTheFij ddeb8fffbc Move services to their own tf files for easier locating 2023-08-07 11:37:19 -07:00
IamTheFij fa0da05343 Change authelia port to avoid conflict with prometheus 2023-08-02 21:31:08 -07:00
IamTheFij 4b94f66786 Increase Traefik memory 2023-07-31 10:43:03 -07:00
IamTheFij f333031c25 bootstrap blocky with stunnel 2023-07-26 23:23:23 -07:00
IamTheFij 744466bf07 Use static port for Authelia so that nomad middleware config is the same for each service 2023-07-07 16:34:50 -07:00
IamTheFij df062000e7 Run two authelia instances now that it's stateless 2023-07-07 15:56:23 -07:00
IamTheFij 0a7ad7a9dc Enable redis for authelia 
This also splits redis instances by service
 2023-07-07 15:50:23 -07:00
IamTheFij b0c1aca497 Increase token time for Nomad OIDC 2023-07-07 15:47:08 -07:00
IamTheFij 60a4051988 Enable Authelia OIDC for Nomad 2023-07-07 00:41:44 -07:00
IamTheFij 0ceb513216 Switch Grafana to OIDC from proxy auth 2023-07-07 00:40:19 -07:00
IamTheFij 9d5aeeec96 Enable Authelia OIDC provider 2023-07-07 00:39:44 -07:00
IamTheFij eae5b201b6 Add two factor for external IPs 2023-07-06 21:25:31 -07:00
IamTheFij 532d7f9a4c Use Authelia for Grafana login 2023-07-06 18:00:06 -07:00
IamTheFij 88e91e5e5d Deploy authelia 
Backed by lldap and mysql and deployed on whoami for now as a forward
proxy example

Would be good to add oidc for Nomad as well as make policies configurable
via Nomad variables.
 2023-07-06 18:00:06 -07:00
IamTheFij 8650ab973a Add stunnel for ldap as part of service template 2023-07-06 17:25:13 -07:00
IamTheFij acc80868f9 Switch lldap storage to mysql 2023-07-05 17:30:54 -07:00
IamTheFij f606e0a17e Remove blocky client groups because fallback server masks them 2023-07-05 15:45:55 -07:00
IamTheFij 2df43584cf Grafana config reloading: Use explicit path and echo 
Was running into some issues with this not running. Using an explicit
path seems to help, so I'll try it for now. Also added some echo statements
to make it easier to discern when run.
 2023-06-20 09:44:04 -07:00
IamTheFij 2c128b25f3 Add additional blocking for wemo 2023-06-20 09:42:33 -07:00
IamTheFij 1df5545835 Promtail: use local task dir rather than bind mount 2023-05-12 10:11:30 -07:00
IamTheFij d4cb91d58d Rename metrics job to exporters 2023-05-12 10:11:11 -07:00
IamTheFij 48322d9a78 Document what the nomad stalker is for 2023-05-12 10:10:31 -07:00
IamTheFij 5169aecc6d Add pushgateway to prometheus 2023-05-09 15:56:20 -07:00
IamTheFij f11fad30a5 Use stunnel for mysql 
Doesn't remove wesher or normal mysql service
 2023-05-09 13:20:36 -07:00
IamTheFij 27fd60d84d Add missing service to Wesher 
Promtail, Backups, service module
 2023-05-02 21:14:36 -07:00
IamTheFij 0a84fd04bc Automatically re-provision grafana when data source addresses change 2023-05-02 21:13:59 -07:00
IamTheFij 7d8bc45090 Move blocky custom mappings above catchall 2023-04-04 13:12:34 -07:00
IamTheFij 485bc22e78 Add TODO for using nomad api socket 2023-03-27 15:50:15 -07:00
IamTheFij c38ba8589a Clean blocky config for latest version 2023-03-27 15:21:35 -07:00
IamTheFij c7f85bd985 Fix blocky redis stunnel lookup 2023-03-27 15:21:19 -07:00
IamTheFij f17dec7b57 Add nomad services to nomad zone using hosts in blocky 2023-03-27 15:20:50 -07:00
IamTheFij a748adbab0 Store blocky config in local task dir 2023-03-27 15:19:53 -07:00
IamTheFij 747d5ef0e7 Remove vault stanza from Grafana 2023-03-27 14:10:10 -07:00
IamTheFij 08d0e93638 Clean up and remove some consul and vault stuff 2023-03-24 22:58:44 -07:00
IamTheFij 74ce30c3c1 Get nomad client scraping working 2023-03-24 22:22:11 -07:00
IamTheFij 98ea2a1ca0 A whole lot of incremental fixes for nomad variables and such 
Also adds stunnel between redis and clients
 2023-03-24 16:32:37 -07:00
IamTheFij d8307935f5 Refactor everything for nomad vars 2023-03-24 11:24:36 -07:00
IamTheFij 5fb0e0841e Blocky do not create read only user to reduce password exposure 2023-03-24 09:56:56 -07:00
IamTheFij 00697ebb02 Blocky use wgoverlay for api 2023-03-24 09:56:29 -07:00
IamTheFij f31569ad56 Update cloudflare variable names 2023-03-24 09:56:03 -07:00
IamTheFij 46dc44aca4 Simplify mysql for blocky 2023-03-24 08:55:27 -07:00
IamTheFij 4430b3570e Fix blocky template 2023-03-24 08:55:27 -07:00
IamTheFij 65cb6afaf9 WIP: Moving vars and service discovery to Nomad 
Starting with core
 2023-03-24 08:55:23 -07:00
IamTheFij ee68310e58 Add Nomad provider and sample using Wesher 2023-03-24 08:50:16 -07:00
IamTheFij 3ebb616219 Add nomad labels to docker logs 2023-03-17 11:47:40 -07:00
IamTheFij 437b5ce72e Update grafana 2023-03-12 10:22:47 -07:00
IamTheFij 19d5321731 Increase memory for promtail 
n2 was getting OOM
 2023-02-27 11:54:33 -08:00
IamTheFij 3a95fb46db Add more conditional checks to Blocky so it is more resiliant 
Hopefully this will allow it to deploy if mysql or vault are down
 2023-02-27 11:54:33 -08:00
IamTheFij 1811a851ab Tighten diun watch expressions 2023-02-14 12:28:41 -08:00
IamTheFij 0d9d2c7d21 Update promtail version and version checker 2023-01-13 15:47:48 -08:00
IamTheFij 03fd68b4f7 Add diun for monitoring images 2023-01-12 12:11:16 -08:00
IamTheFij b92917329f Use a different ip address host for ddns 2023-01-07 14:10:20 -08:00
IamTheFij e0c8d1f3c1 Exporters depend on prometheus 2023-01-06 23:07:33 -08:00
IamTheFij 976f8f9e4e Change ddclient ip url 2023-01-06 23:06:23 -08:00
IamTheFij 91c2ff6345 Update blocklists 2022-12-22 15:13:31 -08:00
IamTheFij fd731971d3 Try to stabilize DNS 
Add all cluster nodes to each nodes resolv.conf and update blocky config
template to delay render on update to avoid unnecessary restarts
 2022-11-27 22:46:25 -08:00
IamTheFij b0ea77a9f7 Update Cloudflare token variables 2022-11-21 14:25:01 -08:00
IamTheFij 049d9f0fe0 Make sure grafana points to port bound within it's task group 2022-11-18 08:57:06 -08:00
IamTheFij f481e7b938 Update blocky dashboards 2022-11-16 08:42:36 -08:00
IamTheFij 35403d0219 Update nomad dashboard 2022-11-16 08:37:29 -08:00
IamTheFij 416676c9f9 Update minitor dashboard 2022-11-16 08:35:01 -08:00
IamTheFij 12b91e9566 Fix env location for lldap 2022-11-15 16:54:37 -08:00
IamTheFij 8a21dd7eb4 Bump traefik version 2022-11-15 15:57:23 -08:00
IamTheFij a1def1c69d Increase memory for lldap 
Password hashing was causing OOM kills
 2022-11-15 15:57:23 -08:00
IamTheFij c7d0fca6e7 Pin lldap verison 2022-11-15 15:57:23 -08:00
IamTheFij 86b472435c Use explicit lldap ports so that connect proxy can find them 2022-11-15 15:57:23 -08:00
IamTheFij 2db266bda7 Update blocky upstream dns to bootstrap better (hopefully) and forward to consul 2022-11-15 10:26:26 -08:00
IamTheFij cf2779c971 Update lldap to use dynamic ports 2022-11-15 09:43:13 -08:00
IamTheFij 954a878915 Grafana update + renderer + new dashboards 2022-11-15 09:04:18 -08:00
IamTheFij bb400a3f1c Add blocky metrics to grafana 2022-11-11 16:21:17 -08:00
IamTheFij 49c8a73ac9 Store loki data on ephemeral disk 2022-11-11 13:24:54 -08:00
IamTheFij af32c9e2e5 Put grafana bootstrap secrets in secrets location 2022-11-10 13:39:12 -08:00
IamTheFij 3077e66e70 Limit all existing services to websecure entrypoint 
This will be a bigger issue if exposing a public entrypoint.
 2022-11-10 13:37:50 -08:00
IamTheFij e9f2fae609 Switch mysql to mariadb 2022-11-10 13:37:50 -08:00
IamTheFij 1fad6b691c Update some metrics 2022-11-07 20:50:18 -08:00
IamTheFij 5bbb6c494c Fix some formatting 2022-11-03 15:10:09 -07:00
IamTheFij 37e80980bc Refactor ansible to clean root dir 2022-11-02 14:20:09 -07:00
IamTheFij 0996cfbf67 Update hooks 2022-11-02 12:59:32 -07:00
IamTheFij 45c597b040 Big refactor to split core and services for better ordering 2022-10-27 14:28:34 -07:00