privatevoid.net/depot
1
1
Fork 0
Code Issues 18 Pull requests 2 Projects 3 Releases Packages Wiki Activity Actions

cluster/services/monitoring: move tempo to s3

Browse source
This commit is contained in:
Max Headroom 2023-11-08 23:10:10 +01:00
parent bbfdd6440c
commit 0ce00ad1dc
3 changed files with 27 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
cluster/services/monitoring/secrets/tempo-secrets.age Normal file
View file

@ -0,0 +1,16 @@
age-encryption.org/v1
-> ssh-ed25519 NO562A KhCGp7PAMGrEdzRxBrsW4tRk30JwpI+4lPzrRCUhSw4
8s7WqA5c3zS1euN5R+jfFNBdvr8OQW8P4NFeqtNsIKo
-> ssh-ed25519 5/zT0w 79hJQ2H76EZTW7YcQFCtKaS5Kbssx4Z8dPFjIVzRgFk
A1fDJbUnyIRy+kWa3PhJNj/SdRPlcEy6FYsAfnuZ2AQ
-> ssh-ed25519 d3WGuA aylkdL1KliM1NfrYDGlG8X6YjXvVUCU4sV90I+a840U
6sXdqIPjtoNSylZRh1DCghHOwDo+fC7WB4QWQoWmG48
-> //gd+2-grease baUWA$3 z-qs3W O/2.1W
Sfq3+rkMJhpUTTmcos5TaaUtX2Ip9pciHAZLiWPix+C9N7ccac/1W5RNedMJCLsq
MQ+xKzexf8+hgNVhKOksvbKBBROXqk1bUOKk8w3OgFPmmByzmCBUwkdkeu5DFTYR
rg
--- kUl1uIPRkM5y7C68kdN22pMKXP7gazyha4PE+ap0Jqw
w>×Àè¥
<15>CÈ,\‰ßœI¯ˆúHxG@^Çá“På ÃþÙÏlw6µŽ{þ’rbé5æ†T>Êñ
ÚWܤX4Kp(ß?9ˆß­^^oP3f </v3N$ê¤sÓbŽ¾> O™÷œ+òN0άïµàDtêŽ5Vº#è ¶³ îŸ#y|@ŒGzSi»­ô*·HùüŽ]
ꎀ5

12
cluster/services/monitoring/tracing.nix
View file

@ -33,10 +33,15 @@ let
}; };
}; };
storage.trace = { storage.trace = {
backend = "local"; backend = "s3";
block.bloom_filter_false_positive = 0.05; block.bloom_filter_false_positive = 0.05;
wal.path = "${dataDir}/wal"; wal.path = "${dataDir}/wal";
local.path = "${dataDir}/blocks"; s3 = {
bucket = "tempo-chunks";
endpoint = cluster.config.links.garageS3.hostname;
region = "us-east-1";
forcepathstyle = true;
};
pool = { pool = {
max_workers = 16; max_workers = 16;
queue_depth = 1000; queue_depth = 1000;
@ -63,6 +68,8 @@ let
]; ];
}; };
in { in {
age.secrets.tempoSecrets.file = ./secrets/tempo-secrets.age;
users.users.tempo = { users.users.tempo = {
isSystemUser = true; isSystemUser = true;
group = "tempo"; group = "tempo";
@ -79,6 +86,7 @@ in {
Group = "tempo"; Group = "tempo";
ExecStart = "${pkgs.tempo}/bin/tempo -config.file=${pkgs.writeText "tempo.yaml" (builtins.toJSON tempoConfig)}"; ExecStart = "${pkgs.tempo}/bin/tempo -config.file=${pkgs.writeText "tempo.yaml" (builtins.toJSON tempoConfig)}";
PrivateTmp = true; PrivateTmp = true;
EnvironmentFile = config.age.secrets.tempoSecrets.path;
}; };
}; };
services.grafana.provision.datasources.settings.datasources = [ services.grafana.provision.datasources.settings.datasources = [

1
secrets.nix
View file

@ -43,6 +43,7 @@ in with hosts;
"cluster/services/monitoring/secrets/grafana-secrets.age".publicKeys = max ++ map systemKeys [ VEGAS prophet ]; "cluster/services/monitoring/secrets/grafana-secrets.age".publicKeys = max ++ map systemKeys [ VEGAS prophet ];
"cluster/services/monitoring/secrets/loki-secrets.age".publicKeys = max ++ map systemKeys [ VEGAS ]; "cluster/services/monitoring/secrets/loki-secrets.age".publicKeys = max ++ map systemKeys [ VEGAS ];
"cluster/services/monitoring/secrets/secret-monitoring/blackbox.age".publicKeys = max ++ map systemKeys [ checkmate grail prophet ]; "cluster/services/monitoring/secrets/secret-monitoring/blackbox.age".publicKeys = max ++ map systemKeys [ checkmate grail prophet ];
"cluster/services/monitoring/secrets/tempo-secrets.age".publicKeys = max ++ map systemKeys [ VEGAS ];
"cluster/services/patroni/passwords/metrics.age".publicKeys = max ++ map systemKeys [ thunderskin VEGAS prophet ]; "cluster/services/patroni/passwords/metrics.age".publicKeys = max ++ map systemKeys [ thunderskin VEGAS prophet ];
"cluster/services/patroni/passwords/replication.age".publicKeys = max ++ map systemKeys [ thunderskin VEGAS prophet ]; "cluster/services/patroni/passwords/replication.age".publicKeys = max ++ map systemKeys [ thunderskin VEGAS prophet ];
"cluster/services/patroni/passwords/rewind.age".publicKeys = max ++ map systemKeys [ thunderskin VEGAS prophet ]; "cluster/services/patroni/passwords/rewind.age".publicKeys = max ++ map systemKeys [ thunderskin VEGAS prophet ];