diff --git a/bxl-rpi/config/monitoring/prometheus.yaml b/bxl-rpi/config/monitoring/prometheus.yaml new file mode 100644 index 0000000..b53c8f5 --- /dev/null +++ b/bxl-rpi/config/monitoring/prometheus.yaml @@ -0,0 +1,36 @@ +global: + scrape_interval: 15s # By default, scrape targets every 15 seconds. + + # Attach these labels to any time series or alerts when communicating with + # external systems (federation, remote storage, Alertmanager). + external_labels: + monitor: 'monitor' + +# A scrape configuration containing exactly one endpoint to scrape: +# Here it's Prometheus itself. +scrape_configs: + # The job name is added as a label `job=` to any timeseries scraped from this config. + - job_name: 'prometheus' + scrape_interval: 5s + static_configs: + - targets: ['localhost:9090'] + + - job_name: "Docker Job" + static_configs: + - targets: ["host.docker.internal:9323"] + + - job_name: 'cadvisor' + scrape_interval: 15s + static_configs: + - targets: ['cadvisor:8080'] + + - job_name: 'node-exporter' + scrape_interval: 15s + static_configs: + - targets: ['node-exporter:9100'] + + - job_name: 'treafik' + scrape_interval: 15s + static_configs: + - targets: ['traefik:8080'] + diff --git a/bxl-rpi/config/riot/config.json b/bxl-rpi/config/riot/config.json new file mode 100644 index 0000000..2b97e4e --- /dev/null +++ b/bxl-rpi/config/riot/config.json @@ -0,0 +1,7 @@ +{ + "default_server_config": { + "m.homeserver": { + "base_url": "https://matrix.bhasher.com" + } + } +} diff --git a/bxl-rpi/docker-compose.yaml b/bxl-rpi/docker-compose.yaml index aa10959..930c98b 100644 --- a/bxl-rpi/docker-compose.yaml +++ b/bxl-rpi/docker-compose.yaml @@ -5,7 +5,7 @@ services: container_name: traefik image: traefik:v2.9 command: - #- "--api.insecure=true" + - "--api.insecure=true" - "--providers.docker=true" - "--providers.docker.exposedbydefault=false" - "--providers.docker.network=external" @@ -23,7 +23,8 @@ services: - "--entrypoints.external.http.redirections.entryPoint.to=externalsecure" - "--entrypoints.external.http.redirections.entryPoint.scheme=https" - "--entrypoints.external.http.redirections.entryPoint.permanent=true" - - "--log.level=DEBUG" + #- "--log.level=DEBUG" + - "--metrics.prometheus=true" environment: - TZ=Europe/Paris ports: @@ -35,10 +36,10 @@ services: volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - type: bind - source: /home/pi/data/traefik/acme.json + source: $DATA/traefik/acme.json target: /acme.json - type: bind - source: /home/pi/data/traefik/rules.toml + source: $DATA/traefik/rules.toml target: /rules.toml restart: always @@ -49,7 +50,7 @@ services: ports: - "9443:9443" volumes: - - /home/pi/data/portainer:/data:rw + - $DATA/portainer:/data:rw - /var/run/docker.sock:/var/run/docker.sock labels: - "traefik.enable=true" @@ -68,7 +69,7 @@ services: - SYNAPSE_SERVER_NAME=matrix.bhasher.com - SYNAPSE_REPORT_STATS=no volumes: - - /home/pi/data/matrix/synapse:/data:rw + - $DATA/matrix/synapse:/data:rw labels: - "traefik.enable=true" - "traefik.http.routers.matrix-synapse.rule=Host(`matrix.bhasher.com`)" @@ -82,7 +83,7 @@ services: image: lscr.io/linuxserver/wireguard:latest restart: always volumes: - - /home/pi/data/wireguard:/config + - $DATA/wireguard:/config - /lib/modules:/lib/modules ports: - 51821:51820/udp @@ -99,3 +100,74 @@ services: - SYS_MODULE sysctls: - net.ipv4.conf.all.src_valid_mark=1 + + matrix-riot: + container_name: matrix-element + image: ghcr.io/bubuntux/element-web + restart: unless-stopped + volumes: + - ./config/riot/config.json:/etc/element-web/config.json:ro + labels: + - "traefik.enable=true" + - "traefik.http.routers.matrix-riot.rule=Host(`element.bhasher.com`)" + - "traefik.http.routers.matrix-riot.tls=true" + - "traefik.http.routers.matrix-riot.tls.certresolver=http" + - "traefik.http.routers.matrix-riot.entrypoints=internalsecure,externalsecure" + - "traefik.http.services.matrix-riot.loadbalancer.server.port=80" + + prom_monitoring: + container_name: prom_monitoring + image: prom/prometheus:latest + restart: unless-stopped + labels: + - "traefik.enable=true" + - "traefik.http.routers.prom.rule=Host(`prometheus.bhasher.com`)" + - "traefik.http.routers.prom.entrypoints=internalsecure" + - "traefik.http.services.prom.loadbalancer.server.port=9090" + - "traefik.http.routers.prom.tls=true" + - "traefik.http.routers.prom.tls.certresolver=http" + extra_hosts: + - "host.docker.internal:host-gateway" + volumes: + - ./config/monitoring/prometheus.yaml:/etc/prometheus/prometheus.yml:ro + - $DATA/monitoring/prometheus:/prometheus + + grafana: + container_name: grafana + image: grafana/grafana + restart: unless-stopped + labels: + - "traefik.enable=true" + - "traefik.http.routers.grafana.rule=Host(`grafana.bhasher.com`)" + - "traefik.http.routers.grafana.entrypoints=internalsecure" + - "traefik.http.services.grafana.loadbalancer.server.port=3000" + - "traefik.http.routers.grafana.tls=true" + - "traefik.http.routers.grafana.tls.certresolver=http" + volumes: + - $DATA/monitoring/grafana:/var/lib/grafana + + cadvisor: + container_name: cadvisor + image: gcr.io/cadvisor/cadvisor:v0.47.1 + volumes: + - /:/rootfs:ro + - /var/run:/var/run:rw + - /sys:/sys:ro + - /var/lib/docker/:/var/lib/docker:ro + restart: always + + node-exporter: + container_name: node-exporter + image: quay.io/prometheus/node-exporter:latest + volumes: + - /proc:/host/proc:ro + - /sys:/host/sys:ro + - /:/rootfs:ro + - /:/host:ro,rslave + command: + - '--path.rootfs=/host' + - '--path.procfs=/host/proc' + - '--path.sysfs=/host/sys' + - --collector.filesystem.ignored-mount-points + - "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)" + restart: always