add scrutiny module and added it to gandalf

This commit is contained in:
Joseph Hanson 2024-09-06 20:26:11 -05:00
parent 92175a2020
commit 1818f85bdc
4 changed files with 110 additions and 8 deletions

View file

@ -0,0 +1,16 @@
[
"/dev/disk/by-id/ata-Seagate_IronWolfPro_ZA240NX10001-2ZH100_7TF002RA"
"/dev/disk/by-id/nvme-Samsung_SSD_960_EVO_250GB_S3ESNX0K308438J"
"/dev/disk/by-id/scsi-350000c0f01da4b40"
"/dev/disk/by-id/scsi-350000c0f01e7d190"
"/dev/disk/by-id/scsi-350000c0f01ea443c"
"/dev/disk/by-id/scsi-350000c0f01f8230c"
"/dev/disk/by-id/scsi-35000c500586e5057"
"/dev/disk/by-id/scsi-35000c500624a0ddb"
"/dev/disk/by-id/scsi-35000c500624a1a8b"
"/dev/disk/by-id/scsi-35000cca046135ad8"
"/dev/disk/by-id/scsi-35000cca04613722c"
"/dev/disk/by-id/scsi-35000cca0461810f8"
"/dev/disk/by-id/scsi-35000cca04618b930"
"/dev/disk/by-id/scsi-35000cca04618cec4"
]

View file

@ -1,9 +1,12 @@
# Do not modify this file! It was generated by nixos-generate-config
# Do not modify this file! It was generated by 'nixos-generate-config'
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, modulesPath, inputs, ... }:
let
sanoidConfig = import ./config/sanoid.nix { };
disks = import ./config/disks.nix;
smartdDevices = map (device: { inherit device; }) disks;
in
{
imports =
@ -86,12 +89,9 @@ in
};
};
# no de
services = {
xserver = {
enable = false;
displayManager.gdm.enable = false;
desktopManager.gnome.enable = false;
smartd = {
devices = smartdDevices;
};
};
@ -128,14 +128,21 @@ in
podman.enable = true;
libvirt-qemu.enable = true;
# Scrutiny
scrutiny = {
enable = true;
devices = disks;
extraCapabilities = [ "SYS_RAWIO" ];
containerVolumeLocation = "/eru/containers/volumes/scrutiny";
};
# Sanoid
sanoid = {
enable = true;
inherit (sanoidConfig.outputs) templates datasets;
};
# Unifi & Lego-Auto
# unifi.enable = true;
# Lego-Auto for SSL Certificates
lego-auto = {
enable = true;
dnsimpleTokenPath = "${config.sops.secrets."lego/dnsimple/token".path}";

View file

@ -3,5 +3,6 @@
./backrest
./lego-auto
./unifi
./scrutiny
];
}

View file

@ -0,0 +1,78 @@
{ lib, config, ... }:
with lib;
let
app = "scrutiny";
# renovate: depName=AnalogJ/scrutiny datasource=github-releases
version = "v0.8.1";
cfg = config.mySystem.services.${app};
in
{
options.mySystem.services.${app} = {
enable = mkEnableOption "${app}";
containerVolumeLocation = mkOption {
type = types.str;
default = "/mnt/data/containers/${app}";
description = ''
The location where the container will store its data.
'';
example = "/mnt/data/containers/${app}";
};
# podman equivalent:
# --device /dev/disk/by-id/nvme-XXXXXXXXXXXXXXXXXXXXXXXXXXXX
devices = mkOption {
type = types.listOf types.str;
default = [ ];
description = ''
Devices to monitor on Scrutiny.
'';
example = [
"/dev/disk/by-id/nvme-XXXXXXXXXXXXXXXXXXXXXXXXXXXX"
];
};
# podman equivalent:
# --cap-add SYS_RAWIO
extraCapabilities = mkOption {
type = types.listOf types.str;
default = [
"SYS_RAWIO"
];
description = ''
Extra capabilities to add to the container.
'';
example = [
"SYS_RAWIO"
];
};
};
config = mkIf cfg.enable {
virtualisation.oci-containers.containers.${app} = {
image = "ghcr.io/AnalogJ/scrutiny:${version}-omnibus";
autoStart = true;
ports = [
"8585:8585" # web ui
"8086:8086" # influxdb2
];
environment = {
TZ = "America/Chicago";
};
volumes = [
"${cfg.containerVolumeLocation}:/opt/scrutiny/config"
"${cfg.containerVolumeLocation}/influxdb2:/opt/scrutiny/influxdb"
"/run/udev:/run/udev:ro"
];
# Merge the devices and extraCapabilities into the extraOptions property
# using the --device and --cap-add flags
extraOptions =
(map (disk: "--device=${toString disk}") cfg.devices)
++
(map (cap: "--cap-add=${cap}") cfg.extraCapabilities);
};
};
}