feat: add infra's terraform configs (#164)

* feat: add infra's terraform configs * feat: add databases for openobserve - multi clusters * fix: openobserve's db name
2026-04-24 17:08:25 +02:00 · 2024-09-06 20:01:00 +08:00
parent 2b47447f0b
commit 68fa7360ff
18 changed files with 327 additions and 9 deletions
--- a/hosts/idols-aquamarine/caddy.nix
+++ b/hosts/idols-aquamarine/caddy.nix
@@ -127,6 +127,7 @@ in {
  networking.firewall.allowedTCPPorts = [80 443];

  # Create Directories
+  # https://www.freedesktop.org/software/systemd/man/latest/tmpfiles.d.html#Type
  systemd.tmpfiles.rules = [
    "d /data/apps/caddy/fileserver/ 0755 caddy caddy"
    # directory for virtual machine's images
--- a/hosts/idols-aquamarine/oci-containers/homepage/config/services.yaml
+++ b/hosts/idols-aquamarine/oci-containers/homepage/config/services.yaml
@@ -26,12 +26,14 @@
    - LongHorn-Storage:
        icon: longhorn.svg
        href: http://longhorn.writefor.fun/
-    - Victoria-Metrics:
-        icon: si-victoriametrics
-        href: http://vm.writefor.fun/
-    - KubeVirt-Grafana:
-        icon: grafana.svg
-        href: http://k8s-grafana.writefor.fun/
+
+    # remote write to main prometheus, disable those two
+    # - Victoria-Metrics:
+    #     icon: si-victoriametrics
+    #     href: http://vm.writefor.fun/
+    # - KubeVirt-Grafana:
+    #     icon: grafana.svg
+    #     href: http://k8s-grafana.writefor.fun/

 - Homelab Monitoring:
    - Grafana:
@@ -56,7 +58,12 @@
        href: "https://sftpgo.writefor.fun/web/admin/folders"
        description: WebDAV & SFTP server
        siteMonitor: https://sftpgo.writefor.fun/
-#
+    - MinIO:
+        icon: minio.png
+        href: "https://minio-ui.writefor.fun/"
+        description: S3 compatible object storage
+        siteMonitor: "https://minio-ui.writefor.fun/"
+
 # - Kubernetes Monitoring:
 #     # TODO: Update this
 #     - Emby:
--- a/hosts/idols-aquamarine/oci-containers/uptime-kuma/default.nix
+++ b/hosts/idols-aquamarine/oci-containers/uptime-kuma/default.nix
@@ -10,6 +10,7 @@ in {
  };

  # Create Directories
+  # https://www.freedesktop.org/software/systemd/man/latest/tmpfiles.d.html#Type
  systemd.tmpfiles.rules = [
    "d ${dataDir} 0755 ${user} ${user}"
  ];
--- a/hosts/idols-aquamarine/postgresql.nix
+++ b/hosts/idols-aquamarine/postgresql.nix
@@ -12,7 +12,9 @@
  dataDir = "/data/apps/postgresql/${package.psqlSchema}";
 in {
  # Create Directories
+  # https://www.freedesktop.org/software/systemd/man/latest/tmpfiles.d.html#Type
  systemd.tmpfiles.rules = [
+    "d /data/apps/postgresql 0755 ${user} ${user}"
    "d ${dataDir} 0755 ${user} ${user}"
  ];

@@ -32,12 +34,18 @@ in {
    # Ensures that the specified databases exist.
    ensureDatabases = [
      "mytestdb" # for testing
-      "openobserve"
      "juicefs"
+      # openobserve for every k8s clusters
+      "o2_k3s_test_1"
+      "o2_k3s_prod_1"
    ];
    ensureUsers = [
      {
-        name = "openobserve";
+        name = "o2_k3s_test_1";
+        ensureDBOwnership = true;
+      }
+      {
+        name = "o2_k3s_prod_1";
        ensureDBOwnership = true;
      }
      {
--- a/hosts/idols-aquamarine/prometheus/default.nix
+++ b/hosts/idols-aquamarine/prometheus/default.nix
@@ -5,6 +5,7 @@
  ...
 }: {
  # Workaround for prometheus to store data in another place
+  # https://www.freedesktop.org/software/systemd/man/latest/tmpfiles.d.html#Type
  systemd.tmpfiles.rules = [
    "D /data/apps/prometheus2 0751 prometheus prometheus - -"
    "L+ /var/lib/prometheus2 - - - - /data/apps/prometheus2"
--- a/hosts/idols-aquamarine/sftpgo.nix
+++ b/hosts/idols-aquamarine/sftpgo.nix
@@ -6,6 +6,7 @@ in {
  systemd.services.sftpgo.serviceConfig.EnvironmentFile = config.age.secrets."sftpgo.env".path;

  # Create Directories
+  # https://www.freedesktop.org/software/systemd/man/latest/tmpfiles.d.html#Type
  systemd.tmpfiles.rules = [
    "d ${dataDir} 0755 ${user} ${user}"
  ];