fix: tracing on caddy services (#104)
Some checks failed
Deploy (on merge) / Discover hosts (push) Has been cancelled
Terraform / Plan (push) Has been cancelled
Deploy (on merge) / Deploy → (push) Has been cancelled
Terraform / Apply (push) Has been cancelled

This commit is contained in:
Rasmus Wejlgaard 2026-05-10 10:18:53 +01:00 committed by GitHub
parent 06552c5b75
commit e502a92451
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 142 additions and 49 deletions

View file

@ -16,6 +16,9 @@
# Proxmox # Proxmox
london-a.pez.sh { london-a.pez.sh {
tracing {
span proxmox
}
reverse_proxy 100.122.180.98:8006 { reverse_proxy 100.122.180.98:8006 {
transport http { transport http {
tls_insecure_skip_verify tls_insecure_skip_verify
@ -27,16 +30,25 @@ london-a.pez.sh {
# Jellyfin # Jellyfin
jellyfin.pez.solutions, jellyfin.pez.sh { jellyfin.pez.solutions, jellyfin.pez.sh {
tracing {
span jellyfin
}
reverse_proxy 100.84.65.101:8096 reverse_proxy 100.84.65.101:8096
} }
# Plex # Plex
plex.pez.solutions, plex.pez.sh { plex.pez.solutions, plex.pez.sh {
tracing {
span plex
}
reverse_proxy 100.84.65.101:32400 reverse_proxy 100.84.65.101:32400
} }
# Radarr # Radarr
radarr.pez.solutions, radarr.pez.sh { radarr.pez.solutions, radarr.pez.sh {
tracing {
span radarr
}
forward_auth localhost:9091 { forward_auth localhost:9091 {
uri /api/authz/forward-auth uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
@ -46,6 +58,9 @@ radarr.pez.solutions, radarr.pez.sh {
# Sonarr # Sonarr
sonarr.pez.solutions, sonarr.pez.sh { sonarr.pez.solutions, sonarr.pez.sh {
tracing {
span sonarr
}
forward_auth localhost:9091 { forward_auth localhost:9091 {
uri /api/authz/forward-auth uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
@ -55,6 +70,9 @@ sonarr.pez.solutions, sonarr.pez.sh {
# Lidarr # Lidarr
lidarr.pez.solutions, lidarr.pez.sh { lidarr.pez.solutions, lidarr.pez.sh {
tracing {
span lidarr
}
forward_auth localhost:9091 { forward_auth localhost:9091 {
uri /api/authz/forward-auth uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
@ -64,6 +82,9 @@ lidarr.pez.solutions, lidarr.pez.sh {
# Readarr # Readarr
readarr.pez.solutions, readarr.pez.sh { readarr.pez.solutions, readarr.pez.sh {
tracing {
span readarr
}
forward_auth localhost:9091 { forward_auth localhost:9091 {
uri /api/authz/forward-auth uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
@ -73,6 +94,9 @@ readarr.pez.solutions, readarr.pez.sh {
# slskd # slskd
soulseek.pez.solutions, soulseek.pez.sh { soulseek.pez.solutions, soulseek.pez.sh {
tracing {
span soulseek
}
forward_auth localhost:9091 { forward_auth localhost:9091 {
uri /api/authz/forward-auth uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
@ -82,6 +106,9 @@ soulseek.pez.solutions, soulseek.pez.sh {
# Prowlarr # Prowlarr
prowlarr.pez.solutions, prowlarr.pez.sh { prowlarr.pez.solutions, prowlarr.pez.sh {
tracing {
span prowlarr
}
forward_auth localhost:9091 { forward_auth localhost:9091 {
uri /api/authz/forward-auth uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
@ -91,6 +118,9 @@ prowlarr.pez.solutions, prowlarr.pez.sh {
# Transmission # Transmission
download.pez.solutions, download.pez.sh { download.pez.solutions, download.pez.sh {
tracing {
span transmission
}
forward_auth localhost:9091 { forward_auth localhost:9091 {
uri /api/authz/forward-auth uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
@ -100,15 +130,24 @@ download.pez.solutions, download.pez.sh {
# Overseerr # Overseerr
request.pez.solutions, request.pez.sh { request.pez.solutions, request.pez.sh {
tracing {
span overseerr
}
reverse_proxy 100.84.65.101:5055 reverse_proxy 100.84.65.101:5055
} }
# Jellyfin Requests # Jellyfin Requests
jellyfin-requests.pez.solutions, jellyfin-requests.pez.sh { jellyfin-requests.pez.solutions, jellyfin-requests.pez.sh {
tracing {
span jellyfin-requests
}
reverse_proxy 100.84.65.101:5056 reverse_proxy 100.84.65.101:5056
} }
music.pez.sh { music.pez.sh {
tracing {
span navidrome
}
reverse_proxy 100.84.65.101:4533 reverse_proxy 100.84.65.101:4533
} }
@ -120,6 +159,9 @@ music.pez.sh {
# Bitwarden (requires HTTPS tweaking) # Bitwarden (requires HTTPS tweaking)
https://bitwarden.pez.sh { https://bitwarden.pez.sh {
tracing {
span bitwarden
}
reverse_proxy localhost:8443 { reverse_proxy localhost:8443 {
transport http { transport http {
tls_insecure_skip_verify tls_insecure_skip_verify
@ -129,22 +171,24 @@ https://bitwarden.pez.sh {
# Authelia (requires HTTPS tweaking) # Authelia (requires HTTPS tweaking)
auth.pez.solutions, auth.pez.sh { auth.pez.solutions, auth.pez.sh {
tracing {
span authelia
}
reverse_proxy localhost:9091 reverse_proxy localhost:9091
} }
ldap.pez.sh { ldap.pez.sh {
tracing {
span lldap
}
reverse_proxy 127.0.0.1:17170 reverse_proxy 127.0.0.1:17170
} }
#https://auth.pez.sh {
# reverse_proxy 127.0.0.1:9091 {
# transport http {
# tls_insecure_skip_verify
# }
# }
#}
# Apps dashboard # Apps dashboard
apps.pez.solutions, apps.pez.sh { apps.pez.solutions, apps.pez.sh {
tracing {
span apps-dashboard
}
root * /srv/apps root * /srv/apps
forward_auth localhost:9091 { forward_auth localhost:9091 {
uri /api/authz/forward-auth uri /api/authz/forward-auth
@ -155,24 +199,36 @@ apps.pez.solutions, apps.pez.sh {
# Pez.solutions # Pez.solutions
pez.solutions { pez.solutions {
tracing {
span pez-solutions
}
root * /srv/pez.solutions root * /srv/pez.solutions
file_server file_server
} }
# Pez.sh # Pez.sh
pez.sh { pez.sh {
tracing {
span pez-sh
}
root * /srv/pez.sh root * /srv/pez.sh
file_server file_server
} }
# Pez-signup # Pez-signup
signup.pez.solutions { signup.pez.solutions {
tracing {
span pez-signup
}
root * /srv/pez-signup root * /srv/pez-signup
file_server file_server
} }
# Naveen # Naveen
naveen.pez.sh { naveen.pez.sh {
tracing {
span naveen
}
root * /srv/naveen root * /srv/naveen
file_server file_server
} }
@ -181,12 +237,18 @@ naveen.pez.sh {
# Status page # Status page
status.pez.sh { status.pez.sh {
tracing {
span status
}
root * /srv/status root * /srv/status
file_server file_server
} }
# Miniflux RSS # Miniflux RSS
rss.pez.sh { rss.pez.sh {
tracing {
span miniflux
}
forward_auth localhost:9091 { forward_auth localhost:9091 {
uri /api/authz/forward-auth uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
@ -194,9 +256,10 @@ rss.pez.sh {
reverse_proxy 100.84.65.101:8181 reverse_proxy 100.84.65.101:8181
} }
# Forgejo Git Server (auth handled by Forgejo itself) # Forgejo Git Server (auth handled by Forgejo itself)
git.pez.sh { git.pez.sh {
tracing {
span forgejo
}
reverse_proxy localhost:3000 reverse_proxy localhost:3000
} }

View file

@ -1,5 +1,8 @@
locals { locals {
fleet_pipelines = { fleet_pipelines = {
caddy_tracing = {
matchers = ["collector.ID=\"helsinki-a\""]
}
linux_node_linux = { linux_node_linux = {
matchers = ["collector.os=\"linux\""] matchers = ["collector.os=\"linux\""]
} }
@ -25,3 +28,4 @@ resource "grafana_fleet_management_pipeline" "this" {
matchers = each.value.matchers matchers = each.value.matchers
contents = file("${path.module}/fleet_pipelines/${each.key}.alloy") contents = file("${path.module}/fleet_pipelines/${each.key}.alloy")
} }

View file

@ -0,0 +1,26 @@
// Receive OTLP traces from Caddy
otelcol.receiver.otlp "otlp_receiver" {
grpc {
endpoint = "0.0.0.0:4317"
}
http {
endpoint = "0.0.0.0:4318"
}
output {
traces = [otelcol.exporter.otlp.tempo_exporter.input]
}
}
otelcol.exporter.otlp "tempo_exporter" {
client {
endpoint = "tempo-prod-25-prod-gb-south-1.grafana.net:443"
auth = otelcol.auth.basic.gcloud_auth.handler
}
}
otelcol.auth.basic "gcloud_auth" {
username = "1573173"
password = sys.env("GCLOUD_RW_API_KEY")
}