Compare commits

..

No commits in common. "26f8224941a304edb7a35bab870b9cfb1ea29bca" and "0a357fc69abcb5ef9bda7f4aae6a0d6ab835551c" have entirely different histories.

6 changed files with 75 additions and 15 deletions

View file

@ -37,19 +37,9 @@ jobs:
# secrets.yaml is decrypted from SOPS at plan time and can't be
# produced here, so stub the keys the config reads (kept in sync by
# deriving them from the actual secrets["..."] references).
# Stub values must satisfy provider config validators: hcloud
# requires a 64-char token, and Grafana's fleet_management_auth
# must look like `username:password`.
stub64=$(printf 'stub%.0s' {1..16})
grep -rhoE 'secrets\["[^"]+"\]' . \
| sed -E 's/.*secrets\["([^"]+)"\].*/\1/' \
| sort -u \
| while read -r key; do
case "$key" in
*_auth) echo "$key: \"stub:stub\"" ;;
*) echo "$key: \"$stub64\"" ;;
esac
done > secrets.yaml
| sed -E 's/.*secrets\["([^"]+)"\].*/\1: "stub"/' \
| sort -u > secrets.yaml
tofu init -backend=false
tofu validate

View file

@ -1,6 +1,6 @@
---
host_role: utility
host_description: "Octopus Energy exporter, edge utility box"
host_role: idle
host_description: "Idle/available"
host_location: "London"
prometheus_location: london

View file

@ -0,0 +1,32 @@
---
server:
http_listen_port: 9080
grpc_listen_port: 0
positions:
filename: /tmp/positions.yaml
clients:
- url: http://192.168.1.254:3100/loki/api/v1/push
scrape_configs:
- job_name: london-b
static_configs:
- targets:
- localhost
labels:
job: varlogs
instance: london-b
__path__: /var/log/*log
- targets:
- localhost
labels:
job: plex
instance: london-b
__path__: /var/lib/plexmediaserver/Library/Application Support/Plex Media Server/Logs/*log
- targets:
- localhost
labels:
job: jellyfin
instance: london-b
__path__: /var/log/jellyfin/*log

View file

@ -0,0 +1,14 @@
[Unit]
Description=Promtail service
After=network.target
[Service]
Type=simple
User=root
ExecStart=/usr/bin/promtail -config.file /etc/promtail/config.yml
TimeoutSec=60
Restart=on-failure
RestartSec=2
[Install]
WantedBy=multi-user.target

View file

@ -0,0 +1,24 @@
# /etc/rc.conf — london-a (FreeBSD)
# Captured 2026-03-22
clear_tmp_enable="YES"
hostname="london-a"
ifconfig_em0="inet 192.168.1.254 netmask 255.255.255.0"
defaultrouter="192.168.1.1"
ifconfig_em0_ipv6="inet6 accept_rtadv"
sshd_enable="YES"
ntpd_enable="YES"
powerd_enable="YES"
moused_nondefault_enable="NO"
# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable
dumpdev="AUTO"
zfs_enable="YES"
grafana_enable="YES"
prometheus_enable="YES"
node_exporter_enable="YES"
tailscaled_enable="YES"
influxd_enable="NO"
libvirtd_enable="NO"
redis_enable="NO"
postgresql_enable="NO"
node_exporter_listen_address="100.122.219.41:9100"

View file

@ -16,7 +16,7 @@ resource "hcloud_zone_rrset" "A_helsinki_a" {
"@", "apps", "auth", "bitwarden", "download", "git", "helsinki-a",
"jellyfin", "jellyfin-requests", "ldap", "lidarr", "london-a", "music", "naveen",
"plex", "prowlarr", "radarr", "readarr", "request",
"sonarr", "soulseek", "status",
"rss", "sonarr", "soulseek", "status",
])
zone = hcloud_zone.pezsh.name
name = each.value