RWejlgaard/pez-infra
1
0
Fork 0
mirror of https://github.com/RWejlgaard/pez-infra.git synced 2026-05-06 04:14:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
pez-infra/ansible/inventory/host_vars/london-a.yml
Rasmus "Pez" Wejlgaard 0bcc53b01d
Document undocumented services on london-a (#29) 
Audit of london-a rc.conf found several services running but not
captured in host_vars or docs: cloudflared, InfluxDB, Redis,
PostgreSQL, and libvirtd.

- InfluxDB: only _internal db, completely unused
- Redis: empty keyspace, unused
- PostgreSQL: has pez_vps db from a dead project, needs data review
- libvirtd: zero VMs, related to same dead project
- cloudflared: running tunnel 168eccae, config now captured

Also documented the weekly ZFS scrub cron (Sundays at noon) which
is in root's crontab but not ansible-managed.

Ref: PESO-101
2026-03-30 21:39:57 +01:00

45 lines
1.8 KiB
YAML
Raw Blame History

---
host_role: monitoring
host_description: "Monitoring stack (Prometheus, Grafana)"
host_location: "London"
ansible_python_interpreter: /usr/local/bin/python3
grafana_provisioning_dir: /usr/local/share/grafana/conf/provisioning
zfs_pools:
- zroot
# ZFS scrub schedule (currently manual cron, not yet managed by ansible)
# 0 12 * * sun zpool scrub zroot
zfs_scrub_schedule: "0 12 * * 0"
# --- Services enabled in rc.conf ---
# Core services (documented)
# sshd, ntpd, powerd, zfs, tailscaled, grafana, prometheus, node_exporter
# Cloudflare Tunnel — proxies Grafana/Prometheus via pez.sh
cloudflared_tunnel_id: "168eccae-2497-48e2-a1e2-c12cd3448d9a"
# --- Undocumented / likely unused services (audit 2026-03-30) ---
# These were found running but appear unused. Candidates for removal.
# InfluxDB — listening on *:8086, only _internal database exists.
# No user databases. Probably installed for testing and never used.
# RECOMMENDATION: disable (influxd_enable="NO" in rc.conf)
undocumented_influxdb: "unused — no databases, disable"
# Redis — listening on localhost:6379, empty keyspace.
# No clients connected. No data.
# RECOMMENDATION: disable (redis_enable="NO" in rc.conf)
undocumented_redis: "unused — empty keyspace, disable"
# PostgreSQL — listening on localhost:5432, has a pez_vps database
# with tables: vms, snapshots, ip_addresses, users, audit_logs, isos.
# Appears to be from a defunct VPS management project (Rust/sqlx).
# RECOMMENDATION: confirm with Pez before removing data, then disable
undocumented_postgresql: "defunct pez_vps project — confirm before disabling"
# libvirtd — running, zero VMs defined.
# Likely installed for the same pez_vps project.
# RECOMMENDATION: disable (libvirtd_enable="NO" in rc.conf)
undocumented_libvirtd: "unused — no VMs, disable"
Reference in a new issue View git blame Copy permalink