RWejlgaard/pez-infra
1
0
Fork 0
mirror of https://github.com/RWejlgaard/pez-infra.git synced 2026-05-06 04:14:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
pez-infra/docs/hosts/london-a.md
Rasmus "Pez" Wejlgaard ed6eb22f60
Remove cloudflared — replaced by Caddy reverse proxy (#56) 
Cloudflared tunnels are no longer used. All traffic now routes through
Cloudflare DNS to Caddy on helsinki-a over Tailscale.

- Remove cloudflared systemd unit files (copenhagen-a, london-b)
- Remove cloudflared from media_stack role and copenhagen-a host_vars
- Remove cloudflared references from services README and host docs
- Remove cloudflared deploy trigger from CI workflow

Live service on london-b stopped and disabled. copenhagen-a was
unreachable but the tunnel is unused regardless.
2026-04-03 22:51:12 +01:00

61 lines
1.9 KiB
Markdown
Raw Blame History

# london-a
Dedicated monitoring server. Runs Prometheus and Grafana, nothing else.
## Overview
| | |
|---|---|
| **Location** | London (NW9) |
| **OS** | FreeBSD 14.3 |
| **Tailscale IP** | 100.122.219.41 |
| **Role** | Monitoring (Prometheus + Grafana) |
## Hardware
| Component | Spec |
|---|---|
| CPU | Intel i7-4790K (8 threads) |
| Memory | 32 GB |
| Boot disk | 1 TB |
Old gaming PC, now perfectly happy as a monitoring host. Very lightly loaded — disk at ~6%.
## Services
| Service | Port | Status | Notes |
|---------|------|--------|-------|
| Prometheus | 9090 | Active | prometheus.pez.sh |
| Grafana | 3000 | Active | grafana.pez.sh |
| node_exporter | 9100 | Active | Metrics exporter |
| Tailscale | — | Active | Mesh networking |
Both Prometheus and Grafana are behind Authelia (auth handled by Caddy on helsinki-a).
### Unused services (audit 2026-03-30)
These services are enabled in rc.conf but appear unused. Pending cleanup.
| Service | Port | Finding |
|---------|------|---------|
| InfluxDB | 8086 (all interfaces!) | Only `_internal` database — never used. Listening on `*:8086` is also a security concern. |
| Redis | 6379 (localhost) | Empty keyspace, no clients. |
| PostgreSQL | 5432 (localhost) | Has `pez_vps` database from a defunct VPS management project. Data may need backup before removal. |
| libvirtd | — | Zero VMs. Installed for the same pez_vps project. |
## ZFS
- Pool: `zroot`
- Weekly scrub: `0 12 * * sun zpool scrub zroot` (root crontab, not ansible-managed yet)
## Why FreeBSD
This one runs FreeBSD instead of Ubuntu. For a single-purpose monitoring host it works well. No particular reason to change it — it's stable and does its job.
## Networking
Connected via Cat 5 to the Ubiquiti switch alongside london-b.
## Notes
Prometheus scrapes all hosts over Tailscale. See [monitoring.md](../monitoring.md) for scrape targets and dashboard details.
Reference in a new issue View git blame Copy permalink