mirror of
https://github.com/RWejlgaard/pez-infra.git
synced 2026-05-06 04:14:43 +00:00
Rasmus "Pez" Wejlgaard
4554dec7d2
* Configure UFW firewall rules in common Ansible role Add UFW configuration to the common role for Debian hosts: - Default deny incoming, allow outgoing - Allow all traffic on tailscale0 interface (mesh comms) - Allow SSH port 22 as safety net - Per-host allowed ports via ufw_allowed_ports variable - Enable UFW after rules are applied helsinki-a gets ports 80/443 for reverse proxy traffic. Other Debian hosts only need Tailscale + SSH. Closes PESO-79 * Remove unused alerting and rule_files from prometheus.yml Alerting is handled by Grafana, not Prometheus Alertmanager. The empty alertmanagers and rule_files sections were just noise. Resolves PESO-74
62 lines
1.6 KiB
YAML
62 lines
1.6 KiB
YAML
---
|
|
# Prometheus configuration — extracted from london-a (FreeBSD)
|
|
# Config file location on london-a: /usr/local/etc/prometheus.yml
|
|
# Prometheus runs as: /usr/local/bin/prometheus --config.file=/usr/local/etc/prometheus.yml
|
|
# Data directory: /var/db/prometheus
|
|
|
|
global:
|
|
scrape_interval: 15s
|
|
evaluation_interval: 15s
|
|
|
|
scrape_configs:
|
|
- job_name: "prometheus"
|
|
static_configs:
|
|
- targets: ["localhost:9090"]
|
|
|
|
- job_name: "node_exporter"
|
|
static_configs:
|
|
- targets: ["100.122.219.41:9100"]
|
|
labels:
|
|
location: london
|
|
server: london-a
|
|
- targets: ["100.84.65.101:9100"]
|
|
labels:
|
|
location: london
|
|
server: london-b
|
|
- targets: ["100.89.206.60:9100"]
|
|
labels:
|
|
location: copenhagen
|
|
server: copenhagen-a
|
|
- targets: ["100.115.45.53:9100"]
|
|
labels:
|
|
location: copenhagen
|
|
server: copenhagen-c
|
|
- targets: ["100.117.235.28:9100"]
|
|
labels:
|
|
location: cloud
|
|
server: nuremberg-a
|
|
- targets: ["100.67.6.27:9100"]
|
|
labels:
|
|
location: cloud
|
|
server: helsinki-a
|
|
|
|
- job_name: "smartmontools"
|
|
static_configs:
|
|
- targets: ["100.84.65.101:9633"]
|
|
labels:
|
|
location: london
|
|
server: london-b
|
|
|
|
- job_name: "plex"
|
|
static_configs:
|
|
- targets: ["100.84.65.101:9000"]
|
|
labels:
|
|
location: london
|
|
server: london-b
|
|
|
|
- job_name: "caddy"
|
|
static_configs:
|
|
- targets: ["100.67.6.27:2019"]
|
|
labels:
|
|
location: cloud
|
|
server: helsinki-a
|