forked from Deuxfleurs/nixcfg
staging: run node_exporter from nixos; run synapse as non-root
This commit is contained in:
parent
195e340f56
commit
18ab08a86c
2 changed files with 22 additions and 29 deletions
|
@ -46,7 +46,6 @@ job "im" {
|
|||
"secrets/litestream.yml" = "/etc/litestream.yml"
|
||||
}
|
||||
}
|
||||
user = "root"
|
||||
|
||||
template {
|
||||
data = file("../config/litestream.yml")
|
||||
|
@ -82,7 +81,6 @@ job "im" {
|
|||
env = {
|
||||
SSL_CERT_FILE = "/etc/ssl/certs/ca-bundle.crt"
|
||||
}
|
||||
user = "root"
|
||||
|
||||
template {
|
||||
data = file("flake.nix")
|
||||
|
@ -148,7 +146,6 @@ job "im" {
|
|||
"../alloc/data" = "/ephemeral",
|
||||
}
|
||||
}
|
||||
user = "root"
|
||||
|
||||
template {
|
||||
data = file("flake.nix")
|
||||
|
@ -195,7 +192,6 @@ EOH
|
|||
"secrets/litestream.yml" = "/etc/litestream.yml"
|
||||
}
|
||||
}
|
||||
user = "root"
|
||||
|
||||
template {
|
||||
data = file("../config/litestream.yml")
|
||||
|
|
|
@ -9,15 +9,15 @@ job "telemetry-system" {
|
|||
}
|
||||
|
||||
task "node_exporter" {
|
||||
driver = "docker"
|
||||
driver = "nix2"
|
||||
|
||||
config {
|
||||
image = "quay.io/prometheus/node-exporter:v1.1.2"
|
||||
network_mode = "host"
|
||||
volumes = [
|
||||
"/:/host:ro,rslave"
|
||||
]
|
||||
packages = [ "#prometheus-node-exporter" ]
|
||||
command = "node_exporter"
|
||||
args = [ "--path.rootfs=/host" ]
|
||||
bind_read_only = {
|
||||
"/" = "/host"
|
||||
}
|
||||
}
|
||||
|
||||
resources {
|
||||
|
@ -26,15 +26,12 @@ job "telemetry-system" {
|
|||
}
|
||||
|
||||
service {
|
||||
tags = [ "telemetry" ]
|
||||
port = 9100
|
||||
address_mode = "driver"
|
||||
name = "node-exporter"
|
||||
tags = [ "telemetry" ]
|
||||
port = "node_exporter"
|
||||
check {
|
||||
type = "http"
|
||||
path = "/"
|
||||
port = 9100
|
||||
address_mode = "driver"
|
||||
interval = "60s"
|
||||
timeout = "5s"
|
||||
check_restart {
|
||||
|
|
Loading…
Reference in a new issue