From 9bd56aede653aa47b660094df24dc1e5236df115 Mon Sep 17 00:00:00 2001 From: oxmox Date: Mon, 16 Dec 2024 13:38:46 +0100 Subject: [PATCH] crowdsec, timezones, prometheus --- README.md | 6 +++--- dms/docker-compose.yaml | 2 -- docker-compose.yml | 16 +++++++++++++--- prometheus/prometheus.yml | 14 +++++++------- 4 files changed, 23 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index 5404424..8843beb 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,3 @@ -wireguard and traefik on the same vpn network -add traefik entry point to the vpn network -only enable api and dashboard on the internal networl +TODO +==== +* Try out cAdvisor and a dashboard like 10619 diff --git a/dms/docker-compose.yaml b/dms/docker-compose.yaml index 77665b5..8b35783 100644 --- a/dms/docker-compose.yaml +++ b/dms/docker-compose.yaml @@ -1,5 +1,3 @@ -version: "3.8" - # logger driver - change this driver to ship all container logs to a different location x-logging: &logging logging: diff --git a/docker-compose.yml b/docker-compose.yml index 7488d21..c98c99b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -46,7 +46,6 @@ services: labels: - "traefik.enable=true" # Make the traefik dashboard available under https://oxmox.dev/traefik/dashboard/ - # For some reason it's slow when used this way. It's fast when exposed via port 8080 and api.insecure=true. - "traefik.http.routers.traefik_api.rule=Host(`oxmox.dev`) && (PathPrefix(`/api`) || PathPrefix(`/traefik`))" - "traefik.http.routers.traefik_api.entrypoints=websecure" - "traefik.http.routers.traefik_api.tls.certresolver=myresolver" @@ -236,6 +235,7 @@ services: - '--web.external-url=/prometheus/' - '--web.route-prefix=/prometheus/' - '--storage.tsdb.path=/prometheus/tsdb' + #- '--log.level=debug' volumes: - ./prometheus:/prometheus - /etc/timezone:/etc/timezone:ro @@ -352,8 +352,8 @@ services: depends_on: - traefik volumes: - - ./crowdsec/acquis.d/:/etc/crowdsec/acquis.d - - ./crowdsec/config.yaml.local:/etc/crowdsec/config.yaml.local:ro + - ./crowdsec/acquis.d:/etc/crowdsec/acquis.d + - ./crowdsec/config.yaml.local:/etc/crowdsec/config.yaml.local - ./crowdsec/etc:/etc/crowdsec/ - ./crowdsec/db:/var/lib/crowdsec/data/ - /etc/timezone:/etc/timezone:ro @@ -379,6 +379,16 @@ services: - 'crowdsec' volumes: - ./crowdsec/db:/metabase-data/ + # FIXME: as soon as I enable this the metabase config is lost and the setup wizard starts. + # If it's not enabled then everythings works and the dashboard uses the + # default app downloaded in the dockerfile. This means default user and + # password. Problem is, once the container is restarted the changes are + # lost and we're back with the default user and password. + # I do not understand why this is happening, how to debug it or anything + # else. Metabase bad :( + #- ./crowdsec/dashboard-db/:/data/ + - /etc/timezone:/etc/timezone:ro + - /etc/localtime:/etc/localtime:ro labels: - "traefik.enable=true" - "traefik.http.routers.crowdsec_dashboard_app.rule=Host(`oxmox.dev`) && PathPrefix(`/crowdsec`)" diff --git a/prometheus/prometheus.yml b/prometheus/prometheus.yml index 448970a..ed0d0fa 100644 --- a/prometheus/prometheus.yml +++ b/prometheus/prometheus.yml @@ -16,10 +16,10 @@ scrape_configs: static_configs: - targets: ['loki-app:3100'] -#- job_name: 'docker' -# static_configs: -# - targets: ['localhost:9323'] -# -#- job_name: 'prometheus' -# static_configs: -# - targets: ['host.docker.internal:9090'] +- job_name: 'docker' + static_configs: + - targets: ['host.docker.internal:9323'] + +- job_name: 'prometheus' + static_configs: + - targets: ['localhost:9090']