crowdsec, timezones, prometheus

README.md

@@ -1,3 +1,3 @@
-wireguard and traefik on the same vpn network
+TODO
-add traefik entry point to the vpn network
+====
-only enable api and dashboard on the internal networl
+* Try out cAdvisor and a dashboard like 10619

dms/docker-compose.yaml

@@ -1,5 +1,3 @@
-version: "3.8"
-
 # logger driver - change this driver to ship all container logs to a different location
 x-logging: &logging
   logging:

docker-compose.yml

@@ -46,7 +46,6 @@ services:
     labels:
       - "traefik.enable=true"
       # Make the traefik dashboard available under https://oxmox.dev/traefik/dashboard/
-      # For some reason it's slow when used this way. It's fast when exposed via port 8080 and api.insecure=true.
       - "traefik.http.routers.traefik_api.rule=Host(`oxmox.dev`) && (PathPrefix(`/api`) || PathPrefix(`/traefik`))"
       - "traefik.http.routers.traefik_api.entrypoints=websecure"
       - "traefik.http.routers.traefik_api.tls.certresolver=myresolver"
@@ -236,6 +235,7 @@ services:
       - '--web.external-url=/prometheus/'
       - '--web.route-prefix=/prometheus/'
       - '--storage.tsdb.path=/prometheus/tsdb'
+        #- '--log.level=debug'
     volumes:
       - ./prometheus:/prometheus
       - /etc/timezone:/etc/timezone:ro
@@ -352,8 +352,8 @@ services:
     depends_on:
       - traefik
     volumes:
-      - ./crowdsec/acquis.d/:/etc/crowdsec/acquis.d
+      - ./crowdsec/acquis.d:/etc/crowdsec/acquis.d
-      - ./crowdsec/config.yaml.local:/etc/crowdsec/config.yaml.local:ro
+      - ./crowdsec/config.yaml.local:/etc/crowdsec/config.yaml.local
       - ./crowdsec/etc:/etc/crowdsec/
       - ./crowdsec/db:/var/lib/crowdsec/data/
       - /etc/timezone:/etc/timezone:ro
@@ -379,6 +379,16 @@ services:
       - 'crowdsec'
     volumes:
       - ./crowdsec/db:/metabase-data/
+      # FIXME: as soon as I enable this the metabase config is lost and the setup wizard starts.
+      # If it's not enabled then everythings works and the dashboard uses the
+      # default app downloaded in the dockerfile. This means default user and
+      # password. Problem is, once the container is restarted the changes are
+      # lost and we're back with the default user and password.
+      # I do not understand why this is happening, how to debug it or anything
+      # else. Metabase bad :(
+      #- ./crowdsec/dashboard-db/:/data/
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
     labels:
       - "traefik.enable=true"
       - "traefik.http.routers.crowdsec_dashboard_app.rule=Host(`oxmox.dev`) && PathPrefix(`/crowdsec`)"

prometheus/prometheus.yml

@@ -16,10 +16,10 @@ scrape_configs:
   static_configs:
     - targets: ['loki-app:3100']
 
-#- job_name: 'docker'
+- job_name: 'docker'
-#  static_configs:
+  static_configs:
-#    - targets: ['localhost:9323']
+    - targets: ['host.docker.internal:9323']
-#
+
-#- job_name: 'prometheus'
+- job_name: 'prometheus'
-#  static_configs:
+  static_configs:
-#    - targets: ['host.docker.internal:9090']
+    - targets: ['localhost:9090']