crowdsec, timezones, prometheus

2024-12-16 13:38:46 +01:00 · 2024-12-16 13:38:46 +01:00 · a41b7174f4
commit a41b7174f4
parent 0c8bc1ac0a
4 changed files with 23 additions and 15 deletions
--- a/README.md
+++ b/README.md
@ -1,3 +1,3 @@
-wireguard and traefik on the same vpn network
-add traefik entry point to the vpn network
-only enable api and dashboard on the internal networl
+TODO
+====
+* Try out cAdvisor and a dashboard like 10619
--- a/dms/docker-compose.yaml
+++ b/dms/docker-compose.yaml
@ -1,5 +1,3 @@
-version: "3.8"
-
 # logger driver - change this driver to ship all container logs to a different location
 x-logging: &logging
  logging:
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -46,7 +46,6 @@ services:
    labels:
      - "traefik.enable=true"
      # Make the traefik dashboard available under https://oxmox.dev/traefik/dashboard/
-      # For some reason it's slow when used this way. It's fast when exposed via port 8080 and api.insecure=true.
      - "traefik.http.routers.traefik_api.rule=Host(`oxmox.dev`) && (PathPrefix(`/api`) || PathPrefix(`/traefik`))"
      - "traefik.http.routers.traefik_api.entrypoints=websecure"
      - "traefik.http.routers.traefik_api.tls.certresolver=myresolver"
@ -236,6 +235,7 @@ services:
      - '--web.external-url=/prometheus/'
      - '--web.route-prefix=/prometheus/'
      - '--storage.tsdb.path=/prometheus/tsdb'
+        #- '--log.level=debug'
    volumes:
      - ./prometheus:/prometheus
      - /etc/timezone:/etc/timezone:ro
@ -352,8 +352,8 @@ services:
    depends_on:
      - traefik
    volumes:
-      - ./crowdsec/acquis.d/:/etc/crowdsec/acquis.d
-      - ./crowdsec/config.yaml.local:/etc/crowdsec/config.yaml.local:ro
+      - ./crowdsec/acquis.d:/etc/crowdsec/acquis.d
+      - ./crowdsec/config.yaml.local:/etc/crowdsec/config.yaml.local
      - ./crowdsec/etc:/etc/crowdsec/
      - ./crowdsec/db:/var/lib/crowdsec/data/
      - /etc/timezone:/etc/timezone:ro
@ -379,6 +379,16 @@ services:
      - 'crowdsec'
    volumes:
      - ./crowdsec/db:/metabase-data/
+      # FIXME: as soon as I enable this the metabase config is lost and the setup wizard starts.
+      # If it's not enabled then everythings works and the dashboard uses the
+      # default app downloaded in the dockerfile. This means default user and
+      # password. Problem is, once the container is restarted the changes are
+      # lost and we're back with the default user and password.
+      # I do not understand why this is happening, how to debug it or anything
+      # else. Metabase bad :(
+      #- ./crowdsec/dashboard-db/:/data/
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.crowdsec_dashboard_app.rule=Host(`oxmox.dev`) && PathPrefix(`/crowdsec`)"
--- a/prometheus/prometheus.yml
+++ b/prometheus/prometheus.yml
@ -16,10 +16,10 @@ scrape_configs:
  static_configs:
    - targets: ['loki-app:3100']

-#- job_name: 'docker'
-#  static_configs:
-#    - targets: ['localhost:9323']
-#
-#- job_name: 'prometheus'
-#  static_configs:
-#    - targets: ['host.docker.internal:9090']
+- job_name: 'docker'
+  static_configs:
+    - targets: ['host.docker.internal:9323']
+
+- job_name: 'prometheus'
+  static_configs:
+    - targets: ['localhost:9090']