X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=distro-end;h=ae628c5d31c1b409d045dbe996a3e66818bdd686;hb=e958999a4ab6fddd723270b596b4899c0811fa41;hp=ee6693c360dab7b690037dbfa763ca37a1f24326;hpb=7b47d6a266340223e78317cfe0570868f45a4cad;p=distro-setup
diff --git a/distro-end b/distro-end
index ee6693c..ae628c5 100755
--- a/distro-end
+++ b/distro-end
@@ -573,6 +573,20 @@ sudo rm -f /etc/cron.d/unattended-upgrade-reboot /usr/local/bin/zelous-unattende
# EOF
if [[ -e /etc/wireguard/wghole.conf ]]; then
+ reload=false
+ if [[ ! -e /etc/systemd/system/wg-quick@wghole.service.d/override.conf ]]; then
+ reload=true
+ fi
+ sudo mkdir -p /etc/systemd/system/wg-quick@wghole.service.d
+ sd /etc/systemd/system/wg-quick@wghole.service.d/override.conf <<'EOF'
+[Unit]
+StartLimitIntervalSec=0
+
+[Service]
+Restart=on-failure
+RestartSec=20
+EOF
+ if $reload; then ser daemon-reload; fi
sgo wg-quick@wghole
fi
@@ -1830,6 +1844,68 @@ case $HOSTNAME in
;;
esac
+### begin prometheus ###
+
+case $HOSTNAME in
+ kd)
+ # ive got these + a needed dependency pinned to bullseye, just to get
+ # versions more in line with the main docs.
+ pi prometheus-alertmanager prometheus prometheus-node-exporter
+ web-conf -p 9091 -f 9090 - apache2 i.b8.nz <<'EOF'
+
+AuthType Basic
+AuthName "basic_auth"
+# created with
+# htpasswd -c prometheus-htpasswd USERNAME
+AuthUserFile "/etc/prometheus-htpasswd"
+Require valid-user
+
+EOF
+ ;;
+ *)
+ pi prometheus-node-exporter
+ ;;
+esac
+
+case $HOSTNAME in
+ # frodo needs upgrade first.
+ frodo) : ;;
+ # todo, for limiting node exporter http,
+ # either use iptables or, in
+ # /etc/default/prometheus-node-exporter
+ # listen on the wireguard interface
+ ;;
+ li|je|bk)
+ # ex for exporter
+ web-conf -p 9101 -f 9100 - apache2 ${HOSTNAME}ex.b8.nz <<'EOF'
+
+AuthType Basic
+AuthName "basic_auth"
+# created with
+# htpasswd -c prometheus-export-htpasswd USERNAME
+AuthUserFile "/etc/prometheus-export-htpasswd"
+Require valid-user
+
+EOF
+ ;;
+ *)
+ wgip=$(sudo sed -rn 's,^ *Address *= *([^/]+).*,\1,p' /etc/wireguard/wghole.conf)
+ web-conf -i -a $wgip -p 9101 -f 9100 - apache2 ${HOSTNAME}wg.b8.nz <<'EOF'
+
+AuthType Basic
+AuthName "basic_auth"
+# created with
+# htpasswd -c prometheus-export-htpasswd USERNAME
+AuthUserFile "/etc/prometheus-export-htpasswd"
+Require valid-user
+
+EOF
+ ;;
+esac
+
+### end prometheus ###
+
+
end_msg <<'EOF'
In mate settings settings, change scrolling to two-finger,
because the default edge scroll doesn\'t work. Originally found this in debian.