tune cronjobs

[distro-setup] / distro-end

diff --git a/distro-end b/distro-end
index 8dba035c6f7a19b1349696b4ec587d21cf8ed452..4a2b6a1e81582b7620ec3f53905165ec0618427f 100755 (executable)
--- a/distro-end
+++ b/distro-end
@@ -577,12 +577,13 @@ if [[ -e /etc/wireguard/wghole.conf ]]; then
   if [[ ! -e /etc/systemd/system/wg-quick@wghole.service.d/override.conf ]]; then
     reload=true
   fi
+  sudo mkdir -p /etc/systemd/system/wg-quick@wghole.service.d
   sd /etc/systemd/system/wg-quick@wghole.service.d/override.conf <<'EOF'
 [Unit]
 StartLimitIntervalSec=0
 
 [Service]
-Restart=always
+Restart=on-failure
 RestartSec=20
 EOF
   if $reload; then ser daemon-reload; fi
@@ -1389,7 +1390,7 @@ sd /etc/systemd/system/schrootupdate.timer <<'EOF'
 Description=schrootupdate
 
 [Timer]
-OnCalendar=*-*-* 04:20:00
+OnCalendar=*-*-* 04:20:00 America/New_York
 
 [Install]
 WantedBy=timers.target
@@ -1843,6 +1844,68 @@ case $HOSTNAME in
     ;;
 esac
 
+### begin prometheus ###
+
+case $HOSTNAME in
+  kd)
+    # ive got these + a needed dependency pinned to bullseye, just to get
+    # versions more in line with the main docs.
+    pi prometheus-alertmanager prometheus prometheus-node-exporter
+    web-conf -p 9091 -f 9090 - apache2 i.b8.nz <<'EOF'
+<Location "/">
+AuthType Basic
+AuthName "basic_auth"
+# created with
+# htpasswd -c prometheus-htpasswd USERNAME
+AuthUserFile "/etc/prometheus-htpasswd"
+Require valid-user
+</Location>
+EOF
+    ;;
+  *)
+    pi prometheus-node-exporter
+    ;;
+esac
+
+case $HOSTNAME in
+  # frodo needs upgrade first.
+  frodo) : ;;
+  # todo, for limiting node exporter http,
+  # either use iptables or, in
+  # /etc/default/prometheus-node-exporter
+  # listen on the wireguard interface
+  ;;
+  li|je|bk)
+    # ex for exporter
+    web-conf -p 9101 -f 9100 - apache2 ${HOSTNAME}ex.b8.nz <<'EOF'
+<Location "/">
+AuthType Basic
+AuthName "basic_auth"
+# created with
+# htpasswd -c prometheus-export-htpasswd USERNAME
+AuthUserFile "/etc/prometheus-export-htpasswd"
+Require valid-user
+</Location>
+EOF
+    ;;
+  *)
+    wgip=$(sudo sed -rn 's,^ *Address *= *([^/]+).*,\1,p' /etc/wireguard/wghole.conf)
+    web-conf -i -a $wgip -p 9101 -f 9100 - apache2 ${HOSTNAME}wg.b8.nz <<'EOF'
+<Location "/">
+AuthType Basic
+AuthName "basic_auth"
+# created with
+# htpasswd -c prometheus-export-htpasswd USERNAME
+AuthUserFile "/etc/prometheus-export-htpasswd"
+Require valid-user
+</Location>
+EOF
+  ;;
+esac
+
+### end prometheus ###
+
+
 end_msg <<'EOF'
 In mate settings settings, change scrolling to two-finger,
 because the default edge scroll doesn\'t work. Originally found this in debian.