Smaller fixes (#128)

* b.tunnel is now ansible deployed

* fix fail2ban for hosts without rsyslog

* fix uisp hostname

* persist a few experiments

inventory/hosts

@@ -31,7 +31,7 @@ util.berlin.freifunk.net # hopglass
 download-master.berlin.freifunk.net
 
 [uisp]
-uisp.berlin.freifunk.net ansible_host=10.31.130.158 # New uisp VM
+uisp.olsr ansible_host=10.31.130.158 # New uisp VM
 
 [website]
 web.berlin.freifunk.net

play.yml

@@ -49,7 +49,7 @@
     - ff_monitor
 
 - name: Set up tunneldigger
-  hosts: tunneldigger,!b.tunnel.berlin.freifunk.net
+  hosts: tunneldigger
   become: true
   roles:
     - tunneldigger

roles/common/templates/fail2ban-ffberlin.local.j2

@@ -1,8 +1,13 @@
+[DEFAULT]
+backend = systemd
+
 [sshd]
 enabled = true
 port    = ssh
 filter  = sshd
-logpath = /var/log/auth.log
-maxretry = 3            # ban after 3 failed tries
-bantime = 86400         # ban for 24h
-findtime = 3600         # count tries within one hour
+# ban after 3 failed tries
+maxretry = 3  
+# ban for 24h          
+bantime = 86400   
+# count tries within one hour     
+findtime = 3600         

roles/ff_monitor/handlers/main.yml

@@ -16,7 +16,7 @@
 - name: Restart php-fpm
   ansible.builtin.systemd:
     daemon_reload: true
-    name: php7.4-fpm
+    name: php8.2-fpm
     enabled: true
     state: restarted
 

roles/ff_monitor/tasks/main.yml

@@ -75,7 +75,7 @@
     name: remove old rrd files
     special_time: daily
     user: root
-    job: find /mnt/collectd/rrd/ -type f -mtime +14 -delete; find /mnt/collectd/rrd/ -type d -empty -delete
+    job: find /mnt/collectd/rrd/ -type f -mtime +30 -delete; find /mnt/collectd/rrd/ -type d -empty -delete
 
 - name: Create a directory if it does not exist
   ansible.builtin.file:

roles/ff_monitor/templates/grafana.ini.j2

@@ -16,6 +16,7 @@ router_logging = false
 [analytics]
 reporting_enabled = false
 check_for_updates = false
+enabled = false
 [security]
 disable_gravatar = true
 [users]
@@ -97,8 +98,13 @@ enabled  = true
 
 [plugins]
 allow_loading_unsigned_plugins = panodata-map-panel
+hide_angular_deprecation = true
 
 [feature_toggles]
+angularDeprecationUI=false
 publicDashboards = true
 [unified_alerting]
 enabled = true
+
+[panels]
+enable_alpha = true

roles/ff_monitor/templates/prometheus.j2

@@ -1,4 +1,4 @@
 # {{ ansible_managed }}
 # Set the command-line arguments to pass to the server.
 
-ARGS="--storage.tsdb.retention.size=90GB --enable-feature=memory-snapshot-on-shutdown --web.listen-address=127.0.0.1:9090"
+ARGS="--storage.tsdb.retention.size=100GB --enable-feature=memory-snapshot-on-shutdown --web.listen-address=127.0.0.1:9090"

roles/ff_monitor/templates/prometheus.yml.j2

@@ -8,6 +8,7 @@ alerting:
     - targets: ['localhost:9093']
 
 rule_files:
+  - rules.yml
 
 scrape_configs:
 
@@ -25,6 +26,13 @@ scrape_configs:
     static_configs:
       - targets: ['localhost:9090']
 
+  - job_name: 'pushgateway'
+    scrape_interval: 30s
+    scrape_timeout: 30s
+    honor_labels: true
+    static_configs:
+      - targets: ['localhost:9091']
+
   - job_name: collectd
     scrape_interval: 30s
     static_configs:
@@ -38,6 +46,13 @@ scrape_configs:
   - job_name: servers
     static_configs:
       - targets:
+        - "a36s-hyp03.berlin.freifunk.net:9100"
 {% for host in groups.all %}
         - "{{ host }}:9100"
 {% endfor %}
+
+  - job_name: 'weather'
+    scrape_interval: 900s
+    scrape_timeout: 30s
+    static_configs:
+      - targets: ['127.0.0.1:9111']

templates/Caddyfile_monitor.j2

@@ -14,5 +14,13 @@ monitor.berlin.freifunk.net  {
 }
 
 
-
-
+# Pushgw 
+http://10.31.130.151:9091 {
+     bind 10.31.130.151
+#    @delete-get {   # TODO Fix
+#        return 418
+#    }
+#    @put-post {
+        reverse_proxy http://127.0.0.1:9091
+#    }
+}