add monitoring

Run victoria metrics and grafana on rivendell. Grafana is using authelia
for auth. We run some collectors on all the machines, and they publish
to VM through the wireguard interface.

3 files changed, 12 insertions, 0 deletions

diff --git a/secrets/authelia-users.yaml.age b/secrets/authelia-users.yaml.age
index dc8fe62..d21f4e0 100644
--- a/secrets/authelia-users.yaml.age
+++ b/secrets/authelia-users.yaml.age
diff --git a/secrets/grafana-oidc.age b/secrets/grafana-oidc.age
new file mode 100644
index 0000000..deaf0c4
--- /dev/null
+++ b/secrets/grafana-oidc.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 pFjJaA nXdpTOxE+KOi+hkTl8WrFzsXTLlX6JQhY/6+w6ZcZ0k
+6TZjec0mdP37hXGXEev7dN27BqGhvO0EVEJi7XPJsrc
+-> ssh-ed25519 Y5h84Q 1um4Z+C9sRiHVMEJszpc4ygNhONX0tNvAsABlvDmwHA
+IN3pQyGFCRWphTHLAaxrCVci0OaRViHUaZYqZPEA14A
+--- ABsJxwFEMn+GNkH+BqcrSIFfeZJaqSvRTNid1yEDJaA
+���F�꧒�b��R��M��w�ɨ�qo�
�;�\�1���n
�D4 X���Q�LU*��oI�M:��Yy�I�t��ƖJ�E�@ ��i˸\�a%�
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index adb15e1..2b645eb 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -42,6 +42,11 @@ in
     hosts.rivendell
   ];
 
+  "grafana-oidc.age".publicKeys = [
+    users.fcuny
+    hosts.rivendell
+  ];
+
   # generated with:
   # openssl rand 64 | openssl base64 -A | tr '+/' '-_' | tr -d '='
   "authelia-storage-key.age".publicKeys = [