kiaragrouwstra/infra
0
0
Fork 0
forked from the-distro/infra
Code Pull requests Activity

fix(channel-scripts): push OTLP properly now

Browse source 
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
This commit is contained in:
raito 2024-08-31 19:56:46 +02:00
parent 4c7943349b
commit c2ad3d6d26
2 changed files with 11 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
flake.lock
View file

@ -108,11 +108,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1725126502, "lastModified": 1725126704,
"narHash": "sha256-Xyxyvb+Hr/Gn8MPb1b9QXJRTNOS2M52zz6rEjfcLsyU=", "narHash": "sha256-evjwB70VXzEmEs+07pf4MfAmM+Gtl2JYRfsW+9Jbhaw=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "3934bcbb39994cd99b2dbf919d2ec1d1f5ccd2cc", "rev": "6c79be63e7f08ccded0f792dfc15de987299c92b",
"revCount": 259, "revCount": 260,
"type": "git", "type": "git",
"url": "https://git.lix.systems/the-distro/channel-scripts.git" "url": "https://git.lix.systems/the-distro/channel-scripts.git"
}, },

54
services/channel-scripts/default.nix
View file

@ -21,6 +21,8 @@ let
cfg.releaseBucketCredentialsFile cfg.releaseBucketCredentialsFile
]; ];
Environment = cfg.extraEnvironment; Environment = cfg.extraEnvironment;
# TODO: we should have our own secret for this.
LoadCredential = [ "password:${config.age.secrets.alloy-push-password.path}" ];
}; };
unitConfig.After = [ "networking.target" ]; unitConfig.After = [ "networking.target" ];
script = script =
@ -32,6 +34,8 @@ let
fi fi
GIT_DIR=$dir git config remote.origin.fetch '+refs/heads/*:refs/remotes/origin/*' GIT_DIR=$dir git config remote.origin.fetch '+refs/heads/*:refs/remotes/origin/*'
CREDENTIAL=$(echo -en "promtail:$(cat $CREDENTIALS_DIRECTORY/password)" | base64)
export OTEL_EXPORTER_OTLP_HEADERS="Authorization=Basic $CREDENTIAL"
# TODO: use escapeShellArgs # TODO: use escapeShellArgs
exec ${cfg.package}/bin/mirror-forkos -c ${configFile} ${concatStringsSep " " cfg.extraArgs} apply ${channelName} ${mainJob} exec ${cfg.package}/bin/mirror-forkos -c ${configFile} ${concatStringsSep " " cfg.extraArgs} apply ${channelName} ${mainJob}
''; '';
@ -138,6 +142,9 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
bagel.nixpkgs.channel-scripts.extraEnvironment = mkIf cfg.otlp.enable [
''OTEL_EXPORTER_OTLP_TRACES_ENDPOINT="https://tempo.forkos.org/v1/traces"''
];
bagel.nixpkgs.channel-scripts.settings = { bagel.nixpkgs.channel-scripts.settings = {
hydra_uri = cfg.hydraUrl; hydra_uri = cfg.hydraUrl;
binary_cache_uri = cfg.binaryCacheUrl; binary_cache_uri = cfg.binaryCacheUrl;
@ -147,53 +154,6 @@ in
s3_channel_bucket_name = cfg.s3.channel; s3_channel_bucket_name = cfg.s3.channel;
}; };
# services.alloy = {
# enable = cfg.otlp.enable;
# };
#
# bagel.services.channel-scripts.extraEnvironment = mkIf cfg.otlp.enable {
# OTLP_EXPORTER_OTLP_ENDPOINT = "127.0.0.1:9000";
# OTEL_EXPORTER_OTLP_PROTOCOL = "grpc";
# };
#
# environment.etc."alloy/config.alloy".text = ''
# otelcol.auth.basic "forkos" {
# username = "promtail"
# password = env("/run/credentials/alloy.service/password")
# }
# otelcol.receiver.otlp "default" {
# grpc {
# endpoint = "127.0.0.1:9000"
# }
#
# output {
# metrics = [otelcol.processor.batch.default.input]
# logs = [otelcol.processor.batch.default.input]
# traces = [otelcol.processor.batch.default.input]
# }
# }
#
# otelcol.processor.batch "default" {
# output {
# metrics = [otelcol.exporter.otlp.default.input]
# logs = [otelcol.exporter.otlp.default.input]
# traces = [otelcol.exporter.otlp.default.input]
# }
# }
#
# otelcol.exporter.otlp "default" {
# client {
# endpoint {
# url = "https://tempo.forkos.org"
# basic_auth {
# username = "promtail"
# password_file = "/run/credentials/alloy.service/password"
# }
# }
# }
# }
# '';
#
users.users.channel-scripts = { users.users.channel-scripts = {
description = "Channel scripts user"; description = "Channel scripts user";
isSystemUser = true; isSystemUser = true;