microcosm.blue / microcosm-rs
Constellation, Spacedust, Slingshot, UFOs: atproto crates and services for microcosm
75
fork

Configure Feed

Select the types of activity you want to include in your feed.

annoying config/admin stuff today

phil 81fbd206 4f3e75b8

+119
+116
cozy-setup (move to another repo).md
··· 1 + cozy-ucosm 2 + 3 + 4 + ## gateway 5 + 6 + - tailscale (exit node enabled) 7 + -> allow ipv4 and ipv6 forwarding 8 + - caddy 9 + 10 + ```bash 11 + apt install golang 12 + go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest 13 + go/bin/xcaddy build \ 14 + --with github.com/caddyserver/cache-handler \ 15 + --with github.com/darkweak/storages/badger/caddy \ 16 + --with github.com/mholt/caddy-ratelimit 17 + # then https://caddyserver.com/docs/running#manual-installation 18 + 19 + mkdir /var/cache/caddy-badger 20 + chown -R caddy:caddy /var/cache/caddy-badger/ 21 + ``` 22 + 23 + - `/etc/caddy/Caddyfile` 24 + 25 + ``` 26 + { 27 + cache { 28 + badger 29 + api { 30 + prometheus 31 + } 32 + } 33 + } 34 + 35 + links.bsky.bad-example.com { 36 + reverse_proxy link-aggregator:6789 37 + respond /souin-api/metrics "denied" 403 38 + cache { 39 + ttl 3s 40 + stale 1h 41 + default_cache_control public, s-maxage=3 42 + badger { 43 + path /var/cache/caddy-badger/links 44 + } 45 + } 46 + } 47 + 48 + gateway:80 { 49 + metrics 50 + cache 51 + } 52 + ``` 53 + 54 + 55 + - victoriametrics 56 + 57 + ```bash 58 + curl -LO https://github.com/VictoriaMetrics/VictoriaMetrics/releases/download/v1.109.1/victoria-metrics-linux-amd64-v1.109.1.tar.gz 59 + tar xzf victoria-metrics-linux-amd64-v1.109.1.tar.gz 60 + # and then https://docs.victoriametrics.com/quick-start/#starting-vm-single-from-a-binary 61 + sudo mkdir /etc/victoria-metrics && sudo chown -R victoriametrics:victoriametrics /etc/victoria-metrics 62 + 63 + ``` 64 + 65 + - `/etc/victoria-metrics/prometheus.yml` 66 + 67 + ```yaml 68 + global: 69 + scrape_interval: '15s' 70 + 71 + scrape_configs: 72 + - job_name: 'link_aggregator' 73 + static_configs: 74 + - targets: ['link-aggregator:8765'] 75 + - job_name: 'gateway:caddy' 76 + static_configs: 77 + - targets: ['gateway:80/metrics'] 78 + - job_name: 'gateway:cache' 79 + static_configs: 80 + - targets: ['gateway:80/souin-api/metrics'] 81 + ``` 82 + 83 + - `ExecStart` in `/etc/systemd/system/victoriametrics.service`: 84 + 85 + ``` 86 + ExecStart=/usr/local/bin/victoria-metrics-prod -storageDataPath=/var/lib/victoria-metrics -retentionPeriod=90d -selfScrapeInterval=1m -promscrape.config=/etc/victoria-metrics/prometheus.yml 87 + ``` 88 + 89 + - grafana 90 + 91 + followed `https://grafana.com/docs/grafana/latest/setup-grafana/installation/debian/#install-grafana-on-debian-or-ubuntu` 92 + 93 + something something something then 94 + 95 + ``` 96 + sudo grafana-cli --pluginUrl https://github.com/VictoriaMetrics/victoriametrics-datasource/releases/download/v0.11.1/victoriametrics-datasource-v0.11.1.zip plugins install victoriametrics 97 + ``` 98 + 99 + 100 + 101 + --- 102 + 103 + some todos 104 + 105 + - [x] tailscale: exit node 106 + - [!] link_aggregator: use exit node 107 + -> worked, but reverted for now: tailscale on raspi was consuming ~50% cpu for the jetstream traffic. this might be near its max since it would have been catching up at the time (max jetstream throughput) but it feels a bit too much. we have to trust the jetstream server and link_aggregator doesn't (yet) make any other external connections, so for now the raspi connects directly from my home again. 108 + - [x] caddy: reverse proxy 109 + - [x] build with cache and rate-limit plugins 110 + - [x] configure systemd to keep it alive 111 + - [ ] configure caddy cache 112 + - [ ] configure caddy rate-limit 113 + - [ ] configure caddy to use a health check (once it's added) 114 + - [ ] configure caddy to only expose cache metrics to tailnet :/ 115 + - [ ] make some grafana dashboards 116 +