Skip to Content
Last modified by Alexandru Pentilescu on 2024/07/22 21:37
From version 8.1
edited by Alexandru Pentilescu
on 2024/07/02 20:22
Change comment: There is no comment for this version
To version 11.1
edited by Alexandru Pentilescu
on 2024/07/22 21:24
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -56,6 +56,12 @@
56 56  certbot certonly --authenticator dns-gandi --dns-gandi-credentials /etc/letsencrypt/gandi/gandi.ini -n -d 'transistor.one,*.transistor.one' --agree-tos --email=alexandru.pentilescu@disroot.org
57 57  {{/code}}
58 58  
59 +The contents of /etc/lets/encrypt/gandi/gandi.ini should look like the following:
60 +# live dns v5 api key
61 +dns_gandi_api_key=<gandi_api_key>
62 +
63 +The <gandi_api_key> token should be replaced with the actual API key generated from the Gandi website for your account.
64 +
59 59  = Setting up an SMTP server =
60 60  This will be required for all the future things you will be doing on the server.
61 61  
... ... @@ -143,4 +143,140 @@
143 143  {{/code}}
144 144  
145 145  Honestly, the "ipv6" line is unnecessary for our purposes, but I'm adding it anyway. After this file is added, after reboot, postfix will be able to bind itself to nonlocal addresses successfully.
152 +
153 += Installing Grafana and all the other necessary components =
154 +System monitoring is genuinely important. As such, having some pretty graphs to look at that monitor various stats of the server can be quite useful.
155 +To this end, we will set up Grafana as our graphs dashboard where we will visualize all of the relevant metrics of the system, as well as Prometheus as the data aggregator and Node Exporter, as the data collector.
156 +
157 +Let's get started!
158 +
159 +== Installing node exporter ==
160 +Use wget or any other utility to grab the latest version of node exporter.
161 +
162 +{{code language="bash"}}
163 +wget https://github.com/prometheus/node_exporter/releases/download/v0.15.2/node_exporter-0.15.2.linux-amd64.tar.gz
164 +{{/code}}
165 +
166 +Once this is done, extract the contents of the archive:
167 +
168 +{{code language="bash"}}
169 +tar -xf node_exporter-0.15.2.linux-amd64.tar.gz
170 +{{/code}}
171 +
172 +We will be running this as its own user. In order to avoid having to create a home directory for that user, it's best if we move the utilities that just got extracted to the root directories:
173 +
174 +{{code language="bash"}}
175 +mv node_exporter-0.15.2.linux-amd64/node_exporter /usr/local/bin
176 +{{/code}}
177 +
178 +Create the new user:
179 +
180 +{{code language="bash"}}
181 +useradd -rs /bin/false node_exporter
182 +{{/code}}
183 +
184 +Create a new systemd service file, that will start the node_exporter automatically, after each boot:
185 +
186 +{{code language="systemd"}}
187 +[Unit]
188 +Description=Node Exporter
189 +After=network.target
190 +
191 +[Service]
192 +User=node_exporter
193 +Group=node_exporter
194 +Type=simple
195 +ExecStart=/usr/local/bin/node_exporter
196 +
197 +[Install]
198 +WantedBy=multi-user.target
199 +{{/code}}
200 +
201 +Once this has been done, reload the service files, enable the newly created service and start it:
202 +
203 +{{code language="bash"}}
204 +systemctl daemon-reload
205 +systemctl enable node_exporter
206 +systemctl start node_exporter
207 +{{/code}}
208 +
209 +== Installing Prometheus ==
210 +Prometheus will be aggregating all the data that is collected by the node_exporter and allowing for it to be queried with a standardized syntax.
211 +
212 +To install Prometheus, we must first download it:
213 +
214 +{{code language="bash"}}
215 +wget https://github.com/prometheus/prometheus/releases/download/v2.1.0/prometheus-2.1.0.linux-amd64.tar.gz
216 +tar -xf prometheus-2.1.0.linux-amd64.tar.gz
217 +{{/code}}
218 +
219 +Much like with node_exporer above, we will force Prometheus to run as its own user, for security reasons. As such, we should isolate its files to the root filesystem:
220 +
221 +{{code language="bash"}}
222 +mv prometheus-2.1.0.linux-amd64/prometheus prometheus-2.1.0.linux-amd64/promtool /usr/local/bin
223 +{{/code}}
224 +
225 +We should also create new directories to store the relevant data for Prometheus:
226 +
227 +{{code language="bash"}}
228 +mkdir /etc/prometheus /var/lib/prometheus
229 +{{/code}}
230 +
231 +Then move the current directories to the appropriate system-level locations:
232 +
233 +{{code language="bash"}}
234 +mv prometheus-2.1.0.linux-amd64/consoles prometheus-2.1.0.linux-amd64/console_libraries /etc/prometheus
235 +{{/code}}
236 +
237 +== Configuring Prometheus ==
238 +Create a new /etc/prometheus/prometheus.yml with the following contents:
239 +
240 +{{code language="yml"}}
241 +global:
242 + scrape_interval: 10s
243 +scrape_configs:
244 + - job_name: 'node'
245 + static_configs:
246 + - targets: ['localhost:9100']
247 +{{/code}}
248 +
249 +Once the above is done, we should create the new prometheus user:
250 +
251 +{{code language="bash"}}
252 +useradd -rs /bin/false prometheussudo chown -R prometheus: /etc/prometheus /var/lib/prometheus
253 +chown -R prometheus: /etc/prometheus /var/lib/prometheus
254 +{{/code}}
255 +
256 +Then, please create an /etc/systemd/system/prometheus.service file with the following contents:
257 +
258 +{{code language="systemd"}}
259 +[Unit]
260 +Description=Prometheus
261 +After=network.target
262 +
263 +[Service]
264 +User=prometheus
265 +Group=prometheus
266 +Type=simple
267 +ExecStart=/usr/local/bin/prometheus \
268 + --config.file /etc/prometheus/prometheus.yml \
269 + --storage.tsdb.path /var/lib/prometheus/ \
270 + --web.console.templates=/etc/prometheus/consoles \
271 + --web.console.libraries=/etc/prometheus/console_libraries
272 +
273 +[Install]
274 +WantedBy=multi-user.target
275 +{{/code}}
276 +
277 +Then reload:
278 +
279 +{{code language="bash"}}
280 +systemctl daemon-reload
281 +systemctl enable prometheus
282 +systemctl start prometheus
283 +{{/code}}
284 +
146 146  )))
286 +
287 +
288 +