From 01c006ec22037bcb2ef94155bc8f62f960a05773 Mon Sep 17 00:00:00 2001 From: c6ristian <c6ristian@christian.moe> Date: Fri, 2 May 2025 01:08:55 +0200 Subject: [PATCH] grafana fix nginx ip allow list --- inventories/chaosknoten/host_vars/grafana.yaml | 1 - .../grafana/nginx/loki.hamburg.ccc.de.conf | 16 ++++++++++------ .../grafana/nginx/metrics.hamburg.ccc.de.conf | 8 +++++--- 3 files changed, 15 insertions(+), 10 deletions(-) diff --git a/inventories/chaosknoten/host_vars/grafana.yaml b/inventories/chaosknoten/host_vars/grafana.yaml index d98ef03..50a1290 100644 --- a/inventories/chaosknoten/host_vars/grafana.yaml +++ b/inventories/chaosknoten/host_vars/grafana.yaml @@ -116,5 +116,4 @@ alloy_config: | prometheus.scrape "scrape_metrics" { targets = prometheus.exporter.unix.local_system.targets forward_to = [prometheus.relabel.default.receiver] - scrape_interval = "15s" } diff --git a/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf b/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf index cf23ef7..31fb2a8 100644 --- a/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf +++ b/resources/chaosknoten/grafana/nginx/loki.hamburg.ccc.de.conf @@ -1,10 +1,12 @@ server { + allow ::1/128; + allow 127.0.0.1/32; # Wieske allow 172.31.17.128/25; allow 212.12.51.128/28; - allow 2a00:14b0:42:100::/56; - allow 2a00:14b0:4200:3380::/64; - allow 2a00:14b0:f000:23::/64; + allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router + allow 2a00:14b0:4200:3000::/64; #Bei Wieske + allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing # Z9 allow 2a07:c480:0:100::/56; allow 2a07:c481:1::/48; @@ -36,12 +38,14 @@ server { } server { + allow ::1/128; + allow 127.0.0.1/32; # Wieske allow 172.31.17.128/25; allow 212.12.51.128/28; - allow 2a00:14b0:42:100::/56; - allow 2a00:14b0:4200:3380::/64; - allow 2a00:14b0:f000:23::/64; + allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router + allow 2a00:14b0:4200:3000::/64; #Bei Wieske + allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing # Z9 allow 2a07:c480:0:100::/56; allow 2a07:c481:1::/48; diff --git a/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf b/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf index 9a709a1..17843c4 100644 --- a/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf +++ b/resources/chaosknoten/grafana/nginx/metrics.hamburg.ccc.de.conf @@ -1,10 +1,12 @@ server { + allow ::1/128; + allow 127.0.0.1/32; # Wieske allow 172.31.17.128/25; allow 212.12.51.128/28; - allow 2a00:14b0:42:100::/56; - allow 2a00:14b0:4200:3380::/64; - allow 2a00:14b0:f000:23::/64; + allow 2a00:14b0:42:100::/56; #Neues v6 gerouted via neuem Router + allow 2a00:14b0:4200:3000::/64; #Bei Wieske + allow 2a00:14b0:f000:23::/64; #CCCHH v6 bei Wieske, geroutet über turing # Z9 allow 2a07:c480:0:100::/56; allow 2a07:c481:1::/48;