Started building my entire infrastructure monitoring solution from scratch!

- Powered by FreeBSD!
- Using Jails and seperation of duty:
- One Jail running Grafana and Prometheus
- One Jail running Netbird Wireguard to connect my infra securely
- One Jail running Nginx and Certbot

All ZFS based for backup / snapshots and rollback options.

Routed and NAT'ed via a seperate dedicated pf jail.

All working fine, I get first metrics and can start slowly improve from here.

Todo:
- Alerts via AlertManager
- Log-Ingestion via promtail
- Log analysis with Grafana Loki
- Adding remaining servers via WireGuard Mesh VPN
- Adding another Jail for Uptime-Kuma

#monitoring #freebsd #grafana #loki #linux #devops #jails #bastille #zfs

Started building my entire infrastructure monitoring solution from scratch!

- Powered by FreeBSD!
- Using Jails and seperation of duty:
- One Jail running Grafana and Prometheus
- One Jail running Netbird Wireguard to connect my infra securely
- One Jail running Nginx and Certbot

All ZFS based for backup / snapshots and rollback options.

Routed and NAT'ed via a seperate dedicated pf jail.

All working fine, I get first metrics and can start slowly improve from here.

Todo:
- Alerts via AlertManager
- Log-Ingestion via promtail
- Log analysis with Grafana Loki
- Adding remaining servers via WireGuard Mesh VPN
- Adding another Jail for Uptime-Kuma

#monitoring #freebsd #grafana #loki #linux #devops #jails #bastille #zfs

Questions for #fediverse#SysAdmin folk who run #prometheus and #grafana on multiple #aws accounts:

Do you use a single Prometheus server or do you have one for each account?

How do you handle auto scaling EC2 servers which could change IPs at any time?

Is it possible for servers to push rather than get pulled from?

Please share any setups that could be relevant and boost far & wide!

Thanks in advance!! ❤️❤️❤️

Questions for #fediverse#SysAdmin folk who run #prometheus and #grafana on multiple #aws accounts:

Do you use a single Prometheus server or do you have one for each account?

How do you handle auto scaling EC2 servers which could change IPs at any time?

Is it possible for servers to push rather than get pulled from?

Please share any setups that could be relevant and boost far & wide!

Thanks in advance!! ❤️❤️❤️

On weekend I managed to connect all my selfhosted services that support it to the #Keycloak#SSO (single sign on).
Namely #Mastodon#Peertube#NextCloud #FreshRSS#Matomo and #grafana

Why to bother with such complication for apps serving only a couple of users?
First it's quite easy nowadays.
And second, because I want to get rid of passwords and just use #passkeys .

This is one of many examples showing that good apps should just focus on one task and just use standards to cooperate with other apps focusing on other tasks.

Peertube for example focuses on videos, not user management. I am very OK that they don't support passkeys, because they implemented OpenId Connect standard to allow me use Keycloak for better login options.

On the other hand, I am quite sad that SSO is often the one feature, that is proprietary and reserved only for paying customers. SSO is not for huge corporations anymore. It's also usefull for us, selfhosters with couple of users.

❤️

On weekend I managed to connect all my selfhosted services that support it to the #Keycloak#SSO (single sign on).
Namely #Mastodon#Peertube#NextCloud #FreshRSS#Matomo and #grafana

Why to bother with such complication for apps serving only a couple of users?
First it's quite easy nowadays.
And second, because I want to get rid of passwords and just use #passkeys .

This is one of many examples showing that good apps should just focus on one task and just use standards to cooperate with other apps focusing on other tasks.

Peertube for example focuses on videos, not user management. I am very OK that they don't support passkeys, because they implemented OpenId Connect standard to allow me use Keycloak for better login options.

On the other hand, I am quite sad that SSO is often the one feature, that is proprietary and reserved only for paying customers. SSO is not for huge corporations anymore. It's also usefull for us, selfhosters with couple of users.

❤️

What it looks like to move your Mastodon account to #GoToSocial on #OpenBSD from a #Victoriametrics + #Grafana point of view.

Next to move, the Pixelfed account.

Special thanks to @vyr for the #slurp software https://github.com/VyrCossont/slurp

What it looks like to move your Mastodon account to #GoToSocial on #OpenBSD from a #Victoriametrics + #Grafana point of view.

Next to move, the Pixelfed account.

Special thanks to @vyr for the #slurp software https://github.com/VyrCossont/slurp

Dear #FreeBSD friends,

What did you use to monitor your network, jails, host, disks, certificates, etc?

I was using #Nagios without a real success, I saw #Zabbix, #Munin. And I never succeeded with #Prometheus and #Grafana.
Long time ago I was using cacti.