From d5bff54d43febc86cf31d8b8ed0e3d25fcd7f66b Mon Sep 17 00:00:00 2001 From: Astro Date: Tue, 19 Oct 2021 02:10:34 +0200 Subject: [PATCH] jabber: add stats, automatic prosody restart --- hosts/containers/jabber/default.nix | 24 +++++++-- hosts/containers/jabber/prosody-stats.rb | 63 ++++++++++++++++++++++++ 2 files changed, 83 insertions(+), 4 deletions(-) create mode 100644 hosts/containers/jabber/prosody-stats.rb diff --git a/hosts/containers/jabber/default.nix b/hosts/containers/jabber/default.nix index 7a2c1f5b..a6285d05 100644 --- a/hosts/containers/jabber/default.nix +++ b/hosts/containers/jabber/default.nix @@ -40,6 +40,15 @@ in # TODO: allowedSCTPPorts }; + c3d2 = { + isInHq = false; + hq.statistics.enable = true; + }; + services.collectd.plugins.exec = '' + Exec "${config.services.collectd.user}" "${pkgs.ruby}/bin/ruby" "${./prosody-stats.rb}" + ''; + systemd.services.collectd.requires = [ "prosody.service" ]; + security.acme.certs."${domain}" = { extraDomainNames = [ "chat.c3d2.de" @@ -70,7 +79,6 @@ in }; } ]; }; - #TODO: candy? #TODO: txt records? services.prosody = { enable = true; @@ -87,10 +95,13 @@ in websocket = true; http_files = true; + admin_telnet = true; announce = true; mam = true; carbons = true; + proxy65 = false; }; + ssl = { key = "/var/lib/acme/${domain}/key.pem"; cert = "/var/lib/acme/${domain}/fullchain.pem"; @@ -106,7 +117,7 @@ in c2sRequireEncryption = true; s2sRequireEncryption = true; - + virtualHosts = { "${domain}" = { enabled = true; @@ -181,8 +192,13 @@ in -- proxy65_ports = { 5000 } ''; }; - # Allow binding ports <1024 - systemd.services.prosody.serviceConfig.AmbientCapabilities = "CAP_NET_BIND_SERVICE"; + systemd.services.prosody.serviceConfig = { + # Allow binding ports <1024 + AmbientCapabilities = "CAP_NET_BIND_SERVICE"; + + Restart = "always"; + RestartSec = "3"; + }; services.coturn = { enable = true; diff --git a/hosts/containers/jabber/prosody-stats.rb b/hosts/containers/jabber/prosody-stats.rb new file mode 100644 index 00000000..c6fd59b0 --- /dev/null +++ b/hosts/containers/jabber/prosody-stats.rb @@ -0,0 +1,63 @@ +#!/usr/bin/env ruby + +require 'socket' + +INTERVAL = ENV['COLLECTD_INTERVAL'].to_i +HOSTNAME = ENV['COLLECTD_HOSTNAME'] + + +def recv sock + results = [] + loop do + line = sock.gets + if line.start_with? "| OK:" + break + else + results << line.chomp + end + end + results +end + +sock = TCPSocket.new "localhost", 5582 +loop do + stats = {} + + sock.puts "c2s:show()" + recv(sock).each do |line| + if line.start_with? "| " + encrypted = line.index " (encrypted)" + ipv6 = line.index " (IPv6)" + k = "c2s:#{encrypted ? 'encrypted' : 'unencrypted'}-#{ipv6 ? 'ipv6' : 'ipv4'}" + stats[k] = 0 unless stats[k] + stats[k] += 1 + end + end + + sock.puts "s2s:show()" + recv(sock).each do |line| + if line.start_with? "| " + out = if line.index "<-" + false + elsif line.index "->" + true + else + next + end + encrypted = line.index " (encrypted)" + ipv6 = line.index " (IPv6)" + k = "s2s-#{out ? 'out' : 'in'}:#{encrypted ? 'encrypted' : 'unencrypted'}-#{ipv6 ? 'ipv6' : 'ipv4'}" + stats[k] = 0 unless stats[k] + stats[k] += 1 + end + end + + stats.each do |k,v| + k1, k2 = k.split(":", 2) + puts "PUTVAL \"#{HOSTNAME}/exec-prosody-#{k1}/current_connections-#{k2}\" interval=#{INTERVAL} N:#{v}" + end + +ensure + sleep INTERVAL + +end