commit a5396bcd3ef97dae949e8f56609799a79c6f17e2
parent dcbc9ea550698046918a9d4a2e080d2a591ec2cf
Author: Christian Grothoff <christian@grothoff.org>
Date: Fri, 27 Dec 2024 16:41:24 +0100
document uptime kuma, address #8641
Diffstat:
3 files changed, 127 insertions(+), 3 deletions(-)
diff --git a/system-administration/index.rst b/system-administration/index.rst
@@ -15,14 +15,15 @@
@author Javier Sepulveda
-System Administration tutorials
-##################################
+System Administration
+#####################
.. toctree::
:maxdepth: 1
:glob:
writing-documentation-setup
+ uptime-kuma
lego-certificates
taler-monitoring-infrastructure
borgbackup-tutorial
diff --git a/system-administration/taler-monitoring-infrastructure.rst b/system-administration/taler-monitoring-infrastructure.rst
@@ -126,7 +126,7 @@ Managing logs
In order to manage logs, we use Loki + Promtail (Debian packages), which are very easy to integrate with Grafana and Prometheus.
.. code-block:: console
-
+
# Install
# apt-get install loki promtail
# Start services
diff --git a/system-administration/uptime-kuma.rst b/system-administration/uptime-kuma.rst
@@ -0,0 +1,123 @@
+..
+ This file is part of GNU TALER.
+ Copyright (C) 2024 Taler Systems SA
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU Affero General Public License as published by the Free Software
+ Foundation; either version 2.1, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License along with
+ TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
+
+ @author Christian Grothoff
+
+Uptime Kuma
+###########
+
+We use https://github.com/louislam/uptime-kuma to monitor public server and service
+availability. We run two servers:
+
+- https://uptimekuma.anastasis.lu/ monitors almost everything, and is our production
+ monitor hosted by Anastasis SARL.
+
+- https://uptimekuma.taler.net/ is our secondary monitor, which monitors the
+ production monitor.
+
+
+Monitoring servers
+==================
+
+We monitor server availability using "PING":
+
+- gv.taler.net
+- firefly.gnunet.org
+- pixel.anastasis.lu
+
+Monitoring websites
+===================
+
+For most websites, we simply use the HTTP(s) monitor. Make sure to enable advance
+notice for TLS certificate expiration. Sites to monitor include:
+
+- anastasis.lu
+- docs.anastasis.lu
+- webui.anastasis.lu
+- gnunet.org
+- bib.gnunet.org
+- bugs.gnunet.org
+- docs.gnunet.org
+- gana.gnunet.org
+- git.gnunet.org
+- grafana.gnunet.org
+- lsd.gnunet.org
+- taler.net
+- bugs.taler.net
+- demo.taler.net
+- docs.taler.net
+- git.taler.net
+- mattermost.taler.net
+- sandstorm.taler.net
+- test.taler.net
+- tutorials.taler.net
+- weblate.taler.net
+- taler-ops.ch
+- taler-systems.com
+- schanzen.eu
+
+Monitoring REST APIs
+====================
+
+For simple REST APIs, we simply use the HTTP(s) monitor on the /config endpoint.
+Make sure to enable advance notice for TLS certificate expiration. APIs to monitor include:
+
+- v1.anastasis.lu
+- backend.demo.taler.net
+- backend.head.taler.net
+- backend.test.taler.net
+
+
+Monitoring services
+===================
+
+We also monitor the following services using the HTTP(s) monitor on the "/" endpoint:
+
+- davical.taler.net
+- fcfs.gnunet.org
+
+
+Monitoring exchanges
+====================
+
+To monitor an exchange, we want to not merely monitor that the REST API is operational,
+but also check that the ``/keys`` response is not outdated. This can be done by computing
+the minimum expiration time over all of the maxima of the different keys in the response.
+For an exchange with P2P payments enabled, the HTTP(S) - JSON Query method can be
+used using the following query written in https://jsonata.org/:
+
+.. code-block:: text
+
+ $min($append($append(
+ [$max($map(global_fees, function($f) { $f.end_date.t_s}))],
+ [$max($map(signkeys, function($f) { $f.stamp_expire.t_s}))]),
+ [$max($map(denominations,
+ function ($a){
+ $max($map($a.denoms,
+ function ($d){
+ $d.stamp_expire_withdraw.t_s
+ }
+ ))
+ }
+ ))])) > $millis()/1000
+
+Exchanges to monitor include:
+
+- exchange.taler-ops.ch
+- exchange.e.netzbon-basel.ch
+- exchange.demo.taler.net
+- exchange.head.taler.net
+- exchange.test.taler.net
+
