privacy-in-design/gitea-migration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c7c29869eea91afde80c4694bc13214b11ca7ed3
gitea-migration/setup/pi-monitoring/README.md

62 lines
2.1 KiB
Markdown
Raw Blame History

# Pi Monitoring Stack
Purpose: turn a Raspberry Pi 4 (8GB) into a low-power monitoring/control plane for your Gitea migration environment.
This module deploys:
- Portainer (single admin view)
- Grafana (dashboards)
- Prometheus (metrics)
- Uptime Kuma (service checks)
- Node Exporter + cAdvisor (Pi host + container metrics)
## Folder Contents
- `bootstrap_pi.sh`: first-time host prep (packages, Docker, firewall, hardening)
- `mount_ssd.sh`: format/mount SSD and create persistent data paths
- `deploy_stack.sh`: deploy monitoring stack with Docker Compose
- `upgrade_stack.sh`: pull new images and recreate stack
- `backup_stack.sh`: backup stack data/config to `OPS_ROOT/backups`
- `restore_stack.sh`: restore from backup archive
- `status.sh`: show service status and endpoint reachability
- `teardown_stack.sh`: stop/remove stack; optionally delete stack data
- `install_portainer_agent_remote.sh`: install Portainer Agent on Fedora/Unraid
- `docker-compose.yml`: stack definition
- `stack.env.example`: environment template
- `prometheus/prometheus.yml`: Prometheus config
- `USAGE_GUIDE.md`: full setup and operations guide
## Quick Start
Run on the Raspberry Pi host:
```bash
cd /path/to/gitea-migration/setup/pi-monitoring
./bootstrap_pi.sh --yes
./mount_ssd.sh --device=/dev/sda1 --yes
cp stack.env.example stack.env
# edit stack.env and set a strong GRAFANA_ADMIN_PASSWORD
./deploy_stack.sh --yes
./status.sh
```
Then from your admin machine, install Portainer agent on remote Docker hosts:
```bash
./install_portainer_agent_remote.sh --host=<unraid-ip> --user=<unraid-user> --port=22 --yes
./install_portainer_agent_remote.sh --host=<fedora-ip> --user=<fedora-user> --port=22 --yes
```
In Portainer UI (`https://<pi-ip>:9443`), add environments using:
- `tcp://<unraid-ip>:9001`
- `tcp://<fedora-ip>:9001`
## Security Notes
- `stack.env` contains secrets; do not commit it.
- Portainer Agent exposes Docker control on `9001`; keep it inside trusted LAN/VPN.
- Keep UFW enabled and only expose required ports.
- Use SSD for durability; avoid long-term DB workloads on SD card.
Reference in New Issue View Git Blame Copy Permalink