feat(modules): Generalize redirections
All checks were successful
build configuration / build_web02 (push) Successful in 1m2s
build configuration / build_vault01 (push) Successful in 1m6s
build configuration / build_storage01 (push) Successful in 1m6s
build configuration / build_compute01 (push) Successful in 1m11s
lint / check (push) Successful in 24s
build configuration / build_web01 (push) Successful in 1m30s
build configuration / build_rescue01 (push) Successful in 56s
build configuration / push_to_cache (push) Successful in 2m13s
All checks were successful
build configuration / build_web02 (push) Successful in 1m2s
build configuration / build_vault01 (push) Successful in 1m6s
build configuration / build_storage01 (push) Successful in 1m6s
build configuration / build_compute01 (push) Successful in 1m11s
lint / check (push) Successful in 24s
build configuration / build_web01 (push) Successful in 1m30s
build configuration / build_rescue01 (push) Successful in 56s
build configuration / push_to_cache (push) Successful in 2m13s
This commit is contained in:
parent
dd10a8e2fe
commit
3f928ce90b
|
|
@ -1,17 +1,29 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
nodes,
|
||||
config,
|
||||
sources,
|
||||
...
|
||||
}:
|
||||
let
|
||||
inherit (lib)
|
||||
concatLists
|
||||
mapAttrsToList
|
||||
mkForce
|
||||
mkMerge
|
||||
;
|
||||
|
||||
inherit (config.statelessUptimeKuma.lib)
|
||||
pingProbesFromHive
|
||||
fromHive
|
||||
httpProbesFromConfig
|
||||
probesWithTag
|
||||
;
|
||||
|
||||
probesCfg = config.statelessUptimeKuma.probesConfig;
|
||||
|
||||
mkMonitors = name: builtins.attrNames (probesWithTag { inherit name; } probesCfg);
|
||||
|
||||
host = "status.dgnum.eu";
|
||||
|
||||
port = 3001;
|
||||
|
|
@ -24,14 +36,15 @@ let
|
|||
"cdn.dgnum.eu"
|
||||
"saml-idp.dgnum.eu"
|
||||
"status.dgnum.eu"
|
||||
] ++ nodes.web01.config.dgn-redirections.retired;
|
||||
] ++ (concatLists (mapAttrsToList (_: { config, ... }: config.dgn-redirections.retired) nodes));
|
||||
|
||||
extraProbes = {
|
||||
monitors = {
|
||||
"prometheus.dgnum.eu" = {
|
||||
type = lib.mkForce "http";
|
||||
type = mkForce "http";
|
||||
accepted_statuscodes = [ "401" ];
|
||||
};
|
||||
|
||||
"api.meet.dgnum.eu" = {
|
||||
keyword = "Crab Fit API";
|
||||
};
|
||||
|
|
@ -47,23 +60,17 @@ let
|
|||
{
|
||||
name = "Services";
|
||||
weight = 1;
|
||||
monitorList = builtins.attrNames (
|
||||
probesWithTag { name = "Service"; } config.statelessUptimeKuma.probesConfig
|
||||
);
|
||||
monitorList = mkMonitors "Service";
|
||||
}
|
||||
{
|
||||
name = "Serveurs";
|
||||
weight = 2;
|
||||
monitorList = builtins.attrNames (
|
||||
probesWithTag { name = "Ping"; } config.statelessUptimeKuma.probesConfig
|
||||
);
|
||||
monitorList = mkMonitors "Ping";
|
||||
}
|
||||
{
|
||||
name = "VPN Interne";
|
||||
weight = 2;
|
||||
monitorList = builtins.attrNames (
|
||||
probesWithTag { name = "VPN"; } config.statelessUptimeKuma.probesConfig
|
||||
);
|
||||
monitorList = mkMonitors "VPN";
|
||||
}
|
||||
];
|
||||
};
|
||||
|
|
@ -111,6 +118,7 @@ in
|
|||
{
|
||||
imports = [ (sources.stateless-uptime-kuma + "/nixos/module.nix") ];
|
||||
nixpkgs.overlays = [ (import (sources.stateless-uptime-kuma + "/overlay.nix")) ];
|
||||
|
||||
services.uptime-kuma.enable = true;
|
||||
|
||||
services.nginx = {
|
||||
|
|
@ -132,17 +140,16 @@ in
|
|||
];
|
||||
|
||||
statelessUptimeKuma = {
|
||||
probesConfig = lib.mkMerge [
|
||||
probesConfig = mkMerge [
|
||||
pingProbes
|
||||
httpProbes
|
||||
extraProbes
|
||||
vpnProbes
|
||||
{ inherit status_pages; }
|
||||
];
|
||||
extraFlags = [
|
||||
"-v DEBUG"
|
||||
"-s"
|
||||
];
|
||||
|
||||
extraFlags = [ "-s" ];
|
||||
|
||||
host = "http://localhost:${builtins.toString port}/";
|
||||
username = "dgnum";
|
||||
passwordFile = config.age.secrets."stateless-uptime-kuma-password".path;
|
||||
|
|
|
|||
|
|
@ -1,92 +1,60 @@
|
|||
{ lib, config, ... }:
|
||||
_:
|
||||
|
||||
let
|
||||
retired_host = "retired.dgnum.eu";
|
||||
retiredHost = "retired.dgnum.eu";
|
||||
|
||||
mkRetired =
|
||||
hosts:
|
||||
builtins.listToAttrs (
|
||||
builtins.map (name: {
|
||||
inherit name;
|
||||
value = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/".return = "301 https://${retired_host}/${name}";
|
||||
};
|
||||
}) hosts
|
||||
mkSubs =
|
||||
attrs:
|
||||
builtins.concatLists (
|
||||
builtins.attrValues (builtins.mapAttrs (domain: builtins.map (s: "${s}.${domain}")) attrs)
|
||||
);
|
||||
|
||||
mkSub = domain: builtins.map (s: "${s}.${domain}");
|
||||
mkSubs = attrs: builtins.concatLists (builtins.attrValues (builtins.mapAttrs mkSub attrs));
|
||||
|
||||
mkRedirection =
|
||||
_:
|
||||
{ to }:
|
||||
{
|
||||
globalRedirect = to;
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
};
|
||||
|
||||
cfg = config.dgn-redirections;
|
||||
in
|
||||
{
|
||||
options.dgn-redirections = {
|
||||
redirections = lib.mkOption {
|
||||
type =
|
||||
with lib.types;
|
||||
attrsOf (submodule {
|
||||
options.to = lib.mkOption { type = str; };
|
||||
});
|
||||
default = { };
|
||||
};
|
||||
retired = lib.mkOption {
|
||||
type = with lib.types; listOf str;
|
||||
default = [ ];
|
||||
};
|
||||
};
|
||||
config = {
|
||||
dgn-redirections = {
|
||||
redirections = {
|
||||
"calendrier.eleves.ens.fr".to = "calendrier.dgnum.eu";
|
||||
"docs.beta.rz.ens.wtf".to = "pads.dgnum.eu";
|
||||
"git.rz.ens.wtf".to = "git.dgnum.eu";
|
||||
"notion.rz.ens.wtf".to = "docs.dgnum.eu";
|
||||
"nuage.beta.rz.ens.wtf".to = "cloud.dgnum.eu";
|
||||
"rdv.dgnum.eu".to = "meet.dgnum.eu";
|
||||
"www.bda.ens.fr".to = "bda.ens.fr";
|
||||
"bda.wp.dgnum.eu".to = "bda.ens.fr";
|
||||
"www.tuteurs.ens.fr".to = "tuteurs.ens.fr";
|
||||
"www.interq.ens.fr".to = "interq.ens.fr";
|
||||
"www.lanuit.ens.fr".to = "lanuit.ens.fr";
|
||||
};
|
||||
|
||||
retired = mkSubs {
|
||||
"ens.fr" = [
|
||||
"alevins"
|
||||
"www.climatenavigator"
|
||||
];
|
||||
"ens.wtf" = [ "photos" ];
|
||||
"rz.ens.wtf" = [
|
||||
"s3"
|
||||
"cdn"
|
||||
];
|
||||
"beta.rz.ens.wtf" = [
|
||||
"todo"
|
||||
"minecraft"
|
||||
"factorio"
|
||||
"home"
|
||||
"pads"
|
||||
"api.pads"
|
||||
"files.pads"
|
||||
"sandbox.pads"
|
||||
"jurisprudens"
|
||||
"rstudio"
|
||||
];
|
||||
};
|
||||
{
|
||||
dgn-redirections = {
|
||||
inherit retiredHost;
|
||||
|
||||
redirections = {
|
||||
"calendrier.eleves.ens.fr" = "calendrier.dgnum.eu";
|
||||
"docs.beta.rz.ens.wtf" = "pads.dgnum.eu";
|
||||
"git.rz.ens.wtf" = "git.dgnum.eu";
|
||||
"notion.rz.ens.wtf" = "docs.dgnum.eu";
|
||||
"nuage.beta.rz.ens.wtf" = "cloud.dgnum.eu";
|
||||
"rdv.dgnum.eu" = "meet.dgnum.eu";
|
||||
"www.bda.ens.fr" = "bda.ens.fr";
|
||||
"bda.wp.dgnum.eu" = "bda.ens.fr";
|
||||
"www.tuteurs.ens.fr" = "tuteurs.ens.fr";
|
||||
"www.interq.ens.fr" = "interq.ens.fr";
|
||||
"www.lanuit.ens.fr" = "lanuit.ens.fr";
|
||||
};
|
||||
|
||||
retired = mkSubs {
|
||||
"ens.fr" = [
|
||||
"alevins"
|
||||
"www.climatenavigator"
|
||||
];
|
||||
|
||||
"ens.wtf" = [ "photos" ];
|
||||
|
||||
"rz.ens.wtf" = [
|
||||
"s3"
|
||||
"cdn"
|
||||
];
|
||||
|
||||
"beta.rz.ens.wtf" = [
|
||||
"todo"
|
||||
"minecraft"
|
||||
"factorio"
|
||||
"home"
|
||||
"pads"
|
||||
"api.pads"
|
||||
"files.pads"
|
||||
"sandbox.pads"
|
||||
"jurisprudens"
|
||||
"rstudio"
|
||||
];
|
||||
};
|
||||
services.nginx.virtualHosts = {
|
||||
${retired_host}.default = true;
|
||||
} // (builtins.mapAttrs mkRedirection cfg.redirections) // (mkRetired cfg.retired);
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts.${retiredHost}.default = true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -48,14 +48,15 @@
|
|||
"dgn-console"
|
||||
"dgn-fail2ban"
|
||||
"dgn-hardware"
|
||||
"dgn-node-monitoring"
|
||||
"dgn-notify"
|
||||
"dgn-netbox-agent"
|
||||
"dgn-network"
|
||||
"dgn-node-monitoring"
|
||||
"dgn-notify"
|
||||
"dgn-records"
|
||||
"dgn-redirections"
|
||||
"dgn-ssh"
|
||||
"dgn-web"
|
||||
"dgn-vm-variant"
|
||||
"dgn-web"
|
||||
])
|
||||
++ [
|
||||
"${sources.agenix}/modules/age.nix"
|
||||
|
|
|
|||
64
modules/dgn-redirections/default.nix
Normal file
64
modules/dgn-redirections/default.nix
Normal file
|
|
@ -0,0 +1,64 @@
|
|||
{ config, lib, ... }:
|
||||
|
||||
let
|
||||
inherit (lib) mkOption;
|
||||
|
||||
inherit (lib.types) attrsOf listOf str;
|
||||
|
||||
mkRetired =
|
||||
hosts:
|
||||
builtins.listToAttrs (
|
||||
builtins.map (name: {
|
||||
inherit name;
|
||||
value = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/".return = "301 https://${cfg.retiredHost}/${name}";
|
||||
};
|
||||
}) hosts
|
||||
);
|
||||
|
||||
mkRedirection = _: globalRedirect: {
|
||||
inherit globalRedirect;
|
||||
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
};
|
||||
|
||||
cfg = config.dgn-redirections;
|
||||
in
|
||||
|
||||
{
|
||||
options.dgn-redirections = {
|
||||
redirections = mkOption {
|
||||
type = attrsOf str;
|
||||
default = { };
|
||||
description = ''
|
||||
Attribute set of redirections, for:
|
||||
{ a = b; },
|
||||
a redirection from a to b will be made.
|
||||
'';
|
||||
};
|
||||
|
||||
retired = mkOption {
|
||||
type = listOf str;
|
||||
default = [ ];
|
||||
description = ''
|
||||
List of retired domains, they will we redirected to `retired.dgnum.eu/$host`.
|
||||
'';
|
||||
};
|
||||
|
||||
retiredHost = mkOption {
|
||||
type = str;
|
||||
default = "retired.dgnum.eu";
|
||||
description = ''
|
||||
Host used for the redirections of retired services.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
services.nginx.virtualHosts =
|
||||
(builtins.mapAttrs mkRedirection cfg.redirections) // (mkRetired cfg.retired);
|
||||
};
|
||||
}
|
||||
Loading…
Reference in a new issue