diff --git a/machines/rescue01/uptime-kuma.nix b/machines/rescue01/uptime-kuma.nix index 142f17e..d224b6a 100644 --- a/machines/rescue01/uptime-kuma.nix +++ b/machines/rescue01/uptime-kuma.nix @@ -1,17 +1,29 @@ { + config, lib, nodes, - config, sources, ... }: let + inherit (lib) + concatLists + mapAttrsToList + mkForce + mkMerge + ; + inherit (config.statelessUptimeKuma.lib) pingProbesFromHive fromHive httpProbesFromConfig probesWithTag ; + + probesCfg = config.statelessUptimeKuma.probesConfig; + + mkMonitors = name: builtins.attrNames (probesWithTag { inherit name; } probesCfg); + host = "status.dgnum.eu"; port = 3001; @@ -24,14 +36,15 @@ let "cdn.dgnum.eu" "saml-idp.dgnum.eu" "status.dgnum.eu" - ] ++ nodes.web01.config.dgn-redirections.retired; + ] ++ (concatLists (mapAttrsToList (_: { config, ... }: config.dgn-redirections.retired) nodes)); extraProbes = { monitors = { "prometheus.dgnum.eu" = { - type = lib.mkForce "http"; + type = mkForce "http"; accepted_statuscodes = [ "401" ]; }; + "api.meet.dgnum.eu" = { keyword = "Crab Fit API"; }; @@ -47,23 +60,17 @@ let { name = "Services"; weight = 1; - monitorList = builtins.attrNames ( - probesWithTag { name = "Service"; } config.statelessUptimeKuma.probesConfig - ); + monitorList = mkMonitors "Service"; } { name = "Serveurs"; weight = 2; - monitorList = builtins.attrNames ( - probesWithTag { name = "Ping"; } config.statelessUptimeKuma.probesConfig - ); + monitorList = mkMonitors "Ping"; } { name = "VPN Interne"; weight = 2; - monitorList = builtins.attrNames ( - probesWithTag { name = "VPN"; } config.statelessUptimeKuma.probesConfig - ); + monitorList = mkMonitors "VPN"; } ]; }; @@ -111,6 +118,7 @@ in { imports = [ (sources.stateless-uptime-kuma + "/nixos/module.nix") ]; nixpkgs.overlays = [ (import (sources.stateless-uptime-kuma + "/overlay.nix")) ]; + services.uptime-kuma.enable = true; services.nginx = { @@ -132,17 +140,16 @@ in ]; statelessUptimeKuma = { - probesConfig = lib.mkMerge [ + probesConfig = mkMerge [ pingProbes httpProbes extraProbes vpnProbes { inherit status_pages; } ]; - extraFlags = [ - "-v DEBUG" - "-s" - ]; + + extraFlags = [ "-s" ]; + host = "http://localhost:${builtins.toString port}/"; username = "dgnum"; passwordFile = config.age.secrets."stateless-uptime-kuma-password".path; diff --git a/machines/web01/redirections.nix b/machines/web01/redirections.nix index bc613e4..c6dfe87 100644 --- a/machines/web01/redirections.nix +++ b/machines/web01/redirections.nix @@ -1,92 +1,60 @@ -{ lib, config, ... }: +_: let - retired_host = "retired.dgnum.eu"; + retiredHost = "retired.dgnum.eu"; - mkRetired = - hosts: - builtins.listToAttrs ( - builtins.map (name: { - inherit name; - value = { - enableACME = true; - forceSSL = true; - locations."/".return = "301 https://${retired_host}/${name}"; - }; - }) hosts + mkSubs = + attrs: + builtins.concatLists ( + builtins.attrValues (builtins.mapAttrs (domain: builtins.map (s: "${s}.${domain}")) attrs) ); - - mkSub = domain: builtins.map (s: "${s}.${domain}"); - mkSubs = attrs: builtins.concatLists (builtins.attrValues (builtins.mapAttrs mkSub attrs)); - - mkRedirection = - _: - { to }: - { - globalRedirect = to; - enableACME = true; - forceSSL = true; - }; - - cfg = config.dgn-redirections; in -{ - options.dgn-redirections = { - redirections = lib.mkOption { - type = - with lib.types; - attrsOf (submodule { - options.to = lib.mkOption { type = str; }; - }); - default = { }; - }; - retired = lib.mkOption { - type = with lib.types; listOf str; - default = [ ]; - }; - }; - config = { - dgn-redirections = { - redirections = { - "calendrier.eleves.ens.fr".to = "calendrier.dgnum.eu"; - "docs.beta.rz.ens.wtf".to = "pads.dgnum.eu"; - "git.rz.ens.wtf".to = "git.dgnum.eu"; - "notion.rz.ens.wtf".to = "docs.dgnum.eu"; - "nuage.beta.rz.ens.wtf".to = "cloud.dgnum.eu"; - "rdv.dgnum.eu".to = "meet.dgnum.eu"; - "www.bda.ens.fr".to = "bda.ens.fr"; - "bda.wp.dgnum.eu".to = "bda.ens.fr"; - "www.tuteurs.ens.fr".to = "tuteurs.ens.fr"; - "www.interq.ens.fr".to = "interq.ens.fr"; - "www.lanuit.ens.fr".to = "lanuit.ens.fr"; - }; - retired = mkSubs { - "ens.fr" = [ - "alevins" - "www.climatenavigator" - ]; - "ens.wtf" = [ "photos" ]; - "rz.ens.wtf" = [ - "s3" - "cdn" - ]; - "beta.rz.ens.wtf" = [ - "todo" - "minecraft" - "factorio" - "home" - "pads" - "api.pads" - "files.pads" - "sandbox.pads" - "jurisprudens" - "rstudio" - ]; - }; +{ + dgn-redirections = { + inherit retiredHost; + + redirections = { + "calendrier.eleves.ens.fr" = "calendrier.dgnum.eu"; + "docs.beta.rz.ens.wtf" = "pads.dgnum.eu"; + "git.rz.ens.wtf" = "git.dgnum.eu"; + "notion.rz.ens.wtf" = "docs.dgnum.eu"; + "nuage.beta.rz.ens.wtf" = "cloud.dgnum.eu"; + "rdv.dgnum.eu" = "meet.dgnum.eu"; + "www.bda.ens.fr" = "bda.ens.fr"; + "bda.wp.dgnum.eu" = "bda.ens.fr"; + "www.tuteurs.ens.fr" = "tuteurs.ens.fr"; + "www.interq.ens.fr" = "interq.ens.fr"; + "www.lanuit.ens.fr" = "lanuit.ens.fr"; + }; + + retired = mkSubs { + "ens.fr" = [ + "alevins" + "www.climatenavigator" + ]; + + "ens.wtf" = [ "photos" ]; + + "rz.ens.wtf" = [ + "s3" + "cdn" + ]; + + "beta.rz.ens.wtf" = [ + "todo" + "minecraft" + "factorio" + "home" + "pads" + "api.pads" + "files.pads" + "sandbox.pads" + "jurisprudens" + "rstudio" + ]; }; - services.nginx.virtualHosts = { - ${retired_host}.default = true; - } // (builtins.mapAttrs mkRedirection cfg.redirections) // (mkRetired cfg.retired); }; + + services.nginx.virtualHosts.${retiredHost}.default = true; } diff --git a/modules/default.nix b/modules/default.nix index a395f72..3047718 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -48,14 +48,15 @@ "dgn-console" "dgn-fail2ban" "dgn-hardware" - "dgn-node-monitoring" - "dgn-notify" "dgn-netbox-agent" "dgn-network" + "dgn-node-monitoring" + "dgn-notify" "dgn-records" + "dgn-redirections" "dgn-ssh" - "dgn-web" "dgn-vm-variant" + "dgn-web" ]) ++ [ "${sources.agenix}/modules/age.nix" diff --git a/modules/dgn-redirections/default.nix b/modules/dgn-redirections/default.nix new file mode 100644 index 0000000..0a4e93b --- /dev/null +++ b/modules/dgn-redirections/default.nix @@ -0,0 +1,64 @@ +{ config, lib, ... }: + +let + inherit (lib) mkOption; + + inherit (lib.types) attrsOf listOf str; + + mkRetired = + hosts: + builtins.listToAttrs ( + builtins.map (name: { + inherit name; + value = { + enableACME = true; + forceSSL = true; + locations."/".return = "301 https://${cfg.retiredHost}/${name}"; + }; + }) hosts + ); + + mkRedirection = _: globalRedirect: { + inherit globalRedirect; + + enableACME = true; + forceSSL = true; + }; + + cfg = config.dgn-redirections; +in + +{ + options.dgn-redirections = { + redirections = mkOption { + type = attrsOf str; + default = { }; + description = '' + Attribute set of redirections, for: + { a = b; }, + a redirection from a to b will be made. + ''; + }; + + retired = mkOption { + type = listOf str; + default = [ ]; + description = '' + List of retired domains, they will we redirected to `retired.dgnum.eu/$host`. + ''; + }; + + retiredHost = mkOption { + type = str; + default = "retired.dgnum.eu"; + description = '' + Host used for the redirections of retired services. + ''; + }; + }; + + config = { + services.nginx.virtualHosts = + (builtins.mapAttrs mkRedirection cfg.redirections) // (mkRetired cfg.retired); + }; +}