diff --git a/machines/vault01/ups.nix b/machines/vault01/ups.nix index 71a53f5..f607eab 100644 --- a/machines/vault01/ups.nix +++ b/machines/vault01/ups.nix @@ -1,4 +1,4 @@ -# { pkgs, ... }: +{ pkgs, ... }: { power.ups = { enable = true; @@ -7,17 +7,61 @@ port = "auto"; }; upsmon.enable = false; - # users."eatonMon" = { - # passwordFile = (pkgs.writeTextFile { - # name = "pass"; - # text = "YFEAee2%9PuPcEKf$7vW$3a&wdvNJME%UkP2Z~RVkk4ZaQHYW^"; - # }).outPath; - # upsmon = "primary"; - # }; - # upsmon.monitor."eaton" = { - # user = "eatonMon"; - # }; + users."eatonMon" = { + passwordFile = + (pkgs.writeTextFile { + name = "pass"; + text = "YFEAee2%9PuPcEKf$7vW$3a&wdvNJME%UkP2Z~RVkk4ZaQHYW^"; + }).outPath; + upsmon = "primary"; + }; + upsmon.monitor."eaton" = { + user = "eatonMon"; + }; + schedulerRules = + let + cmdScript = pkgs.writeShellApplication { + name = "upssched-cmd.sh"; + runtimeInputs = with pkgs; [ systemd ]; + text = '' + case $1 in + shutdown) shutdown now + # TODO : warn + # TODO : warn & log on unknown cmd + esac + ''; + }; + rules = '' + CMDSCRIPT ${cmdScript}/bin/upssched-cmd.sh + PIPEFN /var/state/ups/upssched/upssched.pipe + LOCKFN /var/state/ups/upssched/upssched.lock + AT LOWBATT * EXECUTE shutdown + AT ONBATT * START-TIMER shutdown 900 + AT ONLINE * CANCEL-TIMER shutdown + # TODO : warn admins at COMMBAD NOCOMM BYPASS (and maybe at ONBATT) + ''; + in + (pkgs.writeTextFile { + name = "upssched.conf"; + text = rules; + }).outPath; }; + + systemd.tmpfiles.settings."10-upsmon" = + let + root = { + user = "root"; + group = "root"; + mode = "0600"; + }; + in + { + "/var/state/ups/upssched".d = root // { + mode = "0700"; + }; + "/var/state/ups/upssched/upssched.pipe".p = root; + }; + services.prometheus.exporters.nut = { enable = true; listenAddress = "100.80.255.180";