From 3cec74799796eb0246ad8e85d7d398a9461533e9 Mon Sep 17 00:00:00 2001
From: Raito Bezarius <masterancpp@gmail.com>
Date: Tue, 8 Mar 2022 19:39:29 +0100
Subject: [PATCH] users: add mdebray
---
profiles/core-hackens/personal-users.nix | 5 ++
profiles/monitoring.nix | 72 ++++++++++++++++++++++++
pubkeys/sinavir.keys | 1 +
3 files changed, 78 insertions(+)
create mode 100644 profiles/monitoring.nix
create mode 100644 pubkeys/sinavir.keys
diff --git a/profiles/core-hackens/personal-users.nix b/profiles/core-hackens/personal-users.nix
index f1e7d86..f20e94b 100644
--- a/profiles/core-hackens/personal-users.nix
+++ b/profiles/core-hackens/personal-users.nix
@@ -12,6 +12,11 @@
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keyFiles = [ ../../pubkeys/gdd.keys ];
};
+ mdebray = {
+ isNormalUser = true;
+ extraGroups = [ "wheel" ];
+ openssh.authorizedKeys.keyFiles = [ ../../pubkeys/sinavir.keys ];
+ };
root.openssh.authorizedKeys.keyFiles = [ ../../pubkeys/beigbeder.keys ]; # Jacques Beigbeder est tjrs root.
};
}
diff --git a/profiles/monitoring.nix b/profiles/monitoring.nix
new file mode 100644
index 0000000..ce85023
--- /dev/null
+++ b/profiles/monitoring.nix
@@ -0,0 +1,72 @@
+{ pkgs, config, ... }:
+{
+ # Monitoring
+ services.netdata.enable = true;
+ systemd.services.netdata.restartTriggers = map (name: config.environment.etc."netdata/${name}.conf".source) [
+ "health_alarm_notify"
+ "stream"
+ "fping"
+ ];
+ environment.etc."netdata/stream.conf" = {
+ user = "netdata";
+ group = "netdata";
+ mode = "0600";
+ text = ''
+ # hackens-desktop
+ [074e699a-4206-4e13-baa7-e4524326f1e0]
+ enabled = yes
+ default history = 3600
+ default memory mode = dbengine
+ health enabled by default = auto
+ allow from = 192.168.1.117, 2001:470:1f13:21d:49fd:1d82:d2ff:d868
+
+ # hackens-openwrt
+ [cab3fe1e-576b-420d-b301-84308e44f340]
+ enabled = yes
+ default history = 3600
+ default memory mode = dbengine
+ health enabled by default = auto
+ allow from = 192.168.1.1, 2001:470:1f13:21d::1
+ '';
+ };
+ environment.etc."netdata/health_alarm_notify.conf" = {
+ user = "netdata";
+ group = "netdata";
+ mode = "0600";
+ text = ''
+ # External tools
+ nc="${pkgs.netcat}/bin/nc"
+
+ # IRC configuration
+ SEND_IRC="YES"
+ DEFAULT_RECIPIENT_IRC="#hackens-status"
+ IRC_NETWORK="ens.wtf"
+ IRC_NICKNAME="hackens"
+ IRC_REALNAME="hackENS netdata monitoring"
+ '';
+ };
+ environment.etc."netdata/fping.conf" = {
+ user = "netdata";
+ group = "netdata";
+ mode = "0600";
+ text = ''
+ fping="${pkgs.fping}/bin/fping"
+ hosts="hackens.org hack.ens.fr sas.eleves.ens.fr argonaut.ens.wtf clipper.ens.fr merle.eleves.ens.fr"
+ '';
+ };
+ services.smartd.enable = true;
+ services.smartd.extraOptions = [ "-A /var/log/smartd/" ]; # For netdata.
+
+ # MQTT for every usage, notably OctoPrint events.
+ services.mosquitto = {
+ enable = true;
+ listeners = [
+ {
+ address = "192.168.1.118";
+ }
+ ];
+ settings = {
+ # allow_anonymous = true;
+ };
+ };
+}
diff --git a/pubkeys/sinavir.keys b/pubkeys/sinavir.keys
new file mode 100644
index 0000000..471d054
--- /dev/null
+++ b/pubkeys/sinavir.keys
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEpwF+XD3HgX64kqD42pcEZRNYAWoO4YNiOm5KO4tH6o