infrastructure/machines/vault01/ups.nix

66 lines
1.6 KiB
Nix

{ pkgs, config, ... }:
{
power.ups = {
enable = true;
ups."eaton" = {
driver = "usbhid-ups";
port = "auto";
};
upsmon.enable = false;
users."eatonMon" = {
passwordFile = config.age.secrets."eatonmon-password_file".path;
upsmon = "primary";
};
upsmon.monitor."eaton" = {
user = "eatonMon";
};
schedulerRules =
let
cmdScript = pkgs.writeShellApplication {
name = "upssched-cmd.sh";
runtimeInputs = with pkgs; [ systemd ];
text = ''
case $1 in
shutdown) shutdown now
# TODO : warn
# TODO : warn & log on unknown cmd
esac
'';
};
rules = ''
CMDSCRIPT ${cmdScript}/bin/upssched-cmd.sh
PIPEFN /var/state/ups/upssched/upssched.pipe
LOCKFN /var/state/ups/upssched/upssched.lock
AT LOWBATT * EXECUTE shutdown
AT ONBATT * START-TIMER shutdown 900
AT ONLINE * CANCEL-TIMER shutdown
# TODO : warn admins at COMMBAD NOCOMM BYPASS (and maybe at ONBATT)
'';
in
(pkgs.writeTextFile {
name = "upssched.conf";
text = rules;
}).outPath;
};
systemd.tmpfiles.settings."10-upsmon" =
let
root = {
user = "root";
group = "root";
mode = "0600";
};
in
{
"/var/state/ups/upssched".d = root // {
mode = "0700";
};
"/var/state/ups/upssched/upssched.pipe".p = root;
};
services.prometheus.exporters.nut = {
enable = true;
listenAddress = "100.80.255.180";
port = 9199;
};
}