feat(modules): Generalize redirections

This commit is contained in:
Tom Hubrecht 2024-04-23 22:02:04 +02:00
parent dd10a8e2fe
commit 3f928ce90b
4 changed files with 143 additions and 103 deletions

View file

@ -1,17 +1,29 @@
{
config,
lib,
nodes,
config,
sources,
...
}:
let
inherit (lib)
concatLists
mapAttrsToList
mkForce
mkMerge
;
inherit (config.statelessUptimeKuma.lib)
pingProbesFromHive
fromHive
httpProbesFromConfig
probesWithTag
;
probesCfg = config.statelessUptimeKuma.probesConfig;
mkMonitors = name: builtins.attrNames (probesWithTag { inherit name; } probesCfg);
host = "status.dgnum.eu";
port = 3001;
@ -24,14 +36,15 @@ let
"cdn.dgnum.eu"
"saml-idp.dgnum.eu"
"status.dgnum.eu"
] ++ nodes.web01.config.dgn-redirections.retired;
] ++ (concatLists (mapAttrsToList (_: { config, ... }: config.dgn-redirections.retired) nodes));
extraProbes = {
monitors = {
"prometheus.dgnum.eu" = {
type = lib.mkForce "http";
type = mkForce "http";
accepted_statuscodes = [ "401" ];
};
"api.meet.dgnum.eu" = {
keyword = "Crab Fit API";
};
@ -47,23 +60,17 @@ let
{
name = "Services";
weight = 1;
monitorList = builtins.attrNames (
probesWithTag { name = "Service"; } config.statelessUptimeKuma.probesConfig
);
monitorList = mkMonitors "Service";
}
{
name = "Serveurs";
weight = 2;
monitorList = builtins.attrNames (
probesWithTag { name = "Ping"; } config.statelessUptimeKuma.probesConfig
);
monitorList = mkMonitors "Ping";
}
{
name = "VPN Interne";
weight = 2;
monitorList = builtins.attrNames (
probesWithTag { name = "VPN"; } config.statelessUptimeKuma.probesConfig
);
monitorList = mkMonitors "VPN";
}
];
};
@ -111,6 +118,7 @@ in
{
imports = [ (sources.stateless-uptime-kuma + "/nixos/module.nix") ];
nixpkgs.overlays = [ (import (sources.stateless-uptime-kuma + "/overlay.nix")) ];
services.uptime-kuma.enable = true;
services.nginx = {
@ -132,17 +140,16 @@ in
];
statelessUptimeKuma = {
probesConfig = lib.mkMerge [
probesConfig = mkMerge [
pingProbes
httpProbes
extraProbes
vpnProbes
{ inherit status_pages; }
];
extraFlags = [
"-v DEBUG"
"-s"
];
extraFlags = [ "-s" ];
host = "http://localhost:${builtins.toString port}/";
username = "dgnum";
passwordFile = config.age.secrets."stateless-uptime-kuma-password".path;

View file

@ -1,92 +1,60 @@
{ lib, config, ... }:
_:
let
retired_host = "retired.dgnum.eu";
retiredHost = "retired.dgnum.eu";
mkRetired =
hosts:
builtins.listToAttrs (
builtins.map (name: {
inherit name;
value = {
enableACME = true;
forceSSL = true;
locations."/".return = "301 https://${retired_host}/${name}";
};
}) hosts
mkSubs =
attrs:
builtins.concatLists (
builtins.attrValues (builtins.mapAttrs (domain: builtins.map (s: "${s}.${domain}")) attrs)
);
mkSub = domain: builtins.map (s: "${s}.${domain}");
mkSubs = attrs: builtins.concatLists (builtins.attrValues (builtins.mapAttrs mkSub attrs));
mkRedirection =
_:
{ to }:
{
globalRedirect = to;
enableACME = true;
forceSSL = true;
};
cfg = config.dgn-redirections;
in
{
options.dgn-redirections = {
redirections = lib.mkOption {
type =
with lib.types;
attrsOf (submodule {
options.to = lib.mkOption { type = str; };
});
default = { };
};
retired = lib.mkOption {
type = with lib.types; listOf str;
default = [ ];
};
};
config = {
dgn-redirections = {
redirections = {
"calendrier.eleves.ens.fr".to = "calendrier.dgnum.eu";
"docs.beta.rz.ens.wtf".to = "pads.dgnum.eu";
"git.rz.ens.wtf".to = "git.dgnum.eu";
"notion.rz.ens.wtf".to = "docs.dgnum.eu";
"nuage.beta.rz.ens.wtf".to = "cloud.dgnum.eu";
"rdv.dgnum.eu".to = "meet.dgnum.eu";
"www.bda.ens.fr".to = "bda.ens.fr";
"bda.wp.dgnum.eu".to = "bda.ens.fr";
"www.tuteurs.ens.fr".to = "tuteurs.ens.fr";
"www.interq.ens.fr".to = "interq.ens.fr";
"www.lanuit.ens.fr".to = "lanuit.ens.fr";
};
retired = mkSubs {
"ens.fr" = [
"alevins"
"www.climatenavigator"
];
"ens.wtf" = [ "photos" ];
"rz.ens.wtf" = [
"s3"
"cdn"
];
"beta.rz.ens.wtf" = [
"todo"
"minecraft"
"factorio"
"home"
"pads"
"api.pads"
"files.pads"
"sandbox.pads"
"jurisprudens"
"rstudio"
];
};
{
dgn-redirections = {
inherit retiredHost;
redirections = {
"calendrier.eleves.ens.fr" = "calendrier.dgnum.eu";
"docs.beta.rz.ens.wtf" = "pads.dgnum.eu";
"git.rz.ens.wtf" = "git.dgnum.eu";
"notion.rz.ens.wtf" = "docs.dgnum.eu";
"nuage.beta.rz.ens.wtf" = "cloud.dgnum.eu";
"rdv.dgnum.eu" = "meet.dgnum.eu";
"www.bda.ens.fr" = "bda.ens.fr";
"bda.wp.dgnum.eu" = "bda.ens.fr";
"www.tuteurs.ens.fr" = "tuteurs.ens.fr";
"www.interq.ens.fr" = "interq.ens.fr";
"www.lanuit.ens.fr" = "lanuit.ens.fr";
};
retired = mkSubs {
"ens.fr" = [
"alevins"
"www.climatenavigator"
];
"ens.wtf" = [ "photos" ];
"rz.ens.wtf" = [
"s3"
"cdn"
];
"beta.rz.ens.wtf" = [
"todo"
"minecraft"
"factorio"
"home"
"pads"
"api.pads"
"files.pads"
"sandbox.pads"
"jurisprudens"
"rstudio"
];
};
services.nginx.virtualHosts = {
${retired_host}.default = true;
} // (builtins.mapAttrs mkRedirection cfg.redirections) // (mkRetired cfg.retired);
};
services.nginx.virtualHosts.${retiredHost}.default = true;
}

View file

@ -48,14 +48,15 @@
"dgn-console"
"dgn-fail2ban"
"dgn-hardware"
"dgn-node-monitoring"
"dgn-notify"
"dgn-netbox-agent"
"dgn-network"
"dgn-node-monitoring"
"dgn-notify"
"dgn-records"
"dgn-redirections"
"dgn-ssh"
"dgn-web"
"dgn-vm-variant"
"dgn-web"
])
++ [
"${sources.agenix}/modules/age.nix"

View file

@ -0,0 +1,64 @@
{ config, lib, ... }:
let
inherit (lib) mkOption;
inherit (lib.types) attrsOf listOf str;
mkRetired =
hosts:
builtins.listToAttrs (
builtins.map (name: {
inherit name;
value = {
enableACME = true;
forceSSL = true;
locations."/".return = "301 https://${cfg.retiredHost}/${name}";
};
}) hosts
);
mkRedirection = _: globalRedirect: {
inherit globalRedirect;
enableACME = true;
forceSSL = true;
};
cfg = config.dgn-redirections;
in
{
options.dgn-redirections = {
redirections = mkOption {
type = attrsOf str;
default = { };
description = ''
Attribute set of redirections, for:
{ a = b; },
a redirection from a to b will be made.
'';
};
retired = mkOption {
type = listOf str;
default = [ ];
description = ''
List of retired domains, they will we redirected to `retired.dgnum.eu/$host`.
'';
};
retiredHost = mkOption {
type = str;
default = "retired.dgnum.eu";
description = ''
Host used for the redirections of retired services.
'';
};
};
config = {
services.nginx.virtualHosts =
(builtins.mapAttrs mkRedirection cfg.redirections) // (mkRetired cfg.retired);
};
}