summaryrefslogtreecommitdiffstats
path: root/lass/1systems/shodan.nix
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2017-03-05 00:28:32 +0100
committertv <tv@krebsco.de>2017-03-05 00:28:32 +0100
commit4499cc406560963d65b016075ba2df6451c834cd (patch)
treeffea19187190a105e7b0caf617a0215c02c281da /lass/1systems/shodan.nix
parentd7761aed6559adba3cfa61d822165c42c90fc276 (diff)
parent39fd77b84c7c14d6460722721726b378bdab7acd (diff)
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'lass/1systems/shodan.nix')
-rw-r--r--lass/1systems/shodan.nix23
1 files changed, 23 insertions, 0 deletions
diff --git a/lass/1systems/shodan.nix b/lass/1systems/shodan.nix
index 232e91d90..dca616936 100644
--- a/lass/1systems/shodan.nix
+++ b/lass/1systems/shodan.nix
@@ -42,6 +42,29 @@ with import <stockholm/lib>;
pkgs.python27Packages.python
];
}
+ {
+ krebs.monit = let
+ echoToIrc = msg:
+ pkgs.writeDash "echo_irc" ''
+ set -euf
+ export LOGNAME=prism-alarm
+ ${pkgs.irc-announce}/bin/irc-announce \
+ ni.r 6667 ${config.networking.hostName}-alarm \#noise "${msg}" >/dev/null
+ '';
+ in {
+ enable = true;
+ http.enable = true;
+ alarms = {
+ hfos = {
+ test = "${pkgs.curl}/bin/curl -sf --insecure 'https://hfos.hackerfleet.de'";
+ alarm = echoToIrc "test hfos failed";
+ };
+ };
+ };
+ krebs.iptables.tables.filter.INPUT.rules = [
+ { predicate = "-p tcp -i retiolum --dport 9093"; target = "ACCEPT"; }
+ ];
+ }
];
krebs.build.host = config.krebs.hosts.shodan;