diff options
| author | makefu <github@syntax-fehler.de> | 2023-07-28 22:24:15 +0200 |
|---|---|---|
| committer | makefu <github@syntax-fehler.de> | 2023-07-28 22:24:15 +0200 |
| commit | 060a8f28fa1fc648bdf66afb31a5d1efac868837 (patch) | |
| tree | 2b354eacc7897365ee45244fe7a51720e0d0333f /makefu/2configs/nix-community | |
| parent | cbfcc890e3b76d942b927809bf981a5fa7289e6a (diff) | |
makefu: move out to own repo, add vacation-note
Diffstat (limited to 'makefu/2configs/nix-community')
| -rw-r--r-- | makefu/2configs/nix-community/mediawiki-matrix-bot.nix | 23 | ||||
| -rw-r--r-- | makefu/2configs/nix-community/supervision.nix | 83 |
2 files changed, 0 insertions, 106 deletions
diff --git a/makefu/2configs/nix-community/mediawiki-matrix-bot.nix b/makefu/2configs/nix-community/mediawiki-matrix-bot.nix deleted file mode 100644 index 6dff64121..000000000 --- a/makefu/2configs/nix-community/mediawiki-matrix-bot.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ pkgs, ... }: -let - seccfg = toString <secrets/mediawikibot-config.json>; - statecfg = "/var/lib/mediawiki-matrix-bot/config.json"; -in { - systemd.services.mediawiki-matrix-bot = { - description = "Mediawiki Matrix Bot"; - after = [ "network-online.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - Restart = "always"; - RestartSec = "60s"; - DynamicUser = true; - StateDirectory = "mediawiki-matrix-bot"; - PermissionsStartOnly = true; - ExecStartPre = pkgs.writeDash "mediawikibot-copy-config" '' - install -D -m644 ${seccfg} ${statecfg} - ''; - ExecStart = "${pkgs.mediawiki-matrix-bot}/bin/mediawiki-matrix-bot ${statecfg}"; - PrivateTmp = true; - }; - }; -} diff --git a/makefu/2configs/nix-community/supervision.nix b/makefu/2configs/nix-community/supervision.nix deleted file mode 100644 index cd4b6567b..000000000 --- a/makefu/2configs/nix-community/supervision.nix +++ /dev/null @@ -1,83 +0,0 @@ -{ config, lib, pkgs, ... }: -let - isVM = lib.any (mod: mod == "xen-blkfront" || mod == "virtio_console") config.boot.initrd.kernelModules; - port = "9273"; -in { - - networking.firewall.extraCommands = '' - iptables -A INPUT -i retiolum -p tcp --dport ${port} -j ACCEPT - ip6tables -A INPUT -i retiolum -p tcp --dport ${port} -j ACCEPT - ''; - - services.telegraf = { - enable = true; - extraConfig = { - agent.interval = "60s"; - inputs = { - prometheus.metric_version = 2; - kernel_vmstat = { }; - smart = lib.mkIf (!isVM) { - path = pkgs.writeShellScript "smartctl" '' - exec /run/wrappers/bin/sudo ${pkgs.smartmontools}/bin/smartctl "$@" - ''; - }; - system = { }; - mem = { }; - file = [{ - data_format = "influx"; - file_tag = "name"; - files = [ "/var/log/telegraf/*" ]; - }] ++ lib.optional (lib.any (fs: fs == "ext4") config.boot.supportedFilesystems) { - name_override = "ext4_errors"; - files = [ "/sys/fs/ext4/*/errors_count" ]; - data_format = "value"; - }; - exec = lib.optionalAttrs (lib.any (fs: fs == "zfs") config.boot.supportedFilesystems) { - ## Commands array - commands = [ - (pkgs.writeScript "zpool-health" '' - #!${pkgs.gawk}/bin/awk -f - BEGIN { - while ("${pkgs.zfs}/bin/zpool status" | getline) { - if ($1 ~ /pool:/) { printf "zpool_status,name=%s ", $2 } - if ($1 ~ /state:/) { printf " state=\"%s\",", $2 } - if ($1 ~ /errors:/) { - if (index($2, "No")) printf "errors=0i\n"; else printf "errors=%di\n", $2 - } - } - } - '') - ]; - data_format = "influx"; - }; - systemd_units = { }; - swap = { }; - disk.tagdrop = { - fstype = [ "tmpfs" "ramfs" "devtmpfs" "devfs" "iso9660" "overlay" "aufs" "squashfs" ]; - device = [ "rpc_pipefs" "lxcfs" "nsfs" "borgfs" ]; - }; - diskio = { }; - }; - outputs.prometheus_client = { - listen = ":${port}"; - metric_version = 2; - }; - }; - }; - - security.sudo.extraRules = lib.mkIf (!isVM) [{ - users = [ "telegraf" ]; - commands = [{ - command = "${pkgs.smartmontools}/bin/smartctl"; - options = [ "NOPASSWD" ]; - }]; - }]; - # avoid logging sudo use - security.sudo.configFile = '' - Defaults:telegraf !syslog,!pam_session - ''; - # create dummy file to avoid telegraf errors - systemd.tmpfiles.rules = [ - "f /var/log/telegraf/dummy 0444 root root - -" - ]; -} |