feat(lambda): init stateless uptime-kuma

2025-03-25 21:30:52 +01:00 · 2024-11-02 02:09:27 +01:00 · 2024-11-02 02:09:27 +01:00 · a78b000356
commit a78b000356
parent 06fe1c0cb2
6 changed files with 76 additions and 28 deletions
--- a/lib/mkmachine.nix
+++ b/lib/mkmachine.nix
@ -38,6 +38,7 @@ import "${nixpkgs}/nixos/lib/eval-config.nix" {
    (import inputs.lanzaboote).nixosModules.lanzaboote
    (import inputs.lila).nixosModules.hash-collection
    (import "${inputs.arkheon}/module.nix")
+    (import "${inputs.stateless-uptime-kuma}/nixos/module.nix")
    {
      home-manager.useGlobalPkgs = true;
      nixpkgs.system = system;
@ -51,6 +52,9 @@ import "${nixpkgs}/nixos/lib/eval-config.nix" {
          # Packages comming from other repositories
          jackett = pkgs.callPackage ../packages/jackett { };
          lila-build-hook = (import inputs.lila).packages.${system}.utils;
+          statelessUptimeKuma =
+            pkgs.callPackage "${inputs.stateless-uptime-kuma}/stateless-uptime-kuma.nix"
+              { };
          # My own packages
          keycloak-keywind = prev.pkgs.callPackage ../packages/keycloak-keywind { };
          hydrasect = prev.pkgs.callPackage ../packages/hydrasect { };
--- a/lon.lock
+++ b/lon.lock
@ -180,6 +180,15 @@
      "url": "https://github.com/nixos/nixpkgs/archive/32e940c7c420600ef0d1ef396dc63b04ee9cad37.tar.gz",
      "hash": "sha256-BAuPWW+9fa1moZTU+jFh+1cUtmsuF8asgzFwejM4wac="
    },
+    "stateless-uptime-kuma": {
+      "type": "Git",
+      "fetchType": "git",
+      "branch": "master",
+      "revision": "880f444ff7862d6127b051cf1a993ad1585b1652",
+      "url": "https://git.dgnum.eu/DGNum/stateless-uptime-kuma.git",
+      "hash": "sha256-l9fgwesnmFxasCaYUCD7L9bGGJXytLuwtx3CZMgpwJg=",
+      "submodules": false
+    },
    "unstable": {
      "type": "GitHub",
      "fetchType": "tarball",
--- a/machines/lambda/default.nix
+++ b/machines/lambda/default.nix
@ -10,6 +10,7 @@
    ./hardware.nix
    ./home-julien.nix
    ./arkheon.nix
+    ./uptime-kuma.nix
  ];

  machine.meta = {
@ -41,14 +42,6 @@

  luj.nginx.enable = true;

-  services.uptime-kuma = {
-    enable = true;
-    package = pkgs.unstable.uptime-kuma;
-    settings = {
-      NODE_EXTRA_CA_CERTS = "/etc/ssl/certs/ca-certificates.crt";
-    };
-  };
-
  services.ntfy-sh = {
    enable = true;
    package = pkgs.unstable.ntfy-sh;
@ -62,26 +55,6 @@
    };
  };

-  services.nginx.virtualHosts."status.julienmalka.me" = {
-    forceSSL = true;
-    enableACME = true;
-    locations."/" = {
-      proxyPass = "http://localhost:3001";
-      proxyWebsockets = true;
-    };
-  };
-
-  security.acme.certs."uptime.luj".server = "https://ca.luj/acme/acme/directory";
-
-  services.nginx.virtualHosts."uptime.luj" = {
-    forceSSL = true;
-    enableACME = true;
-    locations."/" = {
-      proxyPass = "http://localhost:3001";
-      proxyWebsockets = true;
-    };
-  };
-
  services.nginx.virtualHosts."notifications.julienmalka.me" = {
    forceSSL = true;
    enableACME = true;
--- a/machines/lambda/uptime-kuma.nix
+++ b/machines/lambda/uptime-kuma.nix
@ -0,0 +1,47 @@
+{ pkgs, config, ... }:
+{
+
+  services.uptime-kuma = {
+    enable = true;
+    package = pkgs.unstable.uptime-kuma;
+    settings = {
+      NODE_EXTRA_CA_CERTS = "/etc/ssl/certs/ca-certificates.crt";
+    };
+  };
+
+  services.nginx.virtualHosts."status.julienmalka.me" = {
+    forceSSL = true;
+    enableACME = true;
+    locations."/" = {
+      proxyPass = "http://localhost:3001";
+      proxyWebsockets = true;
+    };
+  };
+
+  age.secrets."stateless-uptime-kuma-password".file = ../../secrets/stateless-uptime-kuma-password.age;
+  statelessUptimeKuma = {
+    enableService = true;
+    probesConfig = {
+      monitors = {
+        "mdr" = {
+          url = "https://82.67.34.230";
+          keyword = "Ulm";
+          type = "keyword";
+          accepted_statuscodes = [ "200-299" ];
+          headers = ''
+            {
+              "Host": "julienmalka.me"
+            }
+          '';
+        };
+      };
+    };
+
+    extraFlags = [ "-s" ];
+
+    host = "http://localhost:${builtins.toString 3001}/";
+    username = "Julien";
+    passwordFile = config.age.secrets."stateless-uptime-kuma-password".path;
+  };
+
+}
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -101,4 +101,9 @@ in
    tower
    gustave
  ];
+  "stateless-uptime-kuma-password.age".publicKeys = [
+    gallifrey
+    tower
+    lambda
+  ];
 }
--- a/secrets/stateless-uptime-kuma-password.age
+++ b/secrets/stateless-uptime-kuma-password.age
@ -0,0 +1,10 @@
+age-encryption.org/v1
+-> ssh-ed25519 u3yXZQ tmFNbSWWcoA7Z/TvAaeodP8U7IqoMUDeUgEuueV3ugE
+MmrD0NCtXoLR8GAwexcdN0dcGvyjdRgSMmz9Rt05b5A
+-> ssh-ed25519 AqX2tg 0fjjaaTdxHyaUHLhaMoR89FrWHxsJ+iJP9HjYePyJEk
+t8T8TEnqSrDneiblrTxOPA1OiDMrB3/o36JqXwanlTo
+-> ssh-ed25519 xaddyw 52IFyDb+AaTJAlwItAxNwXw230RBssaIdiZL0rm+/SQ
+C9pqrsqtNvaqSW4VPcW0+MsNfYz+GDu4UqP497vWtAA
+--- O28WnFNZwT2ExTac5bu7LVtbaW/ZVI4acdM5u0lVnV4
+¥›’äÉÐ‡hW2K#Æ¯Yê‹¤
ÉUž—»¦%ú¨¦
+Nî×XòË iX¢F›2Ù¿§Kð¿$fd