uku/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(vesuvio): add gatus

Browse source
This commit is contained in:
uku 2025-02-03 16:30:06 +01:00
parent 7d51ce6f18
commit 2e241a93d7
Signed by: uku
SSH key fingerprint: SHA256:4P0aN6M8ajKukNi6aPOaX0LacanGYtlfjmN+m/sHY/o
5 changed files with 93 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
secrets/secrets.nix
View file

@ -43,6 +43,7 @@ in
"etna/upsdUserPass.age".publicKeys = main ++ [ etna ]; "etna/upsdUserPass.age".publicKeys = main ++ [ etna ];
"etna/cobaltTokens.age".publicKeys = main ++ [ etna ]; "etna/cobaltTokens.age".publicKeys = main ++ [ etna ];
"vesuvio/gatusEnv.age".publicKeys = main ++ [ vesuvio ];
"vesuvio/maddyEnv.age".publicKeys = main ++ [ vesuvio ]; "vesuvio/maddyEnv.age".publicKeys = main ++ [ vesuvio ];
"vesuvio/rspamdPassword.age".publicKeys = main ++ [ vesuvio ]; "vesuvio/rspamdPassword.age".publicKeys = main ++ [ vesuvio ];
"vesuvio/roundcubeDbPass.age".publicKeys = main ++ [ vesuvio ]; "vesuvio/roundcubeDbPass.age".publicKeys = main ++ [ vesuvio ];

14
secrets/vesuvio/gatusEnv.age Normal file
View file

@ -0,0 +1,14 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwYnFNd2w4bUxhbGJoazBp
L2Q1dVNRaVoyc2Q3UjVEYUVsbHg0YkMwRFZnCjdwZE1kK0ZiMitzS2VtVVIxbjZy
YXBzQWFFV3pma2FVc0p3OHRuNGZXemMKLT4gWDI1NTE5IFJlcS8rR3JOTWMyamJF
bHBjNC9XQlZNVUhaaW5kc3dRcmJYcjgwTS9GaWcKNXpIZlBrRUlyRFB1c2RBd25R
Wm92a09vcEJKREoxUDFjSHgzbFlxbHRoZwotPiBYMjU1MTkgam8vRHh6VlVQLzJo
VXdIRWFEZ043Y2E3R3ZLVGR4d2QrUXVTQXJBdzVIVQpieW9pVVhkQ3dtYTJFTjZD
MVdzL1JBVHBqNEcrdlNaSDRnQ05uNmx2T0hnCi0+IFgyNTUxOSBEOWtsanMyODc0
ckhucVRnc3M1SEFLdXZ1MkNDSzA5K2hzZVRHQUJGUFRrCmtkeWFmcWUwd3RRS3ds
UVNhQVhockFZK1R3ZitvL3lUSUpJMjRiYlVEKzAKLS0tIEdGaTlPNEJtWWNZZDVl
Z2psc1h5YlBBbmxZVGx1L0ZCZWVhL0lTUDRleWMKDsLoDaM7JBWrdHY4SQ5D7LLf
qoq5NQTAVncYNOzeaAbj54ZsCF2gcz3ATq990kN31CTZmXwvI96GvubY2QShraXW
eA9Gj9c=
-----END AGE ENCRYPTED FILE-----

2
systems/etna/postgresql.nix
View file

@ -9,11 +9,13 @@
enableTCPIP = true; enableTCPIP = true;
ensureDatabases = [ ensureDatabases = [
"gatus"
"maddy" "maddy"
"roundcube" "roundcube"
]; ];
authentication = '' authentication = ''
host gatus gatus vesuvio.fossa-macaroni.ts.net scram-sha-256
host maddy maddy vesuvio.fossa-macaroni.ts.net scram-sha-256 host maddy maddy vesuvio.fossa-macaroni.ts.net scram-sha-256
host roundcube roundcube vesuvio.fossa-macaroni.ts.net scram-sha-256 host roundcube roundcube vesuvio.fossa-macaroni.ts.net scram-sha-256
''; '';

1
systems/vesuvio/default.nix
View file

@ -3,6 +3,7 @@
imports = [ imports = [
./certificates.nix ./certificates.nix
./frp.nix ./frp.nix
./gatus.nix
./hetzner.nix ./hetzner.nix
./mail ./mail
./nginx.nix ./nginx.nix

75
systems/vesuvio/gatus.nix Normal file
View file

@ -0,0 +1,75 @@
{
config,
_utils,
...
}:
let
env = _utils.setupSingleSecret config "gatusEnv" { };
mkHttpEndpoint = name: group: url: {
inherit name group url;
interval = "5m";
conditions = [
"[STATUS] < 300"
"[CONNECTED] == true"
];
};
in
{
imports = [ env.generate ];
services = {
gatus = {
enable = true;
environmentFile = env.path;
settings = {
web.port = 8080;
storage = {
type = "postgres";
path = "postgres://gatus:\${DB_PASSWORD}@etna/gatus?sslmode=disable";
};
ui = {
title = "uku's services | status";
description = "services status powered by gatus";
header = "uku's services";
logo = "https://avatars.githubusercontent.com/u/61147779?v=4";
link = "https://git.uku3lig.net/uku/flake";
};
endpoints = [
(mkHttpEndpoint "Website" "core" "https://uku3lig.net")
# TODO postgres?
(mkHttpEndpoint "API" "etna" "https://api.uku3lig.net/downloads/uku")
(mkHttpEndpoint "Dendrite" "etna" "https://m.uku.moe/_matrix/static/")
(mkHttpEndpoint "Forgejo" "etna" "https://git.uku3lig.net")
(mkHttpEndpoint "Grafana" "etna" "https://grafana.uku3lig.net")
(mkHttpEndpoint "Immich" "etna" "https://im.uku.moe")
(mkHttpEndpoint "NextCloud" "etna" "https://cloud.uku3lig.net")
(mkHttpEndpoint "Reposilite" "etna" "https://maven.uku3lig.net/")
(mkHttpEndpoint "Shlink" "etna" "https://uku.moe/rest/v3/health")
(mkHttpEndpoint "Vaultwarden" "etna" "https://bw.uku3lig.net")
{
name = "Maddy";
group = "vesuvio";
url = "starttls://mx1.uku3lig.net:587";
interval = "5m";
conditions = [ "[CONNECTED] == true" ];
}
(mkHttpEndpoint "Roundcube" "vesuvio" "https://mail.uku3lig.net")
];
};
};
nginx.virtualHosts."status.uku3lig.net" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass =
"http://localhost:${builtins.toString config.services.gatus.settings.web.port}";
};
};
}