mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-10 23:00:39 +02:00
Code Activity

feat(monitoring): remove location, add nginx upstream monitoring option

Browse source
This commit is contained in:
oddlama 2024-07-15 17:36:04 +02:00
parent 2024c3bfd5
commit 18b2002c27
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
26 changed files with 352 additions and 218 deletions
Download patch file Download diff file Expand all files Collapse all files

10
hosts/ward/guests/adguardhome.nix
View file

@ -16,14 +16,8 @@ in {
globals.monitoring.dns.adguardhome = {
server = globals.net.home-lan.hosts.ward-adguardhome.ipv4;
domain = ".";
location = "home";
network = "home-lan";
};
globals.monitoring.http.adguardhome = {
url = "https://${adguardhomeDomain}";
location = "home";
network = "internet";
};
nodes.sentinel = {
services.nginx = {
@ -33,6 +27,10 @@ in {
zone adguardhome 64k;
keepalive 2;
'';
monitoring = {
enable = true;
expectedBodyRegex = "AdGuard Home";
};
};
virtualHosts.${adguardhomeDomain} = {
forceSSL = true;

9
hosts/ward/guests/forgejo.nix
View file

@ -24,8 +24,8 @@ in {
globals.services.forgejo.domain = forgejoDomain;
globals.monitoring.http.forgejo = {
url = "https://${forgejoDomain}";
location = "home";
url = "https://${forgejoDomain}/user/login";
expectedBodyRegex = "Redlew Git";
network = "internet";
};
@ -57,6 +57,11 @@ in {
zone forgejo 64k;
keepalive 2;
'';
monitoring = {
enable = true;
path = "/user/login";
expectedBodyRegex = "Redlew Git";
};
};
virtualHosts.${forgejoDomain} = {
forceSSL = true;

12
hosts/ward/guests/kanidm.nix
View file

@ -41,9 +41,10 @@ in {
globals.services.kanidm.domain = kanidmDomain;
globals.monitoring.http.kanidm = {
url = "https://${kanidmDomain}";
location = "home";
url = "https://${kanidmDomain}/status";
network = "internet";
expectedBodyRegex = "true";
skipTlsVerification = true;
};
nodes.sentinel = {
@ -54,6 +55,13 @@ in {
zone kanidm 64k;
keepalive 2;
'';
monitoring = {
enable = true;
path = "/status";
expectedBodyRegex = "true";
skipTlsVerification = true;
useHttps = true;
};
};
virtualHosts.${kanidmDomain} = {
forceSSL = true;

11
hosts/ward/guests/netbird.nix
View file

@ -79,8 +79,9 @@ in {
globals.services.netbird.domain = netbirdDomain;
globals.monitoring.http.netbird = {
url = "https://${netbirdDomain}";
location = "home";
url = "https://${netbirdDomain}/api/users";
expectedStatus = 401;
expectedBodyRegex = "no valid authentication";
network = "internet";
};
@ -92,6 +93,12 @@ in {
zone netbird 64k;
keepalive 5;
'';
monitoring = {
enable = true;
path = "/api/users";
expectedStatus = 401;
expectedBodyRegex = "no valid authentication";
};
};
upstreams.netbird-signal = {

6
hosts/ward/guests/radicale.nix
View file

@ -9,7 +9,7 @@ in {
globals.services.radicale.domain = radicaleDomain;
globals.monitoring.http.radicale = {
url = "https://${radicaleDomain}";
location = "home";
expectedBodyRegex = "Radicale Web Interface";
network = "internet";
};
@ -21,6 +21,10 @@ in {
zone radicale 64k;
keepalive 2;
'';
monitoring = {
enable = true;
expectedBodyRegex = "Radicale Web Interface";
};
};
virtualHosts.${radicaleDomain} = {
forceSSL = true;

7
hosts/ward/guests/vaultwarden.nix
View file

@ -28,8 +28,7 @@ in {
globals.services.vaultwarden.domain = vaultwardenDomain;
globals.monitoring.http.vaultwarden = {
url = "https://${vaultwardenDomain}";
expectedBodyRegex = "Vaultwarden";
location = "home";
expectedBodyRegex = "Vaultwarden Web";
network = "internet";
};
@ -41,6 +40,10 @@ in {
zone vaultwarden 64k;
keepalive 2;
'';
monitoring = {
enable = true;
expectedBodyRegex = "Vaultwarden Web";
};
};
virtualHosts.${vaultwardenDomain} = {
forceSSL = true;

3
hosts/ward/guests/web-proxy.nix
View file

@ -11,6 +11,9 @@ in {
firewallRuleForAll.allowedTCPPorts = [80 443];
};
# This node shall monitor the infrastructure
meta.telegraf.availableMonitoringNetworks = ["internet" "home-wan" "home-lan"];
age.secrets.acme-cloudflare-dns-token = {
rekeyFile = config.node.secretsDir + "/acme-cloudflare-dns-token.age";
mode = "440";