diff --git a/hosts/monitoring-3/configuration.nix b/hosts/monitoring-3/configuration.nix index af55a97..11985fc 100644 --- a/hosts/monitoring-3/configuration.nix +++ b/hosts/monitoring-3/configuration.nix @@ -1,6 +1,29 @@ -{ config, pkgs, ... }: +{ config, pkgs, lib, ... }: -{ +with lib; + +let + hosts = (import ../../lib/hosts.nix { inherit pkgs; }).hosts; + + monitoringHosts = filterAttrs (name: host: + attrByPath ["clerie" "monitoring" "enable"] false host.config) + hosts; + + monitoringHostsNames = mapAttrs' (name: host: + nameValuePair "fd00:327:327:327::${host.config.clerie.monitoring.id}" ["${host.config.networking.hostName}.mon.clerie.de"]) + monitoringHosts; + + monitoringPeers = mapAttrsToList (name: host: { + allowedIPs = [ "fd00:327:327:327::${host.config.clerie.monitoring.id}/128" ]; + publicKey = host.config.clerie.monitoring.pubkey; + }) + monitoringHosts; + + monitoringTargets = mapAttrsToList (name: host: + "${host.config.networking.hostName}.mon.clerie.de:9100") + monitoringHosts; + +in { imports = [ ./hardware-configuration.nix @@ -23,21 +46,15 @@ networking.hosts = { "fd00:327:327:327::1" = [ "monitoring-3.mon.clerie.de" ]; - "fd00:327:327:327::102" = [ "porter.mon.clerie.de" ]; - }; + } + // monitoringHostsNames; networking.wireguard.enable = true; networking.wireguard.interfaces = { wg-monitoring = { ips = [ "fd00:327:327:327::1/64" ]; listenPort = 54523; - peers = [ - { - # porter - allowedIPs = [ "fd00:327:327:327::102/128" ]; - publicKey = "+mJN+ustPo2ehP0wqajYs3nTdJ0SPuIDyiZQSHFIK3o="; - } - ]; + peers = monitoringPeers; privateKeyFile = "/var/src/secrets/wireguard/wg-monitoring"; }; }; @@ -69,8 +86,8 @@ { targets = [ "monitoring-3.mon.clerie.de:9100" - "porter.mon.clerie.de:9100" - ]; + ] + ++ monitoringTargets; } ]; }