From 8936e6a8b52dbb7126f81720a4f43ad856eca2cc Mon Sep 17 00:00:00 2001 From: clerie Date: Tue, 13 Jun 2023 17:53:45 +0200 Subject: [PATCH] hosts/web-2: add chaosevent.clerie.de --- flake.lock | 21 ++++++++++++++++ flake.nix | 6 ++++- hosts/web-2/chaosevents.nix | 46 +++++++++++++++++++++++++++++++++++ hosts/web-2/configuration.nix | 1 + lib/flake-helper.nix | 4 ++- 5 files changed, 76 insertions(+), 2 deletions(-) create mode 100644 hosts/web-2/chaosevents.nix diff --git a/flake.lock b/flake.lock index e46b8ee..ec0b6da 100644 --- a/flake.lock +++ b/flake.lock @@ -21,6 +21,26 @@ "type": "github" } }, + "chaosevents": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1686652220, + "narHash": "sha256-/tMdQgMVy7zpI2Bel3jwMPTeu+yh/Wp+3AhqcNe3KlI=", + "ref": "refs/heads/main", + "rev": "0e2fcf3195a2919ca9ea808cc2adedd4af7ff743", + "revCount": 1, + "type": "git", + "url": "https://git.clerie.de/clerie/chaosevents.git" + }, + "original": { + "type": "git", + "url": "https://git.clerie.de/clerie/chaosevents.git" + } + }, "darwin": { "inputs": { "nixpkgs": [ @@ -134,6 +154,7 @@ "root": { "inputs": { "agenix": "agenix", + "chaosevents": "chaosevents", "fernglas": "fernglas", "nixos-exporter": "nixos-exporter", "nixpkgs": "nixpkgs", diff --git a/flake.nix b/flake.nix index 88e8867..e37e075 100644 --- a/flake.nix +++ b/flake.nix @@ -6,6 +6,10 @@ url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; }; + chaosevents = { + url = "git+https://git.clerie.de/clerie/chaosevents.git"; + inputs.nixpkgs.follows = "nixpkgs"; + }; fernglas = { url = "github:wobcom/fernglas"; inputs.nixpkgs.follows = "nixpkgs"; @@ -19,7 +23,7 @@ inputs.nixpkgs.follows = "nixpkgs"; }; }; - outputs = { self, nixpkgs, fernglas, nixos-exporter, solid-xmpp-alarm, ... }@inputs: let + outputs = { self, nixpkgs, chaosevents, fernglas, nixos-exporter, solid-xmpp-alarm, ... }@inputs: let helper = (import ./lib/flake-helper.nix) inputs; in { clerie.hosts = { diff --git a/hosts/web-2/chaosevents.nix b/hosts/web-2/chaosevents.nix new file mode 100644 index 0000000..ecc1d1a --- /dev/null +++ b/hosts/web-2/chaosevents.nix @@ -0,0 +1,46 @@ +{ pkgs, ... }: + +{ + users.users."chaosevents" = { + isSystemUser = true; + group = "chaosevents"; + }; + + users.groups."chaosevents" = {}; + + systemd.tmpfiles.rules = [ + "d /var/lib/chaosevents - chaosevents chaosevents - -" + ]; + + services.nginx = { + virtualHosts."chaosevents.clerie.de" = { + enableACME = true; + forceSSL = true; + root = "/var/lib/chaosevents"; + }; + }; + + systemd.services."chaosevents" = { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + serviceConfig = { + Type = "oneshot"; + WorkingDirectory = "/var/lib/chaosevents"; + RuntimeDirectory = "nixos-validator"; + User = "chaosevents"; + Group = "chaosevents"; + ExecStart = '' + ${pkgs.chaosevents}/bin/chaosevents /var/lib/chaosevents + ''; + }; + }; + + systemd.timers."chaosevents" = { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnCalendar = "hourly"; + RandomizedDelaySec = "1h"; + }; + after = [ "network-online.target" ]; + }; +} diff --git a/hosts/web-2/configuration.nix b/hosts/web-2/configuration.nix index 7a2db41..ac3ee98 100644 --- a/hosts/web-2/configuration.nix +++ b/hosts/web-2/configuration.nix @@ -7,6 +7,7 @@ ./blog.nix ./bubblesort.nix ./bula22.nix + ./chaosevents.nix ./clerie.nix ./drop.nix ./gitea.nix diff --git a/lib/flake-helper.nix b/lib/flake-helper.nix index c7586f4..da781d8 100644 --- a/lib/flake-helper.nix +++ b/lib/flake-helper.nix @@ -1,4 +1,4 @@ -{ self, nixpkgs, agenix, fernglas, nixos-exporter, solid-xmpp-alarm, ... }@inputs: +{ self, nixpkgs, agenix, chaosevents, fernglas, nixos-exporter, solid-xmpp-alarm, ... }@inputs: rec { generateNixosSystem = { @@ -28,6 +28,8 @@ rec { (_: _: { inherit (agenix.packages."x86_64-linux") agenix; + inherit (chaosevents.packages."x86_64-linux") + chaosevents; }) ]; clerie.monitoring = nixpkgs.lib.attrsets.optionalAttrs (group != null) { serviceLevel = group; };