nixos-config/common/default.nix

{
  config,
  pkgs,
  lib,
  ...
}:
with lib; {
  config = {
    m-0.monitoring = [
      {
        host = "apollo:9100";
        name = "apollo";
        flaky = true;
      }
      {
        host = "apollo:9558";
        name = "apollo-user";
        flaky = true;
      }
      {
        host = "hera:9558";
        name = "hera-user";
        flaky = true;
      }
      {
        host = "zeus:9100";
        name = "zeus";
        flaky = true;
      }
      {
        host = "zeus:9558";
        name = "zeus-user";
        flaky = true;
      }
      {
        host = "fluffy.vpn.m-0.eu:9100";
        name = "fluffy";
      }
      {
        name = "ved server";
        host = "bach.vocalensemble-darmstadt.de:9100";
      }
      {
        name = "ved postfix";
        host = "bach.vocalensemble-darmstadt.de:9154";
      }
    ];
  };

  options.m-0 = {
    prefix = mkOption {
      default = "2a02:c207:3002:7584";
      type = types.str;
    };
    monitoring = mkOption {
      type = types.listOf (types.submodule {
        options = {
          name = mkOption {type = types.str;};
          host = mkOption {type = types.str;};
          container = mkOption {
            type = types.bool;
            default = false;
          };
          flaky = mkOption {
            type = types.bool;
            default = false;
          };
        };
      });
      default = [];
    };
    headscaleIPs = mkOption {
      type = types.listOf types.string;
      default = [
        "100.64.7.0/24"
        "fd7a:115c:a1e0:77::/64"
      ];
    };
    virtualHosts = mkOption {
      type = types.attrs;
    };
    hosts = mkOption {
      type = types.attrs;
      default = let
        p = config.m-0.prefix;
        hera-p = "${p}::3";
        wg-p = "${p}::100";
        v4-p = "10.0.0";
      in {
        hera = "${p}::1";
        vpn = rec {
          prefix = "fdc0:7";
          hera = "${prefix}::1";
          fluffy = "${prefix}::2";
          apollo = "${prefix}::5";
          zeus = "${prefix}::4";
          pegasus = "${prefix}::6";
        };
        hera-wg-host = "${p}::100:0:1";

        hera-v4 = "213.136.94.190";

        hera-wg = "${wg-p}:1";
        apollo-wg = "${wg-p}:2";
        zeus-wg = "${wg-p}:3";

        hera-intern = "${hera-p}:1";
        chor-cloud = "${hera-p}:b";

        hera-intern-v4 = "${v4-p}.1";
        chor-cloud-intern-v4 = "${v4-p}.3";
        # generate with:
        # (echo '{' && tailscale status -json | jq -r '.Self,.Peer[] | .DNSName[:-17] + " = { A = \"" + .TailscaleIPs[0] + "\"; AAAA = \"" + .TailscaleIPs[1] + "\";};"' && echo '}') > common/tailscale.nix
        tailscale = import ./tailscale.nix;
        publicAliases = {
          hera = [
            "blog"
            "cloud"
            "git"
            "lists"
            "matrix"
            "rpg"
          ];
        };
        aliases = {
          hera = [
            "alerts"
            "analytics"
            "blog"
            "ci"
            "cloud"
            "element"
            "fdroid"
            "firefox-sync"
            "git"
            "lists"
            "matrix"
            "monitoring"
            "rpg"
            "rspamd"
            "rss"
            "stats"
            "stream"
            "syncthing-hera"
            "tasks"
          ];
          fluffy = ["home" "syncthing-fluffy" "5e"];
          zeus = ["syncthing-zeus"];
          apollo = ["syncthing-apollo"];
        };
      };
    };
  };
}
Add hosts to common options 2018-06-09 00:41:23 +00:00			`{`
Reformat 2022-03-08 01:42:46 +00:00			`config,`
			`pkgs,`
			`lib,`
			`...`
			`}:`
			`with lib; {`
Reformat 2019-07-31 21:56:52 +00:00			`config = {`
Try a bunch of rule improvements 2020-12-01 11:17:10 +00:00			`m-0.monitoring = [`
			`{`
			`host = "apollo:9100";`
			`name = "apollo";`
Introduce flaky logic for prometheus target 2021-07-20 19:38:35 +00:00			`flaky = true;`
			`}`
			`{`
			`host = "apollo:9558";`
			`name = "apollo-user";`
			`flaky = true;`
			`}`
Watch hera-user with prometheus 2021-08-03 21:23:15 +00:00			`{`
			`host = "hera:9558";`
			`name = "hera-user";`
			`flaky = true;`
			`}`
Introduce flaky logic for prometheus target 2021-07-20 19:38:35 +00:00			`{`
			`host = "zeus:9100";`
			`name = "zeus";`
			`flaky = true;`
			`}`
			`{`
			`host = "zeus:9558";`
			`name = "zeus-user";`
			`flaky = true;`
Try a bunch of rule improvements 2020-12-01 11:17:10 +00:00			`}`
Add fluffy prometheus exporter 2021-12-21 22:47:38 +00:00			`{`
			`host = "fluffy.vpn.m-0.eu:9100";`
			`name = "fluffy";`
			`}`
Try a bunch of rule improvements 2020-12-01 11:17:10 +00:00			`{`
			`name = "ved server";`
			`host = "bach.vocalensemble-darmstadt.de:9100";`
			`}`
			`{`
			`name = "ved postfix";`
			`host = "bach.vocalensemble-darmstadt.de:9154";`
			`}`
			`];`
Switch from channels to fetchGit includes 2019-02-07 21:45:50 +00:00			`};`
Reformat 2019-07-31 21:56:52 +00:00
Add hostname 2023-03-04 14:31:14 +00:00			`options.m-0 = {`
			`prefix = mkOption {`
Reformat 2019-07-31 21:56:52 +00:00			`default = "2a02:c207:3002:7584";`
			`type = types.str;`
			`};`
Add hostname 2023-03-04 14:31:14 +00:00			`monitoring = mkOption {`
Reformat 2019-07-31 21:56:52 +00:00			`type = types.listOf (types.submodule {`
			`options = {`
Reformat 2022-03-08 01:42:46 +00:00			`name = mkOption {type = types.str;};`
			`host = mkOption {type = types.str;};`
Try a bunch of rule improvements 2020-12-01 11:17:10 +00:00			`container = mkOption {`
			`type = types.bool;`
			`default = false;`
			`};`
Introduce flaky logic for prometheus target 2021-07-20 19:38:35 +00:00			`flaky = mkOption {`
			`type = types.bool;`
			`default = false;`
			`};`
Add monitoring option 2019-03-07 22:59:21 +00:00			`};`
Reformat 2019-07-31 21:56:52 +00:00			`});`
Reformat 2022-03-08 01:42:46 +00:00			`default = [];`
Reformat 2019-07-31 21:56:52 +00:00			`};`
Deny most hosts publicly 2023-03-04 15:29:32 +00:00			`headscaleIPs = mkOption {`
Add hostname 2023-03-04 14:31:14 +00:00			`type = types.listOf types.string;`
Deny most hosts publicly 2023-03-04 15:29:32 +00:00			`default = [`
			`"100.64.7.0/24"`
			`"fd7a:115c:a1e0:77::/64"`
			`];`
Add hostname 2023-03-04 14:31:14 +00:00			`};`
			`virtualHosts = mkOption {`
			`type = types.attrs;`
			`};`
			`hosts = mkOption {`
Reformat 2019-07-31 21:56:52 +00:00			`type = types.attrs;`
Reformat 2022-03-08 01:42:46 +00:00			`default = let`
			`p = config.m-0.prefix;`
			`hera-p = "${p}::3";`
			`wg-p = "${p}::100";`
			`v4-p = "10.0.0";`
Add hostname 2023-03-04 14:31:14 +00:00			`in {`
Readd alias 2023-03-04 05:07:58 +00:00			`hera = "${p}::1";`
Reformat 2022-03-08 01:42:46 +00:00			`vpn = rec {`
			`prefix = "fdc0:7";`
			`hera = "${prefix}::1";`
			`fluffy = "${prefix}::2";`
			`apollo = "${prefix}::5";`
			`zeus = "${prefix}::4";`
			`pegasus = "${prefix}::6";`
			`};`
			`hera-wg-host = "${p}::100:0:1";`
Add second nextcloud 2019-02-24 23:31:53 +00:00
Reformat 2022-03-08 01:42:46 +00:00			`hera-v4 = "213.136.94.190";`
Add second nextcloud 2019-02-24 23:31:53 +00:00
Reformat 2022-03-08 01:42:46 +00:00			`hera-wg = "${wg-p}:1";`
			`apollo-wg = "${wg-p}:2";`
			`zeus-wg = "${wg-p}:3";`
Switch from channels to fetchGit includes 2019-02-07 21:45:50 +00:00
Reformat 2022-03-08 01:42:46 +00:00			`hera-intern = "${hera-p}:1";`
			`chor-cloud = "${hera-p}:b";`
Switch from channels to fetchGit includes 2019-02-07 21:45:50 +00:00
Reformat 2022-03-08 01:42:46 +00:00			`hera-intern-v4 = "${v4-p}.1";`
			`chor-cloud-intern-v4 = "${v4-p}.3";`
Better headscale 2023-03-04 02:27:06 +00:00			`# generate with:`
Better headscale 2023-03-04 03:56:17 +00:00			`# (echo '{' && tailscale status -json \| jq -r '.Self,.Peer[] \| .DNSName[:-17] + " = { A = \"" + .TailscaleIPs[0] + "\"; AAAA = \"" + .TailscaleIPs[1] + "\";};"' && echo '}') > common/tailscale.nix`
Better headscale 2023-03-04 02:27:06 +00:00			`tailscale = import ./tailscale.nix;`
Deny most hosts publicly 2023-03-04 15:29:32 +00:00			`publicAliases = {`
			`hera = [`
			`"blog"`
			`"cloud"`
			`"git"`
			`"lists"`
			`"matrix"`
			`"rpg"`
			`];`
			`};`
Fix aliases 2023-03-04 05:28:48 +00:00			`aliases = {`
Use maralorn.de for hostnames 2023-03-04 13:13:45 +00:00			`hera = [`
			`"alerts"`
			`"analytics"`
			`"blog"`
			`"ci"`
			`"cloud"`
			`"element"`
			`"fdroid"`
			`"firefox-sync"`
			`"git"`
Fix rss 2023-03-04 13:44:41 +00:00			`"lists"`
Use maralorn.de for hostnames 2023-03-04 13:13:45 +00:00			`"matrix"`
Fix rss 2023-03-04 13:44:41 +00:00			`"monitoring"`
Use maralorn.de for hostnames 2023-03-04 13:13:45 +00:00			`"rpg"`
Fix rss 2023-03-04 13:44:41 +00:00			`"rspamd"`
			`"rss"`
Add hostname 2023-03-04 14:31:14 +00:00			`"stats"`
Use maralorn.de for hostnames 2023-03-04 13:13:45 +00:00			`"stream"`
Fix rss 2023-03-04 13:44:41 +00:00			`"syncthing-hera"`
Use maralorn.de for hostnames 2023-03-04 13:13:45 +00:00			`"tasks"`
			`];`
Add 5e alias 2023-03-07 23:45:34 +00:00			`fluffy = ["home" "syncthing-fluffy" "5e"];`
Fix aliases 2023-03-04 05:28:48 +00:00			`zeus = ["syncthing-zeus"];`
			`apollo = ["syncthing-apollo"];`
Aliases 2023-03-04 05:03:54 +00:00			`};`
Reformat 2022-03-08 01:42:46 +00:00			`};`
Add hosts to common options 2018-06-09 00:41:23 +00:00			`};`
			`};`
			`}`