Compare commits
3 commits
5b0a8cd4b7
...
c70e047c9f
Author | SHA1 | Date | |
---|---|---|---|
Laureηt | c70e047c9f | ||
Laureηt | 760a8c9ae5 | ||
Laureηt | 79b1357774 |
|
@ -21,7 +21,6 @@ in {
|
|||
"${lib.getExe pkgs.mako}"
|
||||
"${lib.getExe pkgs.thunderbird}"
|
||||
"${pkgs.wl-clipboard}/bin/wl-paste --watch ${lib.getExe pkgs.cliphist} store"
|
||||
"${pkgs.gnome-keyring}/bin/gnome-keyring-daemon --start --components=secrets"
|
||||
"${pkgs.hyprland}/bin/hyprctl setcursor catppuccin-${cursor.flavor}-${cursor.accent}-cursors 24" # FIXME: shouldn't be necessary
|
||||
];
|
||||
|
||||
|
|
|
@ -1,23 +1,20 @@
|
|||
{pkgs, ...}: {
|
||||
{...}: {
|
||||
# enable polkit
|
||||
security.polkit.enable = true;
|
||||
|
||||
# enable gpg agent
|
||||
programs.gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
pinentryPackage = pkgs.pinentry-gnome3;
|
||||
};
|
||||
|
||||
# secrets keyring
|
||||
services.gnome.gnome-keyring.enable = true;
|
||||
|
||||
# seahorse secret manager
|
||||
programs.seahorse.enable = true;
|
||||
|
||||
# RealtimeKit system
|
||||
security.rtkit.enable = true;
|
||||
|
||||
# allow swaylock to use pam
|
||||
security.pam.services.swaylock = {};
|
||||
|
||||
# enable ssh agent
|
||||
programs.ssh = {
|
||||
startAgent = true;
|
||||
agentTimeout = "1h";
|
||||
};
|
||||
|
||||
# # ssh-askpass replacement
|
||||
# programs.ssh.enableAskPassword = true;
|
||||
# programs.seahorse.enable = true;
|
||||
}
|
||||
|
|
|
@ -1,18 +1,11 @@
|
|||
{...}: {
|
||||
imports = [
|
||||
./acme
|
||||
./atuin
|
||||
# ./gatus
|
||||
./gitea
|
||||
./nginx
|
||||
./ssh
|
||||
./acme.nix
|
||||
./atuin.nix
|
||||
./fail2ban.nix
|
||||
./gatus.nix
|
||||
./gitea.nix
|
||||
./ssh.nix
|
||||
];
|
||||
|
||||
networking.firewall = {
|
||||
allowedTCPPorts = [
|
||||
80 # http
|
||||
443 # https / tls
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
233
hosts/cesium/services/gatus.nix
Normal file
233
hosts/cesium/services/gatus.nix
Normal file
|
@ -0,0 +1,233 @@
|
|||
{...}: {
|
||||
services.gatus = {
|
||||
enable = true;
|
||||
|
||||
settings = {
|
||||
web.port = 2020;
|
||||
|
||||
endpoints = [
|
||||
{
|
||||
name = "fainsin.bzh";
|
||||
url = "https://fainsin.bzh";
|
||||
interval = "6h";
|
||||
conditions = [
|
||||
"[DOMAIN_EXPIRATION] > 720h"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "laurent.fainsin.bzh";
|
||||
group = "web";
|
||||
url = "https://laurent.fainsin.bzh";
|
||||
interval = "5m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[BODY] == pat(*<title>Laurent Fainsin</title>*)"
|
||||
"[CERTIFICATE_EXPIRATION] > 240h"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "resume.laurent.fainsin.bzh";
|
||||
group = "web";
|
||||
url = "https://resume.laurent.fainsin.bzh";
|
||||
interval = "5m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[CERTIFICATE_EXPIRATION] > 240h"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "git.fainsin.bzh";
|
||||
group = "services";
|
||||
url = "https://git.fainsin.bzh";
|
||||
interval = "5m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[CERTIFICATE_EXPIRATION] > 240h"
|
||||
"[BODY] == pat(*<title>Explore - Forgejo: Beyond coding. We Forge.</title>*)"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "atuin.fainsin.bzh";
|
||||
group = "services";
|
||||
url = "https://atuin.fainsin.bzh";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[CERTIFICATE_EXPIRATION] > 240h"
|
||||
"[BODY].homage == pat(*Sir Terry Pratchett*)"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "status.fainsin.bzh";
|
||||
group = "services";
|
||||
url = "https://status.fainsin.bzh";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[CERTIFICATE_EXPIRATION] > 240h"
|
||||
"[BODY] == pat(*<title>Health Dashboard | Gatus</title>*)"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "n7.laurent.fainsin.bzh";
|
||||
group = "n7.laurent.fainsin.bzh";
|
||||
url = "https://n7.laurent.fainsin.bzh";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[CERTIFICATE_EXPIRATION] > 240h"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "projet-audionumerique";
|
||||
group = "n7.laurent.fainsin.bzh";
|
||||
url = "https://n7.laurent.fainsin.bzh/projet-audionumerique/";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[BODY] == pat(*Whisper</h1>*)"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "projet-systemes-algorithmes-repartis";
|
||||
group = "n7.laurent.fainsin.bzh";
|
||||
url = "https://n7.laurent.fainsin.bzh/projet-systemes-algorithmes-repartis/";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[BODY] == pat(*The RAFT Consensus Algorithm*)"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "projet-intelligence-artificielle-multimedia";
|
||||
group = "n7.laurent.fainsin.bzh";
|
||||
url = "https://n7.laurent.fainsin.bzh/projet-intelligence-artificielle-multimedia/";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[BODY] == pat(*Projet IAM*)"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "projet-probleme-inverse-3D";
|
||||
group = "n7.laurent.fainsin.bzh";
|
||||
url = "https://n7.laurent.fainsin.bzh/projet-probleme-inverse-3D/";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[BODY] == pat(*slidevjs/slidev*)"
|
||||
"[BODY] == pat(*/projet-probleme-inverse-3D/assets/index*)"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "projet-modelisation-geometrique";
|
||||
group = "n7.laurent.fainsin.bzh";
|
||||
url = "https://n7.laurent.fainsin.bzh/projet-modelisation-geometrique/";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[BODY] == pat(*Projet de Modélisation Géométrique*)"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "projet-long";
|
||||
group = "n7.laurent.fainsin.bzh";
|
||||
url = "https://n7.laurent.fainsin.bzh/projet-long/";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[BODY] == pat(*slidevjs/slidev*)"
|
||||
"[BODY] == pat(*/projet-long/assets/index*)"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "projet-oral-japonais";
|
||||
group = "n7.laurent.fainsin.bzh";
|
||||
url = "https://n7.laurent.fainsin.bzh/projet-oral-japonais/";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[BODY] == pat(*わたしたちのまちは*)"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "projet-oral-anglais";
|
||||
group = "n7.laurent.fainsin.bzh";
|
||||
url = "https://n7.laurent.fainsin.bzh/projet-oral-anglais/";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[BODY] == pat(*<title>CAPTCHA</title>*)"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "projet-fin-etude";
|
||||
group = "n7.laurent.fainsin.bzh";
|
||||
url = "https://n7.laurent.fainsin.bzh/projet-fin-etude/";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[BODY] == pat(*slidevjs/slidev*)"
|
||||
"[BODY] == pat(*/projet-fin-etude/assets/index*)"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "TP-calcul-parallele";
|
||||
group = "n7.laurent.fainsin.bzh";
|
||||
url = "https://n7.laurent.fainsin.bzh/TP-calcul-parallele/";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[BODY] == pat(*<title>Benchmarking Distributed GEMM Algorithms</title>*)"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "TP-reinforcement-learning";
|
||||
group = "n7.laurent.fainsin.bzh";
|
||||
url = "https://n7.laurent.fainsin.bzh/TP-reinforcement-learning/";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[BODY] == pat(*pluto_notebook*)"
|
||||
];
|
||||
}
|
||||
{
|
||||
name = "TP-traitement-audio-visuel";
|
||||
group = "n7.laurent.fainsin.bzh";
|
||||
url = "https://n7.laurent.fainsin.bzh/TP-traitement-audio-visuel/";
|
||||
interval = "15m";
|
||||
conditions = [
|
||||
"[STATUS] == 200"
|
||||
"[RESPONSE_TIME] < 300"
|
||||
"[BODY] == pat(*pluto_notebook*)"
|
||||
];
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
virtualHosts = {
|
||||
"status.fainsin.bzh" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/".proxyPass = "http://127.0.0.1:2020";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,176 +0,0 @@
|
|||
web:
|
||||
port: 2020
|
||||
|
||||
endpoints:
|
||||
- name: fainsin.bzh
|
||||
url: "https://fainsin.bzh"
|
||||
interval: 6h
|
||||
conditions:
|
||||
- "[DOMAIN_EXPIRATION] > 720h"
|
||||
|
||||
- name: laurent.fainsin.bzh
|
||||
group: web
|
||||
url: "https://laurent.fainsin.bzh"
|
||||
interval: 5m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[BODY] == pat(*<title>Laurent Fainsin</title>*)"
|
||||
- "[CERTIFICATE_EXPIRATION] > 240h"
|
||||
|
||||
- name: resume.laurent.fainsin.bzh
|
||||
group: web
|
||||
url: "https://resume.laurent.fainsin.bzh"
|
||||
interval: 5m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[CERTIFICATE_EXPIRATION] > 240h"
|
||||
|
||||
- name: git.fainsin.bzh
|
||||
group: services
|
||||
url: "https://git.fainsin.bzh"
|
||||
interval: 5m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[CERTIFICATE_EXPIRATION] > 240h"
|
||||
- "[BODY] == pat(*<title>Explore - gitea: Gitea Service</title>*)"
|
||||
|
||||
- name: atuin.fainsin.bzh
|
||||
group: services
|
||||
url: "https://atuin.fainsin.bzh"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[CERTIFICATE_EXPIRATION] > 240h"
|
||||
- "[BODY].homage == pat(*Sir Terry Pratchett*)"
|
||||
|
||||
- name: status.fainsin.bzh
|
||||
group: services
|
||||
url: "https://status.fainsin.bzh"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[CERTIFICATE_EXPIRATION] > 240h"
|
||||
- "[BODY] == pat(*<title>Health Dashboard | Gatus</title>*)"
|
||||
|
||||
- name: n7.laurent.fainsin.bzh
|
||||
group: n7.laurent.fainsin.bzh
|
||||
url: "https://n7.laurent.fainsin.bzh"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[CERTIFICATE_EXPIRATION] > 240h"
|
||||
|
||||
- name: "projet-audionumerique"
|
||||
group: n7.laurent.fainsin.bzh
|
||||
url: "https://n7.laurent.fainsin.bzh/projet-audionumerique/"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[BODY] == pat(*Whisper</h1>*)"
|
||||
|
||||
- name: "projet-systemes-algorithmes-repartis"
|
||||
group: n7.laurent.fainsin.bzh
|
||||
url: "https://n7.laurent.fainsin.bzh/projet-systemes-algorithmes-repartis/"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[BODY] == pat(*The RAFT Consensus Algorithm*)"
|
||||
|
||||
- name: "projet-intelligence-artificielle-multimedia"
|
||||
group: n7.laurent.fainsin.bzh
|
||||
url: "https://n7.laurent.fainsin.bzh/projet-intelligence-artificielle-multimedia/"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[BODY] == pat(*Projet IAM*)"
|
||||
|
||||
- name: "projet-probleme-inverse-3D"
|
||||
group: n7.laurent.fainsin.bzh
|
||||
url: "https://n7.laurent.fainsin.bzh/projet-probleme-inverse-3D/"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[BODY] == pat(*slidevjs/slidev*)"
|
||||
- "[BODY] == pat(*/projet-probleme-inverse-3D/assets/index*)"
|
||||
|
||||
- name: "projet-modelisation-geometrique"
|
||||
group: n7.laurent.fainsin.bzh
|
||||
url: "https://n7.laurent.fainsin.bzh/projet-modelisation-geometrique/"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[BODY] == pat(*Projet de Modélisation Géométrique*)"
|
||||
|
||||
- name: "projet-long"
|
||||
group: n7.laurent.fainsin.bzh
|
||||
url: "https://n7.laurent.fainsin.bzh/projet-long/"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[BODY] == pat(*slidevjs/slidev*)"
|
||||
- "[BODY] == pat(*/projet-long/assets/index*)"
|
||||
|
||||
- name: "projet-oral-japonais"
|
||||
group: n7.laurent.fainsin.bzh
|
||||
url: "https://n7.laurent.fainsin.bzh/projet-oral-japonais/"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[BODY] == pat(*わたしたちのまちは*)"
|
||||
|
||||
- name: "projet-oral-anglais"
|
||||
group: n7.laurent.fainsin.bzh
|
||||
url: "https://n7.laurent.fainsin.bzh/projet-oral-anglais/"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[BODY] == pat(*<title>CAPTCHA</title>*)"
|
||||
|
||||
- name: "projet-fin-etude"
|
||||
group: n7.laurent.fainsin.bzh
|
||||
url: "https://n7.laurent.fainsin.bzh/projet-fin-etude/"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[BODY] == pat(*slidevjs/slidev*)"
|
||||
- "[BODY] == pat(*/projet-fin-etude/assets/index*)"
|
||||
|
||||
- name: "TP-calcul-parallele"
|
||||
group: n7.laurent.fainsin.bzh
|
||||
url: "https://n7.laurent.fainsin.bzh/TP-calcul-parallele/"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[BODY] == pat(*<title>Benchmarking Distributed GEMM Algorithms</title>*)"
|
||||
|
||||
- name: "TP-reinforcement-learning"
|
||||
group: n7.laurent.fainsin.bzh
|
||||
url: "https://n7.laurent.fainsin.bzh/TP-reinforcement-learning/"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[BODY] == pat(*pluto_notebook*)"
|
||||
|
||||
- name: "TP-traitement-audio-visuel"
|
||||
group: n7.laurent.fainsin.bzh
|
||||
url: "https://n7.laurent.fainsin.bzh/TP-traitement-audio-visuel/"
|
||||
interval: 15m
|
||||
conditions:
|
||||
- "[STATUS] == 200"
|
||||
- "[RESPONSE_TIME] < 300"
|
||||
- "[BODY] == pat(*pluto_notebook*)"
|
|
@ -1,16 +0,0 @@
|
|||
{...}: {
|
||||
services.gatus = {
|
||||
enable = true;
|
||||
configPath = ./config.yml;
|
||||
};
|
||||
|
||||
services.nginx = {
|
||||
virtualHosts = {
|
||||
"status.fainsin.bzh" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/".proxyPass = "http://127.0.0.1:2020";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,6 +1,6 @@
|
|||
{...}: {
|
||||
age.secrets.gitea = {
|
||||
file = ../../../../secrets/gitea.age;
|
||||
file = ../../../secrets/gitea.age;
|
||||
owner = "forgejo";
|
||||
group = "forgejo";
|
||||
};
|
|
@ -13,11 +13,12 @@
|
|||
# https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/qemu-guest.nix
|
||||
(modulesPath + "/profiles/qemu-guest.nix")
|
||||
|
||||
./age
|
||||
./boot
|
||||
./disko
|
||||
./networking
|
||||
./packages
|
||||
./users
|
||||
./age.nix
|
||||
./boot.nix
|
||||
./disko.nix
|
||||
./networking.nix
|
||||
./nix.nix
|
||||
./packages.nix
|
||||
./users.nix
|
||||
];
|
||||
}
|
||||
|
|
|
@ -10,7 +10,13 @@
|
|||
nameservers = ["1.1.1.2" "1.0.0.2"];
|
||||
|
||||
# firewall
|
||||
firewall.enable = true;
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [
|
||||
80 # http
|
||||
443 # tls
|
||||
];
|
||||
};
|
||||
|
||||
# https://github.com/StevenBlack/hosts
|
||||
stevenblack.enable = true;
|
|
@ -8,7 +8,7 @@
|
|||
nix.settings.auto-optimise-store = true;
|
||||
nix.optimise = {
|
||||
automatic = true;
|
||||
dates = "daily";
|
||||
dates = ["12:00"];
|
||||
};
|
||||
|
||||
# garbage collection
|
|
@ -23,11 +23,11 @@ in {
|
|||
modules = [
|
||||
./aurum
|
||||
inputs.catppuccin.nixosModules.catppuccin
|
||||
inputs.home-manager.nixosModules.home-manager
|
||||
inputs.disko.nixosModules.default
|
||||
inputs.impermanence.nixosModules.impermanence
|
||||
inputs.nixos-hardware.nixosModules.dell-xps-13-9315
|
||||
inputs.home-manager.nixosModules.home-manager
|
||||
inputs.impermanence.nixosModules.impermanence
|
||||
inputs.lanzaboote.nixosModules.lanzaboote
|
||||
inputs.disko.nixosModules.default
|
||||
{inherit home-manager;}
|
||||
];
|
||||
};
|
||||
|
@ -41,10 +41,8 @@ in {
|
|||
};
|
||||
modules = [
|
||||
./cesium
|
||||
inputs.home-manager.nixosModules.home-manager
|
||||
inputs.disko.nixosModules.default
|
||||
inputs.agenix.nixosModules.default
|
||||
inputs.lanzaboote.nixosModules.lanzaboote
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue