2022-03-10 21:52:12 +01:00
|
|
|
{
|
|
|
|
|
config,
|
|
|
|
|
pkgs,
|
|
|
|
|
lib,
|
2023-02-22 10:02:55 +01:00
|
|
|
inputs,
|
2022-03-10 21:52:12 +01:00
|
|
|
...
|
|
|
|
|
}: let
|
2021-11-30 21:58:38 +01:00
|
|
|
network = "retiolum";
|
|
|
|
|
|
|
|
|
|
stateDirectory = "retiolum-map";
|
|
|
|
|
|
2021-12-01 12:04:26 +01:00
|
|
|
geo-ip-database = "${lib.head config.services.geoipupdate.settings.EditionIDs}.mmdb";
|
|
|
|
|
geo-ip-database-path = "${config.services.geoipupdate.settings.DatabaseDirectory}/${geo-ip-database}";
|
|
|
|
|
|
2023-02-22 10:02:55 +01:00
|
|
|
tinc-graph = inputs.tinc-graph.defaultPackage.x86_64-linux;
|
2022-03-10 21:52:12 +01:00
|
|
|
in {
|
2021-11-30 21:58:38 +01:00
|
|
|
systemd.services.retiolum-index = {
|
|
|
|
|
description = "Retiolum indexing service";
|
2022-03-10 21:52:12 +01:00
|
|
|
wants = ["tinc.${network}.service"];
|
2021-11-30 21:58:38 +01:00
|
|
|
script = ''
|
2021-12-01 12:04:26 +01:00
|
|
|
${tinc-graph}/bin/tinc-graph --geoip-file ${geo-ip-database-path} --network ${network} \
|
2021-11-30 21:58:38 +01:00
|
|
|
| ${pkgs.coreutils}/bin/tee network.json \
|
2023-06-23 15:42:49 +02:00
|
|
|
| ${tinc-graph}/bin/tinc-midpoint > midpoint.json
|
2021-11-30 21:58:38 +01:00
|
|
|
|
|
|
|
|
cp ${tinc-graph}/static/map.html map.html
|
2021-12-20 15:10:19 +01:00
|
|
|
cp ${tinc-graph}/static/map.html index.html
|
2021-11-30 21:58:38 +01:00
|
|
|
cp ${tinc-graph}/static/graph.html graph.html
|
|
|
|
|
'';
|
|
|
|
|
startAt = "hourly";
|
2022-03-10 21:52:12 +01:00
|
|
|
path = [pkgs.coreutils pkgs.jq pkgs.tinc_pre];
|
2021-11-30 21:58:38 +01:00
|
|
|
serviceConfig = {
|
|
|
|
|
Type = "oneshot";
|
|
|
|
|
User = "root";
|
|
|
|
|
StateDirectory = stateDirectory;
|
|
|
|
|
WorkingDirectory = "/var/lib/${stateDirectory}";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2021-12-01 09:53:15 +01:00
|
|
|
services.geoipupdate = {
|
2021-12-01 09:47:45 +01:00
|
|
|
enable = true;
|
2021-12-01 09:53:15 +01:00
|
|
|
settings = {
|
|
|
|
|
AccountID = 608777;
|
2023-02-22 10:02:55 +01:00
|
|
|
LicenseKey._secret = config.age.secrets.maxmind-license-key.path;
|
2022-03-10 21:52:12 +01:00
|
|
|
EditionIDs = ["GeoLite2-City"];
|
2021-12-01 09:53:15 +01:00
|
|
|
};
|
2021-12-01 09:47:45 +01:00
|
|
|
};
|
|
|
|
|
|
2023-02-22 10:02:55 +01:00
|
|
|
age.secrets.maxmind-license-key.file = ../../secrets/maxmind-license-key.age;
|
|
|
|
|
|
2022-05-22 11:47:59 +02:00
|
|
|
niveum.passport.services = [
|
|
|
|
|
{
|
|
|
|
|
link = "http://graph.r";
|
|
|
|
|
title = "Retiolum Realtime Map";
|
|
|
|
|
description = "displays geographical information about the retiolum network. <a href=\"http://graph.r/graph.html\">Graph</a> info also available.";
|
|
|
|
|
}
|
|
|
|
|
{
|
|
|
|
|
link = "http://c.r/${geo-ip-database}";
|
|
|
|
|
title = "GeoIP";
|
|
|
|
|
description = "shares MaxMind's GeoIP database with the krebs world. Updated weekly.";
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
|
2021-11-30 21:58:38 +01:00
|
|
|
services.nginx = {
|
|
|
|
|
enable = true;
|
|
|
|
|
recommendedGzipSettings = true;
|
|
|
|
|
recommendedOptimisation = true;
|
|
|
|
|
recommendedProxySettings = true;
|
|
|
|
|
recommendedTlsSettings = true;
|
|
|
|
|
virtualHosts."graph.r".locations."/".root = "/var/lib/${stateDirectory}";
|
2022-01-11 23:13:17 +01:00
|
|
|
# RRM @ https://github.com/krebs/cholerab/blob/master/thesauron.adoc
|
|
|
|
|
virtualHosts."rrm.r".locations."/".root = "/var/lib/${stateDirectory}";
|
2021-11-30 21:58:38 +01:00
|
|
|
};
|
2021-12-01 12:04:26 +01:00
|
|
|
|
|
|
|
|
systemd.services.geoip-share = {
|
2022-03-10 21:52:12 +01:00
|
|
|
after = ["geoipupdate.service"];
|
2022-05-18 18:11:13 +02:00
|
|
|
wantedBy = ["geoipupdate.service"];
|
2023-02-22 10:02:55 +01:00
|
|
|
script = "${pkgs.curl}/bin/curl -fSs --data-binary @${geo-ip-database-path} http://c.r/${geo-ip-database} ";
|
2021-12-01 12:04:26 +01:00
|
|
|
serviceConfig = {
|
|
|
|
|
Type = "oneshot";
|
|
|
|
|
DynamicUser = true;
|
|
|
|
|
};
|
|
|
|
|
};
|
2021-11-30 21:58:38 +01:00
|
|
|
}
|
