diff --git a/configs/telegram-bots/autorenkalender.nix b/configs/telegram-bots/autorenkalender.nix index 0f7a947..97480b6 100644 --- a/configs/telegram-bots/autorenkalender.nix +++ b/configs/telegram-bots/autorenkalender.nix @@ -20,4 +20,12 @@ in { parseMode = "Markdown"; command = "${autorenkalender}/bin/autorenkalender"; }; + + niveum.passport.services = [ + { + title = "Autorenkalender"; + description = "sends Projekt Gutenberg's anniversary information to Telegram."; + link = "https://t.me/Autorenkalender"; + } + ]; } diff --git a/configs/telegram-bots/default.nix b/configs/telegram-bots/default.nix index bb79b2a..fcd827e 100644 --- a/configs/telegram-bots/default.nix +++ b/configs/telegram-bots/default.nix @@ -26,6 +26,24 @@ in { inherit path; }) [reverseDirectory proverbDirectory]; + niveum.passport.services = [ + { + title = "Rückwarts-Bot"; + link = "https://t.me/RueckwaertsBot"; + description = "reverses things on Telegram."; + } + { + title = "BetaCode-Bot"; + link = "https://t.me/BetaCodeBot"; + description = "converts beta code to polytonic Greek on Telegram."; + } + { + title = "Sprichwortgenerator-Bot"; + link = "https://t.me/SprichwortGeneratorBot"; + description = "generates useless German proverbs with optional stock photo background on Telegram."; + } + ]; + systemd.services.telegram-reverse = { wantedBy = ["multi-user.target"]; description = "Telegram reverse bot"; diff --git a/configs/telegram-bots/literature-quote.nix b/configs/telegram-bots/literature-quote.nix index c09c568..0a8f2b2 100644 --- a/configs/telegram-bots/literature-quote.nix +++ b/configs/telegram-bots/literature-quote.nix @@ -14,4 +14,11 @@ in { command = "${literature-quote}/bin/literature-quote"; parseMode = "Markdown"; }; + + niveum.passport.services = [ + { + title = "Literature quote bot"; + description = "sends me and my friends three logotheca quotes a day."; + } + ]; } diff --git a/configs/telegram-bots/nachtischsatan.nix b/configs/telegram-bots/nachtischsatan.nix index 6b7a5bd..02a7b3b 100644 --- a/configs/telegram-bots/nachtischsatan.nix +++ b/configs/telegram-bots/nachtischsatan.nix @@ -34,4 +34,12 @@ in { }); serviceConfig.Restart = "always"; }; + + niveum.passport.services = [ + { + title = "Nachtischsatan-Bot"; + link = "https://t.me/NachtischsatanBot"; + description = "*flubberflubber*"; + } + ]; } diff --git a/configs/telegram-bots/tlg-wotd.nix b/configs/telegram-bots/tlg-wotd.nix index c4a3a18..d7dddae 100644 --- a/configs/telegram-bots/tlg-wotd.nix +++ b/configs/telegram-bots/tlg-wotd.nix @@ -17,4 +17,12 @@ ''); parseMode = "Markdown"; }; + + niveum.passport.services = [ + { + title = "Thesaurus Linguae Graecae Word of the Day"; + description = "sends TLG's word of the day to Telegram."; + link = "https://t.me/tlgwotd"; + } + ]; } diff --git a/lib/default.nix b/lib/default.nix index 983e9c1..5cde9da 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -28,7 +28,7 @@ rec { serveHtml = file: pkgs: '' default_type "text/html"; root ${ - pkgs.linkFarm "fahrplan" [ + pkgs.linkFarm "www" [ { name = "index.html"; path = file; diff --git a/modules/passport.nix b/modules/passport.nix new file mode 100644 index 0000000..da54821 --- /dev/null +++ b/modules/passport.nix @@ -0,0 +1,135 @@ +{ + config, + lib, + pkgs, + ... +}: let + cfg = config.niveum.passport; + sortOn = a: lib.sort (as1: as2: lib.lessThan (lib.getAttr a as1) (lib.getAttr a as2)); + css = '' + body { + margin: 0; + font-family: "Fira Sans Condensed", sans-serif; + } + + main { + margin: 0 auto; + display: grid; + grid-template-columns: 1fr 3fr; + grid-gap: 2em; + } + @media only screen and (max-width: 768px) { + main { + grid-template-columns: 1fr; + } + } + + footer, section { + padding: 1em; + } + + footer { + text-align: center; + } + + dl { + border: 3px double #ccc; + padding: 0.5em; + } + dt { + float: left; + clear: left; + width: 200px; + text-align: right; + font-weight: bold; + margin-right: 1em; + margin-bottom: 1em; + } + dd { + margin: 0 0 0 110px; + padding: 0 0 0.5em 0; + margin-bottom: 1em; + } + ''; +in + with lib; { + options.niveum.passport = { + enable = mkEnableOption "server passport"; + + introductionHTML = mkOption {type = types.str;}; + + virtualHost = mkOption { + type = types.str; + }; + + services = mkOption { + type = types.listOf (types.submodule { + options = { + title = mkOption {type = types.str;}; + link = mkOption { + type = types.nullOr types.str; + default = null; + }; + description = mkOption { + type = types.str; + default = ""; + }; + }; + }); + default = []; + }; + }; + + config = mkIf cfg.enable { + services.nginx.enable = true; + + services.nginx.virtualHosts."${cfg.virtualHost}".locations."/passport".extraConfig = '' + default_type "text/html"; + root ${ + pkgs.linkFarm "www" [ + { + name = "passport/index.html"; + path = pkgs.writeText "index.html" '' + + + + + ${config.networking.hostName} passport + + + +
+
+

${config.networking.hostName}

+ ${cfg.introductionHTML} +
+ +
+

Services

+
+ ${lib.strings.concatMapStringsSep "\n" (service: '' +
+ ${lib.optionalString (service.link != null) ""} + ${service.title} + ${lib.optionalString (service.link != null) ""} +
+
+ ${service.description} +
+ '') (sortOn "title" cfg.services)} +
+
+
+ + + + ''; + } + ] + }; + index index.html; + ''; + }; + } diff --git a/systems/makanek/configuration.nix b/systems/makanek/configuration.nix index 248d6ef..b062cde 100644 --- a/systems/makanek/configuration.nix +++ b/systems/makanek/configuration.nix @@ -31,6 +31,7 @@ in { + ]; services.restic.backups.niveum = { @@ -52,6 +53,30 @@ in { ]; }; + niveum.passport = { + enable = true; + introductionHTML = '' +

+ The machine makanek is named after a Levantine type of sausage (مقانق maqāniq). +

+

+ It runs on Hetzner cloud. +

+
+ Makanek sausages +
Makanek
+
+ ''; + virtualHost = "makanek.r"; + + services = [ + { + title = "restic backup"; + description = "This machine backups its state via restic backup."; + } + ]; + }; + nix.nixPath = ["/var/src"]; networking = { diff --git a/systems/makanek/gitea.nix b/systems/makanek/gitea.nix index 79dc690..72a4821 100644 --- a/systems/makanek/gitea.nix +++ b/systems/makanek/gitea.nix @@ -1,10 +1,11 @@ let inherit (import ) sshPort; + domain = "https://code.kmein.de"; in { services.gitea = { enable = true; disableRegistration = true; - rootUrl = "https://code.kmein.de"; + rootUrl = domain; appName = "code.kmein.de"; ssh.clonePort = sshPort; }; @@ -13,4 +14,12 @@ in { enableACME = true; locations."/".extraConfig = "proxy_pass http://localhost:3000;"; }; + + niveum.passport.services = [ + { + link = domain; + title = "Gitea"; + description = "hosts a couple of git repos. Registration is disabled."; + } + ]; } diff --git a/systems/makanek/hedgedoc.nix b/systems/makanek/hedgedoc.nix index cfeb703..67210d9 100644 --- a/systems/makanek/hedgedoc.nix +++ b/systems/makanek/hedgedoc.nix @@ -47,6 +47,14 @@ in { }; }; + niveum.passport.services = [ + { + title = "Hedgedoc"; + link = "https://${domain}"; + description = "lets you collaborate on Markdown documents."; + } + ]; + systemd.tmpfiles.rules = [ (tmpfilesConfig { user = "codimd"; diff --git a/systems/makanek/menstruation.nix b/systems/makanek/menstruation.nix index 363182a..3b322d8 100644 --- a/systems/makanek/menstruation.nix +++ b/systems/makanek/menstruation.nix @@ -11,6 +11,14 @@ in { environment.systemPackages = [pkgs.redis]; + niveum.passport.services = [ + { + title = "Tischlein, deck dich!"; + description = "serves you with Berlin canteen menus via Telegram."; + link = "https://t.me/TischleinDeckDichBot"; + } + ]; + systemd.services.menstruation-telegram = { wants = [ "network-online.target" diff --git a/systems/makanek/moinbot.nix b/systems/makanek/moinbot.nix index 263ebdb..662d258 100644 --- a/systems/makanek/moinbot.nix +++ b/systems/makanek/moinbot.nix @@ -12,5 +12,12 @@ serviceConfig.DynamicUser = true; }; + niveum.passport.services = [ + { + title = "moinbot"; + description = "greets #hsmr:hackint.org daily."; + } + ]; + systemd.timers.moinbot.timerConfig.RandomizedDelaySec = "14h"; } diff --git a/systems/makanek/monitoring/default.nix b/systems/makanek/monitoring/default.nix index 7eb0fb8..5fde2ef 100644 --- a/systems/makanek/monitoring/default.nix +++ b/systems/makanek/monitoring/default.nix @@ -22,6 +22,26 @@ in { }; }; + niveum.passport.services = [ + { + title = "Prometheus"; + description = "collects metrics from devices in the niveum network, blackbox monitors some websites."; + } + { + title = "Loki"; + description = "aggregates logs of the niveum network."; + } + { + title = "Grafana"; + link = "http://${config.services.grafana.domain}"; + description = "displays metrics from devices in the niveum network."; + } + { + title = "Alertmanager bot"; + description = "notifies me when something goes wrong."; + } + ]; + services.prometheus.rules = let diskFreeThreshold = 10; in [ diff --git a/systems/makanek/moodle-dl-borsfaye.nix b/systems/makanek/moodle-dl-borsfaye.nix index 7bec62a..abbd551 100644 --- a/systems/makanek/moodle-dl-borsfaye.nix +++ b/systems/makanek/moodle-dl-borsfaye.nix @@ -12,6 +12,13 @@ in { imports = []; + niveum.passport.services = [ + { + title = "MoodleDL"; + description = "notifies about changes on Moodle."; + } + ]; + services.moodle-dl = { enable = true; startAt = "hourly"; diff --git a/systems/makanek/names.nix b/systems/makanek/names.nix index 6071179..0a608ca 100644 --- a/systems/makanek/names.nix +++ b/systems/makanek/names.nix @@ -28,6 +28,14 @@ in { recommendedTlsSettings = true; }; + niveum.passport.services = [ + { + link = "http://names.kmein.r"; + title = "Onomap"; + description = "maps surnames within Germany."; + } + ]; + services.nginx.virtualHosts."names.kmein.r" = { locations."/".proxyPass = "http://127.0.0.1:${toString port}"; }; diff --git a/systems/makanek/nextcloud.nix b/systems/makanek/nextcloud.nix index ef6a3d6..9a48606 100644 --- a/systems/makanek/nextcloud.nix +++ b/systems/makanek/nextcloud.nix @@ -1,5 +1,6 @@ { pkgs, + config, lib, ... }: let @@ -33,6 +34,14 @@ in { }; }; + niveum.passport.services = [ + { + title = "Nextcloud"; + link = "https://${config.services.nextcloud.hostName}"; + description = "manages calendars, to-do lists, files, and recipes."; + } + ]; + services.postgresql = { enable = true; ensureDatabases = ["nextcloud"]; diff --git a/systems/makanek/radio-news.nix b/systems/makanek/radio-news.nix index 93b6054..56db084 100644 --- a/systems/makanek/radio-news.nix +++ b/systems/makanek/radio-news.nix @@ -8,6 +8,14 @@ in { services.nginx.virtualHosts."redaktion.r".locations."/".extraConfig = serveHtml pkgs; + niveum.passport.services = [ + { + title = "Retiolum Radio News"; + link = "http://redaktion.r"; + description = "supplies git history news to radio lassulus and lets you enter your own."; + } + ]; + systemd.services.stockholm-history = { startAt = "hourly"; script = '' diff --git a/systems/makanek/radio.nix b/systems/makanek/radio.nix index bed8a99..bc0b508 100644 --- a/systems/makanek/radio.nix +++ b/systems/makanek/radio.nix @@ -126,4 +126,12 @@ in { forceSSL = true; locations."/".proxyPass = "http://127.0.0.1:${toString config.services.icecast.listen.port}"; }; + + niveum.passport.services = [ + { + title = "Radio"; + link = "https://radio.kmein.de"; + description = "broadcasts a few little (and mostly useless) web-radio stations."; + } + ]; } diff --git a/systems/makanek/retiolum-map.nix b/systems/makanek/retiolum-map.nix index 8f92186..0b19a96 100644 --- a/systems/makanek/retiolum-map.nix +++ b/systems/makanek/retiolum-map.nix @@ -44,6 +44,19 @@ in { }; }; + niveum.passport.services = [ + { + link = "http://graph.r"; + title = "Retiolum Realtime Map"; + description = "displays geographical information about the retiolum network. Graph info also available."; + } + { + link = "http://c.r/${geo-ip-database}"; + title = "GeoIP"; + description = "shares MaxMind's GeoIP database with the krebs world. Updated weekly."; + } + ]; + services.nginx = { enable = true; recommendedGzipSettings = true; diff --git a/systems/makanek/tarot.nix b/systems/makanek/tarot.nix index 4b77e16..aec5daa 100644 --- a/systems/makanek/tarot.nix +++ b/systems/makanek/tarot.nix @@ -48,6 +48,14 @@ in { }''; }; + niveum.passport.services = [ + rec { + link = "https://tarot.kmein.de"; + title = "Tarot"; + description = "draws Tarot cards for you. See here for information on how to interpret them."; + } + ]; + services.nginx.virtualHosts."tarot.kmein.de" = { enableACME = true; forceSSL = true; diff --git a/systems/makanek/urlwatch.nix b/systems/makanek/urlwatch.nix index 2300201..1723b0e 100644 --- a/systems/makanek/urlwatch.nix +++ b/systems/makanek/urlwatch.nix @@ -204,4 +204,11 @@ in { Type = "oneshot"; }; }; + + niveum.passport.services = [ + { + description = "keeps me up-to-date on sites that have no RSS feed (shame be upon them!)."; + title = "urlwatch"; + } + ]; } diff --git a/systems/makanek/weechat.nix b/systems/makanek/weechat.nix index cef1713..bff40af 100644 --- a/systems/makanek/weechat.nix +++ b/systems/makanek/weechat.nix @@ -185,4 +185,11 @@ in { isSystemUser = true; packages = [pkgs.tmux]; }; + + niveum.passport.services = [ + { + title = "weechat bouncer"; + description = "keeps me logged in on IRC."; + } + ]; }