kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-19 19:41:08 +01:00
Code Releases Activity

feat(passport): init for makanek

Browse Source
This commit is contained in:
Kierán Meinhardt
2022-05-22 11:47:59 +02:00
parent 9a3499ab6c
commit 44efc4dfa1
22 changed files with 338 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
configs/telegram-bots/autorenkalender.nix
View File

@@ -20,4 +20,12 @@ in {
parseMode = "Markdown"; parseMode = "Markdown";
command = "${autorenkalender}/bin/autorenkalender"; command = "${autorenkalender}/bin/autorenkalender";
}; };
niveum.passport.services = [
{
title = "Autorenkalender";
description = "sends <a href=\"https://www.projekt-gutenberg.org/\">Projekt Gutenberg</a>'s anniversary information to Telegram.";
link = "https://t.me/Autorenkalender";
}
];
} }

18
configs/telegram-bots/default.nix
View File

@@ -26,6 +26,24 @@ in {
inherit path; inherit path;
}) [reverseDirectory proverbDirectory]; }) [reverseDirectory proverbDirectory];
niveum.passport.services = [
{
title = "Rückwarts-Bot";
link = "https://t.me/RueckwaertsBot";
description = "reverses things on Telegram.";
}
{
title = "BetaCode-Bot";
link = "https://t.me/BetaCodeBot";
description = "converts <a href=\"https://en.wikipedia.org/wiki/Beta_Code\">beta code</a> to polytonic Greek on Telegram.";
}
{
title = "Sprichwortgenerator-Bot";
link = "https://t.me/SprichwortGeneratorBot";
description = "generates useless German proverbs with optional stock photo background on Telegram.";
}
];
systemd.services.telegram-reverse = { systemd.services.telegram-reverse = {
wantedBy = ["multi-user.target"]; wantedBy = ["multi-user.target"];
description = "Telegram reverse bot"; description = "Telegram reverse bot";

7
configs/telegram-bots/literature-quote.nix
View File

@@ -14,4 +14,11 @@ in {
command = "${literature-quote}/bin/literature-quote"; command = "${literature-quote}/bin/literature-quote";
parseMode = "Markdown"; parseMode = "Markdown";
}; };
niveum.passport.services = [
{
title = "Literature quote bot";
description = "sends me and my friends three <a href=\"https://logotheca.xn--kiern-0qa.de/\">logotheca</a> quotes a day.";
}
];
} }

8
configs/telegram-bots/nachtischsatan.nix
View File

@@ -34,4 +34,12 @@ in {
}); });
serviceConfig.Restart = "always"; serviceConfig.Restart = "always";
}; };
niveum.passport.services = [
{
title = "Nachtischsatan-Bot";
link = "https://t.me/NachtischsatanBot";
description = "*flubberflubber*";
}
];
} }

8
configs/telegram-bots/tlg-wotd.nix
View File

@@ -17,4 +17,12 @@
''); '');
parseMode = "Markdown"; parseMode = "Markdown";
}; };
niveum.passport.services = [
{
title = "Thesaurus Linguae Graecae Word of the Day";
description = "sends <a href=\"https://stephanus.tlg.uci.edu/\">TLG</a>'s word of the day to Telegram.";
link = "https://t.me/tlgwotd";
}
];
} }

2
lib/default.nix
View File

@@ -28,7 +28,7 @@ rec {
serveHtml = file: pkgs: '' serveHtml = file: pkgs: ''
default_type "text/html"; default_type "text/html";
root ${ root ${
pkgs.linkFarm "fahrplan" [ pkgs.linkFarm "www" [
{ {
name = "index.html"; name = "index.html";
path = file; path = file;

135
modules/passport.nix Normal file
View File

@@ -0,0 +1,135 @@
{
config,
lib,
pkgs,
...
}: let
cfg = config.niveum.passport;
sortOn = a: lib.sort (as1: as2: lib.lessThan (lib.getAttr a as1) (lib.getAttr a as2));
css = ''
body {
margin: 0;
font-family: "Fira Sans Condensed", sans-serif;
}
main {
margin: 0 auto;
display: grid;
grid-template-columns: 1fr 3fr;
grid-gap: 2em;
}
@media only screen and (max-width: 768px) {
main {
grid-template-columns: 1fr;
}
}
footer, section {
padding: 1em;
}
footer {
text-align: center;
}
dl {
border: 3px double #ccc;
padding: 0.5em;
}
dt {
float: left;
clear: left;
width: 200px;
text-align: right;
font-weight: bold;
margin-right: 1em;
margin-bottom: 1em;
}
dd {
margin: 0 0 0 110px;
padding: 0 0 0.5em 0;
margin-bottom: 1em;
}
'';
in
with lib; {
options.niveum.passport = {
enable = mkEnableOption "server passport";
introductionHTML = mkOption {type = types.str;};
virtualHost = mkOption {
type = types.str;
};
services = mkOption {
type = types.listOf (types.submodule {
options = {
title = mkOption {type = types.str;};
link = mkOption {
type = types.nullOr types.str;
default = null;
};
description = mkOption {
type = types.str;
default = "";
};
};
});
default = [];
};
};
config = mkIf cfg.enable {
services.nginx.enable = true;
services.nginx.virtualHosts."${cfg.virtualHost}".locations."/passport".extraConfig = ''
default_type "text/html";
root ${
pkgs.linkFarm "www" [
{
name = "passport/index.html";
path = pkgs.writeText "index.html" ''
<!doctype html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>${config.networking.hostName} passport</title>
<style>${css}</style>
</head>
<body>
<main>
<section id="server">
<h1>${config.networking.hostName}</h1>
${cfg.introductionHTML}
</section>
<section id="services">
<h2>Services</h2>
<dl>
${lib.strings.concatMapStringsSep "\n" (service: ''
<dt>
${lib.optionalString (service.link != null) "<a href=\"${service.link}\">"}
${service.title}
${lib.optionalString (service.link != null) "</a>"}
</dt>
<dd>
${service.description}
</dd>
'') (sortOn "title" cfg.services)}
</dl>
</section>
</main>
<footer>
<tt>${config.networking.hostName}</tt> is part of the <i><a href="https://github.com/kmein/niveum/tree/master/systems/${config.networking.hostName}">niveum</a></i> network.
</footer>
</body>
'';
}
]
};
index index.html;
'';
};
}

25
systems/makanek/configuration.nix
View File

@@ -31,6 +31,7 @@ in {
<niveum/configs/sshd.nix> <niveum/configs/sshd.nix>
<niveum/configs/telegram-bots> <niveum/configs/telegram-bots>
<niveum/modules/retiolum.nix> <niveum/modules/retiolum.nix>
<niveum/modules/passport.nix>
]; ];
services.restic.backups.niveum = { services.restic.backups.niveum = {
@@ -52,6 +53,30 @@ in {
]; ];
}; };
niveum.passport = {
enable = true;
introductionHTML = ''
<p>
The machine <tt>makanek</tt> is named after a Levantine type of <a href="https://en.wikipedia.org/wiki/Makanek">sausage</a> (مقانق <i>maqāniq</i>).
</p>
<p>
It runs on <a href="https://www.hetzner.com/cloud">Hetzner cloud</a>.
</p>
<figure>
<img width="200" src="https://www.albawaba.com/sites/default/files/2019-08/makanek-BeFunky-project.jpg" alt="Makanek sausages"/>
<figcaption>Makanek</figcaption>
</figure>
'';
virtualHost = "makanek.r";
services = [
{
title = "restic backup";
description = "This machine backups its state via restic backup.";
}
];
};
nix.nixPath = ["/var/src"]; nix.nixPath = ["/var/src"];
networking = { networking = {

11
systems/makanek/gitea.nix
View File

@@ -1,10 +1,11 @@
let let
inherit (import <niveum/lib>) sshPort; inherit (import <niveum/lib>) sshPort;
domain = "https://code.kmein.de";
in { in {
services.gitea = { services.gitea = {
enable = true; enable = true;
disableRegistration = true; disableRegistration = true;
rootUrl = "https://code.kmein.de"; rootUrl = domain;
appName = "code.kmein.de"; appName = "code.kmein.de";
ssh.clonePort = sshPort; ssh.clonePort = sshPort;
}; };
@@ -13,4 +14,12 @@ in {
enableACME = true; enableACME = true;
locations."/".extraConfig = "proxy_pass http://localhost:3000;"; locations."/".extraConfig = "proxy_pass http://localhost:3000;";
}; };
niveum.passport.services = [
{
link = domain;
title = "Gitea";
description = "hosts a couple of <tt>git</tt> repos. Registration is disabled.";
}
];
} }

8
systems/makanek/hedgedoc.nix
View File

@@ -47,6 +47,14 @@ in {
}; };
}; };
niveum.passport.services = [
{
title = "Hedgedoc";
link = "https://${domain}";
description = "lets you collaborate on Markdown documents.";
}
];
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
(tmpfilesConfig { (tmpfilesConfig {
user = "codimd"; user = "codimd";

8
systems/makanek/menstruation.nix
View File

@@ -11,6 +11,14 @@ in {
environment.systemPackages = [pkgs.redis]; environment.systemPackages = [pkgs.redis];
niveum.passport.services = [
{
title = "Tischlein, deck dich!";
description = "serves you with Berlin canteen menus via Telegram.";
link = "https://t.me/TischleinDeckDichBot";
}
];
systemd.services.menstruation-telegram = { systemd.services.menstruation-telegram = {
wants = [ wants = [
"network-online.target" "network-online.target"

7
systems/makanek/moinbot.nix
View File

@@ -12,5 +12,12 @@
serviceConfig.DynamicUser = true; serviceConfig.DynamicUser = true;
}; };
niveum.passport.services = [
{
title = "moinbot";
description = "greets #hsmr:hackint.org daily.";
}
];
systemd.timers.moinbot.timerConfig.RandomizedDelaySec = "14h"; systemd.timers.moinbot.timerConfig.RandomizedDelaySec = "14h";
} }

20
systems/makanek/monitoring/default.nix
View File

@@ -22,6 +22,26 @@ in {
}; };
}; };
niveum.passport.services = [
{
title = "Prometheus";
description = "collects metrics from devices in the <i>niveum</i> network, blackbox monitors some websites.";
}
{
title = "Loki";
description = "aggregates logs of the <i>niveum</i> network.";
}
{
title = "Grafana";
link = "http://${config.services.grafana.domain}";
description = "displays metrics from devices in the <i>niveum</i> network.";
}
{
title = "Alertmanager bot";
description = "notifies me when something goes wrong.";
}
];
services.prometheus.rules = let services.prometheus.rules = let
diskFreeThreshold = 10; diskFreeThreshold = 10;
in [ in [

7
systems/makanek/moodle-dl-borsfaye.nix
View File

@@ -12,6 +12,13 @@
in { in {
imports = [<niveum/modules/moodle-dl.nix>]; imports = [<niveum/modules/moodle-dl.nix>];
niveum.passport.services = [
{
title = "MoodleDL";
description = "notifies about changes on Moodle.";
}
];
services.moodle-dl = { services.moodle-dl = {
enable = true; enable = true;
startAt = "hourly"; startAt = "hourly";

8
systems/makanek/names.nix
View File

@@ -28,6 +28,14 @@ in {
recommendedTlsSettings = true; recommendedTlsSettings = true;
}; };
niveum.passport.services = [
{
link = "http://names.kmein.r";
title = "Onomap";
description = "maps surnames within Germany.";
}
];
services.nginx.virtualHosts."names.kmein.r" = { services.nginx.virtualHosts."names.kmein.r" = {
locations."/".proxyPass = "http://127.0.0.1:${toString port}"; locations."/".proxyPass = "http://127.0.0.1:${toString port}";
}; };

9
systems/makanek/nextcloud.nix
View File

@@ -1,5 +1,6 @@
{ {
pkgs, pkgs,
config,
lib, lib,
... ...
}: let }: let
@@ -33,6 +34,14 @@ in {
}; };
}; };
niveum.passport.services = [
{
title = "Nextcloud";
link = "https://${config.services.nextcloud.hostName}";
description = "manages calendars, to-do lists, files, and recipes.";
}
];
services.postgresql = { services.postgresql = {
enable = true; enable = true;
ensureDatabases = ["nextcloud"]; ensureDatabases = ["nextcloud"];

8
systems/makanek/radio-news.nix
View File

@@ -8,6 +8,14 @@
in { in {
services.nginx.virtualHosts."redaktion.r".locations."/".extraConfig = serveHtml <niveum/lib/radio-news.html> pkgs; services.nginx.virtualHosts."redaktion.r".locations."/".extraConfig = serveHtml <niveum/lib/radio-news.html> pkgs;
niveum.passport.services = [
{
title = "Retiolum Radio News";
link = "http://redaktion.r";
description = "supplies git history news to radio lassulus and lets you enter your own.";
}
];
systemd.services.stockholm-history = { systemd.services.stockholm-history = {
startAt = "hourly"; startAt = "hourly";
script = '' script = ''

8
systems/makanek/radio.nix
View File

@@ -126,4 +126,12 @@ in {
forceSSL = true; forceSSL = true;
locations."/".proxyPass = "http://127.0.0.1:${toString config.services.icecast.listen.port}"; locations."/".proxyPass = "http://127.0.0.1:${toString config.services.icecast.listen.port}";
}; };
niveum.passport.services = [
{
title = "Radio";
link = "https://radio.kmein.de";
description = "broadcasts a few little (and mostly useless) web-radio stations.";
}
];
} }

13
systems/makanek/retiolum-map.nix
View File

@@ -44,6 +44,19 @@ in {
}; };
}; };
niveum.passport.services = [
{
link = "http://graph.r";
title = "Retiolum Realtime Map";
description = "displays geographical information about the retiolum network. <a href=\"http://graph.r/graph.html\">Graph</a> info also available.";
}
{
link = "http://c.r/${geo-ip-database}";
title = "GeoIP";
description = "shares MaxMind's GeoIP database with the krebs world. Updated weekly.";
}
];
services.nginx = { services.nginx = {
enable = true; enable = true;
recommendedGzipSettings = true; recommendedGzipSettings = true;

8
systems/makanek/tarot.nix
View File

@@ -48,6 +48,14 @@ in {
}''; }'';
}; };
niveum.passport.services = [
rec {
link = "https://tarot.kmein.de";
title = "Tarot";
description = "draws Tarot cards for you. See <a href=\"${link}/files/key.pdf\">here</a> for information on how to interpret them.";
}
];
services.nginx.virtualHosts."tarot.kmein.de" = { services.nginx.virtualHosts."tarot.kmein.de" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;

7
systems/makanek/urlwatch.nix
View File

@@ -204,4 +204,11 @@ in {
Type = "oneshot"; Type = "oneshot";
}; };
}; };
niveum.passport.services = [
{
description = "keeps me up-to-date on sites that have no RSS feed (shame be upon them!).";
title = "urlwatch";
}
];
} }

7
systems/makanek/weechat.nix
View File

@@ -185,4 +185,11 @@ in {
isSystemUser = true; isSystemUser = true;
packages = [pkgs.tmux]; packages = [pkgs.tmux];
}; };
niveum.passport.services = [
{
title = "weechat bouncer";
description = "keeps me logged in on IRC.";
}
];
} }