initial commit

2026-02-20 17:22:14 +01:00
commit 86dc6ff2d9
7 changed files with 696 additions and 0 deletions
--- a/examples/advanced.nix
+++ b/examples/advanced.nix
@@ -0,0 +1,119 @@
+# Advanced Panoptikon configuration with secrets and custom reporters
+
+{
+  # Load secrets from agenix
+  secrets = import ../../secrets { };
+
+  services.panoptikon.enable = true;
+  
+  services.panoptikon.watchers = {
+    # Monitor a private API with authentication
+    private-api = {
+      script = pkgs.writers.writeDash "private-api" '''
+        set -euo pipefail
+        ${pkgs.curl}/bin/curl -sSL \
+          -H "Authorization: Bearer $API_TOKEN" \
+          -H "Content-Type: application/json" \
+          https://api.example.com/data
+      ''';
+      frequency = "hourly";
+      loadCredential = [ "API_TOKEN" ];
+      reporters = [
+        # Custom reporter that sends to a webhook
+        (pkgs.writers.writeDash "webhook-reporter" '''
+          ${pkgs.curl}/bin/curl -X POST \
+            -H "Content-Type: application/json" \
+            -d "{\"watcher\": \"$PANOPTIKON_WATCHER\", \"changes\": $(cat)}" \
+            https://hooks.example.com/panoptikon
+        ''')
+        # Also log to systemd journal
+        (pkgs.writers.writeDash "journal-log" '''
+          journalctl -t panoptikon-private-api --since "1 hour ago" | tail -5
+        ''')
+      ];
+    };
+
+    # Monitor cryptocurrency prices with alerts
+    crypto-monitor = {
+      script = pkgs.panoptikon.urlJSON {
+        jqScript = ".[0] | {
+          name: .name,
+          price: .quote.USD.price,
+          change24h: .quote.USD.percent_change_24h,
+          marketCap: .quote.USD.market_cap
+        }";
+      } "https://api.coingecko.com/api/v3/coins/markets?vs_currency=usd&ids=bitcoin";
+      frequency = "*:0/15";
+      reporters = [
+        (pkgs.writers.writeDash "btc-alert" '''
+          price=$(echo "$(cat)" | ${pkgs.jq}/bin/jq -r '.price')
+          change=$(echo "$(cat)" | ${pkgs.jq}/bin/jq -r '.change24h')
+          
+          # Alert if price > $60,000 or change > 5%
+          if (( $(echo "$price > 60000" | bc -l) )) || (( $(echo "$change > 5" | bc -l) )); then
+            ${pkgs.libnotify}/bin/notify-send \
+              "BTC Alert: $$price ($$change% change)"
+          fi
+        ''')
+        # Log to file
+        (pkgs.writers.writeDash "price-logger" '''
+          echo "$(date): $(cat)" >> /var/log/panoptikon/btc-prices.log
+        ''')
+      ];
+    };
+
+    # Monitor system load with thresholds
+    system-health = {
+      script = pkgs.writers.writeDash "system-health" '''
+        set -euo pipefail
+        load=$(uptime | awk -F'load average:' '{print $2}' | awk '{print $1}' | tr -d ',')
+        mem=$(free -m | awk 'NR==2{printf "%.1f%%", $3*100/$2 }')
+        disk=$(df / | awk 'NR==2{printf "%.1f%%", $5}')
+        
+        echo "load: $$load, mem: $$mem, disk: $$disk"
+      ''';
+      frequency = "*:0/5";
+      reporters = [
+        (pkgs.writers.writeDash "health-alert" '''
+          load=$(echo "$(cat)" | awk -F',' '{print $1}' | awk '{print $2}')
+          mem=$(echo "$(cat)" | awk -F',' '{print $2}' | awk '{print $2}')
+          disk=$(echo "$(cat)" | awk -F',' '{print $3}' | awk '{print $2}')
+          
+          # Alert if load > 2.0, mem > 80%, or disk > 90%
+          if (( $(echo "$load > 2.0" | bc -l) )) || (( $(echo "${mem%%%} > 80" | bc -l) )) || (( $(echo "${disk%%%} > 90" | bc -l) )); then
+            ${pkgs.libnotify}/bin/notify-send \
+              "System Alert: Load=$$load, Mem=$$mem, Disk=$$disk"
+          fi
+        ''')
+      ];
+    };
+  };
+
+  # Add monitoring user
+  users.extraUsers.panoptikon = {
+    isSystemUser = true;
+    createHome = true;
+    home = "/var/lib/panoptikon";
+    group = "panoptikon";
+    description = "Panoptikon monitoring service";
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK..."  # Monitoring access key
+    ];
+  };
+
+  # Configure log rotation
+  services.logrotate = {
+    enable = true;
+    config = {
+      rotate = 14;
+      compress = true;
+      delaycompress = true;
+      missingok = true;
+      notifempty = true;
+      create = "644 panoptikon panoptikon";
+    };
+    files = [
+      "/var/log/panoptikon/*.log"
+    ];
+  };
+}
--- a/examples/simple.nix
+++ b/examples/simple.nix
@@ -0,0 +1,31 @@
+# Simple Panoptikon configuration
+
+{
+  services.panoptikon.enable = true;
+  
+  services.panoptikon.watchers = {
+    # Monitor GitHub metadata every 5 minutes
+    github-meta = {
+      script = pkgs.writers.writeDash "github-meta" '''
+        ${pkgs.curl}/bin/curl -sSL https://api.github.com/meta | ${pkgs.jq}/bin/jq
+      ''';
+      frequency = "*:0/5";
+      reporters = [
+        (pkgs.writers.writeDash "notify" '''
+          ${pkgs.libnotify}/bin/notify-send "$PANOPTIKON_WATCHER has changed."
+        ''')
+      ];
+    };
+
+    # Monitor a website for news
+    nixos-news = {
+      script = pkgs.panoptikon.urlSelector "#news h2" "https://nixos.org/blog/";
+      frequency = "daily";
+      reporters = [
+        (pkgs.writers.writeDash "news-alert" '''
+          ${pkgs.libnotify}/bin/notify-send "New NixOS blog post: $(cat | head -1)"
+        ''')
+      ];
+    };
+  };
+}