From 65a4e417ebb61bb68bf8c44bb40b0875bfc3e063 Mon Sep 17 00:00:00 2001 From: Kiara Grouwstra Date: Fri, 27 Sep 2024 00:09:12 +0200 Subject: [PATCH] feat(monitoring): add uptime-kuma for status page, fixes #97 Adds a service for a status page using [`uptime-kuma`](https://uptime.kuma.pet/). Open questions here included: - who could set up the application password (currently a manual step in services.uptime-kuma), after which the stateless client can be re-built; --- flake.lock | 17 ++++++ flake.nix | 4 ++ hosts/public01/default.nix | 5 ++ services/default.nix | 1 + services/uptime-kuma/default.nix | 93 ++++++++++++++++++++++++++++++++ terraform/dnsimple.nix | 1 + terraform/gandi.nix | 1 + 7 files changed, 122 insertions(+) create mode 100644 services/uptime-kuma/default.nix diff --git a/flake.lock b/flake.lock index e62f8b8..d34507e 100644 --- a/flake.lock +++ b/flake.lock @@ -715,6 +715,7 @@ ], "nix-gerrit": "nix-gerrit", "nixpkgs": "nixpkgs_2", + "stateless-uptime-kuma": "stateless-uptime-kuma", "terranix": "terranix" } }, @@ -763,6 +764,22 @@ "type": "github" } }, + "stateless-uptime-kuma": { + "flake": false, + "locked": { + "lastModified": 1713725430, + "narHash": "sha256-e3a4/7bc3GO8/kfFndtDa4/6ob3+XjkOgrN8SfDec8c=", + "ref": "refs/heads/master", + "rev": "c6baf60295e4bee4e4c13cf5c628ccd3ab89b141", + "revCount": 22, + "type": "git", + "url": "https://git.dgnum.eu/DGNum/stateless-uptime-kuma.git" + }, + "original": { + "type": "git", + "url": "https://git.dgnum.eu/DGNum/stateless-uptime-kuma.git" + } + }, "systems": { "locked": { "lastModified": 1681028828, diff --git a/flake.nix b/flake.nix index bad4960..48fbfb5 100644 --- a/flake.nix +++ b/flake.nix @@ -28,6 +28,9 @@ channel-scripts.url = "git+https://git.lix.systems/the-distro/channel-scripts.git"; channel-scripts.inputs.nixpkgs.follows = "nixpkgs"; + stateless-uptime-kuma.url = "git+https://git.dgnum.eu/DGNum/stateless-uptime-kuma.git"; + stateless-uptime-kuma.flake = false; + lix.follows = "hydra/lix"; grapevine = { @@ -55,6 +58,7 @@ inputs.lix.overlays.default inputs.nix-gerrit.overlays.default inputs.channel-scripts.overlays.default + (import "${inputs.stateless-uptime-kuma}/overlay.nix") ]; }; terraform = pkgs.opentofu; diff --git a/hosts/public01/default.nix b/hosts/public01/default.nix index b1430a0..42a9980 100755 --- a/hosts/public01/default.nix +++ b/hosts/public01/default.nix @@ -9,6 +9,11 @@ # TODO: make it the default networking.domain = "infra.forkos.org"; + bagel.status = { + enable = true; + domain = "status.forkos.org"; + }; + bagel.sysadmin.enable = true; # Newsletter is proxied. bagel.raito.v6-proxy-awareness.enable = true; diff --git a/services/default.nix b/services/default.nix index 3009878..8daacc3 100644 --- a/services/default.nix +++ b/services/default.nix @@ -5,6 +5,7 @@ ./hydra ./matrix ./monitoring + ./uptime-kuma ./netbox ./ofborg ./postgres diff --git a/services/uptime-kuma/default.nix b/services/uptime-kuma/default.nix new file mode 100644 index 0000000..ce4b40e --- /dev/null +++ b/services/uptime-kuma/default.nix @@ -0,0 +1,93 @@ +{ + inputs, + lib, + config, + ... +}: +let + cfg = config.bagel.status; + # TODO: pull domains from a central place + subdomains = [ + "cl" + "netbox" + "cache" + "grafana" + "hydra" + "loki" + "mimir" + "pyroscope" + "matrix" + "tempo" + "amqp" + "fodwatch" + "git" + "alerts" + "buildbot" + "b" + "postgres" + "news" + ]; + port = 3001; +in +{ + imports = [ "${inputs.stateless-uptime-kuma}/nixos/module.nix" ]; + + options.bagel.status = { + enable = lib.mkEnableOption "the status page service (uptime-kuma)"; + domain = lib.mkOption { + type = lib.types.str; + }; + }; + + config = lib.mkIf cfg.enable { + services.uptime-kuma.enable = true; + + services.nginx = { + enable = true; + virtualHosts.${cfg.domain} = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:${builtins.toString port}"; + proxyWebsockets = true; + }; + }; + }; + + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; + + statelessUptimeKuma = { + probesConfig = { + monitors = lib.genAttrs subdomains (name: { + type = "http"; + url = "https://${name}.forkos.org/"; + tags = []; + }); + status_pages = { + "forkos" = { + title = "ForkOS"; + description = "health of the ForkOS infra"; + showTags = true; + publicGroupList = [ + { + name = "Services"; + weight = 1; + monitorList = lib.genAttrs subdomains (id: { + inherit id; + }); + } + ]; + }; + }; + }; + extraFlags = [ "-s" ]; + host = "http://localhost:${builtins.toString port}/"; + username = "forkos"; + passwordFile = config.age.secrets."stateless-uptime-kuma-password".path; + enableService = true; + }; + }; +} diff --git a/terraform/dnsimple.nix b/terraform/dnsimple.nix index 2920f17..56b2d09 100644 --- a/terraform/dnsimple.nix +++ b/terraform/dnsimple.nix @@ -114,6 +114,7 @@ in (record "b" 300 "CNAME" "public01.infra.p.forkos.org") (record "postgres" 300 "CNAME" "bagel-box.infra.p.forkos.org") (record "news" 3600 "CNAME" "public01.infra.p.forkos.org") + (record "status" 3600 "CNAME" "public01.infra.p.forkos.org") # S3 in delroth's basement (record "cache" 300 "AAAA" "2a02:168:6426::12") # smol.delroth.net diff --git a/terraform/gandi.nix b/terraform/gandi.nix index f40716b..6ee8e73 100644 --- a/terraform/gandi.nix +++ b/terraform/gandi.nix @@ -88,6 +88,7 @@ in (record "b" 300 "CNAME" ["public01.infra.p"]) (record "postgres" 300 "CNAME" ["bagel-box.infra.p"]) (record "news" 3600 "CNAME" ["public01.infra.p"]) + (record "status" 3600 "CNAME" ["public01.infra.p"]) # S3 in delroth's basement (record "cache" 300 "AAAA" ["2a02:168:6426::12"]) # smol.delroth.net