Set up admins + DNS for hookshot
This commit is contained in:
parent
ae4bc2550e
commit
814d604ac8
|
@ -25,7 +25,12 @@
|
||||||
bagel.services.loki.enable = true;
|
bagel.services.loki.enable = true;
|
||||||
bagel.services.grafana.enable = true;
|
bagel.services.grafana.enable = true;
|
||||||
bagel.services.grapevine.enable = true;
|
bagel.services.grapevine.enable = true;
|
||||||
bagel.services.hookshot.enable = true;
|
bagel.services.hookshot = {
|
||||||
|
enable = true;
|
||||||
|
admins = [
|
||||||
|
"@k900:0upti.me"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
i18n.defaultLocale = "fr_FR.UTF-8";
|
i18n.defaultLocale = "fr_FR.UTF-8";
|
||||||
|
|
||||||
|
|
|
@ -6,7 +6,7 @@
|
||||||
}:
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.bagel.services.hookshot;
|
cfg = config.bagel.services.hookshot;
|
||||||
inherit (lib) mkEnableOption mkIf mkOption;
|
inherit (lib) mkEnableOption mkIf mkOption types;
|
||||||
keyPath = "/var/lib/matrix-hookshot/key.pem";
|
keyPath = "/var/lib/matrix-hookshot/key.pem";
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -16,6 +16,10 @@ in
|
||||||
description = "Settings";
|
description = "Settings";
|
||||||
type = (pkgs.formats.yaml { }).type;
|
type = (pkgs.formats.yaml { }).type;
|
||||||
};
|
};
|
||||||
|
admins = mkOption {
|
||||||
|
description = "List of admin MXIDs";
|
||||||
|
type = types.listOf types.str;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
|
@ -55,6 +59,19 @@ in
|
||||||
enabled = true;
|
enabled = true;
|
||||||
urlPrefix = "https://alerts.forkos.org/webhook";
|
urlPrefix = "https://alerts.forkos.org/webhook";
|
||||||
};
|
};
|
||||||
|
permissions = map (mxid: {
|
||||||
|
actor = mxid;
|
||||||
|
services = [{
|
||||||
|
service = "*";
|
||||||
|
level = "admin";
|
||||||
|
}];
|
||||||
|
}) cfg.admins;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.nginx.virtualHosts."alerts.forkos.org" = {
|
||||||
|
forceSSL = true;
|
||||||
|
enableACME = true;
|
||||||
|
locations."/".proxyPass = "http://127.0.0.1:9994";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -80,6 +80,7 @@ in
|
||||||
(record "loki" 3600 "CNAME" ["meta01.infra.p"])
|
(record "loki" 3600 "CNAME" ["meta01.infra.p"])
|
||||||
(record "mimir" 3600 "CNAME" ["meta01.infra.p"])
|
(record "mimir" 3600 "CNAME" ["meta01.infra.p"])
|
||||||
(record "matrix" 3600 "CNAME" ["meta01.infra.p"])
|
(record "matrix" 3600 "CNAME" ["meta01.infra.p"])
|
||||||
|
(record "alerts" 3600 "CNAME" ["meta01.infra.p"])
|
||||||
(record "buildbot" 3600 "CNAME" ["buildbot.infra.p"])
|
(record "buildbot" 3600 "CNAME" ["buildbot.infra.p"])
|
||||||
|
|
||||||
(record "vpn-gw.wob01.infra" 3600 "AAAA" [ "2a01:584:11::2" ])
|
(record "vpn-gw.wob01.infra" 3600 "AAAA" [ "2a01:584:11::2" ])
|
||||||
|
|
Loading…
Reference in a new issue