Set up admins + DNS for hookshot
This commit is contained in:
parent
ae4bc2550e
commit
814d604ac8
|
@ -25,7 +25,12 @@
|
|||
bagel.services.loki.enable = true;
|
||||
bagel.services.grafana.enable = true;
|
||||
bagel.services.grapevine.enable = true;
|
||||
bagel.services.hookshot.enable = true;
|
||||
bagel.services.hookshot = {
|
||||
enable = true;
|
||||
admins = [
|
||||
"@k900:0upti.me"
|
||||
];
|
||||
};
|
||||
|
||||
i18n.defaultLocale = "fr_FR.UTF-8";
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
}:
|
||||
let
|
||||
cfg = config.bagel.services.hookshot;
|
||||
inherit (lib) mkEnableOption mkIf mkOption;
|
||||
inherit (lib) mkEnableOption mkIf mkOption types;
|
||||
keyPath = "/var/lib/matrix-hookshot/key.pem";
|
||||
in
|
||||
{
|
||||
|
@ -16,6 +16,10 @@ in
|
|||
description = "Settings";
|
||||
type = (pkgs.formats.yaml { }).type;
|
||||
};
|
||||
admins = mkOption {
|
||||
description = "List of admin MXIDs";
|
||||
type = types.listOf types.str;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
@ -55,6 +59,19 @@ in
|
|||
enabled = true;
|
||||
urlPrefix = "https://alerts.forkos.org/webhook";
|
||||
};
|
||||
permissions = map (mxid: {
|
||||
actor = mxid;
|
||||
services = [{
|
||||
service = "*";
|
||||
level = "admin";
|
||||
}];
|
||||
}) cfg.admins;
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."alerts.forkos.org" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/".proxyPass = "http://127.0.0.1:9994";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -80,6 +80,7 @@ in
|
|||
(record "loki" 3600 "CNAME" ["meta01.infra.p"])
|
||||
(record "mimir" 3600 "CNAME" ["meta01.infra.p"])
|
||||
(record "matrix" 3600 "CNAME" ["meta01.infra.p"])
|
||||
(record "alerts" 3600 "CNAME" ["meta01.infra.p"])
|
||||
(record "buildbot" 3600 "CNAME" ["buildbot.infra.p"])
|
||||
|
||||
(record "vpn-gw.wob01.infra" 3600 "AAAA" [ "2a01:584:11::2" ])
|
||||
|
|
Loading…
Reference in a new issue