diff --git a/nixos/celestia/configuration.nix b/nixos/celestia/configuration.nix index 0b9528d..02e91ff 100644 --- a/nixos/celestia/configuration.nix +++ b/nixos/celestia/configuration.nix @@ -2,6 +2,7 @@ config, lib, pkgs, + mypkgs, ... }: let makeVirtualHost = { @@ -78,7 +79,7 @@ in { firewall = { enable = true; - allowedTCPPorts = [22 111 443 2049 4000 4001 4002 20048]; + allowedTCPPorts = [22 111 443 2049 4000 4001 4002 9999 20048]; allowedUDPPorts = [53 111 2049 4000 4001 4002 20048]; }; }; @@ -97,6 +98,7 @@ in { rtl_433 dump1090 rtl-sdr + mypkgs.nixvim ]; users.users."root".openssh.authorizedKeys.keys = [ @@ -258,13 +260,16 @@ in { environmentFiles = [config.sops.secrets."telegraf_api_token".path]; extraConfig = { inputs = { + influxdb_v2_listener = { + service_address = "127.0.0.1:9998"; + }; + prometheus = { urls = [ "http://127.0.0.1:${builtins.toString config.services.prometheus.exporters.zfs.port}" "http://127.0.0.1:${builtins.toString config.services.prometheus.exporters.smartctl.port}" "http://127.0.0.1:${builtins.toString config.services.prometheus.exporters.systemd.port}" "http://127.0.0.1:${builtins.toString config.services.prometheus.exporters.node.port}" - "http://127.0.0.1:8123" ]; }; }; @@ -274,7 +279,7 @@ in { token = "\${TELEGRAF_API_TOKEN}"; organization = "fuckwit.dev"; bucket = "world"; - timeout = "10s"; + timeout = "60s"; }; }; }; @@ -283,56 +288,74 @@ in { nginx = { enable = true; clientMaxBodySize = "500m"; - virtualHosts = makeVirtualHosts [ + virtualHosts = + # Tasmota devices check /health of the influxdb2 server. + # Telegraf does not provide this endpoint so we fake it via nginx + # https://github.com/influxdata/telegraf/issues/16321 { - subdomain = "jdownloader"; - port = 5800; + "influxdb-proxy.fuckwit.dev" = { + listen = [ + { + port = 9999; + addr = "0.0.0.0"; + } + ]; + locations = { + "/health".return = "200 ''"; + "/".proxyPass = "http://127.0.0.1:9998"; + }; + }; } - { - subdomain = "jellyfin"; - port = 8096; - } - { - subdomain = "sonarr"; - port = 8989; - } - { - subdomain = "radarr"; - port = 7878; - } - { - subdomain = "lidarr"; - port = 8686; - } - { - subdomain = "prowlarr"; - port = 9696; - } - { - subdomain = "paperless"; - port = 28981; - } - { - subdomain = "homepage"; - port = 8082; - } - { - subdomain = "photoprism"; - port = 2342; - } - { - subdomain = "immich"; - port = 2283; - } - { - subdomain = "qbittorrent"; - port = 8080; - } - { - subdomain = "shimmie"; - port = 8000; - } - ]; + // makeVirtualHosts [ + { + subdomain = "jdownloader"; + port = 5800; + } + { + subdomain = "jellyfin"; + port = 8096; + } + { + subdomain = "sonarr"; + port = 8989; + } + { + subdomain = "radarr"; + port = 7878; + } + { + subdomain = "lidarr"; + port = 8686; + } + { + subdomain = "prowlarr"; + port = 9696; + } + { + subdomain = "paperless"; + port = 28981; + } + { + subdomain = "homepage"; + port = 8082; + } + { + subdomain = "photoprism"; + port = 2342; + } + { + subdomain = "immich"; + port = 2283; + } + { + subdomain = "qbittorrent"; + port = 8080; + } + { + subdomain = "shimmie"; + port = 8000; + } + ]; }; paperless = { @@ -582,17 +605,17 @@ in { ]; }; - qbittorrent-exporter = { - image = "docker.io/esanchezm/prometheus-qbittorrent-exporter"; - autoStart = true; - networks = ["container:gluetun"]; - dependsOn = ["qbittorrent"]; - environment = { - QBITTORRENT_PORT = "8080"; - QBITTORRENT_HOST = "127.0.0.1"; - EXPORTER_PORT = "8123"; - }; - }; + # qbittorrent-exporter = { + # image = "docker.io/esanchezm/prometheus-qbittorrent-exporter"; + # autoStart = true; + # networks = ["container:gluetun"]; + # dependsOn = ["qbittorrent"]; + # environment = { + # QBITTORRENT_PORT = "8080"; + # QBITTORRENT_HOST = "127.0.0.1"; + # EXPORTER_PORT = "8123"; + # }; + # }; }; }; }; diff --git a/nixos/configurations.nix b/nixos/configurations.nix index 4a1fe81..b8e32b5 100644 --- a/nixos/configurations.nix +++ b/nixos/configurations.nix @@ -4,6 +4,7 @@ sops-nix, lanzaboote, simple-nixos-mailserver, + nixvim, inputs, ... }: let @@ -50,7 +51,7 @@ }: np.lib.nixosSystem { inherit system; - specialArgs = {mypkgs = customPkgs."${system}";}; + specialArgs = {mypkgs = customPkgs."${system}" // { nixvim = nixvim.packages.${system}.default;};}; modules = defaultModules ++ [ diff --git a/nixos/primordial/mail.nix b/nixos/primordial/mail.nix index 192fdb8..6a8fb8b 100644 --- a/nixos/primordial/mail.nix +++ b/nixos/primordial/mail.nix @@ -16,6 +16,7 @@ }; }; - certificateScheme = "acme-nginx"; + certificateScheme = "acme"; + acmeCertificateName = "fuckwit.dev"; }; }