From 959801a1d0837ba84fbbdd81a8ba09f46f2caa6e Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Mon, 4 Jun 2018 12:31:07 +0200 Subject: [PATCH 1/4] =?UTF-8?q?Monitoring=20temp=C3=A9rature=20disques?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- services.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/services.nix b/services.nix index 1e920ef..a40d926 100644 --- a/services.nix +++ b/services.nix @@ -63,6 +63,9 @@ in system = {}; disk = {}; ipmi_sensor = { path = "${pkgs.ipmitool}/bin/ipmitool"; }; + smart = { + path = "${pkgs.writeShellScriptBin "smartctl" "/run/wrappers/bin/sudo ${pkgs.smartmontools}/bin/smartctl $@"}/bin/smartctl"; + }; }; outputs = { influxdb = { database = "telegraf"; urls = [ "http://localhost:8086" ]; }; @@ -73,6 +76,10 @@ in KERNEL=="ipmi*", MODE="660", OWNER="telegraf" ''; + security.sudo.extraRules = [ + { commands = [ { command = "${pkgs.smartmontools}/bin/smartctl"; options = [ "NOPASSWD" ]; } ]; users = [ "telegraf" ]; } + ]; + services.grafana.enable = true; services.grafana.addr = "127.0.0.1"; services.grafana.dataDir = "/var/lib/grafana"; From d70eff72498b2887247d2a942fb3b7806b37cdd5 Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Tue, 5 Jun 2018 14:03:52 +0200 Subject: [PATCH 2/4] Support sockets --- services/haproxy-acme.nix | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/services/haproxy-acme.nix b/services/haproxy-acme.nix index 600bf2f..c7dc7d4 100644 --- a/services/haproxy-acme.nix +++ b/services/haproxy-acme.nix @@ -25,6 +25,7 @@ in type = with types; attrsOf (submodule { options = { ip = mkOption { type = str; description = "IP address"; }; port = mkOption { type = int; description = "Port number"; }; + socket = mkOption { type = str; description = "Emplacement du socket"; default = ""; }; auth = mkOption { type = bool; description = "Enable authentification"; default = false; }; }; }); example = '' @@ -90,7 +91,16 @@ in '' backend ${name}-backend mode http - server ${name} ${value.ip}:${toString value.port} + ${( + if value.socket == "" then + '' + server ${name} ${value.ip}:${toString value.port} + '' + else + '' + server ${name} ${value.socket} + '' + )} ${(if value.auth then ( "\n acl AuthOK_LOUTRE http_auth(LOUTRE)\n" + " http-request auth realm LOUTRE if !AuthOK_LOUTRE\n" From 35525a9cd916737838473934385639b07305ca25 Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Tue, 5 Jun 2018 14:04:19 +0200 Subject: [PATCH 3/4] Supression service calibre --- services.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/services.nix b/services.nix index a40d926..03aab5e 100644 --- a/services.nix +++ b/services.nix @@ -40,7 +40,6 @@ in "riot.${domaine}" = { ip = "127.0.0.1"; port = riot_port; auth = false; }; "matrix.${domaine}" = { ip = "127.0.0.1"; port = 8008; auth = false; }; "organizr.${domaine}" = { ip = "127.0.0.1"; port = organizr_port; auth = true; }; - "calibre.${domaine}" = { ip = "127.0.0.1"; port = 8080; auth = false; }; "pgmanage.${domaine}" = { ip = "127.0.0.1"; port = pgmanage_port; auth = true; }; }; From 685c212f334a1c5d941301eaaa58f38602d5b2ea Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Tue, 5 Jun 2018 14:04:36 +0200 Subject: [PATCH 4/4] Ajout service Gitea --- services.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/services.nix b/services.nix index 03aab5e..6969c88 100644 --- a/services.nix +++ b/services.nix @@ -41,6 +41,7 @@ in "matrix.${domaine}" = { ip = "127.0.0.1"; port = 8008; auth = false; }; "organizr.${domaine}" = { ip = "127.0.0.1"; port = organizr_port; auth = true; }; "pgmanage.${domaine}" = { ip = "127.0.0.1"; port = pgmanage_port; auth = true; }; + "gitea.${domaine}" = { ip = "127.0.0.1"; port = 3001; auth = false; }; }; services.mailserver.enable = true; @@ -242,6 +243,16 @@ in }; }; + services.gitea = { + enable = true; + cookieSecure = true; + httpPort = 3001; + rootUrl = "https://gitea.nyanlout.re/"; + database.type = "postgres"; + database.port = 5432; + database.password = "gitea"; + }; + services.site-musique.enable = true; services.site-musique.port = musique_port; services.site-musique.domaine = "musique.${domaine}";