phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2025-12-25 13:46:59 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

monit: update config

Browse source
This commit is contained in:
Paul-Henri Froidmont 2024-08-26 05:38:10 +02:00
parent 51c5b08985
commit 907575739c
Signed by: phfroidmont
GPG key ID: BE948AFD7E7873BE
2 changed files with 92 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

45
profiles/backend.nix
View file

@ -1,5 +1,15 @@
{ config, lib, pkgs, ... }: {
imports = [ ../environment.nix ../hardware/hcloud.nix ../modules ];
{
config,
lib,
pkgs,
...
}:
{
imports = [
../environment.nix
../hardware/hcloud.nix
../modules
];
sops.secrets = {
borgSshKey = {
@ -13,8 +23,14 @@
services.backup-job = {
enable = true;
repoName = "bk1";
additionalPaths = [ "/var/lib/nextcloud/config" "/var/lib/mastodon" ];
readWritePaths = [ "/nix/var/data/murmur" "/nix/var/data/backup/" ];
additionalPaths = [
"/var/lib/nextcloud/config"
"/var/lib/mastodon"
];
readWritePaths = [
"/nix/var/data/murmur"
"/nix/var/data/backup/"
];
preHook = ''
cp /var/lib/murmur/murmur.sqlite /nix/var/data/murmur/murmur.sqlite
'';
@ -48,7 +64,7 @@
status = 200
request "/api/_health"
with timeout 5 seconds
content = '[{"]Healthy["]:[{}}]'
content = "Healthy"
then alert
'';
};
@ -66,7 +82,9 @@
services.uptime-kuma = {
enable = true;
settings = { PORT = "3001"; };
settings = {
PORT = "3001";
};
};
services.nginx.virtualHosts = {
@ -82,8 +100,7 @@
enableACME = true;
locations."/" = {
proxyPass =
"http://127.0.0.1:${config.services.uptime-kuma.settings.PORT}";
proxyPass = "http://127.0.0.1:${config.services.uptime-kuma.settings.PORT}";
proxyWebsockets = true;
};
};
@ -107,9 +124,15 @@
};
};
networking.firewall.allowedTCPPorts = [ 80 443 64738 ];
networking.firewall.allowedTCPPorts = [
80
443
64738
];
networking.firewall.allowedUDPPorts = [ 64738 ];
networking.firewall.interfaces."eth1".allowedTCPPorts =
[ config.services.prometheus.exporters.node.port 9000 ];
networking.firewall.interfaces."eth1".allowedTCPPorts = [
config.services.prometheus.exporters.node.port
9000
];
}