Start migrating config to NixOS modules

2025-12-25 05:36:59 +01:00 · 2022-09-16 01:29:46 +02:00 · 2022-09-16 01:29:46 +02:00 · c0d929be0b
commit c0d929be0b
parent c1211cb4e5
11 changed files with 283 additions and 183 deletions
--- a/modules/monit.nix
+++ b/modules/monit.nix
@ -0,0 +1,61 @@
+{ config, lib, pkgs, ... }:
+with lib;
+let
+  cfg = config.custom.services.monit;
+in
+{
+  options.custom.services.monit = {
+    enable = mkEnableOption "monit";
+
+    additionalConfig = mkOption {
+      type = types.lines;
+      default = "";
+    };
+  };
+
+  config = {
+
+    sops.secrets = {
+      monitMailserverConfig = {
+        owner = config.services.borgbackup.jobs.data.user;
+        key = "monit/mailserver_config";
+      };
+    };
+
+    services.monit = {
+      enable = true;
+      config = ''
+        set daemon 30
+          with start delay 90
+
+        set httpd
+          port 2812
+          use address 127.0.0.1
+          allow localhost
+
+        set ssl {
+          verify     : enable,
+        }
+
+        include ${config.sops.secrets.monitMailserverConfig.path}
+
+        set mail-format { from: monit@banditlair.com }
+        set alert alerts@banditlair.com with reminder on 120 cycles
+
+        check system $HOST
+          if cpu usage > 95% for 10 cycles then alert
+          if memory usage > 75% for 5 times within 15 cycles then alert
+          if swap usage > 25% then alert
+
+        check filesystem root with path /
+          if SPACE usage > 90% then alert
+
+        check file daily-backup-done with path /nix/var/data/backup/backup-ok
+          if changed timestamp then alert
+          if timestamp > 26 hours then alert
+        
+        ${cfg.additionalConfig}
+      '';
+    };
+  };
+}