diff options
author | makefu <github@syntax-fehler.de> | 2015-10-04 18:55:36 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2015-10-04 19:46:26 +0200 |
commit | fad02c8d246fad661b96799aba04a94f0e96fe49 (patch) | |
tree | 57b26f0253e489e5aa7aae7e576a3753426830f5 | |
parent | d768877c3447c5e54c69f386187414bcf51ce0b0 (diff) |
m 3 tinc_graphs: make first working version
-rw-r--r-- | makefu/3modules/tinc_graphs.nix | 69 |
1 files changed, 56 insertions, 13 deletions
diff --git a/makefu/3modules/tinc_graphs.nix b/makefu/3modules/tinc_graphs.nix index fa7f10368..10f1b23a0 100644 --- a/makefu/3modules/tinc_graphs.nix +++ b/makefu/3modules/tinc_graphs.nix @@ -8,16 +8,38 @@ let out = { options.makefu.tinc_graphs = api; - config = mkIf cfg.enable imp; + config = mkIf cfg.enable imp ; }; api = { - enable = mkEnableOption "makefu.tinc_graphs"; + enable = mkEnableOption "tinc graphs"; geodbPath = mkOption { type = types.str; description = "Path to geocitydb, defaults to geolite-legacy"; - default = "${geolite-legacy}/share/GeoIP/GeoIPCity.dat"; + default = "${pkgs.geolite-legacy}/share/GeoIP/GeoIPCity.dat"; + }; + + krebsNginx = { + # configure krebs nginx to serve the new graphs + enable = mkEnableOption "tinc_graphs nginx"; + + hostnames_complete = { + #TODO: this is not a secure way to serve these graphs,better listen to + # the correct interface, krebs.nginx does not support this yet + + type = with types; listOf str; + description = "hostname which serves complete graphs"; + default = config.krebs.build.host.name; + }; + + hostnames_anonymous = { + type = with types; listOf str; + description = '' + hostname which serves anonymous graphs + must be different from hostname_complete + ''; + }; }; workingDir = mkOption { @@ -26,7 +48,7 @@ let Path to working dir, will create interal and external/. Defaults to the new users home dir which defaults to /var/cache/tinc_graphs''; - default = users.extraUsers.tinc_graphs.home; + default = config.users.extraUsers.tinc_graphs.home; }; timerConfig = mkOption { @@ -38,7 +60,7 @@ let }; imp = { - + environment.systemPackages = [ pkgs.tinc_graphs]; systemd.timers.tinc_graphs = { description = "Build Tinc Graphs via via timer"; @@ -48,22 +70,23 @@ let description = "Build Tinc Graphs"; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; + environment = { + EXTERNAL_FOLDER = external_dir; + INTERNAL_FOLDER = internal_dir; + GEODB = cfg.geodbPath; + }; restartIfChanged = true; serviceConfig = { Type = "simple"; - environment = { - EXTERNAL_FOLDER = external_dir; - INTERNAL_FOLDER = internal_dir; - GEODB = cfg.geodbPath; - }; - ExecStartPre = '' + ExecStartPre = pkgs.writeScript "tinc_graphs-init" '' #!/bin/sh - mkdir -p "$EXTERNAL_FOLDER" "$INTERNAL_FOLDER" + mkdir -p "${external_dir}" "${internal_dir}" ''; ExecStart = "${pkgs.tinc_graphs}/bin/all-the-graphs"; - User = "tinc_graphs"; + User = "root"; # tinc cannot be queried as user, + # seems to be a tinc-pre issue privateTmp = true; }; }; @@ -73,6 +96,26 @@ let home = "/var/cache/tinc_graphs"; createHome = true; }; + + krebs.nginx.servers = mkIf cfg.krebsNginx.enable { + tinc_graphs_complete = { + server-names = cfg.krebsNginx.hostnames_complete; + locations = [ + (nameValuePair "/" '' + root ${internal_dir}; + '') + ]; + }; + tinc_graphs_anonymous = { + server-names = cfg.krebsNginx.hostnames_anonymous; + #server-names = [ "dick" ]; + locations = [ + (nameValuePair "/" '' + root ${external_dir}; + '') + ]; + }; + }; }; in |