mlaga97/mlaga97-nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Various logging and access improvements

Browse source
This commit is contained in:
Lauren Lagarde 2025-08-06 21:37:52 -05:00
parent e697615b41
commit b5e1cbdc03
2 changed files with 58 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

10
systems/fortress/configuration.nix
View file

@ -45,6 +45,16 @@
services.smartd.enable = lib.mkForce false; services.smartd.enable = lib.mkForce false;
services.fail2ban = {
enable = true;
maxretry = 5;
ignoreIP = [
"10.86.84.0/24" # Tinc
"10.13.13.0/24" # Wireguard
];
bantime = "1h";
};
virtualisation.oci-containers.backend = "docker"; virtualisation.oci-containers.backend = "docker";
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
dozzle = { dozzle = {

70
systems/fortress/gatus.nix
View file

@ -30,31 +30,31 @@
}; };
}; };
#maintenance = { maintenance = {
# start = "04:50"; start = "04:50";
# duration = "30m"; duration = "30m";
# timezone = "America/Chicago"; timezone = "America/Chicago";
#}; };
endpoints = [ endpoints = [
{ {
name = "Synapse"; name = "1 - Synapse";
group = "Core Services"; group = "1 - Core Services";
url = "https://matrix.mlaga97.space/_synapse/admin/v1/server_version"; url = "https://matrix.mlaga97.space/_matrix/federation/v1/version";
interval = "30s"; interval = "1m";
conditions = [ conditions = [
"[CONNECTED] == true" "[CONNECTED] == true"
"[STATUS] == 200" "[STATUS] == 200"
"has([BODY].server_version) == true" "has([BODY].server.version) == true"
"[CERTIFICATE_EXPIRATION] > 48h" "[CERTIFICATE_EXPIRATION] > 48h"
]; ];
alerts = [{ type = "discord"; }]; alerts = [{ type = "discord"; }];
} }
{ {
name = "Home Assistant"; name = "2 - Home Assistant";
group = "Core Services"; group = "1 - Core Services";
url = "https://homeassistant.mlaga97.space/api/webhook/-k9lg4u3J3_QLO6avhXNG4KZa"; url = "https://homeassistant.mlaga97.space/api/webhook/-k9lg4u3J3_QLO6avhXNG4KZa";
interval = "30s"; interval = "1m";
conditions = [ conditions = [
"[CONNECTED] == true" "[CONNECTED] == true"
"[STATUS] == 200" "[STATUS] == 200"
@ -63,10 +63,10 @@
alerts = [{ type = "matrix"; }]; alerts = [{ type = "matrix"; }];
} }
{ {
name = "Git"; name = "3 - Git";
group = "Core Services"; group = "1 - Core Services";
url = "https://git.mlaga97.space/api/healthz"; url = "https://git.mlaga97.space/api/healthz";
interval = "30s"; interval = "1m";
conditions = [ conditions = [
"[CONNECTED] == true" "[CONNECTED] == true"
"[STATUS] == 200" "[STATUS] == 200"
@ -76,21 +76,47 @@
alerts = [{ type = "matrix"; }]; alerts = [{ type = "matrix"; }];
} }
{ {
name = "bastion.tinc.mlaga97.space"; name = "1 - bastion.tinc.mlaga97.space";
group = "Hosts"; group = "2 - Hosts";
url = "icmp://10.86.84.105"; url = "icmp://10.86.84.105";
interval = "30s"; interval = "1m";
conditions = [ "[CONNECTED] == true" ]; conditions = [ "[CONNECTED] == true" ];
alerts = [{ type = "matrix"; }]; alerts = [{ type = "matrix"; }];
} }
{ {
name = "blockhouse.tinc.mlaga97.space"; name = "2 - blockhouse.tinc.mlaga97.space";
group = "Hosts"; group = "2 - Hosts";
url = "icmp://10.86.84.104"; url = "icmp://10.86.84.104";
interval = "30s"; interval = "1m";
conditions = [ "[CONNECTED] == true" ]; conditions = [ "[CONNECTED] == true" ];
alerts = [{ type = "matrix"; }]; alerts = [{ type = "matrix"; }];
} }
{
name = "2 - matrix.public.koshkee.com";
group = "3 - Federation";
url = "https://matrix.public.koshkee.com/_matrix/federation/v1/version";
interval = "1h";
conditions = [
"[CONNECTED] == true"
"[STATUS] == 200"
"has([BODY].server.version) == true"
"[CERTIFICATE_EXPIRATION] > 48h"
];
alerts = [{ type = "matrix"; }];
}
{
name = "1 - matrix.mlaga97.space";
group = "3 - Federation";
url = "https://federationtester.matrix.org/api/report?server_name=matrix.mlaga97.space";
interval = "1h";
conditions = [
"[CONNECTED] == true"
"[STATUS] == 200"
"[BODY].FederationOK == true"
"has([BODY].WellKnownResult.result) == false"
];
alerts = [{ type = "matrix"; }];
}
]; ];
}; };
}; };