add monitoring

2026-02-14 13:09:02 +01:00 · 2026-02-14 13:09:02 +01:00 · c8f0058228
commit c8f0058228
parent 7abc7e6c26
2 changed files with 61 additions and 0 deletions
--- a/hosts/monitoring/default.nix
+++ b/hosts/monitoring/default.nix
@ -0,0 +1,42 @@
+{ ... }:
+
+{
+  imports = [
+    ../common.nix
+    ../../services/openssh.nix
+    ../../services/nginx.nix
+    #./nginx.nix
+    #./prometheus.nix
+    #./grafana.nix
+  ];
+
+  networking = {
+    hostName = "monitoring";
+    firewall = {
+      allowedTCPPorts = [
+        80 # HTTP/1
+        443 # HTTP/2
+      ];
+      allowedUDPPorts = [
+        443 # HTTP/3
+      ];
+    };
+  };
+
+  services = {
+    openssh.banner = ''
+                                    __
+                                 __/\ \__                __
+        ___ ___     ___     ___ /\_\ \ ,_\   ___   _ __ /\_\    ___      __
+      /' __` __`\  / __`\ /' _ `\/\ \ \ \/  / __`\/\`'__\/\ \ /' _ `\  /'_ `\
+      /\ \/\ \/\ \/\ \L\ \/\ \/\ \ \ \ \ \_/\ \L\ \ \ \/ \ \ \/\ \/\ \/\ \L\ \
+      \ \_\ \_\ \_\ \____/\ \_\ \_\ \_\ \__\ \____/\ \_\  \ \_\ \_\ \_\ \____ \
+       \/_/\/_/\/_/\/___/  \/_/\/_/\/_/\/__/\/___/  \/_/   \/_/\/_/\/_/\/___L\ \
+                                                                         /\____/
+                                                                         \_/__/
+    '';
+  };
+
+  system.stateVersion = "25.11";
+}
+
--- a/hosts/monitoring/nginx.nix
+++ b/hosts/monitoring/nginx.nix
@ -0,0 +1,19 @@
+{ config, ... }:
+
+{
+  services.nginx.virtualHosts."monitoring.${config.networking.domain}" = {
+    default = true;
+    quic = true;
+    kTLS = true;
+    forceSSL = true;
+    enableACME = true;
+    #basicAuthFile = config.age.secrets.grafana_basic_auth.path;
+    locations = {
+      "/" = {
+        proxyPass = "http://";
+        recommendedProxySettings = true;
+      };
+    };
+  };
+}
+