From 193d89b33764d97adbb02b2a1c34262d4efbd276 Mon Sep 17 00:00:00 2001
From: teidesu <alina@tei.su>
Date: Sat, 24 Aug 2024 21:26:38 +0300
Subject: [PATCH] feat(madoka): uptime-kuma

---
 hosts/madohomu/common.nix               |   3 ++
 hosts/madohomu/madoka.nix               |   1 +
 hosts/madohomu/services/uptime-kuma.nix |  40 ++++++++++++++++++++++++
 secrets/madohomu-cf-token.age           | Bin 0 -> 427 bytes
 4 files changed, 44 insertions(+)
 create mode 100644 hosts/madohomu/services/uptime-kuma.nix
 create mode 100644 secrets/madohomu-cf-token.age

diff --git a/hosts/madohomu/common.nix b/hosts/madohomu/common.nix
index 7c86e42..28903bf 100644
--- a/hosts/madohomu/common.nix
+++ b/hosts/madohomu/common.nix
@@ -20,6 +20,9 @@
   users.users.root.openssh.authorizedKeys.keyFiles = [
     (abs "ssh/teidesu.pub")
   ];
+
+  virtualisation.docker.enable = true;
+  virtualisation.oci-containers.backend = "docker";
   
   system.stateVersion = "23.11";
 }
\ No newline at end of file
diff --git a/hosts/madohomu/madoka.nix b/hosts/madohomu/madoka.nix
index bf94d64..77609b2 100644
--- a/hosts/madohomu/madoka.nix
+++ b/hosts/madohomu/madoka.nix
@@ -3,6 +3,7 @@
 {
   imports = [
     ./common.nix
+    ./services/uptime-kuma.nix
   ];
   
   networking.hostName = "madoka";
diff --git a/hosts/madohomu/services/uptime-kuma.nix b/hosts/madohomu/services/uptime-kuma.nix
new file mode 100644
index 0000000..f003821
--- /dev/null
+++ b/hosts/madohomu/services/uptime-kuma.nix
@@ -0,0 +1,40 @@
+{ abs, config, ... }:
+
+let 
+  secrets = import (abs "lib/secrets.nix");
+
+  UID = 1100;
+in {
+  # we use cf tunnels because 443 port is used by the proxy,
+  # and it's also generally easier
+  imports = [
+    (secrets.declare [{
+      name = "madohomu-cf-token";
+      owner = "uptime-kuma";
+    }])
+  ];
+
+  users.users.uptime-kuma = {
+    isNormalUser = true;
+    uid = UID;
+  };
+  users.groups.uptime-kuma = {};
+
+  virtualisation.oci-containers.containers.uptime-kuma = {
+    image = "louislam/uptime-kuma:1.23.13-debian";
+    volumes = [
+      "/srv/uptime-kuma:/app/data"
+    ];
+    environment = {
+      PUID = builtins.toString UID;
+      PGID = builtins.toString UID;
+    };
+    environmentFiles = [
+      (secrets.file config "madohomu-cf-token")
+    ];
+  };
+
+  systemd.tmpfiles.rules = [
+    "d /srv/uptime-kuma 0700 ${builtins.toString UID} ${builtins.toString UID} -"
+  ];
+}
\ No newline at end of file
diff --git a/secrets/madohomu-cf-token.age b/secrets/madohomu-cf-token.age
new file mode 100644
index 0000000000000000000000000000000000000000..a83682beec1d5b0265940e2b4f94d2290ea1d270
GIT binary patch
literal 427
zcmV;c0aX5BXJsvAZewzJaCB*JZZ2<fXD@a!3N1b$b8~1dWn?lnH8D9Lb80v^Sa%>d
zQb#jIcsW{gbT4x?LNrNJYhz7wcx-D*W^q?SR#0zFN<mCmYIa9rcxMV_a&1;hYcpd*
za(ZerGdXy0Sua9FP-0J1WLRTiYeiRVWp8&$V@)<kYHJEDEiE7`VK-<{Gi^&!WHBpp
zQ*Bo=R!~k*F;;j+V^3yJK~`vXH!w*}V?j<tIByDQyBD{)(oCIhuW?WxE!8j$ekvhd
zV5TvsWQKJA;-Ieptaq_kfN?fCD;PN&%4evB?P7Dpu04qM+-jO-7+bd@cGAu;!Mt-U
zx*Q@6LBItQUL2EO_Ja}m(qa;sPMpIJ=&^-&p>U_xp&s)hn6#s))46=SD&|h4hxXcz
zx?N1$AD|)yTEgPm&p!QS<*h)<Gl-I+(UuD2A>ajkFzUDwARl_ViKQfbO&6PWP&CnW
zfaRO(65U2N*hrapB>5WhS~n@M1Gyyq6KkJDF7P6xKFWW#4zU9%VSl0%p@zx(X2M{K
VPCmS8$DXh&E8(2WB8(bT-G<^kvWNfx

literal 0
HcmV?d00001