12 changed files with 40 additions and 195 deletions
--- a/home-manager/sajenim/features/cli/default.nix
+++ b/home-manager/sajenim/features/cli/default.nix
@ -15,7 +15,6 @@
    matchBlocks."viridian" = {
      hostname = "192.168.1.102";
      identityFile = "/home/sajenim/.ssh/sajenim_sk";
      port = 62841;
    };
  };
 }
--- a/nixos/common/global/ssh.nix
+++ b/nixos/common/global/ssh.nix
@ -6,9 +6,7 @@
    settings = {
      PermitRootLogin = "no";
      PasswordAuthentication = false;
      AllowUsers = [ "sajenim" ];
    };
    ports = [ 62841 ];
    openFirewall = true;
  };
 }
--- a/nixos/viridian/services/default.nix
+++ b/nixos/viridian/services/default.nix
@ -6,12 +6,8 @@
    ./minecraft
    ./borgbackup.nix
    ./forgejo.nix
-    ./lighttpd.nix
+    ./httpd.nix
    ./mpd.nix
    ./samba.nix
    ./grafana.nix
    ./mysql.nix
    ./prometheus.nix
    ./endlessh-go.nix
  ];
 }
--- a/nixos/viridian/services/endlessh-go.nix
+++ b/nixos/viridian/services/endlessh-go.nix
@ -1,30 +0,0 @@
 { config, ... }:
 {
  services.endlessh-go = {
    enable = true;
    port = 22;  # SSH port
    prometheus = {
      enable = true;
      listenAddress = "127.0.0.1";
      port = 2112; # Prometheus metrics port
    };
    extraOptions = [
      "-interval_ms=1000"
      "-logtostderr"
      "-v=1"
      "-geoip_supplier=ip-api"
    ];
    openFirewall = true;
  };
  services.prometheus.scrapeConfigs = [
    {
      job_name = "endlessh";
      static_configs = [{
        targets = [ "127.0.0.1:${toString config.services.endlessh-go.prometheus.port}" ];
      }];
    }
  ];
 }
--- a/nixos/viridian/services/forgejo.nix
+++ b/nixos/viridian/services/forgejo.nix
@ -1,4 +1,4 @@
-{ config, ... }:
+{ ... }:
 {
  services.forgejo = {
@ -33,7 +33,7 @@
  services.traefik.dynamicConfigOptions.http.services = {
    forgejo.loadBalancer.servers = [
-      { url = "http://127.0.0.1:${toString config.services.forgejo.settings.server.HTTP_PORT}"; }
+      { url = "http://127.0.0.1:3131"; }
    ];
  };
 }
--- a/nixos/viridian/services/grafana.nix
+++ b/nixos/viridian/services/grafana.nix
@ -1,56 +0,0 @@
 { config, ... }:
 {
  # Setup grafana our grafana instance.
  services.grafana = {
    enable = true;
    dataDir = "/srv/services/grafana";
    settings = {
      server = {
        http_addr = "127.0.0.1";
        http_port = 3400;
        domain = "kanto.dev";
        root_url = "https://kanto.dev/grafana/";
        serve_from_sub_path = true;
      };
      database = {
        type = "mysql";
        name = "grafana";
        user = "grafana";
        host = "/var/run/mysqld/mysqld.sock";
      };
    };
  };
  # Setup our database for grafana.
  services.mysql = {
    ensureUsers = [{
      name = "grafana";
      ensurePermissions = {
        "grafana.*" = "ALL PRIVILEGES";
      };
    }];
    ensureDatabases = [ "grafana" ];
  };
  # Setup our traefik router.
  services.traefik.dynamicConfigOptions.http.routers = {
    grafana = {
      rule = "Host(`kanto.dev`)";
      entryPoints = [
        "websecure"
      ];
      middlewares = [
        "admin"
      ];
      service = "grafana";
    };
  };
  # Setup our traefik service.
  services.traefik.dynamicConfigOptions.http.services = {
    grafana.loadBalancer.servers = [
      { url = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}"; }
    ];
  };
 }
--- a/nixos/viridian/services/httpd.nix
+++ b/nixos/viridian/services/httpd.nix
@ -0,0 +1,35 @@
 { ... }:
 {
  services.httpd = {
    enable = true;
    virtualHosts."sajenim.dev" = {
      documentRoot = "/srv/services/httpd/sajenim.dev";
      listen = [{
        ip = "192.168.1.102";
        port = 5624;
      }];
      adminAddr = "its.jassy@pm.me";
    };
  };
  services.traefik.dynamicConfigOptions.http.routers = {
    httpd = {
      rule = "Host(`sajenim.dev`)";
      entryPoints = [
        "websecure"
      ];
      middlewares = [
        "geoblock"
      ];
      service = "httpd";
    };
  };
  services.traefik.dynamicConfigOptions.http.services = {
    httpd.loadBalancer.servers = [
      { url = "http://127.0.0.1:5624"; }
    ];
  };
 }
--- a/nixos/viridian/services/lighttpd.nix
+++ b/nixos/viridian/services/lighttpd.nix
@ -1,29 +0,0 @@
 { config, ... }:
 {
  services.lighttpd = {
    enable = true;
    port = 5624;
    document-root = "/srv/services/websites/sajenim.dev";
  };
  services.traefik.dynamicConfigOptions.http.routers = {
    lighttpd = {
      rule = "Host(`sajenim.dev`)";
      entryPoints = [
        "websecure"
      ];
      middlewares = [
        "geoblock"
      ];
      service = "lighttpd";
    };
  };
  services.traefik.dynamicConfigOptions.http.services = {
    lighttpd.loadBalancer.servers = [
      { url = "http://127.0.0.1:${toString config.services.lighttpd.port}"; }
    ];
  };
 }
--- a/nixos/viridian/services/minecraft/default.nix
+++ b/nixos/viridian/services/minecraft/default.nix
@ -1,4 +1,4 @@
-{ inputs, pkgs, lib, config, ... }:
+{ inputs, pkgs, lib, ... }:
 let
  modpack = pkgs.fetchPackwizModpack rec {
    version = "c9087bf";
@ -90,7 +90,7 @@ in
  services.traefik.dynamicConfigOptions.http.services = {
    minecraft.loadBalancer.servers = [
-      { url = "http://127.0.0.1:${toString config.services.minecraft-servers.servers.kanto.serverProperties.server-port}"; }
+      { url = "http://127.0.0.1:25565"; }
    ];
  };
 }
--- a/nixos/viridian/services/mysql.nix
+++ b/nixos/viridian/services/mysql.nix
@ -1,10 +0,0 @@
 { pkgs, ... }:
 {
  services.mysql = {
    enable = true;
    package = pkgs.mariadb;
    dataDir = "/srv/services/mysql";
  };
 }
--- a/nixos/viridian/services/prometheus.nix
+++ b/nixos/viridian/services/prometheus.nix
@ -1,33 +0,0 @@
 { config, ... }:
 {
  services.prometheus = {
    enable = true;
    port = 9001;  # Port to listen on.
    # Valid in all configuration contexts, defaults for other configuration sections.
    globalConfig = {
      scrape_interval = "15s";
    };
    # Collect specific metrics, format them, and expose them through HTTP endpoints for prometheus to scrape.
    exporters = {
      node = {
        enable = true;
        enabledCollectors = [ "systemd" "processes" ];
        port = 9100;
      };
    };
    # Specify a set of targets and parameters describing how to scrape them.
    scrapeConfigs = [
      {
        job_name = "node";
        static_configs = [{
          targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ];
        }];
      }
    ];
  };
 }
--- a/nixos/viridian/services/traefik/default.nix
+++ b/nixos/viridian/services/traefik/default.nix
@ -89,21 +89,6 @@
            ];
          };
        };
        # Used to expose metrics
        metrics = {
          address = ":8082";
        };
      };
      # Provide metrics for the prometheus backend
      metrics = {
        prometheus = {
          entryPoint = "metrics";
          buckets = [ "0.1" "0.3" "1.2" "5.0" ];
          addEntryPointsLabels = true;
          addRoutersLabels = true;
          addServicesLabels = true;
        };
      };
      # Retrieve certificates from an ACME server
@ -133,16 +118,6 @@
    };
  };
  # Scrape our traefik metrics
  services.prometheus.scrapeConfigs = [
    {
      job_name = "traefik";
      static_configs = [{
        targets = [ "127.0.0.1:8082" ];
      }];
    }
  ];
  # Persist our traefik data & logs
  environment.persistence."/persist" = {
    directories = [