simono41/chaos-jetzt-nixfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix monitoring firewall rules for hamilton

Browse source 
Only relevant until #29 is merged
This commit is contained in:
Moritz 'e1mo' Fromm 2023-08-31 22:03:41 +02:00
parent 1f168fe646
commit 9c44d7d0fe
No known key found for this signature in database
GPG key ID: 1D5D79A439E787F1
1 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
services/monitoring/default.nix
View file

@ -8,6 +8,11 @@
inherit (lib) escapeRegex; inherit (lib) escapeRegex;
inherit (config.networking) fqdn hostName; inherit (config.networking) fqdn hostName;
# Absolute hack until https://github.com/chaos-jetzt/chaos-jetzt-nixfiles/pull/29 is merged
# But needed for us to have a working monitoring on our main matrix server (kinda important)
# FIXME: Remove when #29 is merged
monIf = if config.networking.hostName == "hamilton" then "enp7s0" else "ens10";
# Basically a manual list of (legacy) hosts not yet migrated to NixOS # Basically a manual list of (legacy) hosts not yet migrated to NixOS
# but on which we'd like to have included in the monitoring. # but on which we'd like to have included in the monitoring.
externalTargets = let externalTargets = let
@ -124,7 +129,7 @@ in {
]; ];
}; };
networking.firewall.interfaces.ens10.allowedTCPPorts = let networking.firewall.interfaces.${monIf}.allowedTCPPorts = let
inherit (config.services) prometheus; inherit (config.services) prometheus;
ifEnabled = x: lib.optional x.enable x.port; ifEnabled = x: lib.optional x.enable x.port;
in ( in (