@jaspermayone.com's dotfiles
update alastor config
+63
-4
+63
-4
hosts/alastor/configuration.nix
+63
-4
hosts/alastor/configuration.nix
···
151
151
cloudflareCredentialsFile = config.age.secrets.cloudflare-credentials.path;
152
152
};
153
153
154
+
# Tailscale status checker for remote hosts (remus, dippet)
155
+
systemd.services.tailscale-status = {
156
+
description = "Check Tailscale host connectivity for status badges";
157
+
serviceConfig = {
158
+
Type = "oneshot";
159
+
ExecStart = pkgs.writeShellScript "tailscale-status" ''
160
+
STATUS_DIR="/var/lib/status"
161
+
mkdir -p "$STATUS_DIR"
162
+
163
+
for host in remus dippet; do
164
+
if ${pkgs.iputils}/bin/ping -c 1 -W 2 "$host" >/dev/null 2>&1; then
165
+
echo "ok" > "$STATUS_DIR/$host"
166
+
else
167
+
rm -f "$STATUS_DIR/$host"
168
+
fi
169
+
done
170
+
'';
171
+
};
172
+
};
173
+
174
+
systemd.timers.tailscale-status = {
175
+
description = "Check Tailscale hosts every minute";
176
+
wantedBy = [ "timers.target" ];
177
+
timerConfig = {
178
+
OnBootSec = "30s";
179
+
OnUnitActiveSec = "1min";
180
+
};
181
+
};
182
+
154
183
# Tangled Knot server (official module)
155
184
services.tangled.knot = {
156
185
enable = true;
···
206
235
}
207
236
'';
208
237
};
209
-
# Reverse proxy for remus via Tailscale
238
+
# Status endpoint for remus (Tailscale connectivity check)
210
239
virtualHosts."remus.hogwarts.channel" = {
211
240
extraConfig = ''
212
241
tls {
213
242
dns cloudflare {env.CLOUDFLARE_API_TOKEN}
214
243
}
215
-
reverse_proxy remus:80 {
216
-
header_up X-Forwarded-Proto {scheme}
217
-
header_up X-Forwarded-For {remote}
244
+
@status path /status/remus
245
+
handle @status {
246
+
@online file /var/lib/status/remus
247
+
handle @online {
248
+
respond "ok" 200
249
+
}
250
+
handle {
251
+
respond "offline" 503
252
+
}
253
+
}
254
+
handle {
255
+
respond "remus.hogwarts.channel - see /status/remus" 200
256
+
}
257
+
'';
258
+
};
259
+
# Status endpoint for dippet (Tailscale connectivity check)
260
+
virtualHosts."dippet.hogwarts.channel" = {
261
+
extraConfig = ''
262
+
tls {
263
+
dns cloudflare {env.CLOUDFLARE_API_TOKEN}
264
+
}
265
+
@status path /status/dippet
266
+
handle @status {
267
+
@online file /var/lib/status/dippet
268
+
handle @online {
269
+
respond "ok" 200
270
+
}
271
+
handle {
272
+
respond "offline" 503
273
+
}
274
+
}
275
+
handle {
276
+
respond "dippet.hogwarts.channel - see /status/dippet" 200
218
277
}
219
278
'';
220
279
};