+2 -2

README.md

reviewed

··· 5 5 ## Status 6 6 7 7 <img src="https://img.shields.io/website?label=alastor&up_color=green&up_message=online&down_message=offline&url=https%3A%2F%2Falastor.hogwarts.channel%2Fstatus%2Falastor"> 8 8 - <img src="https://img.shields.io/website?label=remus&up_color=green&up_message=online&down_message=offline&url=https%3A%2F%2Fremus.hogwarts.channel%2Fstatus%2Fremus"> 9 9 - <img src="https://img.shields.io/website?label=dippet&up_color=green&up_message=online&down_message=offline&url=https%3A%2F%2Fdippet.hogwarts.channel%2Fstatus%2Fdippet"> 8 8 + <img src="https://img.shields.io/website?label=remus&up_color=green&up_message=online&down_message=offline&url=https%3A%2F%2Falastor.hogwarts.channel%2Fstatus%2Fremus"> 9 9 + <img src="https://img.shields.io/website?label=dippet&up_color=green&up_message=online&down_message=offline&url=https%3A%2F%2Falastor.hogwarts.channel%2Fstatus%2Fdippet"> 10 10 11 11 12 12

+1 -71

hosts/alastor/configuration.nix

reviewed

··· 148 148 hostname = "alastor"; 149 149 domain = "alastor.hogwarts.channel"; 150 150 services = [ "frps" "caddy" "tailscaled" "tangled-knot" "atuin-server" ]; 151 151 + remoteHosts = [ "remus" "dippet" ]; 151 152 cloudflareCredentialsFile = config.age.secrets.cloudflare-credentials.path; 152 152 - }; 153 153 - 154 154 - # Tailscale status checker for remote hosts (remus, dippet) 155 155 - systemd.services.tailscale-status = { 156 156 - description = "Check Tailscale host connectivity for status badges"; 157 157 - serviceConfig = { 158 158 - Type = "oneshot"; 159 159 - ExecStart = pkgs.writeShellScript "tailscale-status" '' 160 160 - STATUS_DIR="/var/lib/status" 161 161 - mkdir -p "$STATUS_DIR" 162 162 - 163 163 - for host in remus dippet; do 164 164 - if ${pkgs.iputils}/bin/ping -c 1 -W 2 "$host" >/dev/null 2>&1; then 165 165 - echo "ok" > "$STATUS_DIR/$host" 166 166 - else 167 167 - rm -f "$STATUS_DIR/$host" 168 168 - fi 169 169 - done 170 170 - ''; 171 171 - }; 172 172 - }; 173 173 - 174 174 - systemd.timers.tailscale-status = { 175 175 - description = "Check Tailscale hosts every minute"; 176 176 - wantedBy = [ "timers.target" ]; 177 177 - timerConfig = { 178 178 - OnBootSec = "30s"; 179 179 - OnUnitActiveSec = "1min"; 180 180 - }; 181 153 }; 182 154 183 155 # Tangled Knot server (official module) ··· 232 204 reverse_proxy localhost:5555 { 233 205 header_up X-Forwarded-Proto {scheme} 234 206 header_up X-Forwarded-For {remote} 235 235 - } 236 236 - ''; 237 237 - }; 238 238 - # Status endpoint for remus (Tailscale connectivity check) 239 239 - virtualHosts."remus.hogwarts.channel" = { 240 240 - extraConfig = '' 241 241 - tls { 242 242 - dns cloudflare {env.CLOUDFLARE_API_TOKEN} 243 243 - } 244 244 - @status path /status/remus 245 245 - handle @status { 246 246 - @online file /var/lib/status/remus 247 247 - handle @online { 248 248 - respond "ok" 200 249 249 - } 250 250 - handle { 251 251 - respond "offline" 503 252 252 - } 253 253 - } 254 254 - handle { 255 255 - respond "remus.hogwarts.channel - see /status/remus" 200 256 256 - } 257 257 - ''; 258 258 - }; 259 259 - # Status endpoint for dippet (Tailscale connectivity check) 260 260 - virtualHosts."dippet.hogwarts.channel" = { 261 261 - extraConfig = '' 262 262 - tls { 263 263 - dns cloudflare {env.CLOUDFLARE_API_TOKEN} 264 264 - } 265 265 - @status path /status/dippet 266 266 - handle @status { 267 267 - @online file /var/lib/status/dippet 268 268 - handle @online { 269 269 - respond "ok" 200 270 270 - } 271 271 - handle { 272 272 - respond "offline" 503 273 273 - } 274 274 - } 275 275 - handle { 276 276 - respond "dippet.hogwarts.channel - see /status/dippet" 200 277 207 } 278 208 ''; 279 209 };

+29

modules/status/default.nix

reviewed

··· 24 24 # Always write host status (if this runs, host is up) 25 25 echo "ok" > "$STATUS_DIR/${cfg.hostname}" 26 26 27 27 + # Check remote hosts via ping (Tailscale) 28 28 + ${concatStringsSep "\n" (map (host: '' 29 29 + if ${pkgs.iputils}/bin/ping -c 1 -W 2 ${escapeShellArg host} >/dev/null 2>&1; then 30 30 + echo "ok" > "$STATUS_DIR/${host}" 31 31 + else 32 32 + rm -f "$STATUS_DIR/${host}" 33 33 + fi 34 34 + '') cfg.remoteHosts)} 35 35 + 27 36 # Build services JSON 28 37 SERVICES_JSON="{" 29 38 ${concatStringsSep "\n" (imap0 (i: svc: '' ··· 63 72 type = types.listOf types.str; 64 73 default = []; 65 74 description = "List of systemd services to monitor"; 75 75 + }; 76 76 + 77 77 + remoteHosts = mkOption { 78 78 + type = types.listOf types.str; 79 79 + default = []; 80 80 + description = "List of remote hosts to check via ping (e.g. Tailscale hosts)"; 66 81 }; 67 82 68 83 cloudflareCredentialsFile = mkOption { ··· 129 144 } 130 145 } 131 146 '') cfg.services)} 147 147 + 148 148 + # Remote host status endpoints (Tailscale) 149 149 + ${concatStringsSep "\n" (map (host: '' 150 150 + @status_${host} path /status/${host} 151 151 + handle @status_${host} { 152 152 + @online_${host} file /var/lib/status/${host} 153 153 + handle @online_${host} { 154 154 + respond "ok" 200 155 155 + } 156 156 + handle { 157 157 + respond "offline" 503 158 158 + } 159 159 + } 160 160 + '') cfg.remoteHosts)} 132 161 133 162 # Full status JSON 134 163 @status_json path /status