VEGAS/uptime-kuma: drop

2023-06-05 23:33:09 +02:00 · 2023-06-05 23:33:09 +02:00 · d93f24b53e
commit d93f24b53e
parent 34097c81f1
2 changed files with 0 additions and 80 deletions
--- a/hosts/VEGAS/services/uptime-kuma/default.nix
+++ b/hosts/VEGAS/services/uptime-kuma/default.nix
@ -1,79 +0,0 @@
-{ config, depot, lib, tools, ... }:
-
-let
-  inherit (tools.meta) domain;
-
-  link = config.links.uptime-kuma;
-
-  dataDir = "/srv/storage/private/uptime-kuma";
-in
-
-{
-  links.uptime-kuma.protocol = "http";
-
-  users.users.uptime-kuma = {
-    isSystemUser = true;
-    home = "${dataDir}/.home";
-    group = "uptime-kuma";
-  };
-
-  users.groups.uptime-kuma = {};
-
-  systemd.tmpfiles.rules = [
-    "d '${dataDir}' 0700 uptime-kuma uptime-kuma - -"
-  ];
-
-  systemd.services.uptime-kuma = {
-
-    wantedBy = [ "multi-user.target" ];
-
-    serviceConfig = {
-      User = "uptime-kuma";
-      Group = "uptime-kuma";
-
-      ProtectSystem = "strict";
-      ReadWritePaths = [ dataDir ];
-      ProtectHome = "tmpfs";
-      RestrictAddressFamilies = [
-        "AF_INET"
-        "AF_INET6"
-        "AF_NETLINK"
-      ];
-      NoNewPrivileges = true;
-      PrivateTmp = true;
-      PrivateDevices = true;
-      PrivateUsers = true;
-      LockPersonality = true;
-      SystemCallArchitectures = [ "native" ];
-
-      ProtectClock = true;
-      ProtectControlGroups = true;
-      ProtectHostname = true;
-      ProtectKernelLogs = true;
-      ProtectKernelModules = true;
-      ProtectKernelTunables = true;
-
-      ExecStart = depot.packages.uptime-kuma + /bin/uptime-kuma;
-    };
-
-
-    environment = {
-      NODE_ENV = "production";
-      # immense stupidity: uptime-kuma expects this path to end in a slash
-      DATA_DIR = "${dataDir}/";
-      UPTIME_KUMA_HOST = link.ipv4;
-      UPTIME_KUMA_PORT = link.portStr;
-      UPTIME_KUMA_HIDE_LOG = lib.concatStringsSep "," [
-        "debug_monitor"
-        "info_monitor"
-      ];
-    };
-  };
-
-  services.nginx.virtualHosts."status.${domain}" = lib.recursiveUpdate (tools.nginx.vhosts.proxy link.url) {
-    locations = {
-      "/".proxyWebsockets = true;
-      "=/".return = "302 /status/${builtins.replaceStrings ["."] ["-"] domain}";
-    };
-  };
-}
--- a/hosts/VEGAS/system.nix
+++ b/hosts/VEGAS/system.nix
@ -28,7 +28,6 @@
      ./services/nix/nar-serve.nix
      ./services/reflex
      ./services/sso
-      ./services/uptime-kuma
      ./services/vault
      ./services/warehouse
      ./services/websites