pretense on port 23

2026-01-14 16:55:00 +01:00 · 2024-08-10 14:18:49 +02:00 · 2024-08-10 14:18:49 +02:00 · 7a0503a91c
commit 7a0503a91c
parent 775b85031e
3 changed files with 34 additions and 2 deletions
--- a/newinfra/nix/hive.nix
+++ b/newinfra/nix/hive.nix
@ -14,6 +14,8 @@
      blog = fetchTarball "https://github.com/Noratrieb/nilstrieb.github.io/archive/8162ce0cff29f940507032be6b0692290d73594c.tar.gz";
      slides = fetchTarball "https://github.com/Noratrieb/slides/archive/0401f35c22b124b69447655f0c537badae9e223c.tar.gz";

+      pretense = import (fetchTarball "https://github.com/Noratrieb/pretense/archive/270b01fc1118dfd713c1c41530d1a7d98f04527d.tar.gz");
+
      networkingConfig = {
        dns1 = {
          publicIPv4 = "154.38.163.74";
--- a/newinfra/nix/modules/default/default.nix
+++ b/newinfra/nix/modules/default/default.nix
@ -1,4 +1,4 @@
-{ pkgs, config, name, ... }: {
+{ pkgs, lib, config, name, pretense, ... }: {
  deployment.targetHost = "${config.networking.hostName}.infra.noratrieb.dev";

  imports = [
@ -35,9 +35,28 @@
  };
  system.nixos.distroName = "NixOS (gay 🏳️‍⚧️)";

+  systemd.services.pretense = {
+    description = "pretense connection logger";
+    wantedBy = [ "multi-user.target" ];
+    after = [ "network.target" ];
+    serviceConfig = {
+      DynamicUser = true;
+      ExecStart = "${lib.getExe (pretense {inherit pkgs;})}";
+      AmbientCapabilities = "CAP_NET_BIND_SERVICE";
+      Environment = [
+        "PRETENSE_PORTS=23"
+        "PRETENSE_METRICS_PORT=9150"
+      ];
+    };
+  };
+  networking.firewall.allowedTCPPorts = [ 23 ];
+
  # monitoring

-  networking.firewall.interfaces.wg0.allowedTCPPorts = [ 9100 ];
+  networking.firewall.interfaces.wg0.allowedTCPPorts = [
+    9100 # node exporter
+    9150 # pretense exporter
+  ];
  services.prometheus.exporters = {
    node = {
      enable = true;
--- a/newinfra/nix/modules/prometheus/default.nix
+++ b/newinfra/nix/modules/prometheus/default.nix
@ -51,6 +51,17 @@
          { targets = [ "dns2.local:9433" ]; }
        ];
      }
+      {
+        job_name = "pretense";
+        static_configs = [
+          { targets = [ "dns1.local:9150" ]; }
+          { targets = [ "dns2.local:9150" ]; }
+          { targets = [ "vps1.local:9150" ]; }
+          { targets = [ "vps3.local:9150" ]; }
+          { targets = [ "vps4.local:9150" ]; }
+          { targets = [ "vps5.local:9150" ]; }
+        ];
+      }
    ];
  };