From a62f7d123b78070a370e32bf032e0a787b8401f6 Mon Sep 17 00:00:00 2001
From: Tasia Iso <tasiaiso@proton.me>
Date: Sat, 1 Jun 2024 00:29:03 +0200
Subject: [PATCH] enry test

---
 common/components/enry.nix        | 44 +++++++++++++++++++++++++++++++
 flake.nix                         |  2 +-
 hosts/enry/configuration.nix      | 19 ++++++++++---
 hosts/yaseen/configuration.nix    |  3 ++-
 modules/nixos/vedirect-reader.nix |  2 +-
 pkgs/vedirect-reader/default.nix  | 36 +++++--------------------
 sops/secrets/mysecret/secret      | 20 --------------
 sops/secrets/mysecret/users/tasia |  1 -
 sops/users/tasia/key.json         |  4 ---
 9 files changed, 70 insertions(+), 61 deletions(-)
 create mode 100644 common/components/enry.nix
 delete mode 100644 sops/secrets/mysecret/secret
 delete mode 120000 sops/secrets/mysecret/users/tasia
 delete mode 100755 sops/users/tasia/key.json

diff --git a/common/components/enry.nix b/common/components/enry.nix
new file mode 100644
index 0000000..5523815
--- /dev/null
+++ b/common/components/enry.nix
@@ -0,0 +1,44 @@
+{config, ...}: {
+  services.grafana = {
+    enable = true;
+    settings.server = {
+      domain = "grafana.enry";
+      http_port = 2342;
+      http_addr = "0.0.0.0";
+    };
+  };
+
+  services.prometheus = {
+    enable = true;
+    port = 9000;
+    retentionTime = "60d";
+
+    exporters = {
+      node = {
+        enable = true;
+        enabledCollectors = ["systemd"];
+        port = 9002;
+      };
+    };
+
+    scrapeConfigs = [
+      {
+        job_name = "enry";
+        static_configs = [
+          {
+            targets = ["127.0.0.1:${toString config.services.prometheus.exporters.node.port}"];
+          }
+        ];
+      }
+
+      {
+        job_name = "monitor";
+        static_configs = [
+          {
+            targets = ["127.0.0.1:8080"];
+          }
+        ];
+      }
+    ];
+  };
+}
diff --git a/flake.nix b/flake.nix
index f21350b..6aaa0bc 100644
--- a/flake.nix
+++ b/flake.nix
@@ -106,7 +106,7 @@
       };
 
       yaseen = stable.lib.nixosSystem {
-        system = "aarch64-linux";
+        system = "x86_64-linux";
         specialArgs = {inherit inputs outputs;};
         modules = [
           ./hosts/yaseen/configuration.nix
diff --git a/hosts/enry/configuration.nix b/hosts/enry/configuration.nix
index ba0e6e7..7058a1d 100644
--- a/hosts/enry/configuration.nix
+++ b/hosts/enry/configuration.nix
@@ -12,13 +12,24 @@ in {
     ../../common/hardware/raspberry-pi.nix
 
     ../../modules/nixos/vedirect-reader.nix
+
+    ../../common/components/enry.nix
   ];
 
   networking = {
     hostName = "enry";
+
+    firewall = {
+      allowedTCPPorts = [
+        2342
+        8080 # ?
+        9000 
+        9002
+      ];
+    };
   };
 
-  nix.settings.trusted-users = ["root" "@wheel"];
+  nix.settings.trusted-users = ["root" "@wheel"]; # TODO
 
   users.users.tasia = {
     isNormalUser = true;
@@ -31,10 +42,12 @@ in {
   };
 
   environment.systemPackages = with pkgs; [
-    #
+    nodejs
+    vedirect-reader
   ];
 
-  # services.vedirect-reader.enable = true;
+  services.prometheus.enable = true;
+  services.vedirect-reader.enable = true;
 
   # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
   system.stateVersion = "23.11";
diff --git a/hosts/yaseen/configuration.nix b/hosts/yaseen/configuration.nix
index 5885fcc..b8976c4 100644
--- a/hosts/yaseen/configuration.nix
+++ b/hosts/yaseen/configuration.nix
@@ -56,7 +56,7 @@ in {
 
     firewall = {
       allowedTCPPorts = [
-        8080 # ?
+        # 8080 # ?
         8008 # ssb
         12345 # tildefriends
         13378 # audiobookshelf
@@ -94,6 +94,7 @@ in {
 
     osu-lazer-bin
     prismlauncher
+
     # inputs.nixos-conf-editor.packages.${system}.nixos-conf-editor
     # inputs.nix-software-center.packages.${system}.nix-software-center
   ];
diff --git a/modules/nixos/vedirect-reader.nix b/modules/nixos/vedirect-reader.nix
index 63dded0..d32daaa 100644
--- a/modules/nixos/vedirect-reader.nix
+++ b/modules/nixos/vedirect-reader.nix
@@ -24,7 +24,7 @@ in {
   config = mkIf cfg.enable {
     systemd.services.vedirect-reader = {
       wantedBy = ["multi-user.target"];
-      serviceConfig.ExecStart = "${pkgs.node}/bin/node ${pkgs.vedirect-reader}/lib/node_modules/vedirect-reader/main.js";
+      serviceConfig.ExecStart = "${pkgs.nodejs_20}/bin/node ${pkgs.vedirect-reader}/lib/node_modules/vedirect-reader/main.js";
     };
   };
 }
diff --git a/pkgs/vedirect-reader/default.nix b/pkgs/vedirect-reader/default.nix
index 68fecc4..263dc51 100644
--- a/pkgs/vedirect-reader/default.nix
+++ b/pkgs/vedirect-reader/default.nix
@@ -10,38 +10,14 @@ pkgs.buildNpmPackage rec {
     domain = "gitea.com";
     owner = "tasiaiso";
     repo = "vedirect-reader";
-    rev = "1c0497872f3ef9418bb4a1f2cd08d00b86af8f65";
-    hash = "sha256-M27lk04Mwwvgu8fjV+tAAbCkzcB3QJuplOt5k/NQ00I=";
+    rev = "e9d9cdab95ede415496e70698b92cc30010d3f70";
+    hash = "sha256-dJA5ZuQNXWfzzv5qNx680TA2bbJcVCZIqk+vGwsyxas=";
   };
 
-  npmDepsHash = "sha256-oUFinl22QvMZutAY+FwQiAQqrQevObbsLLCNzWnAVxA=";
+  npmDepsHash = "sha256-1wKf4aZwi3iakI11qGiWVeAymUSbe8pFJA5Np/BVACc=";
   dontNpmBuild = true;
 
-  nativeBuildInputs = with pkgs; [
-    # gnumake
-    # openssl
-    # which
-    nodejs
-  ];
-
-  # buildPhase = ''
-  #   make -j $NIX_BUILD_CORES release
-  # '';
-
-  # installPhase = ''
-  #   mkdir -p $out/bin
-
-  #   cp -r out/release/* $out/bin
-  # '';
-
-  # doCheck = false;
-
-  # meta = {
-  #   homepage = "https://tildefriends.net";
-  #   description = "Make apps and friends from the comfort of your web browser.";
-  #   mainProgram = "tildefriends";
-  #   license = with lib.licenses; [mit];
-  #   maintainers = with lib.maintainers; [tasiaiso];
-  #   platforms = lib.platforms.all;
-  # };
+  # nativeBuildInputs = with pkgs; [
+  #   nodejs
+  # ];
 }
diff --git a/sops/secrets/mysecret/secret b/sops/secrets/mysecret/secret
deleted file mode 100644
index cd5a000..0000000
--- a/sops/secrets/mysecret/secret
+++ /dev/null
@@ -1,20 +0,0 @@
-{
-	"data": "ENC[AES256_GCM,data:GNiY,iv:6D2CzReoCzp9th/KDH1QeEhMZq4K3vnPffZfWWmM/tI=,tag:hgt0ODkCVbIsPxTicIzdhQ==,type:str]",
-	"sops": {
-		"kms": null,
-		"gcp_kms": null,
-		"azure_kv": null,
-		"hc_vault": null,
-		"age": [
-			{
-				"recipient": "age18qn7nqkwfywl5qyk2h6vfyxghthtx0f6ytug3367dv76af0cmg4ssrvp92",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBkMkJ4b0dxQmVhTDcydDVJ\nR2d5Rjh6bnZtcURDWnptaHhhMURSVHdJR0NrClhaNFppM1gwVXdTVGF0cC83d0sy\nTjdndFBxK3pPOGg0K2pRUWUxZ3dVcWMKLS0tIDcvUG1FWEs1RVRlRzVZTjdQSnh1\nV2R3UldDUTR6SnJ5QUZDLytEQUJmcjQKlx3821JDpVhWSmOngakGCsxrsgzCy48y\n6HN6ew/FRpX+9GbUMYR5Ib2DhmWpVKmbZTjTO9HRKN7uUDSne2ahAQ==\n-----END AGE ENCRYPTED FILE-----\n"
-			}
-		],
-		"lastmodified": "2024-05-30T18:52:03Z",
-		"mac": "ENC[AES256_GCM,data:ieiVxBWbV5V1/IzlK/+HdonqFahI2JkQx4NwAHv5ll6fPdOZW7h10C3ssbzH8dFmv3qIs83jNcuzWdahhG32FDs2sekc3YXqNJV3GxwPhr7Sny3aHezylV3SU+8Grw4LNZojp8KwTHXV2cp1PtGTkGAltn+6rAXUWyaWAFcSCUs=,iv:y+Oh84tUkcjdoy0m6j1Xpq57JHKPfX9+lAssOrRKxMc=,tag:fBNeemJNjSkZDaiCb9Fwsw==,type:str]",
-		"pgp": null,
-		"unencrypted_suffix": "_unencrypted",
-		"version": "3.8.1"
-	}
-}
\ No newline at end of file
diff --git a/sops/secrets/mysecret/users/tasia b/sops/secrets/mysecret/users/tasia
deleted file mode 120000
index 50be332..0000000
--- a/sops/secrets/mysecret/users/tasia
+++ /dev/null
@@ -1 +0,0 @@
-../../../users/tasia
\ No newline at end of file
diff --git a/sops/users/tasia/key.json b/sops/users/tasia/key.json
deleted file mode 100755
index 1f90d6b..0000000
--- a/sops/users/tasia/key.json
+++ /dev/null
@@ -1,4 +0,0 @@
-{
-  "publickey": "age18qn7nqkwfywl5qyk2h6vfyxghthtx0f6ytug3367dv76af0cmg4ssrvp92",
-  "type": "age"
-}
\ No newline at end of file