diff --git a/hosts/caddy/default.nix b/hosts/caddy/default.nix index dea75b5..230fcea 100644 --- a/hosts/caddy/default.nix +++ b/hosts/caddy/default.nix @@ -118,6 +118,12 @@ in host = p.hosts.metrics; }; }; + + uptime-kuma.proxy = { + enable = true; + domain = p.domains.public; + host = p.hosts.portainer; + }; }; networking = { diff --git a/hosts/portainer/default.nix b/hosts/portainer/default.nix index e72deef..a1bdd38 100644 --- a/hosts/portainer/default.nix +++ b/hosts/portainer/default.nix @@ -16,6 +16,9 @@ in commons.enable = true; lxc-standard.enable = true; }; + + monitoring.uptime-kuma.enable = true; + virtualisation = { proxmox.enable = true; portainer = { diff --git a/modules/monitoring/uptime-kuma.nix b/modules/monitoring/uptime-kuma.nix index b615b6a..9095a42 100644 --- a/modules/monitoring/uptime-kuma.nix +++ b/modules/monitoring/uptime-kuma.nix @@ -24,6 +24,14 @@ in ''; }; + subdomain = lib.mkOption { + default = "up"; + type = lib.types.str; + description = '' + The subdomain where Prometheus is reachable + ''; + }; + host = lib.mkOption { default = "localhost"; type = lib.types.str; @@ -41,17 +49,23 @@ in services.uptime-kuma = { enable = true; settings = { - HOST = "::"; + HOST = "0.0.0.0"; PORT = toString port; }; }; + systemd.services.uptime-kuma.serviceConfig = { + SupplementaryGroups = "docker"; + }; + + networking.firewall.allowedTCPPorts = [ port ]; + }) (lib.mkIf cfg.proxy.enable { services.caddy = with cfg.proxy; { - virtualHosts."up.${domain}".extraConfig = '' - reverse_proxy http://${host}:${port} + virtualHosts."${subdomain}.${domain}".extraConfig = '' + reverse_proxy http://${host}:${toString port} import cloudflare_${domain} ''; };