summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorBenedikt Peetz <benedikt.peetz@b-peetz.de>2024-12-25 17:11:40 +0100
committerBenedikt Peetz <benedikt.peetz@b-peetz.de>2024-12-25 17:14:35 +0100
commit706963c3547b42b98e6a92f62aa6c79fd09358ad (patch)
treee03eb19b210b401cd76604945a6d418f0374c9a0
parentfix(modules/impermanence): Don't always persist `/var/log` and `/var/lib/nixos` (diff)
downloadnixos-server-706963c3547b42b98e6a92f62aa6c79fd09358ad.zip
refactor(system/services/rust-motd): Migrate to `by-name`
-rw-r--r--modules/by-name/ru/rust-motd/module.nix92
-rw-r--r--system/services/default.nix1
-rw-r--r--system/services/rust-motd/default.nix91
3 files changed, 92 insertions, 92 deletions
diff --git a/modules/by-name/ru/rust-motd/module.nix b/modules/by-name/ru/rust-motd/module.nix
new file mode 100644
index 0000000..a6998f4
--- /dev/null
+++ b/modules/by-name/ru/rust-motd/module.nix
@@ -0,0 +1,92 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  cfg = config.vhack.rust-motd;
+
+  # List all users that can login
+  pred = n: v: (
+    false # <- just here for neat formatting
+    || v.initialHashedPassword != null
+    || v.initialPassword != null
+    || v.hashedPassword != null
+    || v.hashedPasswordFile != null
+    || v.password != null
+    || v.passwordFile != null
+    || v.openssh.authorizedKeys.keys != []
+    || v.openssh.authorizedKeys.keyFiles != []
+  );
+  userList = builtins.mapAttrs (n: v: 2) (lib.filterAttrs pred config.users.users);
+in {
+  options.vhack.rust-motd = {
+    enable = lib.mkEnableOption "rust-motd";
+  };
+
+  config = lib.mkIf cfg.enable {
+    systemd.services.rust-motd = {
+      path = with pkgs; [
+        bash
+        fail2ban # Needed for rust-motd fail2ban integration
+      ];
+    };
+
+    programs.rust-motd = {
+      enable = true;
+      enableMotdInSSHD = true;
+      refreshInterval = "*:0/5"; # 0/5 means: hour 0 AND all hour wich match (0 + 5 * x) (is the same as: 0, 5, 10, 15, 20)
+
+      # An example is here: https://raw.githubusercontent.com/rust-motd/rust-motd/refs/heads/main/example_config.toml
+      settings = {
+        global = {
+          progress_full_character = "=";
+          progress_empty_character = "-";
+          progress_prefix = "[";
+          progress_suffix = "]";
+          time_format = "%Y-%m-%d %H:%M:%S";
+        };
+
+        banner = {
+          color = "red";
+          command = "${pkgs.hostname}/bin/hostname | ${pkgs.figlet}/bin/figlet -f slant";
+          # if you don't want a dependency on figlet, you can generate your
+          # banner however you want, put it in a file, and then use something like:
+          # command = "cat banner.txt"
+        };
+
+        uptime = {
+          prefix = "Uptime:";
+        };
+
+        # ssl_certificates = {
+        #   sort_method = "manual";
+        #
+        #   certs = {
+        #     "server1.vhack.eu" = "/var/lib/acme/server1.vhack.eu/cert.pem";
+        #     "vhack.eu" = "/var/lib/acme/vhack.eu/cert.pem";
+        #   };
+        # };
+
+        filesystems = {
+          root = "/";
+          persistent = "/srv";
+          store = "/nix";
+          boot = "/boot";
+        };
+
+        memory = {
+          swap_pos = "beside"; # or "below" or "none"
+        };
+
+        fail2_ban = {
+          jails = ["sshd"]; #, "anotherjail"]
+        };
+
+        last_login = userList;
+
+        last_run = {};
+      };
+    };
+  };
+}
diff --git a/system/services/default.nix b/system/services/default.nix
index b8b617e..fc3ccb3 100644
--- a/system/services/default.nix
+++ b/system/services/default.nix
@@ -11,7 +11,6 @@
     ./murmur
     ./nix
     ./restic
-    ./rust-motd
     ./taskserver
   ];
 }
diff --git a/system/services/rust-motd/default.nix b/system/services/rust-motd/default.nix
deleted file mode 100644
index 1a41b32..0000000
--- a/system/services/rust-motd/default.nix
+++ /dev/null
@@ -1,91 +0,0 @@
-{
-  config,
-  pkgs,
-  ...
-}: {
-  systemd.services.rust-motd = {
-    path = builtins.attrValues {
-      inherit
-        (pkgs)
-        bash
-        fail2ban # Needed for rust-motd fail2ban integration
-        ;
-    };
-  };
-  programs.rust-motd = {
-    enable = true;
-    enableMotdInSSHD = true;
-    refreshInterval = "*:0/5"; # 0/5 means: hour 0 AND all hour wich match (0 + 5 * x) (is the same as: 0, 5, 10, 15, 20)
-    settings = {
-      global = {
-        progress_full_character = "=";
-        progress_empty_character = "-";
-        progress_prefix = "[";
-        progress_suffix = "]";
-        time_format = "%Y-%m-%d %H:%M:%S";
-      };
-
-      banner = {
-        color = "red";
-        command = "${pkgs.hostname}/bin/hostname | ${pkgs.figlet}/bin/figlet -f slant";
-        # if you don't want a dependency on figlet, you can generate your
-        # banner however you want, put it in a file, and then use something like:
-        # command = "cat banner.txt"
-      };
-
-      # [weather]
-      # url = "https://wttr.in/New+York,New+York?0"
-      # proxy = "http://proxy:8080"
-
-      # [service_status]
-      # Accounts = "accounts-daemon"
-      # Cron = "cron"
-
-      # [docker_status]
-      # Local containers MUST start with a slash
-      # https://github.com/moby/moby/issues/6705
-      #"/nextcloud-nextcloud-1" = "Nextcloud"
-      #"/nextcloud-nextcloud-mariadb-1" = "Nextcloud Database"
-
-      uptime = {
-        prefix = "Uptime:";
-      };
-
-      # [user_service_status]
-      # gpg-agent = "gpg-agent"
-
-      s_s_l_certs = {
-        sort_method = "manual";
-
-        certs = {
-          "server1.vhack.eu" = "/var/lib/acme/server1.vhack.eu/cert.pem";
-          "vhack.eu" = "/var/lib/acme/vhack.eu/cert.pem";
-        };
-      };
-
-      filesystems = {
-        root = "/";
-        persistent = "/srv";
-        store = "/nix";
-        boot = "/boot";
-      };
-
-      memory = {
-        swap_pos = "beside"; # or "below" or "none"
-      };
-
-      fail2_ban = {
-        jails = ["sshd"]; #, "anotherjail"]
-      };
-
-      last_login = {
-        sils = 2;
-        soispha = 2;
-        nightingale = 2;
-      };
-
-      last_run = {
-      };
-    };
-  };
-}