aboutsummaryrefslogtreecommitdiffstats
path: root/modules/by-name/sy/system-info
diff options
context:
space:
mode:
Diffstat (limited to 'modules/by-name/sy/system-info')
-rw-r--r--modules/by-name/sy/system-info/module.nix68
1 files changed, 68 insertions, 0 deletions
diff --git a/modules/by-name/sy/system-info/module.nix b/modules/by-name/sy/system-info/module.nix
new file mode 100644
index 0000000..de75e29
--- /dev/null
+++ b/modules/by-name/sy/system-info/module.nix
@@ -0,0 +1,68 @@
+{
+ lib,
+ config,
+ pkgs,
+ ...
+}: let
+ mkVirtualHostDisplay = name: value: let
+ aliases =
+ if value.serverAliases != []
+ then
+ ": "
+ + builtins.concatStringsSep " " value.serverAliases
+ else "";
+ in ''
+ ${name}${aliases}
+ '';
+ vHosts = builtins.concatStringsSep "" (builtins.attrValues (builtins.mapAttrs mkVirtualHostDisplay config.services.nginx.virtualHosts));
+
+ mkOpenPortDisplay = mode: port: let
+ checkEnabled = service: name:
+ if config.vhack.${service}.enable
+ then name
+ else "<port is '${name}' but service 'vhack.${service}' is not enabled.>";
+ mappings = {
+ "22" = checkEnabled "openssh" "ssh";
+ "80" = checkEnabled "nginx" "http";
+ "443" = checkEnabled "nginx" "https";
+
+ "24" = checkEnabled "mail" "mail-lmtp";
+ "465" = checkEnabled "mail" "mail-smtp-tls";
+ "25" = checkEnabled "mail" "mail-smtp";
+ "993" = checkEnabled "mail" "mail-imap-tls";
+ "995" = checkEnabled "mail" "mail-pop3-tls";
+
+ # TODO(@bpeetz): Check which service opens these ports: <2025-01-28>
+ "64738" = "???";
+ };
+ in ''
+ ${mode} ${builtins.toString port}: ${mappings.${builtins.toString port}}
+ '';
+
+ # TODO(@bpeetz): This should probably also include the allowed TCP/UDP port ranges. <2025-01-28>
+ openTCPPorts = builtins.concatStringsSep "" (builtins.map (mkOpenPortDisplay "TCP") config.networking.firewall.allowedTCPPorts);
+ openUDPPorts = builtins.concatStringsSep "" (builtins.map (mkOpenPortDisplay "UDP") config.networking.firewall.allowedUDPPorts);
+
+ markdown = pkgs.writeText "${config.networking.hostName}-system-info.md" ''
+ ## Virtual Hosts
+ ${vHosts}
+ ## Open ports
+ ${openTCPPorts}
+ ${openUDPPorts}
+ '';
+in {
+ options.vhack.system-info = {
+ markdown = lib.mkOption {
+ type = lib.types.package;
+ description = ''
+ A derivation, that builds a markdown file, showing relevant system
+ information for this host.
+ '';
+ readOnly = true;
+ };
+ };
+
+ config.vhack.system-info = {
+ inherit markdown;
+ };
+}
generated by cgit v1.3.1 (git 2.54.0) at 2026-05-31 10:06:36 +0000