diff options
-rw-r--r-- | common/headless.nix | 2 | ||||
-rw-r--r-- | flora/services/monit.nix | 39 |
2 files changed, 36 insertions, 5 deletions
diff --git a/common/headless.nix b/common/headless.nix index eff3b1f..14181ef 100644 --- a/common/headless.nix +++ b/common/headless.nix @@ -9,7 +9,7 @@ nix.gc = { automatic = lib.mkDefault true; - options = lib.mkDefault "--delete-older-than 1w"; + options = lib.mkDefault "--delete-older-than 14d"; }; users.users.root.openssh.authorizedKeys.keys = [ diff --git a/flora/services/monit.nix b/flora/services/monit.nix index c8f7b3f..28a0503 100644 --- a/flora/services/monit.nix +++ b/flora/services/monit.nix @@ -15,18 +15,49 @@ localhost port 2525 - set httpd port 2812 and use address localhost + set httpd port 2812 address localhost allow localhost - allow admin:obwjoawijerfoijsiwfj29jf2f2jd check filesystem root with path / if space usage > 80% then alert if inode usage > 80% then alert check host stuebinm.eu with address stuebinm.eu - if failed - port 443 protocol https + if failed port 443 with protocol https then alert + + check host akkoma with address pleroma.stuebinm.eu + if failed port 443 with protocol https + then alert + + check host murmur with address meow.noms.ing + if failed port 64738 of type tcp using ssl with expect "NixOS" + then alert + + check process sshd with pidfile /var/run/sshd.pid + start program "${pkgs.systemd}/bin/systemctl start sshd" + stop program "${pkgs.systemd}/bin/systemctl stop sshd" + if failed port 22 protocol ssh for 2 cycles then restart + + check process postfix with pidfile /var/lib/postfix/queue/pid/master.pid + start program = "${pkgs.systemd}/bin/systemctl start postfix" + stop program = "${pkgs.systemd}/bin/systemctl stop postfix" + if failed port 25 protocol smtp for 5 cycles then restart + + check process dovecot with pidfile /var/run/dovecot2/master.pid + start program = "${pkgs.systemd}/bin/systemctl start dovecot2" + stop program = "${pkgs.systemd}/bin/systemctl stop dovecot2" + if failed host mail.stuebinm.eu port 993 type tcpssl sslauto protocol imap for 5 cycles then restart + + check host bahnhof.name with address bahnhof.name + if failed port 443 with protocol https + then alert + + set mail-format { + subject: $SERVICE: $EVENT + message: Action: $ACTION $SERVICE: $DESCRIPTION. + ($DATE) + } ''; }; } |