wiro.world / dotfiles
yep, more dotfiles
fork atom

weird-row-server: add ripe atlas probe

wiro.world fe7b4d7f 15a6f760

verified
nix.yml
+62
+1
hosts/weird-row-server/default.nix
··· 30 30 ./lldap.nix 31 31 ./miniflux.nix 32 32 ./pds.nix 33 + ./ripe-atlas.nix 33 34 ./tailscale.nix 34 35 ./tangled.nix 35 36 ./thelounge.nix
+61
hosts/weird-row-server/ripe-atlas.nix
··· 1 + { 2 + config, 3 + lib, 4 + pkgs, 5 + ... 6 + }: 7 + 8 + { 9 + config = { 10 + local.ports.ripe-atlas-http = 3016; 11 + local.ports.ripe-atlas-telnetd = 3017; 12 + 13 + virtualisation.oci-containers.containers."ripe-atlas" = { 14 + image = "docker.io/jamesits/ripe-atlas:latest"; 15 + 16 + capabilities = { 17 + "NET_RAW" = true; 18 + "KILL" = true; 19 + "SETUID" = true; 20 + "SETGID" = true; 21 + "FOWNER" = true; 22 + "CHOWN" = true; 23 + "DAC_OVERRIDE" = true; 24 + }; 25 + 26 + environment = { 27 + RXTXRPT = "yes"; 28 + HTTP_POST_PORT = config.local.ports.ripe-atlas-http.string; 29 + TELNETD_PORT = config.local.ports.ripe-atlas-telnetd.string; 30 + }; 31 + 32 + volumes = [ 33 + "/etc/ripe-atlas:/etc/ripe-atlas:Z" 34 + "/run/ripe-atlas:/run/ripe-atlas:Z" 35 + "/var/spool/ripe-atlas:/var/spool/ripe-atlas:Z" 36 + ]; 37 + 38 + extraOptions = [ 39 + "--memory=256m" 40 + "--network=host" 41 + ]; 42 + }; 43 + 44 + systemd.services."podman-ripe-atlas" = 45 + let 46 + mkdir = lib.getExe' pkgs.coreutils "mkdir"; 47 + in 48 + 49 + { 50 + preStart = '' 51 + ${mkdir} -p /run/ripe-atlas 52 + ${mkdir} -p /etc/ripe-atlas 53 + ${mkdir} -p /var/spool/ripe-atlas 54 + ''; 55 + serviceConfig = { 56 + Restart = "always"; 57 + RestartSec = "10s"; 58 + }; 59 + }; 60 + }; 61 + }