1 files changed, 87 insertions, 7 deletions
diff --git a/nixos/configuration.nix b/nixos/configuration.nix
index 5d0cef8..5563bce 100644
--- a/nixos/configuration.nix
+++ b/nixos/configuration.nix
@@ -4,25 +4,105 @@
 
 { config, pkgs, ... }:
 
+let my_ssh_pub_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCpDKWgowf2Gl83b7LsLzwpeKteLWeEE+B3ukE23XAiPmrYnD552ufUnYmid4yItWhNRY4SVsLMCfrdQj8+wftVHNXwx+Y559djAYjkm7qmtBFTvUNPSgtHkX4eoLA79nCPXzd69SS3qkqM2oLGaNKJV9lqxUcaTo0KzKOy5wy7oxQau3w5zCN/kHtxU2ktXGKB6oGocfLi87jefelmoruxo604itpduq78cAhd5fcZy/uZLzNTWf1GdLuqy7ep68txfeRknJ3TKpbaAk+YOlv4AvA23nD7V1GAn757fwv6JpiGe6/VvzkrR8YFLA8sA3kC7Ev8QD1dAkK9S0jMuLzRdAtMWezr7SXNHVEFZ1MLXAbECVkqXOkM0toK8F5ulMfY5E40RWKkawZOr6iB+tHa199WphSgjhtm9frywBMBE/3J5i4purOhZHemmmxJyv4fmSKW42toyc+d6lj0fWBFo3QYWSZPOIpsYhAo4jRw+LHlYwJr7bNIPxKEjutSM5sbacM2Om0GYU+SfHnX4+P5GYaSoFY5SfsjWCpSaK98ngKuKHlBuK2oQczhmFJAFQsBQinpoTF63qfzDpUyfmquvOaDtV9GVMn3AsZemVS+yVXWHHT4ZdXYvSsbgujlM/bUyH/eGLBQnkWBU74W2OxusyFkyp8k7zLwxgj0/hfWew== Miguel_User@DESKTOP-4NH8M69";
+
+sometext = "dupa pupa";
+Sometext = "dupa pupa 2";
+defaultIcinga2Const= builtins.readFile "${pkgs.icinga2}/etc/icinga2/constants.conf";
+
+in
+
+
 {
+
   # HARDWARE SCAN RESULTS
   imports =
     [ 
       /etc/nixos/hardware-configuration.nix
     ];
+ 
+  # environment.etc.testfile.text=sometext;
 
   # SYS PACKAGES
-  environment.systemPackages = [pkgs.vim pkgs.openssl pkgs.mc pkgs.highlight];
+  environment.systemPackages = with pkgs; [mc highlight adminer icinga2 monitoring-plugins tmux];
+
+
+#   # compare with nginx etc and publish this shit (along instructions how to run with mariadb+icingaweb2 admin
+  environment.etc = {
+  	"icinga2/features-available".source="${pkgs.icinga2}/etc/icinga2/features-available";
+  	"icinga2/scripts".source="${pkgs.icinga2}/etc/icinga2/scripts";
+  	"icinga2/zones.d".source="${pkgs.icinga2}/etc/icinga2/zones.d";
+  	"icinga2/conf.d".source="${pkgs.icinga2}/etc/icinga2/conf.d";
+  	"icinga2/constants.conf".text=builtins.replaceStrings ["bin"] ["${pkgs.monitoring-plugins}/bin"] defaultIcinga2Const;
+
+#	"${pkgs.icinga2}/etc/icinga2/constants.conf";
+#	security.pam.services.sudo.text = pkgs.lib.mkDefault( pkgs.lib.mkAfter "# hi" );
+
+  	"icinga2/icinga2.conf".source="${pkgs.icinga2}/etc/icinga2/icinga2.conf";
+  	"icinga2/zones.conf".source="${pkgs.icinga2}/etc/icinga2/zones.conf";
+	"icinga2/features-enabled/checker.conf".source="${pkgs.icinga2}/etc/icinga2/features-available/checker.conf";
+	"icinga2/features-enabled/mainlog.conf".source="${pkgs.icinga2}/etc/icinga2/features-available/mainlog.conf";
+	"icinga2/features-enabled/notification.conf".source="${pkgs.icinga2}/etc/icinga2/features-available/notification.conf";
+	"icinga2/features-enabled/ido-mysql.conf".text='' object IdoMysqlConnection "ido-mysql" { user = "icinga", password = "8fg$1%X58G4geX", host = "comet.softwarefools.com", database = "ICINGA_IDO" } '';
+  };
+   systemd.services.icinga2 = {
+     enable = true;
+     description = "Icinga host/service/network monitoring system";
+     #After=postgresql.service mariadb.service carbon-cache.service mysql.service yslog.target
+ 
+     serviceConfig = with pkgs; {
+ 	Type="simple";
+ 	User="icinga2";
+ 	Group="icinga2";
+ 	UMask=0007; #what is this good for?
+ 	ExecStart="${icinga2}/bin/icinga2 daemon -c /etc/icinga2/icinga2.conf";
+ 	ExecReload="${icinga2}/lib/icinga2/safe-reload /usr/lib/icinga2/icinga2";
+ 	PIDFile="/run/icinga2/icinga2.pid";
+ 	RuntimeDirectory="icinga2";
+ 	CacheDirectory="icinga2";
+ 	LogsDirectory="icinga2";
+ 	StateDirectory="icinga2";
+     };
+ 
+     wantedBy=[ "multi-user.target" ];
+   };
 
   # AUTOMATIC uPGRADES
   system.autoUpgrade.enable = true;
   system.autoUpgrade.allowReboot = true;
 
-  # SSH
-  services.openssh.enable = true;
-  services.openssh.permitRootLogin = "yes";
-  services.openssh.passwordAuthentication = false;
-  users.extraUsers.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCpDKWgowf2Gl83b7LsLzwpeKteLWeEE+B3ukE23XAiPmrYnD552ufUnYmid4yItWhNRY4SVsLMCfrdQj8+wftVHNXwx+Y559djAYjkm7qmtBFTvUNPSgtHkX4eoLA79nCPXzd69SS3qkqM2oLGaNKJV9lqxUcaTo0KzKOy5wy7oxQau3w5zCN/kHtxU2ktXGKB6oGocfLi87jefelmoruxo604itpduq78cAhd5fcZy/uZLzNTWf1GdLuqy7ep68txfeRknJ3TKpbaAk+YOlv4AvA23nD7V1GAn757fwv6JpiGe6/VvzkrR8YFLA8sA3kC7Ev8QD1dAkK9S0jMuLzRdAtMWezr7SXNHVEFZ1MLXAbECVkqXOkM0toK8F5ulMfY5E40RWKkawZOr6iB+tHa199WphSgjhtm9frywBMBE/3J5i4purOhZHemmmxJyv4fmSKW42toyc+d6lj0fWBFo3QYWSZPOIpsYhAo4jRw+LHlYwJr7bNIPxKEjutSM5sbacM2Om0GYU+SfHnX4+P5GYaSoFY5SfsjWCpSaK98ngKuKHlBuK2oQczhmFJAFQsBQinpoTF63qfzDpUyfmquvOaDtV9GVMn3AsZemVS+yVXWHHT4ZdXYvSsbgujlM/bUyH/eGLBQnkWBU74W2OxusyFkyp8k7zLwxgj0/hfWew== Miguel_User@DESKTOP-4NH8M69" ];
+  # USERS / GROUPS / SSH
+  services.openssh = {
+	enable = true;
+  	permitRootLogin = "yes";
+  	passwordAuthentication = false;
+  };
+
+  users.mutableUsers = false;
+
+  users.users.miguel = {
+	isNormalUser = true;
+	home = "/home/miguel";
+	description = "Miguel";
+	extraGroups = [ "wheel" "networkmanager" ];
+  	openssh.authorizedKeys.keys = [ my_ssh_pub_key ];
+	uid = 1000;
+  };  
+
+  security.sudo.wheelNeedsPassword = false;
+
+  users.extraUsers.root.openssh.authorizedKeys.keys = [ my_ssh_pub_key ];
+
+  users.groups.icinga2 = {};
+  users.users.icinga2 = {
+        isSystemUser = true;
+	extraGroups = ["icinga2"];
+  };
+
+  # NEOVIM
+  programs.neovim.enable = true;
+  programs.neovim.vimAlias = true;
+  programs.neovim.viAlias = true;
 
   # MARIADB
   services.mysql.enable = true;
@@ -38,7 +118,7 @@
   services.gitolite.extraGitoliteRc = "$RC{UMASK} = 0027;
 				       push( @{$RC{ENABLE}}, 'D' );
 		                      "; 
-  services.gitolite.adminPubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCpDKWgowf2Gl83b7LsLzwpeKteLWeEE+B3ukE23XAiPmrYnD552ufUnYmid4yItWhNRY4SVsLMCfrdQj8+wftVHNXwx+Y559djAYjkm7qmtBFTvUNPSgtHkX4eoLA79nCPXzd69SS3qkqM2oLGaNKJV9lqxUcaTo0KzKOy5wy7oxQau3w5zCN/kHtxU2ktXGKB6oGocfLi87jefelmoruxo604itpduq78cAhd5fcZy/uZLzNTWf1GdLuqy7ep68txfeRknJ3TKpbaAk+YOlv4AvA23nD7V1GAn757fwv6JpiGe6/VvzkrR8YFLA8sA3kC7Ev8QD1dAkK9S0jMuLzRdAtMWezr7SXNHVEFZ1MLXAbECVkqXOkM0toK8F5ulMfY5E40RWKkawZOr6iB+tHa199WphSgjhtm9frywBMBE/3J5i4purOhZHemmmxJyv4fmSKW42toyc+d6lj0fWBFo3QYWSZPOIpsYhAo4jRw+LHlYwJr7bNIPxKEjutSM5sbacM2Om0GYU+SfHnX4+P5GYaSoFY5SfsjWCpSaK98ngKuKHlBuK2oQczhmFJAFQsBQinpoTF63qfzDpUyfmquvOaDtV9GVMn3AsZemVS+yVXWHHT4ZdXYvSsbgujlM/bUyH/eGLBQnkWBU74W2OxusyFkyp8k7zLwxgj0/hfWew== Miguel_User@DESKTOP-4NH8M69";
+  services.gitolite.adminPubkey = my_ssh_pub_key;
 
   # GITWEB
   services.gitweb.projectroot = "/var/lib/gitolite/repositories";