hosts/ahmed: Add forsvarsarper

7 files changed, 119 insertions, 0 deletions

diff --git a/hosts/ahmed/configuration.nix b/hosts/ahmed/configuration.nix
index cd36f7a..d6859b3 100644
--- a/hosts/ahmed/configuration.nix
+++ b/hosts/ahmed/configuration.nix
@@ -70,6 +70,8 @@
     useACME = true;
   };
 
+  services.forsvarsarper.enable = true;
+
   # Configure ACME for various HTTPS services.
   security.acme = {
     acceptTerms = true;
diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix
index 0bce684..4651c56 100644
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@@ -13,5 +13,6 @@
     "notifications.linus.onl" = import ./nofitications.linus.onl;
     "git.linus.onl" = import ./git.linus.onl;
     "hellohtml.linus.onl" = import ./hellohtml.linus.onl;
+    forsvarsarper = import ./forsvarsarper;
   };
 }
diff --git a/modules/nixos/forsvarsarper/default.nix b/modules/nixos/forsvarsarper/default.nix
new file mode 100644
index 0000000..c7dfc90
--- /dev/null
+++ b/modules/nixos/forsvarsarper/default.nix
@@ -0,0 +1,67 @@
+# This module defines an on-demand minecraft server service which turns off the
+# server when it's not being used.
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
+  inherit (lib) mkIf mkEnableOption;
+
+  cfg = config.services.forsvarsarper;
+in {
+  options.services.forsvarsarper.enable = mkEnableOption "daily scan for tests";
+
+  config = mkIf cfg.enable {
+    # Create a user to run the server under.
+    users.users.forsvarsarper = {
+      description = "Runs daily scan for tests";
+      group = "forsvarsarper";
+      isSystemUser = true;
+      home = "/srv/forsvarsarper";
+      createHome = true;
+    };
+    users.groups.forsvarsarper = {};
+
+    age.secrets.forsvarsarper-env = {
+      file = ../../../secrets/forsvarsarper.env.age;
+      owner = config.users.users.forsvarsarper.name;
+      group = config.users.users.forsvarsarper.group;
+      mode = "0440";
+    };
+
+    # Create a service which simply runs script. This will be invoked by our timer.
+    systemd.services.forsvarsarper = {
+      serviceConfig = {
+        # We only want to run this once every time the timer triggers it.
+        Type = "oneshot";
+        # Run as the user we created above.
+        User = "forsvarsarper";
+        Group = "forsvarsarper";
+        WorkingDirectory = config.users.users.forsvarsarper.home;
+      };
+      script =
+        let
+          python3' = pkgs.python3.withPackages (ps: [ps.requests]);
+        in
+        ''
+          # Load the secret environment variables.
+          export $(grep -v '^#' ${config.age.secrets.forsvarsarper-env.path} | xargs)
+          # Kick off.
+          exec ${python3'}/bin/python3 ${./script.py}
+        '';
+    };
+
+    # Create a timer to activate our oneshot service.
+    systemd.timers.forsvarsarper = {
+      wantedBy = ["timers.target"];
+      partOf = ["forsvarsarper.service"];
+      after = ["network-online.target"];
+      wants = ["network-online.target"];
+      timerConfig = {
+        OnCalendar = "*-*-* 8:00:00";
+        Unit = "forsvarsarper.service";
+      };
+    };
+  };
+}
diff --git a/modules/nixos/forsvarsarper/script.py b/modules/nixos/forsvarsarper/script.py
new file mode 100644
index 0000000..7f12508
--- /dev/null
+++ b/modules/nixos/forsvarsarper/script.py
@@ -0,0 +1,28 @@
+import requests
+import os
+
+URL = "https://karriere.forsvaret.dk/varnepligt/varnepligten/cybervarnepligt/"
+TARGET_PHRASE = "Der er på nuværende tidspunkt ikke planlagt nogen afprøvninger."
+
+try:
+    response = requests.get(URL);
+    print(f"Forespørgsel til {URL} gav status {response.status_code}")
+except:
+    message = "nejj den er ødelagt"
+else:
+    if TARGET_PHRASE in response.text:
+        message = "der er stadig ikke planlagt nogle afprøvninger"
+    else:
+        message = "noget har ændret sig på siden!!"
+        print(response.text)
+
+token = os.getenv("TOKEN")
+data = {
+   "title": "forsvaret status",
+   "message": message,
+   "url": URL,
+}
+response = requests.post(f"https://notifications.linus.onl/api/send-notification/{token}", json=data)
+print(f"Forespørgsel til at sende notifikation gav status {response.status_code}")
+response.raise_for_status()
+
diff --git a/secrets/forsvarsarper.env.age b/secrets/forsvarsarper.env.age
new file mode 100644
index 0000000..d8d792f
--- /dev/null
+++ b/secrets/forsvarsarper.env.age
@@ -0,0 +1,19 @@
+age-encryption.org/v1
+-> ssh-ed25519 LNzQIA lft36QQABz1Y/djnngaU142yLiruiOdl05MhSafn0Xc
+PweQ3Fr1fLEzMplt2o6iZ4mQM4QV+A04D6Is/giFssw
+-> ssh-rsa 5MROTA
+V3mPp/I9rsha9qX5gZ0oUVWDwELcuFH37kkTlB2zqa4PDuyM+ycVHuEUlawyVZ1Q
+hztVfg9+jEDAy2Ru4w93zJoX6UBbddB3OFv77SVnruo9RqIipPVtEj9k67DUqdsG
+sZsY2alQMpIQ3Bh3MVKHOv2u346F0U66kjsDP1YiDLQ32B9b9nTiLsg62ETUpT2P
+rn3gbUWDMR28uUBpqn4E6yhyJgNYhSqee2o7NiJGvNjZoYNqG0tB+Ozejv/MCcSq
+w3unB/zSkImERdwrVm+BJkzZFX45BTUHWPolznvOGgplz9B9jYjtas7LNJeuJiM3
+gYXTMFlDvTJ+h1pt50YsZMXAXvYDHolDP1UIKUM7wfj45A/JYCEN1PUAQPUt9UrB
+EauXX8BUtAKnHY4e0DQ1/3PvNqAfXk4wn6PUWyGs/tQJQ87baZbEqtIprmPpVYK3
+i7PlsTNodBNoycuu3nQUC7Vd6tGFcKUy6YXdw7EGvvnbMDY7E/Pzy7Lkq85w38fx
+J66dK/hqcpA3mZKvpv13BQ5OfhAYZy3zFASOhLTtAxs49UK6GynO0g7Wk6iFMiob
+K1ZbiSdqZro6TAsiVEATuQ2B6LDk75tlMh6OYYfkvvQ/oR2ipPbveogTrjrnf3/0
+ymCTzAFGyhHIoVFKKuY5M0qa9JV2Q7hoWKSt0qxjDOI
+-> \8P7.-grease
+C5fX1ICqGlw3adRx/8H2e0EjlHsiYV4Hd8rUeTO9B3a9DJ0zuMH7EuK+KXg
+--- wqyKSBvAjvhrpsfQYl+W4JPKQQNWozCLiSdp9mO1HIo
+�\�.,~��+��Z��I���a��>��w����'�Pu��cڏd�T��
\ No newline at end of file
diff --git a/secrets/forsvarsarper.env.example b/secrets/forsvarsarper.env.example
new file mode 100644
index 0000000..8089cc5
--- /dev/null
+++ b/secrets/forsvarsarper.env.example
@@ -0,0 +1 @@
+TOKEN=34c99729832937c
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 3a2e0a5..e50f757 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -6,4 +6,5 @@ let
 in {
   "cloudflare-ddns-token.env.age".publicKeys = publicKeys;
   "duksebot.env.age".publicKeys = publicKeys;
+  "forsvarsarper.env.age".publicKeys = publicKeys;
 }