Use http page as nix input

11th Feb 2025
1 min read
Tags:
nix,
gitea

I needed to keep a list of grafana IPs up-to-date in my fail2ban whitelist config.

Since I use Nix to manage my servers, and since I use flake, I can do that:

{
  description = "System config";
  inputs = {
    # [...]
    grafanaIPs.url = "https://grafana.com/api/hosted-grafana/source-ips.txt";
    grafanaIPs.flake = false;
  };

  outputs = { self
    # [...]
    , grafanaIPs
  }:
  {
    #[...]
    modules = [
        (import ./components/fail2ban.nix
            {
            grafanaIPs = (nixpkgs.lib.strings.splitString "\n" (builtins.readFile grafanaIPs.outPath));
            })
    ];
  }
}

And in my fail2ban.nix config

{ grafanaIPs }: { config, pkgs, ... }: {
  services.fail2ban = {
    enable = true;
    ignoreIP = [
        # [...]
    ] ++ grafanaIPs;
  };
}

So that's nice, they'll be up-to-date everytime I use nix flake update.