Commit 06b89cd
Changed files (9)
hosts
chaser-pardofelis
grafana
modules
hosts
chaser-pardofelis
services
grafana
dashboards
secrets
cache
hosts/chaser-pardofelis/grafana/default.nix
@@ -1,59 +0,0 @@
-{
- myvars,
- config,
- ...
-}: {
- services.grafana = {
- enable = true;
- # See https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#configuration-options
- settings = {
- server = {
- http_addr = "127.0.0.1";
- http_port = 3982;
- protocol = "http";
- domain = "grafana.hpcesia.com";
- serve_from_sub_path = false;
- root_url = "%(protocol)s://%(domain)s:%(http_port)s/";
- read_timeout = "180s";
- enable_gzip = true;
- };
- security = {
- admin_user = myvars.username;
- admin_email = myvars.useremail;
- admin_password = "$__file{${config.sops.secrets."grafana-admin-password".path}}";
- };
- users = {
- allow_sign_up = false;
- default_theme = "dark";
- default_language = "detect";
- };
- };
-
- provision = {
- datasources.settings.datasources = [
- {
- name = "prometheus-pardofelis";
- type = "prometheus";
- access = "proxy";
- url = "http://${config.services.victoriametrics.listenAddress}";
- jsonData = {
- httpMethod = "POST";
- manageAlerts = true;
- prometheusType = "Prometheus";
- prometheusVersion = "2.49.0";
- cacheLevel = "High";
- disableRecordingRules = false;
- incrementalQueryOverlapWindow = "10m";
- };
- }
- ];
- dashboards.settings.providers = [
- {
- name = "Default";
- type = "file";
- options.path = ./dashboards;
- }
- ];
- };
- };
-}
hosts/chaser-pardofelis/caddy.nix
@@ -15,7 +15,6 @@ in {
virtualHosts = let
localAddress = {
atuin = "http://localhost:${builtins.toString config.services.atuin.port}";
- grafana = "http://localhost:${builtins.toString config.services.grafana.settings.server.http_port}";
homepage = "http://localhost:${builtins.toString config.services.homepage-dashboard.listenPort}";
prometheus = "http://${config.services.victoriametrics.listenAddress}";
};
@@ -24,10 +23,6 @@ in {
encode zstd gzip
reverse_proxy ${localAddress.atuin}
'';
- "grafana.hpcesia.com".extraConfig = ''
- encode zstd gzip
- reverse_proxy ${localAddress.grafana}
- '';
"home.hpcesia.com".extraConfig = ''
encode zstd gzip
forward_auth ${localAddress.authelia} {
modules/hosts/chaser-pardofelis/default.nix
@@ -27,6 +27,7 @@
"forgejo"
"forgejo-runner"
"freshrss"
+ "grafana"
"goatcounter"
"gokapi"
"gotosocial"
hosts/chaser-pardofelis/grafana/dashboards/servers/node-exporter-full-1860_rev41.json → modules/services/grafana/dashboards/servers/node-exporter-full-1860_rev41.json
File renamed without changes
hosts/chaser-pardofelis/grafana/dashboards/README.md → modules/services/grafana/dashboards/README.md
File renamed without changes
modules/services/grafana/admin-password.age
Binary file
modules/services/grafana/default.nix
@@ -0,0 +1,78 @@
+{lib, ...}: {
+ flake.modules.nixos."services/grafana" = {config, ...}: {
+ services.grafana = {
+ enable = true;
+ # See https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#configuration-options
+ settings = {
+ server = {
+ http_addr = "127.0.0.1";
+ http_port = 3982;
+ protocol = "http";
+ domain = "grafana.hpcesia.com";
+ serve_from_sub_path = false;
+ root_url = "%(protocol)s://%(domain)s:%(http_port)s/";
+ read_timeout = "180s";
+ enable_gzip = true;
+ };
+ security = {
+ admin_user = "hpcesia";
+ admin_email = "me@hpcesia.com";
+ admin_password = "$__file{${config.vaultix.secrets."grafana-admin-password".path}}";
+ };
+ users = {
+ allow_sign_up = false;
+ default_theme = "dark";
+ default_language = "detect";
+ };
+ };
+
+ provision = {
+ datasources.settings.datasources = [
+ {
+ name = "prometheus-pardofelis";
+ type = "prometheus";
+ access = "proxy";
+ url = "http://${config.services.victoriametrics.listenAddress}";
+ jsonData = {
+ httpMethod = "POST";
+ manageAlerts = true;
+ prometheusType = "Prometheus";
+ prometheusVersion = "2.49.0";
+ cacheLevel = "High";
+ disableRecordingRules = false;
+ incrementalQueryOverlapWindow = "10m";
+ };
+ }
+ ];
+ dashboards.settings.providers = [
+ {
+ name = "Default";
+ type = "file";
+ options.path = ./dashboards;
+ }
+ ];
+ };
+ };
+
+ services.caddy.virtualHosts."grafana.hpcesia.com".extraConfig =
+ lib.mkIf config.services.caddy.enable
+ (let
+ localAddress = "http://localhost:${builtins.toString config.services.grafana.settings.server.http_port}";
+ in ''
+ encode zstd gzip
+ reverse_proxy ${localAddress}
+ '');
+
+ services.restic.backups."${config.networking.hostName}-backup".paths =
+ lib.mkIf
+ (builtins.hasAttr "${config.networking.hostName}-backup" config.services.restic.backups)
+ [config.services.grafana.dataDir];
+
+ vaultix.secrets.grafana-admin-password = {
+ file = ./admin-password.age;
+ owner = "root";
+ group = "grafana";
+ mode = "0440";
+ };
+ };
+}
secrets/cache/pardofelis/3c23c2c5dcb356f09b5ba29eec1c68d191445bae4827e7221472d5112ad4604f
@@ -0,0 +1,8 @@
+age-encryption.org/v1
+-> ssh-ed25519 B1HLiw 7PD60EKkDScNv1SgTlhdibTuafrAfbRAOk6XjNQA6Ww
+IWVLyqUuZZou5qj+n6gu+e1t2Rf6/VK25mjfOCKRI6g
+-> qa-x=\-grease ZITQx`aJ 9ZkH: wWH`E}0 igk~Y-
+3sBsl7yzdw
+--- UCYZW6rxAP6CMHPZjn0UL6wYyey5alA21xbVPVu8WRs
+?4m����ל�U�,�<//�͝�-���L��:�]��ޮoD_J���
+�Z�=������؉
\ No newline at end of file