62 lines
1.5 KiB
Nix
62 lines
1.5 KiB
Nix
{ config, ... }:
|
|
let
|
|
cfg = config.services.grafana;
|
|
in
|
|
{
|
|
services.grafana = {
|
|
enable = true;
|
|
settings = {
|
|
server = {
|
|
# grafana supports sockets, but no permission management (always 660 grafana:grafana)
|
|
http_addr = "127.0.0.1";
|
|
http_port = 3002;
|
|
domain = "grafana.sbruder.de";
|
|
rootUrl = "https://%(domain)s/";
|
|
};
|
|
database = {
|
|
type = "postgres";
|
|
host = "/run/postgresql";
|
|
user = "grafana";
|
|
};
|
|
analytics = {
|
|
reporting_enabled = false;
|
|
check_for_updates = false;
|
|
check_for_plugin_updates = false;
|
|
};
|
|
};
|
|
provision = {
|
|
enable = true;
|
|
datasources.settings.datasources = [
|
|
{
|
|
name = "Prometheus";
|
|
type = "prometheus";
|
|
url = "http://${config.services.prometheus.listenAddress}:${toString config.services.prometheus.port}";
|
|
isDefault = true;
|
|
}
|
|
];
|
|
};
|
|
};
|
|
|
|
systemd.services.grafana.after = [ "postgresql.service" ];
|
|
|
|
services.postgresql = {
|
|
enable = true;
|
|
ensureDatabases = [ cfg.settings.database.name ];
|
|
ensureUsers = [
|
|
{
|
|
name = cfg.settings.database.user;
|
|
ensurePermissions = { "DATABASE ${cfg.settings.database.name}" = "ALL PRIVILEGES"; };
|
|
}
|
|
];
|
|
};
|
|
|
|
services.nginx.virtualHosts."grafana.sbruder.de" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
|
|
locations = {
|
|
"/".proxyPass = "http://${cfg.settings.server.http_addr}:${toString cfg.settings.server.http_port}";
|
|
};
|
|
};
|
|
}
|