nixos-config/machines/renge/services/grafana.nix
Simon Bruder ebfa0ec16a
fuuko: Migrate matrix and monitoring to renge
Sadly, they are so interconnected, that it is not easily possible to
migrate it in smaller steps. It should be refactored to make them more
modularised and independent of each other.
2022-03-25 21:49:08 +01:00

54 lines
1.2 KiB
Nix

{ config, ... }:
let
cfg = config.services.grafana;
in
{
services.grafana = {
enable = true;
# grafana supports sockets, but no permission management (always 660 grafana:grafana)
addr = "127.0.0.1";
port = 3002;
domain = "grafana.sbruder.de";
rootUrl = "https://%(domain)s/";
database = {
type = "postgres";
host = "/run/postgresql";
user = "grafana";
};
provision = {
enable = true;
datasources = [
{
name = "Prometheus";
type = "prometheus";
url = "http://${config.services.prometheus.listenAddress}:${toString config.services.prometheus.port}";
isDefault = true;
}
];
};
analytics.reporting.enable = false;
};
systemd.services.grafana.after = [ "postgresql.service" ];
services.postgresql = {
enable = true;
ensureDatabases = [ cfg.database.name ];
ensureUsers = [
{
name = cfg.database.user;
ensurePermissions = { "DATABASE ${cfg.database.name}" = "ALL PRIVILEGES"; };
}
];
};
services.nginx.virtualHosts."grafana.sbruder.de" = {
enableACME = true;
forceSSL = true;
locations = {
"/".proxyPass = "http://${cfg.addr}:${toString cfg.port}";
};
};
}