44 lines
1.1 KiB
Nix
44 lines
1.1 KiB
Nix
{ config, ... }:
|
|
let
|
|
root_host = "grimmauld.de";
|
|
grafana_host = "grafana.${root_host}";
|
|
grafana_port = 8082;
|
|
in {
|
|
age.secrets.grafana_admin_pass = {
|
|
file = ../secrets/grafana_admin_pass.age;
|
|
owner = "grafana";
|
|
group = "grafana";
|
|
mode = "0600";
|
|
};
|
|
|
|
security.acme.certs."${root_host}".extraDomainNames = [ grafana_host ];
|
|
services.grafana = {
|
|
enable = true;
|
|
settings = {
|
|
security = {
|
|
admin_user = "admin";
|
|
admin_email = "admin@${root_host}";
|
|
admin_password = "$__file{${config.age.secrets.grafana_admin_pass.path}}";
|
|
};
|
|
server = {
|
|
domain = grafana_host;
|
|
root_url = "https://${grafana_host}";
|
|
http_port = grafana_port;
|
|
};
|
|
};
|
|
};
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
virtualHosts."${grafana_host}" = {
|
|
serverName = grafana_host;
|
|
forceSSL = true;
|
|
useACMEHost = root_host;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:${builtins.toString config.services.grafana.settings.server.http_port}";
|
|
proxyWebsockets = true;
|
|
};
|
|
};
|
|
};
|
|
}
|