aynish/helm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
helm/hosts/profiles/monitoring/default.nix
T
Anish Lakhwara d0cde973e7 box zfs
2026-01-19 22:37:30 -08:00

106 lines
2.8 KiB
Nix
Raw Permalink Blame History

{
self,
config,
pkgs,
...
}:
{
age.secrets.nullhex-smtp.file = "${self}/secrets/nullhex-smtp.age";
age.secrets.nullhex-smtp.owner = "grafana";
# grafana configuration
services.grafana = {
enable = true;
settings = {
smtp = {
enabled = true;
password = "$__file{/run/agenix/nullhex-smtp}";
host = "smtp.nullhex.com";
user = "ops@sealight.xyz";
from_address = "ops@sealight.xyz";
};
server = {
domain = "stats.mossnet.lan";
http_addr = "127.0.0.1";
http_port = 2342;
root_url = "http://stats.mossnet.lan/";
};
};
# TODO enable
# provision.alerting.rules.path = "${self}/hosts/profiles/monitoring/alert-rules.yaml";
};
# nginx reverse proxy
# services.nginx.recommendedProxySettings = true; # Needed for new grafana versions
services.nginx.virtualHosts.${config.services.grafana.settings.server.domain} = {
locations."/" = {
proxyPass = "http://127.0.0.1:2342";
proxyWebsockets = true;
};
};
services.postgresql = {
ensureUsers = [
{
name = "grafana";
}
];
};
# Grant grafana user read access to databases for monitoring
systemd.services.postgresql.postStart = pkgs.lib.mkAfter ''
$PSQL -tAc "GRANT CONNECT ON DATABASE wallabag TO grafana" 2>/dev/null || true
$PSQL -tAc "GRANT CONNECT ON DATABASE ulogger TO grafana" 2>/dev/null || true
$PSQL -tAc "GRANT CONNECT ON DATABASE photoprism TO grafana" 2>/dev/null || true
$PSQL -d wallabag -tAc "GRANT SELECT ON ALL TABLES IN SCHEMA public TO grafana" 2>/dev/null || true
$PSQL -d ulogger -tAc "GRANT SELECT ON ALL TABLES IN SCHEMA public TO grafana" 2>/dev/null || true
$PSQL -d photoprism -tAc "GRANT SELECT ON ALL TABLES IN SCHEMA public TO grafana" 2>/dev/null || true
'';
services.prometheus = {
enable = true;
port = 9001;
exporters = {
node = {
enable = true;
enabledCollectors = [ "systemd" ];
port = 9002;
};
dnsmasq = {
enable = false;
port = 9153;
};
};
scrapeConfigs = [
{
job_name = "box";
static_configs = [
{ targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ]; }
];
}
{
job_name = "dns";
static_configs = [
{ targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.dnsmasq.port}" ]; }
];
}
];
};
# services.loki = {
# enable = true;
# configFile = /var/loki-config.yaml;
# };
#systemd.services.promtail = {
# description = "Promtail service for Loki";
# wantedBy = [ "multi-user.target" ];
# serviceConfig = {
# ExecStart = ''
# ${pkgs.grafana-loki}/bin/promtail --config.file ${/var/promtail.yaml}
# '';
# };
#};
}
Reference in New Issue View Git Blame Copy Permalink