2021-11-20 01:03:57 +01:00
|
|
|
{ zentralwerk, config, pkgs, lib, modulesPath, ... }:
|
2019-01-17 23:45:26 +01:00
|
|
|
|
2021-11-07 03:39:30 +01:00
|
|
|
let
|
|
|
|
restartServices = [ "grafana" "influxdb" ];
|
|
|
|
in {
|
2020-05-22 18:07:39 +02:00
|
|
|
c3d2.isInHq = false;
|
2022-01-12 01:46:13 +01:00
|
|
|
c3d2.autoUpdate = true;
|
2019-12-03 15:01:10 +01:00
|
|
|
|
2019-12-03 15:20:17 +01:00
|
|
|
services.openssh.enable = true;
|
2021-03-11 16:40:39 +01:00
|
|
|
# noXlibs breaks cairo:
|
|
|
|
environment.noXlibs = false;
|
2019-12-03 15:20:17 +01:00
|
|
|
|
2019-01-17 23:45:26 +01:00
|
|
|
networking.hostName = "grafana";
|
|
|
|
networking.useNetworkd = true;
|
2021-02-22 11:45:12 +01:00
|
|
|
networking.interfaces.eth0.ipv4.addresses = [{
|
|
|
|
address = "172.20.73.43";
|
2021-11-20 01:03:57 +01:00
|
|
|
prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
|
2021-02-22 11:45:12 +01:00
|
|
|
}];
|
2020-05-22 17:56:30 +02:00
|
|
|
networking.defaultGateway = "172.20.73.1";
|
2019-01-17 23:45:26 +01:00
|
|
|
|
2019-12-03 15:20:17 +01:00
|
|
|
# http https influxdb
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 8086 ];
|
2019-01-17 23:45:26 +01:00
|
|
|
# collectd
|
|
|
|
networking.firewall.allowedUDPPorts = [ 25826 ];
|
|
|
|
|
2021-10-11 23:04:05 +02:00
|
|
|
services.nginx = {
|
2019-01-17 23:45:26 +01:00
|
|
|
enable = true;
|
2022-02-22 22:26:49 +01:00
|
|
|
recommendedProxySettings = true;
|
2021-10-11 23:04:05 +02:00
|
|
|
virtualHosts = {
|
|
|
|
"grafana.hq.c3d2.de" = {
|
|
|
|
default = true;
|
|
|
|
enableACME = true;
|
|
|
|
forceSSL = true;
|
|
|
|
locations = { "/".proxyPass = "http://localhost:3000/"; };
|
|
|
|
};
|
|
|
|
};
|
2019-01-17 23:45:26 +01:00
|
|
|
};
|
|
|
|
services.grafana = {
|
|
|
|
enable = true;
|
2022-02-22 21:42:30 +01:00
|
|
|
domain = "grafana.hq.c3d2.de";
|
2019-01-17 23:45:26 +01:00
|
|
|
auth.anonymous = {
|
|
|
|
enable = true;
|
|
|
|
org_name = "Chaos";
|
|
|
|
};
|
2020-05-22 18:34:26 +02:00
|
|
|
users.allowSignUp = false;
|
2019-01-17 23:45:26 +01:00
|
|
|
};
|
2019-12-03 15:20:17 +01:00
|
|
|
services.influxdb = let
|
2022-02-06 01:12:02 +01:00
|
|
|
collectdTypes = pkgs.runCommand "collectd-types" {} ''
|
|
|
|
mkdir -p $out/share/collectd
|
|
|
|
cat ${config.services.collectd.package}/share/collectd/types.db >> $out/share/collectd/types.db
|
|
|
|
echo "stations value:GAUGE:0:U" >> $out/share/collectd/types.db
|
|
|
|
'';
|
2019-12-03 15:20:17 +01:00
|
|
|
in {
|
|
|
|
enable = true;
|
|
|
|
extraConfig = {
|
|
|
|
logging.level = "debug";
|
|
|
|
collectd = [{
|
|
|
|
enabled = true;
|
|
|
|
database = "collectd";
|
|
|
|
typesdb = "${collectdTypes}/share/collectd/types.db";
|
|
|
|
}];
|
|
|
|
};
|
|
|
|
};
|
2021-11-07 03:39:30 +01:00
|
|
|
systemd.services = builtins.foldl' (services: service:
|
|
|
|
services // {
|
|
|
|
"${service}".serviceConfig = {
|
|
|
|
RestartSec = 60;
|
|
|
|
Restart = "always";
|
|
|
|
};
|
|
|
|
}
|
|
|
|
) {} restartServices;
|
2019-01-17 23:45:26 +01:00
|
|
|
|
2022-02-06 23:46:17 +01:00
|
|
|
# TODO: workaround for https://github.com/NixOS/nixpkgs/pull/157931
|
|
|
|
nixpkgs.config.permittedInsecurePackages = [
|
|
|
|
"xen-4.10.4"
|
|
|
|
];
|
|
|
|
|
2019-01-17 23:45:26 +01:00
|
|
|
# This value determines the NixOS release with which your system is to be
|
|
|
|
# compatible, in order to avoid breaking some software such as database
|
|
|
|
# servers. You should change this only after NixOS release notes say you
|
|
|
|
# should.
|
|
|
|
system.stateVersion = "18.09"; # Did you read the comment?
|
|
|
|
}
|