From 003e37582c7ca50889a8b8b86ced8daca7443ac1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Mon, 19 Dec 2022 23:36:57 +0100 Subject: [PATCH] Format --- hosts/grafana/default.nix | 184 ++++++++++++++++++++------------------ 1 file changed, 98 insertions(+), 86 deletions(-) diff --git a/hosts/grafana/default.nix b/hosts/grafana/default.nix index a6a3d0cf..bedcf7de 100644 --- a/hosts/grafana/default.nix +++ b/hosts/grafana/default.nix @@ -7,94 +7,89 @@ isInHq = false; }; - networking.hostName = "grafana"; - - # http https influxdb - networking.firewall.allowedTCPPorts = [ 80 443 8086 ]; - # collectd - networking.firewall.allowedUDPPorts = [ 25826 ]; - - services.nginx = { - enable = true; - virtualHosts = { - "grafana.hq.c3d2.de" = { - default = true; - enableACME = true; - forceSSL = true; - locations = { "/".proxyPass = "http://localhost:3000/"; }; - }; - }; - }; - services.grafana = { - enable = true; - - provision = { - enable = true; - # curl https://root:SECRET@grafana.hq.c3d2.de/api/datasources | jq > hosts/grafana/datasources.json - datasources.settings.datasources = map (datasource: { - inherit (datasource) name type access orgId url password user database isDefault jsonData; - }) (with builtins; fromJSON (readFile ./datasources.json)); - dashboards.settings.providers = [ { - settings = { - apiVersion = 1; - providers = [ { - name = "c3d2"; - } ]; - }; - # for id in `curl https://root:SECRET@grafana.hq.c3d2.de/api/search | jq -j 'map(.uid) | join(" ")'`; do curl https://root:SECRET@grafana.hq.c3d2.de/api/dashboards/uid/$id | jq .dashboard > hosts/grafana/dashboards/$id.json;done - options.path = ./dashboards; - } ]; - }; - - settings = { - "auth.anonymous" = { - enabled = false; - org_name = "Chaos"; - }; - security = { - admin_password = "$__file{${config.sops.secrets."grafana/admin-password".path}}"; - secret_key = "$__file{${config.sops.secrets."grafana/secret-key".path}}"; - }; - server.domain = "grafana.hq.c3d2.de"; - users.allow_sign_up = false; - }; - }; - services.influxdb = let - collectdTypes = pkgs.runCommand "collectd-types" {} '' - mkdir -p $out/share/collectd - cat ${pkgs.collectd-data}/share/collectd/types.db >> $out/share/collectd/types.db - echo "stations value:GAUGE:0:U" >> $out/share/collectd/types.db - ''; - in { - enable = true; - extraConfig = { - logging.level = "debug"; - collectd = [{ - enabled = true; - database = "collectd"; - typesdb = "${collectdTypes}/share/collectd/types.db"; - # create retention policy "30d" on collectd duration 30d replication 1 default - retention-policy = "30d"; - }]; - }; - }; - systemd.services = - builtins.foldl' (services: service: - services // { - "${service}".serviceConfig = { - RestartSec = 60; - Restart = "always"; - }; - } - ) {} [ "grafana" "influxdb" ] - // { - # work around our slow storage that can't keep up - influxdb.serviceConfig.LimitNOFILE = "1048576:1048576"; - influxdb.serviceConfig.TimeoutStartSec = "infinity"; - }; - environment.systemPackages = with pkgs; [ influxdb ]; + networking = { + firewall = { + # http https influxdb + allowedTCPPorts = [ 80 443 8086 ]; + # collectd + allowedUDPPorts = [ 25826 ]; + }; + hostName = "grafana"; + }; + + services = { + grafana = { + enable = true; + + provision = { + enable = true; + # curl https://root:SECRET@grafana.hq.c3d2.de/api/datasources | jq > hosts/grafana/datasources.json + datasources.settings.datasources = map + (datasource: { + inherit (datasource) name type access orgId url password user database isDefault jsonData; + }) + (with builtins; fromJSON (readFile ./datasources.json)); + dashboards.settings.providers = [{ + settings = { + apiVersion = 1; + providers = [{ + name = "c3d2"; + }]; + }; + # for id in `curl https://root:SECRET@grafana.hq.c3d2.de/api/search | jq -j 'map(.uid) | join(" ")'`; do curl https://root:SECRET@grafana.hq.c3d2.de/api/dashboards/uid/$id | jq .dashboard > hosts/grafana/dashboards/$id.json;done + options.path = ./dashboards; + }]; + }; + + settings = { + "auth.anonymous" = { + enabled = false; + org_name = "Chaos"; + }; + security = { + admin_password = "$__file{${config.sops.secrets."grafana/admin-password".path}}"; + secret_key = "$__file{${config.sops.secrets."grafana/secret-key".path}}"; + }; + server.domain = "grafana.hq.c3d2.de"; + users.allow_sign_up = false; + }; + }; + influxdb = + let + collectdTypes = pkgs.runCommand "collectd-types" { } '' + mkdir -p $out/share/collectd + cat ${pkgs.collectd-data}/share/collectd/types.db >> $out/share/collectd/types.db + echo "stations value:GAUGE:0:U" >> $out/share/collectd/types.db + ''; + in + { + enable = true; + extraConfig = { + logging.level = "debug"; + collectd = [{ + enabled = true; + database = "collectd"; + typesdb = "${collectdTypes}/share/collectd/types.db"; + # create retention policy "30d" on collectd duration 30d replication 1 default + retention-policy = "30d"; + }]; + }; + }; + nginx = { + enable = true; + virtualHosts = { + "grafana.hq.c3d2.de" = { + default = true; + enableACME = true; + forceSSL = true; + locations = { "/".proxyPass = "http://localhost:3000/"; }; + }; + }; + }; + }; + sops = { defaultSopsFile = ./secrets.yaml; secrets = { @@ -109,5 +104,22 @@ }; }; + systemd.services = + builtins.foldl' + (services: service: + services // { + "${service}".serviceConfig = { + RestartSec = 60; + Restart = "always"; + }; + } + ) + { } [ "grafana" "influxdb" ] + // { + # work around our slow storage that can't keep up + influxdb.serviceConfig.LimitNOFILE = "1048576:1048576"; + influxdb.serviceConfig.TimeoutStartSec = "infinity"; + }; + system.stateVersion = "22.05"; }