nix-config/hosts/containers/grafana/default.nix

{ zentralwerk, config, pkgs, lib, modulesPath, ... }:

let
  restartServices = [ "grafana" "influxdb" ];
in {
  c3d2.isInHq = false;
  c3d2.autoUpdate = true;

  services.openssh.enable = true;
  # noXlibs breaks cairo:
  environment.noXlibs = false;

  networking.hostName = "grafana";
  networking.useNetworkd = true;
  networking.interfaces.eth0.ipv4.addresses = [{
    address = "172.20.73.43";
    prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
  }];
  networking.defaultGateway = "172.20.73.1";

  # http https influxdb
  networking.firewall.allowedTCPPorts = [ 80 443 8086 ];
  # collectd
  networking.firewall.allowedUDPPorts = [ 25826 ];

  services.nginx = {
    enable = true;
    recommendedProxySettings = true;
    virtualHosts = {
      "grafana.hq.c3d2.de" = {
        default = true;
        enableACME = true;
        forceSSL = true;
        locations = { "/".proxyPass = "http://localhost:3000/"; };
      };
    };
  };
  services.grafana = {
    enable = true;
    domain = "grafana.hq.c3d2.de";
    auth.anonymous = {
      enable = true;
      org_name = "Chaos";
    };
    users.allowSignUp = false;
  };
  services.influxdb = let
    collectdTypes = pkgs.runCommand "collectd-types" {} ''
      mkdir -p $out/share/collectd
      cat ${config.services.collectd.package}/share/collectd/types.db >> $out/share/collectd/types.db
      echo "stations  value:GAUGE:0:U" >> $out/share/collectd/types.db
    '';
  in {
    enable = true;
    extraConfig = {
      logging.level = "debug";
      collectd = [{
        enabled = true;
        database = "collectd";
        typesdb = "${collectdTypes}/share/collectd/types.db";
      }];
    };
  };
  systemd.services =
    builtins.foldl' (services: service:
      services // {
        "${service}".serviceConfig = {
          RestartSec = 60;
          Restart = "always";
        };
      }
    ) {} restartServices
    // {
      # work around our slow storage that can't keep up
      influxdb.serviceConfig.LimitNOFILES = 102400;
    };

  # This value determines the NixOS release with which your system is to be
  # compatible, in order to avoid breaking some software such as database
  # servers. You should change this only after NixOS release notes say you
  # should.
  system.stateVersion = "18.09"; # Did you read the comment?
}