nixos-config/configurations/host/waffentrager/services/grafana.nix

40 lines
1.3 KiB
Nix

{ materusArg, config, lib, ... }:
{
options.waffentragerService.grafana.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable grafana";
config =
let
cfg = config.waffentragerService.grafana;
in
lib.mkIf cfg.enable {
services.grafana = {
dataDir = "${config.waffentragerService.elements.path}/services/grafana";
enable = true;
settings = {
server = {
# Listening Address
http_addr = "127.0.0.1";
# and Port
http_port = 3232;
# Grafana needs to know on which domain and URL it's running
domain = "watchman.materus.pl";
serve_from_sub_path = true;
};
};
};
services.nginx.virtualHosts."watchman.materus.pl" = {
addSSL = true;
sslTrustedCertificate = "/var/lib/mnt_acme/materus.pl/chain.pem";
sslCertificateKey = "/var/lib/mnt_acme/materus.pl/key.pem";
sslCertificate = "/var/lib/mnt_acme/materus.pl/fullchain.pem";
http2 = false;
http3 = true;
locations."/" = {
proxyPass = "http://${toString config.services.grafana.settings.server.http_addr}:${toString config.services.grafana.settings.server.http_port}";
proxyWebsockets = true;
recommendedProxySettings = true;
};
};
};
}