1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
{ inputs, secrets, config, lib, pkgs, ... }:
{
age.secrets.grafanaInfluxTokenMqttData = {
file = secrets.briefkasten.influx.grafanaTokenMqttData;
owner = "grafana";
};
dns.zones."ctu.cx".subdomains.grafana.CNAME = [ "${config.networking.fqdn}." ];
systemd.services.grafana.onFailure = [ "email-notify@%i.service" ];
services.grafana = {
enable = true;
settings = {
server = {
domain = "grafana.ctu.cx";
root_url = "https://${config.services.grafana.settings.server.domain}/";
http_addr = "::1";
http_port = 3001;
};
security.allow_embedding = true;
"users".auto_assign_org_role = "Viewer";
# "users".viewers_can_edit = true;
"users".home_page = "/d/FRDYqjEGz/smarthome-influx";
"auth".disable_login_form = true;
"auth.basic".enabled = false;
"auth.anonymous".enabled = true;
"auth.anonymous".org_name = "Main Org.";
"auth.anonymous".org_role = "Viewer";
};
provision = {
enable = true;
datasources.settings.datasources = [
{
name = "Prometheus";
type = "prometheus";
url = "https://prometheus.ctu.cx/";
isDefault = true;
editable = false;
jsonData.timeInterval = "20s";
}
{
name = "InfluxDB (mqttData)";
type = "influxdb";
url = "https://influx.home.ctu.cx";
orgId = 1;
database = "mqttData";
editable = false;
jsonData.version = "Flux";
jsonData.organization = "katja";
jsonData.defaultBucket = "mqttData";
secureJsonData.token = "$__file{${config.age.secrets.grafanaInfluxTokenMqttData.path}}";
}
];
dashboards.settings.providers = [{
folder = "provisioned";
options.path = ./dashboards;
}];
};
};
services.nginx = {
enable = true;
virtualHosts."${config.services.grafana.settings.server.domain}" = {
useACMEHost = "${config.networking.fqdn}";
forceSSL = true;
kTLS = true;
locations."/".proxyPass = "http://[::1]:${toString config.services.grafana.settings.server.http_port}/";
};
};
}