Add grafana and postgresql
I should probably move some stuff over from my other postgres instance
This commit is contained in:
parent
0dc227fc5f
commit
c2a369c498
35
flake.nix
35
flake.nix
|
@ -51,6 +51,21 @@
|
|||
];
|
||||
};
|
||||
|
||||
nixosConfigurations.postgresql = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||
./hosts/postgresql/configuration.nix
|
||||
];
|
||||
};
|
||||
nixosConfigurations.grafana = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
"${nixpkgs}/nixos/modules/virtualisation/lxc-container.nix"
|
||||
./hosts/grafana/configuration.nix
|
||||
];
|
||||
};
|
||||
|
||||
deploy.nodes.nginx = {
|
||||
hostname = "10.42.20.2";
|
||||
fastConnection = true;
|
||||
|
@ -111,6 +126,26 @@
|
|||
};
|
||||
};
|
||||
|
||||
deploy.nodes.postgresql = {
|
||||
hostname = "10.42.20.8";
|
||||
fastConnection = true;
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = deploy-rs.lib.x86_64-linux.activate.nixos
|
||||
self.nixosConfigurations.postgresql;
|
||||
};
|
||||
};
|
||||
|
||||
deploy.nodes.grafana = {
|
||||
hostname = "10.42.20.9";
|
||||
fastConnection = true;
|
||||
profiles.system = {
|
||||
user = "root";
|
||||
path = deploy-rs.lib.x86_64-linux.activate.nixos
|
||||
self.nixosConfigurations.grafana;
|
||||
};
|
||||
};
|
||||
|
||||
checks =
|
||||
builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy)
|
||||
deploy-rs.lib;
|
||||
|
|
55
hosts/grafana/configuration.nix
Normal file
55
hosts/grafana/configuration.nix
Normal file
|
@ -0,0 +1,55 @@
|
|||
{ config, pkgs, ... }:
|
||||
let secrets = import ./secrets.nix;
|
||||
in {
|
||||
imports = [
|
||||
# Import common config
|
||||
../../common/generic-lxc.nix
|
||||
../../common
|
||||
];
|
||||
|
||||
networking.hostName = "grafana";
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "21.11"; # Did you read the comment?
|
||||
|
||||
environment.systemPackages = with pkgs; [ ];
|
||||
|
||||
environment.etc.adminPass = {
|
||||
enable = true;
|
||||
text = secrets.passwd;
|
||||
};
|
||||
|
||||
environment.etc.signKey = {
|
||||
enable = true;
|
||||
text = secrets.secretKey;
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 3000 ];
|
||||
|
||||
services.grafana = {
|
||||
enable = true;
|
||||
protocol = "http";
|
||||
domain = "grafana.voidcorp.nl";
|
||||
rootUrl = "https://grafana.voidcorp.nl/";
|
||||
addr = "0.0.0.0";
|
||||
port = 3000;
|
||||
database = {
|
||||
type = "postgres";
|
||||
host = "postgresql.voidlocal";
|
||||
user = "grafana";
|
||||
passwordFile = "/etc/adminPass";
|
||||
};
|
||||
security = {
|
||||
adminUser = secrets.adminUser;
|
||||
adminPasswordFile = "/etc/adminPass";
|
||||
secretKeyFile = "/etc/signKey";
|
||||
};
|
||||
analytics.reporting.enable = false;
|
||||
};
|
||||
|
||||
}
|
BIN
hosts/grafana/secrets.nix
Normal file
BIN
hosts/grafana/secrets.nix
Normal file
Binary file not shown.
|
@ -54,6 +54,7 @@ in {
|
|||
virtualHosts."s3.voidcorp.nl" = proxy "http://10.42.20.6:9000/";
|
||||
virtualHosts."explore.s3.voidcorp.nl" = proxy "http://10.42.20.6:9001/";
|
||||
virtualHosts."registry.voidcorp.nl" = proxy "http://10.42.20.7:5000/";
|
||||
virtualHosts."grafana.voidcorp.nl" = proxy "http://10.42.20.9:3000/";
|
||||
};
|
||||
|
||||
security.acme.email = "acme@voidcorp.nl";
|
||||
|
|
41
hosts/postgresql/configuration.nix
Normal file
41
hosts/postgresql/configuration.nix
Normal file
|
@ -0,0 +1,41 @@
|
|||
{ config, pkgs, ... }:
|
||||
let
|
||||
in {
|
||||
imports = [
|
||||
# Import common config
|
||||
../../common/generic-lxc.nix
|
||||
../../common
|
||||
];
|
||||
|
||||
networking.hostName = "postgresql";
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "21.11"; # Did you read the comment?
|
||||
|
||||
environment.systemPackages = with pkgs; [ ];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 5432 ];
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
authentication = "host all all 10.42.0.0/16 trust";
|
||||
ensureDatabases = [ "prometheus" "grafana" ];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "prometheus";
|
||||
ensurePermissions = { "DATABASE \"prometheus\"" = "ALL PRIVILEGES"; };
|
||||
}
|
||||
{
|
||||
name = "grafana";
|
||||
ensurePermissions = { "DATABASE \"grafana\"" = "ALL PRIVILEGES"; };
|
||||
}
|
||||
];
|
||||
enableTCPIP = true;
|
||||
};
|
||||
|
||||
}
|
Loading…
Reference in a new issue