summaryrefslogtreecommitdiff
path: root/os/kay/modules/observability/grafana.nix
diff options
context:
space:
mode:
Diffstat (limited to 'os/kay/modules/observability/grafana.nix')
-rw-r--r--os/kay/modules/observability/grafana.nix48
1 files changed, 48 insertions, 0 deletions
diff --git a/os/kay/modules/observability/grafana.nix b/os/kay/modules/observability/grafana.nix
new file mode 100644
index 0000000..705bdcd
--- /dev/null
+++ b/os/kay/modules/observability/grafana.nix
@@ -0,0 +1,48 @@
+{ config, ... }:
+let
+ domain = "grafana." + config.global.userdata.domain;
+ user = config.global.userdata.name;
+ email = config.global.userdata.email;
+in
+{
+ sops.secrets."misc/default_password" = {
+ owner = "grafana";
+ group = "grafana";
+ };
+
+ services = {
+ postgresql = {
+ ensureDatabases = [ "grafana" ];
+ ensureUsers = [
+ {
+ name = "grafana";
+ ensureDBOwnership = true;
+ }
+ ];
+ };
+
+ grafana = {
+ enable = true;
+
+ settings = {
+ database = {
+ type = "postgres";
+ name = "grafana";
+ user = "grafana";
+ host = "/run/postgresql";
+ };
+
+ server = {
+ inherit domain;
+ enforce_domain = true;
+ };
+
+ security = {
+ admin_user = user;
+ admin_email = email;
+ admin_password = "$__file{${config.sops.secrets."misc/default_password".path}}";
+ };
+ };
+ };
+ };
+}