2022-01-14 20:05:57 +00:00
|
|
|
{
|
2022-06-12 15:39:15 +00:00
|
|
|
lib,
|
|
|
|
|
config,
|
|
|
|
|
pkgs,
|
|
|
|
|
...
|
|
|
|
|
}: let
|
2022-06-12 15:42:42 +00:00
|
|
|
inherit ((import ../../utils/getInternalIP.nix config)) listenIPs;
|
2022-06-12 15:39:15 +00:00
|
|
|
listenStatements =
|
|
|
|
|
lib.concatStringsSep "\n" (builtins.map (ip: "listen ${ip}:443 http3;") listenIPs)
|
|
|
|
|
+ ''
|
|
|
|
|
add_header Alt-Svc 'h3=":443"';
|
|
|
|
|
'';
|
|
|
|
|
in {
|
2022-01-14 20:58:33 +00:00
|
|
|
imports = [
|
|
|
|
|
./prometheus.nix
|
|
|
|
|
];
|
2022-01-14 20:05:57 +00:00
|
|
|
services.grafana = {
|
|
|
|
|
enable = true;
|
|
|
|
|
domain = "grafana.int.chir.rs";
|
|
|
|
|
port = 2342;
|
|
|
|
|
addr = "127.0.0.1";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.nginx.virtualHosts.${config.services.grafana.domain} = {
|
|
|
|
|
listenAddresses = listenIPs;
|
2022-01-14 20:12:11 +00:00
|
|
|
sslCertificate = "/var/lib/acme/int.chir.rs/cert.pem";
|
|
|
|
|
sslCertificateKey = "/var/lib/acme/int.chir.rs/key.pem";
|
2022-01-14 20:05:57 +00:00
|
|
|
locations."/" = {
|
|
|
|
|
proxyPass = "http://127.0.0.1:${toString config.services.grafana.port}";
|
|
|
|
|
proxyWebsockets = true;
|
|
|
|
|
};
|
2022-02-09 14:35:39 +00:00
|
|
|
extraConfig = listenStatements;
|
2022-01-14 20:05:57 +00:00
|
|
|
};
|
|
|
|
|
}
|
