satellite/hosts/nixos/lapetus/services/grafana.nix

{ config, pkgs, ... }:
let
  secret = name: "$__file{${config.sops.secrets.${name}.path}}";
  sopsSettings = {
    sopsFile = ../secrets.yaml;
    group = "grafana";
  };
in
{
  imports = [
    ../../common/optional/services/nginx.nix
    ./prometheus.nix
  ];

  sops.secrets.grafana_smtp_pass = sopsSettings;
  sops.secrets.grafana_discord_webhook = sopsSettings;

  # {{{ Main config
  services.grafana = {
    enable = true;

    settings = {
      server.domain = "grafana.moonythm.dev";
      server.http_port = 8409;

      # {{{ Smtp
      smtp = rec {
        enabled = true;

        user = "grafana@orbit.moonythm.dev";
        from_name = "Grafana";
        from_address = user;

        host = "smtp.migadu.com:465";
        password = secret "grafana_smtp_pass";
        startTLS_policy = "NoStartTLS";
      };
      # }}}
    };

    # {{{ Provisoning
    provision = {
      enable = true;

      # https://grafana.com/docs/grafana/latest/alerting/set-up/provision-alerting-resources/file-provisioning/
      alerting.contactPoints.settings = {
        deleteContactPoints = [
          { uid = "main_discord"; }
          { uid = "main_email"; }
        ];

        contactPoints = [{
          name = "main";
          receivers = [
            {
              uid = "main_discord";
              type = "discord";
              settings.url = secret "grafana_discord_webhook";
            }
            {
              uid = "main_email";
              type = "email";
              settings.addresses = "colimit@moonythm.dev";
            }
          ];
        }];
      };

      datasources.settings.datasources = [{
        name = "Prometheus";
        type = "prometheus";
        access = "proxy";
        url = "prometheus.moonythm.dev";
      }];
    };
    # }}}
  };
  # }}}
  # {{{ Networking & storage
  services.nginx.virtualHosts.${config.services.grafana.settings.server.domain} =
    config.satellite.proxy config.services.grafana.settings.server.http_port { };

  environment.persistence."/persist/state".directories = [{
    directory = config.services.grafana.dataDir;
    user = "grafana";
    group = "grafana";
  }];
  # }}}
}
Set up grafana & prometheus 2024-02-24 06:52:01 +01:00			`{ config, pkgs, ... }:`
Fix grafana sops permissions 2024-02-24 08:22:35 +01:00			`let`
			`secret = name: "$__file{${config.sops.secrets.${name}.path}}";`
			`sopsSettings = {`
			`sopsFile = ../secrets.yaml;`
			`group = "grafana";`
			`};`
Set up grafana & prometheus 2024-02-24 06:52:01 +01:00			`in`
			`{`
			`imports = [`
			`../../common/optional/services/nginx.nix`
			`./prometheus.nix`
			`];`

Fix grafana sops permissions 2024-02-24 08:22:35 +01:00			`sops.secrets.grafana_smtp_pass = sopsSettings;`
			`sops.secrets.grafana_discord_webhook = sopsSettings;`
Set up grafana & prometheus 2024-02-24 06:52:01 +01:00
			`# {{{ Main config`
			`services.grafana = {`
			`enable = true;`

			`settings = {`
Fix outdated grafana option names 2024-02-24 06:57:37 +01:00			`server.domain = "grafana.moonythm.dev";`
			`server.http_port = 8409;`
Set up grafana & prometheus 2024-02-24 06:52:01 +01:00
			`# {{{ Smtp`
Make grafana record rec 2024-02-24 07:44:22 +01:00			`smtp = rec {`
Set up grafana & prometheus 2024-02-24 06:52:01 +01:00			`enabled = true;`
Fix grafana sops permissions 2024-02-24 08:22:35 +01:00
Add user to grafana smtp config 2024-02-24 07:43:54 +01:00			`user = "grafana@orbit.moonythm.dev";`
Fix grafana sops permissions 2024-02-24 08:22:35 +01:00			`from_name = "Grafana";`
Add user to grafana smtp config 2024-02-24 07:43:54 +01:00			`from_address = user;`
Fix grafana sops permissions 2024-02-24 08:22:35 +01:00
			`host = "smtp.migadu.com:465";`
			`password = secret "grafana_smtp_pass";`
Grafana disable start tls 2024-02-24 08:05:17 +01:00			`startTLS_policy = "NoStartTLS";`
Set up grafana & prometheus 2024-02-24 06:52:01 +01:00			`};`
			`# }}}`
			`};`

			`# {{{ Provisoning`
			`provision = {`
			`enable = true;`
Move port in grafana smtp config 2024-02-24 07:36:54 +01:00
Make grafana alert settings proper 2024-02-24 08:14:41 +01:00			`# https://grafana.com/docs/grafana/latest/alerting/set-up/provision-alerting-resources/file-provisioning/`
			`alerting.contactPoints.settings = {`
			`deleteContactPoints = [`
			`{ uid = "main_discord"; }`
			`{ uid = "main_email"; }`
			`];`

			`contactPoints = [{`
			`name = "main";`
			`receivers = [`
			`{`
			`uid = "main_discord";`
			`type = "discord";`
			`settings.url = secret "grafana_discord_webhook";`
			`}`
			`{`
			`uid = "main_email";`
			`type = "email";`
			`settings.addresses = "colimit@moonythm.dev";`
			`}`
			`];`
			`}];`
			`};`
Set up grafana & prometheus 2024-02-24 06:52:01 +01:00
Fix grafana datasource format 2024-02-24 06:53:31 +01:00			`datasources.settings.datasources = [{`
Set up grafana & prometheus 2024-02-24 06:52:01 +01:00			`name = "Prometheus";`
			`type = "prometheus";`
			`access = "proxy";`
			`url = "prometheus.moonythm.dev";`
Fix grafana datasource format 2024-02-24 06:53:31 +01:00			`}];`
Set up grafana & prometheus 2024-02-24 06:52:01 +01:00			`};`
			`# }}}`
			`};`
			`# }}}`
			`# {{{ Networking & storage`
Fix outdated grafana option names 2024-02-24 06:57:37 +01:00			`services.nginx.virtualHosts.${config.services.grafana.settings.server.domain} =`
			`config.satellite.proxy config.services.grafana.settings.server.http_port { };`
Set up grafana & prometheus 2024-02-24 06:52:01 +01:00
Update permissions for grafana and prometheus 2024-02-24 07:19:34 +01:00			`environment.persistence."/persist/state".directories = [{`
			`directory = config.services.grafana.dataDir;`
			`user = "grafana";`
			`group = "grafana";`
			`}];`
Set up grafana & prometheus 2024-02-24 06:52:01 +01:00			`# }}}`
			`}`