{ config, pkgs, ... }:
let
port = config.satellite.ports.grafana;
secret = name: "$__file{${config.sops.secrets.${name}.path}}";
sopsSettings = {
sopsFile = ../secrets.yaml;
owner = "grafana";
};
in
{
sops.secrets.grafana_smtp_pass = sopsSettings;
sops.secrets.grafana_discord_webhook = sopsSettings;
# {{{ Main config
services.grafana = {
enable = true;
settings = {
server = rec {
domain = config.satellite.nginx.at.grafana.host;
root_url = "https://${domain}";
http_port = port;
};
# {{{ Smtp
smtp = rec {
enabled = true;
user = "grafana@orbit.moonythm.dev";
from_name = "Grafana";
from_address = user;
host = "smtp.migadu.com:465";
password = secret "grafana_smtp_pass";
startTLS_policy = "NoStartTLS";
};
# }}}
};
# {{{ Provisoning
provision = {
enable = true;
# https://grafana.com/docs/grafana/latest/alerting/set-up/provision-alerting-resources/file-provisioning/
alerting.contactPoints.settings = {
apiVersion = 1;
contactPoints = [{
name = "main";
receivers = [
{
uid = "main_discord";
type = "discord";
settings.url = secret "grafana_discord_webhook";
settings.message = ''
@everyone ✨ An issue occured :O ✨
{{ template "default.message" . }}
'';
}
{
uid = "main_email";
type = "email";
settings.addresses = "colimit@moonythm.dev";
}
];
}];
};
alerting.policies.settings = {
apiVersion = 1;
policies = [{
receiver = "main";
}];
};
datasources.settings = {
apiVersion = 1;
datasources = [{
name = "Prometheus";
type = "prometheus";
access = "proxy";
url = "https://prometheus.moonythm.dev";
}];
};
};
# }}}
};
# }}}
# {{{ Networking & storage
satellite.nginx.at.grafana.port = port;
environment.persistence."/persist/state".directories = [{
directory = config.services.grafana.dataDir;
user = "grafana";
group = "grafana";
}];
# }}}
}