summaryrefslogtreecommitdiff
path: root/hosts/vidhar
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-11-07 22:43:26 +0100
committerGregor Kleen <gkleen@yggdrasil.li>2022-11-07 22:43:26 +0100
commit5b3c59bf26ff8b9c38f3ca78451b42ad0014a585 (patch)
tree515f43dc3a8543f6ca2e7afdd565885e8903e7e6 /hosts/vidhar
parentc80473dbef4ca003642322e7243affe52eef4b06 (diff)
downloadnixos-5b3c59bf26ff8b9c38f3ca78451b42ad0014a585.tar
nixos-5b3c59bf26ff8b9c38f3ca78451b42ad0014a585.tar.gz
nixos-5b3c59bf26ff8b9c38f3ca78451b42ad0014a585.tar.bz2
nixos-5b3c59bf26ff8b9c38f3ca78451b42ad0014a585.tar.xz
nixos-5b3c59bf26ff8b9c38f3ca78451b42ad0014a585.zip
...
Diffstat (limited to 'hosts/vidhar')
-rw-r--r--hosts/vidhar/default.nix16
1 files changed, 9 insertions, 7 deletions
diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix
index e40342df..a5c60419 100644
--- a/hosts/vidhar/default.nix
+++ b/hosts/vidhar/default.nix
@@ -129,10 +129,10 @@ with lib;
129 client_body_temp_path /run/nginx-client-bodies; 129 client_body_temp_path /run/nginx-client-bodies;
130 ''; 130 '';
131 upstreams.grafana = { 131 upstreams.grafana = {
132 servers = { "unix:${config.services.grafana.socket}" = {}; }; 132 servers = { "unix:${config.services.grafana.settings.server.socket}" = {}; };
133 }; 133 };
134 virtualHosts = { 134 virtualHosts = {
135 ${config.services.grafana.domain} = { 135 ${config.services.grafana.settings.server.domain} = {
136 forceSSL = true; 136 forceSSL = true;
137 sslCertificate = ./selfsigned.crt; 137 sslCertificate = ./selfsigned.crt;
138 sslCertificateKey = "/run/credentials/nginx.service/selfsigned.key"; 138 sslCertificateKey = "/run/credentials/nginx.service/selfsigned.key";
@@ -146,11 +146,13 @@ with lib;
146 users.users.nginx.extraGroups = ["grafana"]; 146 users.users.nginx.extraGroups = ["grafana"];
147 services.grafana = { 147 services.grafana = {
148 enable = true; 148 enable = true;
149 analytics.reporting.enable = false; 149 settings = {
150 domain = "grafana.vidhar.yggdrasil"; 150 analytics.reporting_enabled = false;
151 security.adminPasswordFile = config.sops.secrets."grafana-admin-password".path; 151 server.protocol = "socket";
152 security.secretKeyFile = config.sops.secrets."grafana-secret-key".path; 152 server.domain = "grafana.vidhar.yggdrasil";
153 protocol = "socket"; 153 security.admin_password = "$__file{${config.sops.secrets."grafana-admin-password".path}}";
154 security.secret_key = "$__file{${config.sops.secrets."grafana-secret-key".path}}";
155 };
154 }; 156 };
155 sops.secrets."grafana-admin-password" = { 157 sops.secrets."grafana-admin-password" = {
156 format = "binary"; 158 format = "binary";