diff options
| author | Timo Wilken | 2023-12-03 21:48:06 +0100 |
|---|---|---|
| committer | Timo Wilken | 2023-12-13 19:39:32 +0100 |
| commit | 91211036d84baa5e15286539ddadbe6b3d6e7b22 (patch) | |
| tree | 0511988d8fb40648ede92a086a251b5519a3ccfa /tw/system | |
| parent | 5be8cd1a02ef562a9a8ee251d3cc401585dd3491 (diff) | |
Expose Grafana externally
Diffstat (limited to 'tw/system')
| -rw-r--r-- | tw/system/files/grafana/metrics-credentials.enc | 9 | ||||
| -rw-r--r-- | tw/system/vin.scm | 15 |
2 files changed, 22 insertions, 2 deletions
diff --git a/tw/system/files/grafana/metrics-credentials.enc b/tw/system/files/grafana/metrics-credentials.enc new file mode 100644 index 00000000..3e1bf1fe --- /dev/null +++ b/tw/system/files/grafana/metrics-credentials.enc @@ -0,0 +1,9 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IC9TV0hVQSBxbVk0 +YTUvTnV6TEI3bmRHSTNiNVZIcUc4OEZtVW9PcXNsczZYYjAya1R3ClRLRXFTdjc1 +djl3SXArQlloc1VENktIbUxJTmRmU0E0MzFjcktKR2dsVGcKLS0tIFAzcXY4VEhY +R3dLZlh6Vzl3VDYxcW8rNTZwNXl5dG1MZUpESnRvNFBtS28KOJgtJ5BkwrdX+93W +VGoh3vbzeCWdwOGCTqheJ1wgOGyGmCqSI/itWgydfvYdDyXCtusVZPTnn0Q1sonT +Ag/4jjm0vBM0LTrhHPHvi8SJIevsEjNhF8TJbTBYPJw4iqRl6WR+ZW3CTQbFZNLA +f/0x4hTgXVf8wvo= +-----END AGE ENCRYPTED FILE----- diff --git a/tw/system/vin.scm b/tw/system/vin.scm index 65870e1f..c3cbc50c 100644 --- a/tw/system/vin.scm +++ b/tw/system/vin.scm @@ -3,6 +3,7 @@ #:use-module (gnu bootloader grub) #:use-module (gnu packages databases) #:use-module (gnu services admin) ; unattended-upgrade-service-type + #:use-module (gnu services certbot) #:use-module (gnu services databases) #:use-module (gnu services docker) #:use-module (gnu services dbus) @@ -161,13 +162,19 @@ (encrypted-file (local-file "files/restic/vin-grafana.enc")) (destination "/etc/restic/vin-grafana") (user "restic") - (group "restic")))))) + (group "restic")) + (secret + ;; Set GF_METRICS_BASIC_AUTH_{USERNAME,PASSWORD} variables. + (encrypted-file (local-file "files/grafana/metrics-credentials.enc")) + (destination "/etc/grafana/metrics-credentials")))))) ;; For running the Grafana docker container. (service grafana-service-type (grafana-configuration + (domain "grafana.twilken.net") (data-path "/var/lib/grafana") - (bind-address (server-wireguard-address host-name)))) + (bind-address (server-wireguard-address host-name)) + (metrics-credentials-file "/etc/grafana/metrics-credentials"))) (service docker-service-type) ; required by `grafana-service-type' (service dbus-root-service-type) ; required by `docker-service-type' (service elogind-service-type) ; required by `docker-service-type' @@ -191,6 +198,10 @@ (keep-daily 30) (keep-monthly -1)))) + (service certbot-service-type + (certbot-configuration + (email "letsencrypt@twilken.net"))) + ;; Personal statistics exporter: stores hledger data (and soon location ;; data?) in Postgres for Grafana to read. (service syncthing-service-type |