From 91211036d84baa5e15286539ddadbe6b3d6e7b22 Mon Sep 17 00:00:00 2001 From: Timo Wilken Date: Sun, 3 Dec 2023 21:48:06 +0100 Subject: Expose Grafana externally --- tw/system/vin.scm | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'tw/system/vin.scm') diff --git a/tw/system/vin.scm b/tw/system/vin.scm index 65870e1f..c3cbc50c 100644 --- a/tw/system/vin.scm +++ b/tw/system/vin.scm @@ -3,6 +3,7 @@ #:use-module (gnu bootloader grub) #:use-module (gnu packages databases) #:use-module (gnu services admin) ; unattended-upgrade-service-type + #:use-module (gnu services certbot) #:use-module (gnu services databases) #:use-module (gnu services docker) #:use-module (gnu services dbus) @@ -161,13 +162,19 @@ (encrypted-file (local-file "files/restic/vin-grafana.enc")) (destination "/etc/restic/vin-grafana") (user "restic") - (group "restic")))))) + (group "restic")) + (secret + ;; Set GF_METRICS_BASIC_AUTH_{USERNAME,PASSWORD} variables. + (encrypted-file (local-file "files/grafana/metrics-credentials.enc")) + (destination "/etc/grafana/metrics-credentials")))))) ;; For running the Grafana docker container. (service grafana-service-type (grafana-configuration + (domain "grafana.twilken.net") (data-path "/var/lib/grafana") - (bind-address (server-wireguard-address host-name)))) + (bind-address (server-wireguard-address host-name)) + (metrics-credentials-file "/etc/grafana/metrics-credentials"))) (service docker-service-type) ; required by `grafana-service-type' (service dbus-root-service-type) ; required by `docker-service-type' (service elogind-service-type) ; required by `docker-service-type' @@ -191,6 +198,10 @@ (keep-daily 30) (keep-monthly -1)))) + (service certbot-service-type + (certbot-configuration + (email "letsencrypt@twilken.net"))) + ;; Personal statistics exporter: stores hledger data (and soon location ;; data?) in Postgres for Grafana to read. (service syncthing-service-type -- cgit v1.2.3