blob: a796ba19cdc8eb4b99d19f6f0b136bec2b1f73cf (
about) (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
(define-module (tw services grafana)
#:use-module (gnu)
#:use-module ((gnu packages admin) #:select (shadow))
#:use-module ((gnu packages docker) #:select (docker-cli))
#:use-module (gnu services)
#:use-module (gnu services configuration)
#:use-module (gnu services databases)
#:use-module (gnu services shepherd)
#:use-module (guix records)
#:use-module (tw services web)
#:export (grafana-service-type
grafana-configuration))
;; TODO: Mimir for long-term Prometheus metrics storage?
;; TODO: Store Grafana data in Postgres instead of SQLite?
(define %grafana-user "grafana")
(define %grafana-uid 472) ; to match container
(define-configuration/no-serialization grafana-configuration
;; TODO: update to 10.2.2
;; https://hub.docker.com/r/grafana/grafana-oss/tags
(container (string "docker.io/grafana/grafana-oss:9.5.2") "Container image to run.")
(domain (string "localhost") "The external domain which will resolve to this
Grafana instance.")
(bind-address (string "0.0.0.0") "The host IP to bind to.")
(host-port (integer 3000) "The port to bind to on the host.")
(data-path (string "/var/lib/grafana") "The path to store data in, on the host.")
(metrics-credentials-file (string "/etc/grafana/metrics-credentials") "The
file name containing the user name and password to use for basic
authentication to Grafana's metrics endpoint. These are specified as the
GF_METRICS_BASIC_AUTH_USERNAME and GF_METRICS_BASIC_AUTH_PASSWORD environment
variables."))
(define (grafana-accounts config)
(list (user-account
(name %grafana-user)
(uid %grafana-uid)
(group "nogroup")
(comment "Grafana server user")
(system? #t)
(home-directory (grafana-configuration-data-path config))
(shell (file-append shadow "/sbin/nologin")))))
(define (grafana-shepherd-service config)
(list (shepherd-service
(provision '(grafana))
(requirement '(networking))
(documentation "Run a Grafana instance using Docker.")
(start #~(make-forkexec-constructor
;; https://grafana.com/docs/grafana/latest/setup-grafana/installation/docker/
(list #$(file-append docker-cli "/bin/docker") "run" "--rm" "--network=host"
"--name" "grafana" "--user" '#$%grafana-user
"-v" '#$(format #f "~a:/var/lib/grafana" (grafana-configuration-data-path config))
"--env-file" '#$(grafana-configuration-metrics-credentials-file config)
;; https://grafana.com/docs/grafana/latest/setup-grafana/configure-docker/
"-e" "GF_SERVER_PROTOCOL=http" ; use Wireguard for encryption
"-e" '#$(format #f "GF_SERVER_HTTP_ADDR=~a" (grafana-configuration-bind-address config))
"-e" '#$(format #f "GF_SERVER_HTTP_PORT=~a" (grafana-configuration-host-port config))
"-e" "GF_SERVER_ENABLE_GZIP=true" ; recommended by docs
"-e" "GF_ANALYTICS_REPORTING_ENABLED=false"
"-e" "GF_ANALYTICS_CHECK_FOR_UPDATES=false"
"-e" "GF_ANALYTICS_CHECK_FOR_PLUGIN_UPDATES=false"
"-e" "GF_SNAPSHOTS_ENABLED=false" ; disable publishing dashboard snapshots to the internet
"-e" "GF_DATE_FORMATS_INTERVAL_HOUR=DD.MM. HH:mm" ; use sensible date format
"-e" "GF_DATE_FORMATS_INTERVAL_DAY=DD.MM." ; use sensible date format
;; TODO: https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#smtp
'#$(grafana-configuration-container config))))
(stop #~(make-kill-destructor)))))
(define (grafana-reverse-proxy config)
(match-record config <grafana-configuration> (domain bind-address host-port)
(if (string=? domain "localhost") (list)
(list (https-reverse-proxy-configuration
(domains (list domain))
(destination-port host-port)
(destination-ip
(if (string=? bind-address "0.0.0.0")
"127.0.0.1"
bind-address)))))))
(define grafana-service-type
(service-type
(name 'grafana)
(extensions
(list (service-extension shepherd-root-service-type grafana-shepherd-service)
(service-extension account-service-type grafana-accounts)
(service-extension https-reverse-proxy-service-type grafana-reverse-proxy)))
(default-value (grafana-configuration))
(description "Grafana server, running under Docker.")))
|