{ inputs, povSelf, config, lib, pkgs, ... }: let inherit (lib) types; cfg = lib.getAttrFromPath povSelf config; in { options = { enable = { type = types.bool; default = false; }; subdomain = { type = types.str; default = "grafana.infra"; }; domain = { type = types.str; default = "zaphyra.eu"; }; prometheusUrl = { type = types.str; default = "https://prometheus.infra.zaphyra.eu/"; }; }; config = lib.mkIf cfg.enable { dns.zones."${cfg.domain}".subdomains."${cfg.subdomain}".CNAME = [ "${config.networking.fqdn}." ]; modules.filesystem.impermanence.system.dirs = [ { directory = "/var/lib/grafana"; mode = "0700"; user = "grafana"; group = "grafana"; } ]; services.grafana = { enable = true; settings = { server = { domain = "${cfg.subdomain}.${cfg.domain}"; root_url = "https://${config.services.grafana.settings.server.domain}/"; http_addr = "::1"; http_port = 3001; }; dashboards.min_refresh_interval = "15s"; security.allow_embedding = true; "users".auto_assign_org_role = "Viewer"; "users".viewers_can_edit = true; "users".home_page = "/d/rYdddlPWk/node-exporter-full"; "auth".disable_login_form = true; "auth.basic".enabled = false; "auth.anonymous".enabled = true; "auth.anonymous".org_name = "Main Org."; "auth.anonymous".org_role = "Viewer"; }; provision = { enable = true; datasources.settings.datasources = [ { name = "Prometheus"; type = "prometheus"; url = cfg.prometheusUrl; isDefault = true; editable = false; jsonData.timeInterval = "20s"; } ]; dashboards.settings.providers = [ { folder = "provisioned"; allowUiUpdates = false; options.path = ../../../../resources/grafanaDashboards; } ]; }; }; services.nginx.virtualHosts."${cfg.subdomain}.${cfg.domain}" = { useACMEHost = "${config.networking.fqdn}"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://[::1]:${toString config.services.grafana.settings.server.http_port}/"; }; }; }