90 lines
2 KiB
Nix
90 lines
2 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}:
|
|
let
|
|
tailscaleMagicDNS = "neon-dory.ts.net";
|
|
defaultNodePort = toString config.services.prometheus.exporters.node.port;
|
|
p = import ../parameters.nix;
|
|
in
|
|
{
|
|
|
|
age.secrets = {
|
|
tailscale-authKey.file = ../../secrets/tailscale-authKey.age;
|
|
grafana-admin-pwd = {
|
|
file = ../../secrets/grafana-admin-pwd.age;
|
|
owner = "grafana";
|
|
};
|
|
grafana-secret-auth = {
|
|
file = ../../secrets/grafana-secret-auth.age;
|
|
owner = "grafana";
|
|
};
|
|
};
|
|
|
|
my = {
|
|
utils = {
|
|
commons.enable = true;
|
|
lxc-standard.enable = true;
|
|
};
|
|
|
|
services.media-mgr = {
|
|
exportMetrics.enable = true;
|
|
};
|
|
|
|
monitoring = {
|
|
grafana = {
|
|
enable = true;
|
|
adminPasswordFile = config.age.secrets.grafana-admin-pwd.path;
|
|
auth = {
|
|
enable = true;
|
|
baseUrl = "auth.${p.domains.public}";
|
|
sectetKeyFile = config.age.secrets.grafana-secret-auth.path;
|
|
};
|
|
proxy.domain = p.domains.public;
|
|
};
|
|
prometheus.enable = true;
|
|
loki.enable = true;
|
|
};
|
|
|
|
networking = {
|
|
tailscale = {
|
|
enable = true;
|
|
magicDNSDomain = tailscaleMagicDNS;
|
|
authKeyFile = config.age.secrets.tailscale-authKey.path;
|
|
};
|
|
|
|
};
|
|
|
|
virtualisation = {
|
|
proxmox.enable = true;
|
|
};
|
|
};
|
|
|
|
# Extra packages
|
|
environment.systemPackages = with pkgs; [ ];
|
|
|
|
services = {
|
|
prometheus.scrapeConfigs = [
|
|
{
|
|
job_name = "host-metrics";
|
|
static_configs = [
|
|
{
|
|
targets = [
|
|
"metrics.internal:${defaultNodePort}"
|
|
"caddy.internal:${defaultNodePort}"
|
|
"arr.internal:${defaultNodePort}"
|
|
"nextcloud.internal:${defaultNodePort}"
|
|
"vaultwarden.internal:${defaultNodePort}"
|
|
"plex.internal:${defaultNodePort}"
|
|
"portainer.internal:${defaultNodePort}"
|
|
];
|
|
}
|
|
];
|
|
}
|
|
];
|
|
};
|
|
|
|
system.stateVersion = "24.05";
|
|
}
|