1 files changed, 84 insertions, 0 deletions

diff --git a/tharos/grafana.nix b/tharos/grafana.nix
new file mode 100644
index 0000000..fa2259e
--- /dev/null
+++ b/tharos/grafana.nix
@@ -0,0 +1,84 @@
+{ self, lib, ... }:
+{
+  flake.machines.tharos = {
+    nixos =
+      { config, ... }:
+      let
+        grafana = {
+          domain = config.services.grafana.settings.server.domain;
+          port = config.services.grafana.settings.server.http_port;
+          database = config.services.grafana.settings.database;
+        };
+      in
+      {
+        services.grafana = {
+          enable = true;
+          openFirewall = true;
+          settings = {
+            server = {
+              domain = "grafana.${self.domain}";
+              root_url = "https://${grafana.domain}";
+            };
+            database = {
+              type = "postgres";
+              user = grafana.database.name;
+              host =
+                let
+                  nextcloud = config.services.nextcloud;
+                in
+                lib.mkIf nextcloud.enable nextcloud.config.dbhost;
+            };
+            security = {
+              disable_initial_admin_creation = true;
+            };
+            "auth.anonymous" = {
+              enabled = true;
+              org_role = "Viewer";
+            };
+          };
+        };
+        services.postgresql = {
+          enable = true;
+          ensureDatabases = [ grafana.database.name ];
+          ensureUsers = [
+            {
+              name = grafana.database.user;
+              ensureDBOwnership = true;
+            }
+          ];
+        };
+        services.caddy = {
+          virtualHosts.${grafana.domain}.extraConfig = ''
+            reverse_proxy http://localhost:${toString grafana.port}
+          '';
+        };
+      };
+
+    vm =
+      { pkgs, config, ... }:
+      let
+        grafana = {
+          domain = config.services.grafana.settings.server.domain;
+          port = config.services.grafana.settings.server.http_port;
+        };
+      in
+      {
+        services.grafana = {
+          settings.server = {
+            domain = lib.mkForce "grafana.localhost";
+            root_url = lib.mkForce "http://${grafana.domain}:${toString grafana.port}";
+          };
+        };
+
+        services.caddy.virtualHosts = {
+          "http://${grafana.domain}:${toString config.virtualisation.exposedPorts.http.port}".extraConfig =
+            config.services.caddy.virtualHosts.${grafana.domain}.extraConfig;
+        };
+        services.getty.helpLine = lib.mkBefore ''
+          Grafana: http://${grafana.domain}:${
+            with config.virtualisation; toString (portOffset + exposedPorts.http.port)
+          }
+        '';
+      };
+  };
+}