nolan/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add Grafana/Prometheus.

Browse source
This commit is contained in:
Nolan Darilek 2025-04-24 14:58:51 -05:00
parent ccc9468d43
commit 557be818da
4 changed files with 61 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

19
hosts/hub/apps/grafana.nix
View file

@ -3,19 +3,22 @@
grafana = { grafana = {
enable = true; enable = true;
settings = { settings = {
auth.proxy = { server = {
enabled = true; root_url = "https://grafana.tailc50184.ts.net";
header_name = "Remote-User";
headers = "Name:Remote-Name Email:Remote-Email Groups:Remote-Groups";
}; };
# "auth.proxy" = {
# enabled = true;
# header_name = "Remote-User";
# headers = "Name:Remote-Name Email:Remote-Email Groups:Remote-Groups";
# };
}; };
}; };
caddy.virtualHosts."grafana.tailc50184.ts.net".extraConfig = '' caddy.virtualHosts."grafana.tailc50184.ts.net".extraConfig = ''
bind tailscale/grafana bind tailscale/grafana
forward_auth localhost:9091 { # forward_auth localhost:9091 {
uri /api/authz/forward-auth # uri /api/authz/forward-auth
copy_headers Remote-User Remote-Name Remote-Email Remote-Groups # copy_headers Remote-User Remote-Name Remote-Email Remote-Groups
} # }
reverse_proxy localhost:3000 reverse_proxy localhost:3000
''; '';
}; };

23
hosts/hub/apps/karakeep.nix Normal file
View file

@ -0,0 +1,23 @@
{ config, ... }:
{
systemd.tmpfiles.rules = [
"d /var/lib/actual 0755 root root"
];
virtualisation.oci-containers.containers.actual = {
image = "actualbudget/actual-server:latest";
ports = [
"5006:5006"
];
environment = {
ACTUAL_LOGIN_METHOD = "header";
};
volumes = [ "/var/lib/actual:/data" ];
};
services.caddy.virtualHosts."https://budget.tailc50184.ts.net".extraConfig = ''
bind tailscale/budget
reverse_proxy http://localhost:5006
'';
}

23
hosts/hub/apps/prometheus.nix
View file

@ -0,0 +1,23 @@
{ config, ... }:
{
services = {
prometheus = {
enable = true;
scrapeConfigs = [
{
job_name = "thewordnerd";
static_configs = [
{
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ];
}
];
}
];
};
caddy.virtualHosts."prometheus.tailc50184.ts.net".extraConfig = ''
bind tailscale/prometheus
reverse_proxy localhost:9090
'';
};
}

4
hosts/hub/default.nix
View file

@ -11,8 +11,10 @@
../../roles/restic.nix ../../roles/restic.nix
../../base.nix ../../base.nix
../../users/root.nix ../../users/root.nix
../../roles/restic.nix
../../roles/fail2ban.nix ../../roles/fail2ban.nix
../../roles/tailscale.nix ../../roles/tailscale.nix
../../roles/prometheus.nix
../../roles/lldap.nix ../../roles/lldap.nix
../../roles/authelia.nix ../../roles/authelia.nix
../../roles/podman.nix ../../roles/podman.nix
@ -21,6 +23,8 @@
../../roles/vscode-remote.nix ../../roles/vscode-remote.nix
../../roles/postgres.nix ../../roles/postgres.nix
../../roles/syncthing.nix ../../roles/syncthing.nix
./apps/grafana.nix
./apps/prometheus.nix
./apps/dev.nix ./apps/dev.nix
./apps/nextcloud.nix ./apps/nextcloud.nix
./apps/paperless.nix ./apps/paperless.nix