nixos-config/modules/services/grafana.nix

{
  config,
  host,
  username,
  pkgs,
  ...
}:
let
  baseRepo = "ssh://liv@dandelion:9123/spinners/rootvol/backups/${host}";
in
{
  services = {
    grafana = {
      enable = true;
      settings.server = {
        domain = "monitoring.liv.town";
        http_addr = "127.0.0.1";
        http_port = 2342;
      };
    };

    nginx.virtualHosts.${config.services.grafana.settings.server.domain} = {
      forceSSL = true;
      sslCertificate = "/var/lib/acme/liv.town/cert.pem";
      sslCertificateKey = "/var/lib/acme/liv.town/key.pem";
      locations."/" = {
        proxyPass = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}";
        proxyWebsockets = true;
      };
    };
    borgbackup.jobs."violet-grafana" = {
      paths = [ "/var/lib/grafana" ];
      repo = "${baseRepo}/var-grafana";
      encryption.mode = "none";
      compression = "auto,zstd";
      startAt = "daily";
      preHook = ''
        systemctl stop grafana
      '';
      postHook = ''
        systemctl start grafana
        if [ $exitStatus -eq 2 ]; then
          ${pkgs.ntfy-sh}/bin/ntfy send https://notify.liv.town/${host} "borgbackup: ${host} backup (grafana) failed with errors"
        else
          ${pkgs.ntfy-sh}/bin/ntfy send https://notify.liv.town/${host} "borgbackup: ${host} backup (grafana) completed succesfully with exit status $exitStatus"
        fi
      '';
      user = "root";
      extraCreateArgs = [
        "--stats"
      ];
      environment = {
        BORG_RSH = "ssh -p 9123 -i /home/${username}/.ssh/id_ed25519";
      };
    };
  };
}
feat: adds `borgbackup` job for `grafana` 2025-10-07 13:04:21 +02:00			`{`
			`config,`
			`host,`
			`username,`
			`pkgs,`
			`...`
			`}:`
			`let`
			`baseRepo = "ssh://liv@dandelion:9123/spinners/rootvol/backups/${host}";`
			`in`
feat: move grafana to its own config so i can disable it easier 2025-04-24 11:40:52 +02:00			`{`
			`services = {`
			`grafana = {`
			`enable = true;`
			`settings.server = {`
			`domain = "monitoring.liv.town";`
			`http_addr = "127.0.0.1";`
			`http_port = 2342;`
			`};`
			`};`

fix: comply with new nixos namings 2025-05-25 03:34:51 +02:00			`nginx.virtualHosts.${config.services.grafana.settings.server.domain} = {`
feat: move grafana to its own config so i can disable it easier 2025-04-24 11:40:52 +02:00			`forceSSL = true;`
chore: switch away from useACME 2025-05-23 03:09:40 +02:00			`sslCertificate = "/var/lib/acme/liv.town/cert.pem";`
			`sslCertificateKey = "/var/lib/acme/liv.town/key.pem";`
feat: move grafana to its own config so i can disable it easier 2025-04-24 11:40:52 +02:00			`locations."/" = {`
fix: comply with new nixos namings 2025-05-25 03:34:51 +02:00			`proxyPass = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}";`
feat: move grafana to its own config so i can disable it easier 2025-04-24 11:40:52 +02:00			`proxyWebsockets = true;`
			`};`
			`};`
feat: adds `borgbackup` job for `grafana` 2025-10-07 13:04:21 +02:00			`borgbackup.jobs."violet-grafana" = {`
			`paths = [ "/var/lib/grafana" ];`
			`repo = "${baseRepo}/var-grafana";`
			`encryption.mode = "none";`
			`compression = "auto,zstd";`
			`startAt = "daily";`
			`preHook = ''`
			`systemctl stop grafana`
			`'';`
			`postHook = ''`
			`systemctl start grafana`
			`if [ $exitStatus -eq 2 ]; then`
			`${pkgs.ntfy-sh}/bin/ntfy send https://notify.liv.town/${host} "borgbackup: ${host} backup (grafana) failed with errors"`
			`else`
			`${pkgs.ntfy-sh}/bin/ntfy send https://notify.liv.town/${host} "borgbackup: ${host} backup (grafana) completed succesfully with exit status $exitStatus"`
			`fi`
			`'';`
			`user = "root";`
			`extraCreateArgs = [`
			`"--stats"`
			`];`
			`environment = {`
			`BORG_RSH = "ssh -p 9123 -i /home/${username}/.ssh/id_ed25519";`
			`};`
			`};`
chore: fix minor spelling mistakes; import some services 2025-04-24 11:52:43 +02:00			`};`
feat: move grafana to its own config so i can disable it easier 2025-04-24 11:40:52 +02:00			`}`