From 003cd2d19ead6b62ed98e52198d8254fe71c75d7 Mon Sep 17 00:00:00 2001
From: c6ristian <c6ristian@christian.moe>
Date: Wed, 5 Mar 2025 21:10:13 +0100
Subject: [PATCH] grafana: fix error undefing var config and firewall config

---
 systems/grafana.noc.eh22.intern.nix | 26 +++++++++++++++++---------
 1 file changed, 17 insertions(+), 9 deletions(-)

diff --git a/systems/grafana.noc.eh22.intern.nix b/systems/grafana.noc.eh22.intern.nix
index f1ee937..ac1e4d1 100644
--- a/systems/grafana.noc.eh22.intern.nix
+++ b/systems/grafana.noc.eh22.intern.nix
@@ -1,10 +1,25 @@
 {
   pkgs,
+  config,
+  modulesPath,
+  lib,
   ...
 }:
 {
   imports = [];
 
+  sops = {
+    defaultSopsFile = ../secrets/passwords.yaml;
+    secrets."vms/grafana/admin_password" = {
+      mode = "0440";
+      owner = "grafana";
+      group = "grafana";
+      restartUnits = [ "grafana.service" ];
+    };
+  };
+
+  # configure static IP address
+  networking.useDHCP = false;
   systemd.network = {
     enable = true;
     networks = {
@@ -16,6 +31,8 @@
     };
   };
 
+  networking.firewall.allowedTCPPorts = [ 80 ];
+
   services.grafana = {
     enable = true;
     security.admin_password = "$__file{${sops.secrets.vms.grafana.admin_password.path}}";
@@ -32,15 +49,6 @@
     };
   };
 
-  sops = {
-    defaultSopsFile = ../secrets/passwords.yaml;
-    "vms"."grafana"."admin_password" = {
-      mode = "0440";
-      owner = "grafana";
-      group = "grafana";
-      restartUnits = [ "grafana.service" ];
-    };
-  };
   # DO NOT CHANGE
   # this defines the first version of NixOS that was installed on the machine so that programs with non-migratable data files are kept compatible
   home-manager.users.noc.home.stateVersion = "24.11";