49 lines
1.1 KiB
Nix
49 lines
1.1 KiB
Nix
{
|
|
pkgs,
|
|
config,
|
|
...
|
|
}:
|
|
{
|
|
imports = [
|
|
./grafana.nix
|
|
./mimir.nix
|
|
./loki.nix
|
|
./pve-exporter.nix
|
|
];
|
|
|
|
sops = {
|
|
defaultSopsFile = ../../secrets/passwords.yaml;
|
|
secrets."services/grafana/admin_password" = {
|
|
mode = "0440";
|
|
owner = "grafana";
|
|
group = "grafana";
|
|
restartUnits = [ "grafana.service" ];
|
|
};
|
|
secrets."services/loki/nginx" = {
|
|
mode = "0440";
|
|
owner = "nginx";
|
|
group = "nginx";
|
|
restartUnits = [ "nginx.service" ];
|
|
};
|
|
secrets."services/mimir/nginx" = {
|
|
mode = "0440";
|
|
owner = "nginx";
|
|
group = "nginx";
|
|
restartUnits = [ "nginx.service" ];
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ 80 ];
|
|
networking.usePredictableInterfaceNames = false;
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
recommendedProxySettings = true;
|
|
logError = "syslog:server=unix:/dev/log,nohostname";
|
|
};
|
|
|
|
# DO NOT CHANGE
|
|
# this defines the first version of NixOS that was installed on the machine so that programs with non-migratable data files are kept compatible
|
|
home-manager.users.noc.home.stateVersion = "24.11";
|
|
system.stateVersion = "24.11";
|
|
}
|