EH22/nox
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nox/systems/monitoring.noc.eh22.intern/system.nix
c6ristian c2b6c5ddcb
better logging
2025-03-15 02:23:32 +01:00

64 lines
1.5 KiB
Nix
Raw Blame History

{
pkgs,
config,
...
}:
{
sops = {
defaultSopsFile = ../../secrets/passwords.yaml;
secrets."services/grafana/admin_password" = {
mode = "0440";
owner = "grafana";
group = "grafana";
restartUnits = [ "grafana.service" ];
sopsFile = ../../secrets/passwords.yaml;
};
secrets."services/loki/nginx" = {
mode = "0440";
owner = "nginx";
group = "nginx";
restartUnits = [ "nginx.service" ];
sopsFile = ../../secrets/passwords.yaml;
};
secrets."services/mimir/nginx" = {
mode = "0440";
owner = "nginx";
group = "nginx";
restartUnits = [ "nginx.service" ];
sopsFile = ../../secrets/passwords.yaml;
};
};
# configure static IP address
networking.useDHCP = false;
systemd.network = {
enable = true;
networks = {
"10-mgmtNet" = {
matchConfig.MACAddress = "BC:24:11:FC:C2:26";
address = [ "10.20.25.4/24" ];
gateway = [ "10.20.25.2" ];
dns = [ "10.20.25.5" ];
};
};
};
networking.firewall.allowedTCPPorts = [ 80 ];
imports = [
./grafana.nix
./mimir.nix
./loki.nix
];
services.nginx = {
enable = true;
recommendedProxySettings = true;
logError = "syslog:server=unix:/dev/log,nohostname";
};
# DO NOT CHANGE
# this defines the first version of NixOS that was installed on the machine so that programs with non-migratable data files are kept compatible
home-manager.users.noc.home.stateVersion = "24.11";
system.stateVersion = "24.11";
}
Reference in a new issue View git blame Copy permalink