diff --git a/hosts/tower/configuration.nix b/hosts/tower/configuration.nix index 7dfad78..daf0937 100644 --- a/hosts/tower/configuration.nix +++ b/hosts/tower/configuration.nix @@ -29,8 +29,14 @@ locate.enable = true; }; system = { - boot.grub.enable = true; - services.forgejo.enable = true; + boot = { + grub.enable = true; + timeout = 30; + }; + services = { + forgejo.enable = true; + grafana.enable = true; + }; programs = { editors = { helix.enable = true; diff --git a/modules/services/forgejo/module.nix b/modules/services/forgejo/module.nix index 079441c..95d06c2 100644 --- a/modules/services/forgejo/module.nix +++ b/modules/services/forgejo/module.nix @@ -6,6 +6,7 @@ }: let inherit (pkgs) fetchurl; inherit (lib.modules) mkIf; + inherit (lib.options) mkEnableOption; inherit (config.services.forgejo) customDir user group; cfg = config.modules.system.services.forgejo; @@ -16,7 +17,7 @@ acmeRoot = "/var/lib/acme/challenges-forgejo"; dataDir = "/srv/data/forgejo"; in { - options.modules.system.services.forgejo.enable = lib.mkEnableOption "forgejo"; + options.modules.system.services.forgejo.enable = mkEnableOption "forgejo"; config = mkIf cfg.enable { modules.system.services = { diff --git a/modules/services/grafana/module.nix b/modules/services/grafana/module.nix new file mode 100644 index 0000000..dac610b --- /dev/null +++ b/modules/services/grafana/module.nix @@ -0,0 +1,52 @@ +{ + config, + lib, + pkgs, + ... +}: let + inherit (lib.modules) mkIf; + inherit (lib.options) mkEnableOption; + + cfg = config.modules.system.services.grafana; +in { + options.modules.system.services.grafana.enable = mkEnableOption "Grafana, a graphing service"; + + config = mkIf cfg.enable { + networking.firewall.allowedTCPPorts = [config.services.grafana.settings.server.http_port]; + + modules.system.services.database.postgresql.enable = true; + + services.grafana = { + enable = true; + package = pkgs.grafana; + + port = 4021; + domain = "localhost"; + + settings = { + server = { + http_addr = "127.0.0.1"; + http_port = 4021; + + root_url = "https://info.copeberg.org"; + domain = "info.copeberg.org"; + enforce_domain = true; + }; + database = { + type = "postgres"; + host = "/run/postgresql"; + name = "grafana"; + user = "grafana"; + ssl_mode = "disable"; + }; + + analytics = { + reporting_enabled = false; + check_for_updates = false; + }; + + # users.allow_signup = false; + }; + }; + }; +} diff --git a/modules/services/postgresql/module.nix b/modules/services/postgresql/module.nix index 84e95b5..c055d0a 100644 --- a/modules/services/postgresql/module.nix +++ b/modules/services/postgresql/module.nix @@ -27,6 +27,7 @@ in { ensureDatabases = [ "git" + "grafana" ]; ensureUsers = [ @@ -44,6 +45,10 @@ in { name = "git"; ensureDBOwnership = true; } + { + name = "grafana"; + ensureDBOwnership = true; + } ]; settings = { # taken from https://pgconfigurator.cybertec.at/ diff --git a/modules/system/boot/module.nix b/modules/system/boot/module.nix index 275fa5d..bc3eeb1 100644 --- a/modules/system/boot/module.nix +++ b/modules/system/boot/module.nix @@ -5,13 +5,21 @@ ... }: let inherit (lib.modules) mkForce; - inherit (lib.options) mkEnableOption; + inherit (lib.options) mkOption mkEnableOption; + inherit (lib.types) int; cfg = config.modules.system.boot; in { options.modules.system.boot = { grub.enable = mkEnableOption "Grub, a bloated boot loader"; systemd-boot.enable = mkEnableOption "Poetteringboot"; + timeout = mkOption { + description = '' + Set the boot loader's timeout. This is 0 by default, but preferably longer on remote servers to make switching to previous generations easier. + ''; + type = int; + default = 0; + }; }; config = { assertions = [ @@ -33,7 +41,7 @@ in { loader = { efi.canTouchEfiVariables = true; # I love spamming space - timeout = 0; + timeout = cfg.timeout; systemd-boot = { enable = cfg.systemd-boot.enable; editor = mkForce false;