From 5cb6dac8ea095295c15fb895d76c15efcb1fd079 Mon Sep 17 00:00:00 2001 From: Bloxx12 Date: Wed, 9 Apr 2025 15:31:18 +0200 Subject: [PATCH 1/5] services/grafana: init --- modules/services/grafana/module.nix | 52 ++++++++++++++++++++++++++ modules/services/postgresql/module.nix | 5 +++ 2 files changed, 57 insertions(+) create mode 100644 modules/services/grafana/module.nix diff --git a/modules/services/grafana/module.nix b/modules/services/grafana/module.nix new file mode 100644 index 0000000..dac610b --- /dev/null +++ b/modules/services/grafana/module.nix @@ -0,0 +1,52 @@ +{ + config, + lib, + pkgs, + ... +}: let + inherit (lib.modules) mkIf; + inherit (lib.options) mkEnableOption; + + cfg = config.modules.system.services.grafana; +in { + options.modules.system.services.grafana.enable = mkEnableOption "Grafana, a graphing service"; + + config = mkIf cfg.enable { + networking.firewall.allowedTCPPorts = [config.services.grafana.settings.server.http_port]; + + modules.system.services.database.postgresql.enable = true; + + services.grafana = { + enable = true; + package = pkgs.grafana; + + port = 4021; + domain = "localhost"; + + settings = { + server = { + http_addr = "127.0.0.1"; + http_port = 4021; + + root_url = "https://info.copeberg.org"; + domain = "info.copeberg.org"; + enforce_domain = true; + }; + database = { + type = "postgres"; + host = "/run/postgresql"; + name = "grafana"; + user = "grafana"; + ssl_mode = "disable"; + }; + + analytics = { + reporting_enabled = false; + check_for_updates = false; + }; + + # users.allow_signup = false; + }; + }; + }; +} diff --git a/modules/services/postgresql/module.nix b/modules/services/postgresql/module.nix index 84e95b5..c055d0a 100644 --- a/modules/services/postgresql/module.nix +++ b/modules/services/postgresql/module.nix @@ -27,6 +27,7 @@ in { ensureDatabases = [ "git" + "grafana" ]; ensureUsers = [ @@ -44,6 +45,10 @@ in { name = "git"; ensureDBOwnership = true; } + { + name = "grafana"; + ensureDBOwnership = true; + } ]; settings = { # taken from https://pgconfigurator.cybertec.at/ From 60627d359429a62b0e86d15e9aac7176f7847ee8 Mon Sep 17 00:00:00 2001 From: Bloxx12 Date: Wed, 9 Apr 2025 15:31:18 +0200 Subject: [PATCH 2/5] boot/module.nix: add timeout option On desktop systems, it is convenient to have the timeout at zero, and just spam space when trying to start a previous generation. On servers however, it is preferable to have some time to choose the generation, which is quite convenient if you have to acess is remotely via a web interface, which tend to be quite slow and unresponsive. --- modules/system/boot/module.nix | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/modules/system/boot/module.nix b/modules/system/boot/module.nix index 275fa5d..bc3eeb1 100644 --- a/modules/system/boot/module.nix +++ b/modules/system/boot/module.nix @@ -5,13 +5,21 @@ ... }: let inherit (lib.modules) mkForce; - inherit (lib.options) mkEnableOption; + inherit (lib.options) mkOption mkEnableOption; + inherit (lib.types) int; cfg = config.modules.system.boot; in { options.modules.system.boot = { grub.enable = mkEnableOption "Grub, a bloated boot loader"; systemd-boot.enable = mkEnableOption "Poetteringboot"; + timeout = mkOption { + description = '' + Set the boot loader's timeout. This is 0 by default, but preferably longer on remote servers to make switching to previous generations easier. + ''; + type = int; + default = 0; + }; }; config = { assertions = [ @@ -33,7 +41,7 @@ in { loader = { efi.canTouchEfiVariables = true; # I love spamming space - timeout = 0; + timeout = cfg.timeout; systemd-boot = { enable = cfg.systemd-boot.enable; editor = mkForce false; From 00fa8006c0e250d9f903e557cd88dfbbe3b5cd27 Mon Sep 17 00:00:00 2001 From: Bloxx12 Date: Wed, 9 Apr 2025 15:31:18 +0200 Subject: [PATCH 3/5] tower/configuration.nix: set timeout duration of 30 --- hosts/tower/configuration.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/hosts/tower/configuration.nix b/hosts/tower/configuration.nix index 7dfad78..4f5d649 100644 --- a/hosts/tower/configuration.nix +++ b/hosts/tower/configuration.nix @@ -29,8 +29,10 @@ locate.enable = true; }; system = { - boot.grub.enable = true; - services.forgejo.enable = true; + boot = { + grub.enable = true; + timeout = 30; + }; programs = { editors = { helix.enable = true; From 92ba05f9cfcf4e6a7514272904f304cea59f0e0c Mon Sep 17 00:00:00 2001 From: Bloxx12 Date: Wed, 9 Apr 2025 15:31:18 +0200 Subject: [PATCH 4/5] tower/configuration.nix: enable grafana --- hosts/tower/configuration.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hosts/tower/configuration.nix b/hosts/tower/configuration.nix index 4f5d649..daf0937 100644 --- a/hosts/tower/configuration.nix +++ b/hosts/tower/configuration.nix @@ -33,6 +33,10 @@ grub.enable = true; timeout = 30; }; + services = { + forgejo.enable = true; + grafana.enable = true; + }; programs = { editors = { helix.enable = true; From 18a45773bb05884b55dcf1bf9898c5c5a382faab Mon Sep 17 00:00:00 2001 From: Bloxx12 Date: Wed, 9 Apr 2025 15:31:18 +0200 Subject: [PATCH 5/5] forgejo/module.nix: inherit mkEnableOption --- modules/services/forgejo/module.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/services/forgejo/module.nix b/modules/services/forgejo/module.nix index 079441c..95d06c2 100644 --- a/modules/services/forgejo/module.nix +++ b/modules/services/forgejo/module.nix @@ -6,6 +6,7 @@ }: let inherit (pkgs) fetchurl; inherit (lib.modules) mkIf; + inherit (lib.options) mkEnableOption; inherit (config.services.forgejo) customDir user group; cfg = config.modules.system.services.forgejo; @@ -16,7 +17,7 @@ acmeRoot = "/var/lib/acme/challenges-forgejo"; dataDir = "/srv/data/forgejo"; in { - options.modules.system.services.forgejo.enable = lib.mkEnableOption "forgejo"; + options.modules.system.services.forgejo.enable = mkEnableOption "forgejo"; config = mkIf cfg.enable { modules.system.services = {