diff options
author | Franck Cuny <franck@fcuny.net> | 2022-03-06 19:20:55 -0800 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2022-03-06 19:20:55 -0800 |
commit | e4684d3f5778ecf3432b2e93b9af0cb79686e9f8 (patch) | |
tree | e9f1b091ecf6b13020fdaf6384b695948e4cd43e /hosts/common/server/unifi.nix | |
parent | unifi: add unifi on the NAS (diff) | |
download | world-e4684d3f5778ecf3432b2e93b9af0cb79686e9f8.tar.gz |
unifi: configure the poller
Diffstat (limited to '')
-rw-r--r-- | hosts/common/server/unifi.nix | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/hosts/common/server/unifi.nix b/hosts/common/server/unifi.nix index 1da8709..52635f0 100644 --- a/hosts/common/server/unifi.nix +++ b/hosts/common/server/unifi.nix @@ -16,7 +16,6 @@ let }; in { config = { - networking.firewall.allowedTCPPorts = [ 8443 ]; networking.firewall = allowedRules; users.users.unifi.group = "unifi"; users.users.unifi.isSystemUser = true; @@ -25,14 +24,28 @@ in { services.unifi = { enable = true; openPorts = true; - openFirewall = true; + unifiPackage = pkgs.unifiStable; }; - services.prometheus.exporters.unifi = { + age.secrets.unifi-read-only = { + file = ../../../secrets/unifi/unifi-poller.age; + mode = "0400"; + owner = "unifi-poller"; + }; + + services.unifi-poller = { enable = true; - unifiAddress = "https://localhost:8443/"; - unifiInsecure = true; + + unifi.defaults = { + url = "https://127.0.0.1:8443"; + user = "unifipoller"; + pass = config.age.secrets.unifi-read-only.path; + + verify_ssl = false; + }; + influxdb.disable = true; + prometheus = { http_listen = ":9130"; }; }; |