diff options
author | Franck Cuny <franck@fcuny.net> | 2022-04-13 12:08:25 -0700 |
---|---|---|
committer | Franck Cuny <franck@fcuny.net> | 2022-04-13 12:08:25 -0700 |
commit | 1f2b5c4412560bf77ef6995905d1356dd224b7c3 (patch) | |
tree | 0500eaf3e89d32d38979516fa902ca46e055d9d7 /modules | |
parent | nginx: get a simple solution to work first (diff) | |
download | world-1f2b5c4412560bf77ef6995905d1356dd224b7c3.tar.gz |
grafana: try to configure the domain with acme+dns
Diffstat (limited to 'modules')
-rw-r--r-- | modules/services/grafana/default.nix | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/modules/services/grafana/default.nix b/modules/services/grafana/default.nix index 174ece9..bee67bd 100644 --- a/modules/services/grafana/default.nix +++ b/modules/services/grafana/default.nix @@ -1,5 +1,7 @@ { config, lib, pkgs, ... }: -let cfg = config.my.services.grafana; +let + cfg = config.my.services.grafana; + secrets = config.age.secrets; in { options.my.services.grafana = with lib; { enable = mkEnableOption "grafana observability stack"; @@ -29,6 +31,20 @@ in { }; }; + services.nginx.virtualHosts."dash.fcuny.xyz" = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://127.0.0.1:9090"; + proxyWebsockets = true; + }; + }; + + security.acme.certs."dash.fcuny.xyz" = { + dnsProvider = "gcloud"; + credentialsFile = secrets."acme/credentials".path; + }; + my.services.backup = { paths = [ "/var/lib/grafana" ]; }; }; } |