diff options
Diffstat (limited to 'hosts/common')
-rw-r--r-- | hosts/common/server/unifi.nix | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/hosts/common/server/unifi.nix b/hosts/common/server/unifi.nix index 1da8709..52635f0 100644 --- a/hosts/common/server/unifi.nix +++ b/hosts/common/server/unifi.nix @@ -16,7 +16,6 @@ let }; in { config = { - networking.firewall.allowedTCPPorts = [ 8443 ]; networking.firewall = allowedRules; users.users.unifi.group = "unifi"; users.users.unifi.isSystemUser = true; @@ -25,14 +24,28 @@ in { services.unifi = { enable = true; openPorts = true; - openFirewall = true; + unifiPackage = pkgs.unifiStable; }; - services.prometheus.exporters.unifi = { + age.secrets.unifi-read-only = { + file = ../../../secrets/unifi/unifi-poller.age; + mode = "0400"; + owner = "unifi-poller"; + }; + + services.unifi-poller = { enable = true; - unifiAddress = "https://localhost:8443/"; - unifiInsecure = true; + + unifi.defaults = { + url = "https://127.0.0.1:8443"; + user = "unifipoller"; + pass = config.age.secrets.unifi-read-only.path; + + verify_ssl = false; + }; + influxdb.disable = true; + prometheus = { http_listen = ":9130"; }; }; |