From 1fd04521c81e17b0e380467ee4a848c877cfaaf3 Mon Sep 17 00:00:00 2001 From: Ittihadyya Date: Fri, 20 Dec 2024 16:48:19 +0200 Subject: [PATCH] added postgres connection to grafana --- secrets.yaml | 5 +++-- services/monitoring/grafana.mod.nix | 20 ++++++++++++++++---- sops.mod.nix | 2 ++ 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/secrets.yaml b/secrets.yaml index 83810de..b17ac05 100644 --- a/secrets.yaml +++ b/secrets.yaml @@ -24,6 +24,7 @@ forgejo_runner_glucose_token: ENC[AES256_GCM,data:UWzKhDUojVrSWbS2sDyX8xdK9albNo forgejo_runner_fructose_token: ENC[AES256_GCM,data:vExgJdEHpqzn6DAsMVnE2e3EmgehZMFnPTAV/VYOGvl6kgTYqYoBhA==,iv:dja9VC4Pr9asl/I4ieg5c718V4Nq+pqvB8c7oQD5Qqc=,tag:ynFs2NQX466ECYnsmeUFzg==,type:str] grafana_admin_account: ENC[AES256_GCM,data:kDj9o2cpRLmpRVwONBI=,iv:cQfeFhBAVMSysP43J+eDVKAmn1NM+aUN9huraGgpRkY=,tag:AFIr0pwRvHj8ruDAqc2Lww==,type:str] grafana_admin_pass: ENC[AES256_GCM,data:AnuVrCJcfj1cHP5W2s5eDlRLaJTOc0T7W3sS2/flnA==,iv:EA0SGXxf9kF+ltmNgcd3rGE7Jmg8/+s3Gip0uByEF9o=,tag:Rm+eSe+H1uytm/MMxMuZpw==,type:str] +grafana_db_pass: ENC[AES256_GCM,data:2yVNv62go7Bxgmhoqx6J5WU=,iv:4VGAsT4WR0J/aNKUjts+rUIK5UR8OyHjCln4NXnS0LA=,tag:0KtbBFX+3+5fp6ekDSKGrw==,type:str] sops: kms: [] gcp_kms: [] @@ -39,8 +40,8 @@ sops: NHg3M2l5MWY2alpHdVhIbE5PQ3VxeW8Kr+o5K2EIrPSfIFBWK68mWl4lWJooZxF/ vKsU99C2iIsbX/eTF2uNQqeDkOqy5egKCG42xikwycGFO/gbnCDIdw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-12-20T14:08:54Z" - mac: ENC[AES256_GCM,data:U4WSALgavBjqt3b3lFXchxEvruG04IqtVikZnuQRyH40Z4f2PM4I5RdCaxyU3CaXPbb8/RQEYSWkLcQZ0HJvqqERLuKl25EqGFEMP5Wph3K5hSBEawk+eE6ep+tSN6bp9H4MIic1vcdn9+2JvBMnIFUEL+1zr0yvmBoz8RiavTc=,iv:rGsaWuvpGwCAWjbp1j2EZN5bQamxPisIsDfzF131HUc=,tag:f4dupyfCkN56ZikSCuHNWA==,type:str] + lastmodified: "2024-12-20T14:41:58Z" + mac: ENC[AES256_GCM,data:+F5UEx3OsmIV7eOXGiwYY51NN/5MY4Zejr54OX51p42m1PBohEiR0DhGygiqyNKLwYfX7eyCKehDeSl7+z/kcqTlc7999Fh8qI7ur+BdxtbQsoH35NWWW6V/q4MTlw7hLoHXqSrt4jw8B9nhEKTYbtMCYNRvxH+k+/OYEy5gn3I=,iv:ydbOr/KAe/TW4OCzrDNipi++BT5X583Ux31Q4KaGMG0=,tag:+Wo6C1zbyCqH4OykGHiBDQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.2 diff --git a/services/monitoring/grafana.mod.nix b/services/monitoring/grafana.mod.nix index 04471ba..6db275d 100644 --- a/services/monitoring/grafana.mod.nix +++ b/services/monitoring/grafana.mod.nix @@ -11,12 +11,24 @@ # declarativePlugins = null; settings = { - # analytics = {}; - # database = {}; + analytics = { + check_for_plugin_updates = false; + check_for_updates = false; + feedback_links_enabled = false; + reporting_enabled = false; + }; + + database = { + host = "10.24.1.9:5432"; + type = "postgres"; + name = "grafanadb"; + user = "grafana"; + password = lib.mkForce builtins.concatStringsSep "" ["$__file" "{${config.sops.secrets.grafana_db_pass}}"]; + }; # paths = {}; security = { - admin_user = builtins.concatStringsSep "" ["$__file" "{${config.sops.secrets.grafana_admin_account.path}}"]; - admin_password = builtins.concatStringsSep "" ["$__file" "{${config.sops.secrets.grafana_admin_pass.path}}"]; + admin_user = lib.mkForce builtins.concatStringsSep "" ["$__file" "{${config.sops.secrets.grafana_admin_account.path}}"]; + admin_password = lib.mkForce builtins.concatStringsSep "" ["$__file" "{${config.sops.secrets.grafana_admin_pass.path}}"]; }; server = { root_url = "https://grf.collective-conciousness.monster"; diff --git a/sops.mod.nix b/sops.mod.nix index c4baf61..1f6c55f 100644 --- a/sops.mod.nix +++ b/sops.mod.nix @@ -57,8 +57,10 @@ ({config, ...}: { sops.secrets.grafana_admin_pass = {}; sops.secrets.grafana_admin_account = {}; + sops.secrets.grafana_db_pass = {}; sops.secrets.grafana_admin_account.owner = "grafana"; sops.secrets.grafana_admin_pass.owner = "grafana"; + sops.secrets.grafana_db_pass.owner = "grafana"; }) ( {config, ...}: {