mirror of
https://github.com/nmasur/dotfiles
synced 2024-11-09 23:22:57 +00:00
create influxdb service
This commit is contained in:
parent
3042a0ac19
commit
fafd56612e
@ -208,6 +208,7 @@
|
|||||||
dotfilesRepo = "https://github.com/nmasur/dotfiles";
|
dotfilesRepo = "https://github.com/nmasur/dotfiles";
|
||||||
hostnames = {
|
hostnames = {
|
||||||
git = "git.${baseName}";
|
git = "git.${baseName}";
|
||||||
|
influxdb = "influxdb.${baseName}";
|
||||||
metrics = "metrics.${baseName}";
|
metrics = "metrics.${baseName}";
|
||||||
prometheus = "prom.${baseName}";
|
prometheus = "prom.${baseName}";
|
||||||
paperless = "paper.${baseName}";
|
paperless = "paper.${baseName}";
|
||||||
|
@ -58,6 +58,7 @@ inputs.nixpkgs.lib.nixosSystem {
|
|||||||
services.grafana.enable = true;
|
services.grafana.enable = true;
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
services.victoriametrics.enable = true;
|
services.victoriametrics.enable = true;
|
||||||
|
services.influxdb2.enable = true;
|
||||||
services.gitea.enable = true;
|
services.gitea.enable = true;
|
||||||
services.vaultwarden.enable = true;
|
services.vaultwarden.enable = true;
|
||||||
services.minecraft-server.enable = true; # Setup Minecraft server
|
services.minecraft-server.enable = true; # Setup Minecraft server
|
||||||
|
@ -83,6 +83,10 @@
|
|||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
description = "Hostname for Prometheus server.";
|
description = "Hostname for Prometheus server.";
|
||||||
};
|
};
|
||||||
|
influxdb = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
description = "Hostname for InfluxDB2 server.";
|
||||||
|
};
|
||||||
secrets = lib.mkOption {
|
secrets = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
description = "Hostname for passwords and secrets (Vaultwarden).";
|
description = "Hostname for passwords and secrets (Vaultwarden).";
|
||||||
|
@ -13,6 +13,7 @@
|
|||||||
./gnupg.nix
|
./gnupg.nix
|
||||||
./grafana.nix
|
./grafana.nix
|
||||||
./honeypot.nix
|
./honeypot.nix
|
||||||
|
./influxdb2.nix
|
||||||
./jellyfin.nix
|
./jellyfin.nix
|
||||||
./keybase.nix
|
./keybase.nix
|
||||||
./mullvad.nix
|
./mullvad.nix
|
||||||
|
56
modules/nixos/services/influxdb2.nix
Normal file
56
modules/nixos/services/influxdb2.nix
Normal file
@ -0,0 +1,56 @@
|
|||||||
|
{ config, lib, ... }: {
|
||||||
|
|
||||||
|
config = {
|
||||||
|
|
||||||
|
services.influxdb2 = {
|
||||||
|
provision = {
|
||||||
|
enable = true;
|
||||||
|
initialSetup = {
|
||||||
|
bucket = "default";
|
||||||
|
organization = "main";
|
||||||
|
passwordFile = config.secrets.influxdb2Password.dest;
|
||||||
|
retention = 0; # Keep data forever
|
||||||
|
tokenFile = config.secrets.influxdb2Token.dest;
|
||||||
|
username = "admin";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
settings = { };
|
||||||
|
};
|
||||||
|
|
||||||
|
# Create credentials file for InfluxDB admin
|
||||||
|
secrets.influxdb2Password = lib.mkIf config.services.influxdb2.enable {
|
||||||
|
source = ../../../private/influxdb2-password.age;
|
||||||
|
dest = "${config.secretsDirectory}/influxdb2-password";
|
||||||
|
owner = "influxdb2";
|
||||||
|
group = "influxdb2";
|
||||||
|
permissions = "0440";
|
||||||
|
};
|
||||||
|
systemd.services.influxdb2Password-secret =
|
||||||
|
lib.mkIf config.services.influxdb2.enable {
|
||||||
|
requiredBy = [ "influxdb2.service" ];
|
||||||
|
before = [ "influxdb2.service" ];
|
||||||
|
};
|
||||||
|
secrets.influxdb2Token = lib.mkIf config.services.influxdb2.enable {
|
||||||
|
source = ../../../private/influxdb2-token.age;
|
||||||
|
dest = "${config.secretsDirectory}/influxdb2-token";
|
||||||
|
owner = "influxdb2";
|
||||||
|
group = "influxdb2";
|
||||||
|
permissions = "0440";
|
||||||
|
};
|
||||||
|
systemd.services.influxdb2Token-secret =
|
||||||
|
lib.mkIf config.services.influxdb2.enable {
|
||||||
|
requiredBy = [ "influxdb2.service" ];
|
||||||
|
before = [ "influxdb2.service" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
caddy.routes = lib.mkIf config.services.influxdb2.enable [{
|
||||||
|
match = [{ host = [ config.hostnames.influxdb ]; }];
|
||||||
|
handle = [{
|
||||||
|
handler = "reverse_proxy";
|
||||||
|
upstreams = [{ dial = "localhost:8086"; }];
|
||||||
|
}];
|
||||||
|
}];
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
14
private/influxdb2-password.age
Normal file
14
private/influxdb2-password.age
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyBhUEdQ
|
||||||
|
ejFtQWFabkl3YTJmUmRDS2M1elBrMU5yVHhWWlFLMHdOdlNsNEFRCmREU3ZZWlZi
|
||||||
|
R1RLQVorT2dDbFRXc2toMExpNWR1WUEvaVlzUFJ5ZUU3azQKLT4gc3NoLWVkMjU1
|
||||||
|
MTkgWXlTVU1RIDY5OGpSWlFTT2EvUzV4ajQwUG5YL3loSWhGbjV6U2J4TkFhQm5Y
|
||||||
|
RWhvMXcKbUVpQm5wRmtLRGV2SWYzb2c3dnZYREdRSnRtdjJJcjRKTk0rbnMyZmVB
|
||||||
|
cwotPiBzc2gtZWQyNTUxOSBuanZYNUEgd0o4WGhTQnlkVGhhWG44MmQ1UXFVWjFO
|
||||||
|
MS9JcVpEOEIvd3ZuNmVmN2d3dwpYNXF5V05WbHRobVlIWVM2VHN1TjcyVG81cHp1
|
||||||
|
V0pnWTduZFFWQks2ZFY0Ci0+IHNzaC1lZDI1NTE5IENxSU9VQSBkWXlRejFNdHJk
|
||||||
|
azg0aUpzL1JMSWUvWkdXUmpLc3pVUEZTNGFwTG0rRlNrCjMyVTE5c1pjRlowVlJ4
|
||||||
|
YmFtRzEzV1dCU0FoeUJPMjQzWHErc0h4RWhLbDgKLS0tIHhzK20vTzFPdVROVW44
|
||||||
|
MkNhb2VWZHBqeXY0MWZuTDFUMXdNazMwTG8yZTQK1CrrD2tin/3ZhV2D1XJvkbUN
|
||||||
|
2Nw4ASdPdRXaQJw5CMhlrW6rgSnC81j0249F7D7ZfAlo62ANOfLyL9Lv2FVGzg==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
14
private/influxdb2-token.age
Normal file
14
private/influxdb2-token.age
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyBmTnVo
|
||||||
|
eFlINGttSEZYTlZucVVWemlMMk0reHNKcjF3SmhCQllXdmw5RzBBCnl0NWZVb1ZW
|
||||||
|
MWRzc05pNVVWTlRyNzNRaDlYTm5TSVF3ZGNMclhyY0R3bUkKLT4gc3NoLWVkMjU1
|
||||||
|
MTkgWXlTVU1RIEppTjJPUmxlamdLY2xxRVBwcFBmTTdOM3dLU3h3YnA2TlhRWXRu
|
||||||
|
OGJrR28KMW9JQUFDcXFLOTk4NDVHQmJucEZuOElLaG5Eb1lyK1NGTUJaMkFONit1
|
||||||
|
dwotPiBzc2gtZWQyNTUxOSBuanZYNUEgZkF5MVNGK3FRV2JPVDFGMkY5SWxGWVVK
|
||||||
|
YThUVFk2VGZZNXN6UWx3eFJ6MAp0d3NGWTRuLzNOb0VxdVUvZ1YwR0lWemc2NDR2
|
||||||
|
VFI2eWRjS242SEJrQWx3Ci0+IHNzaC1lZDI1NTE5IENxSU9VQSBpY2JoaGRKY0ZR
|
||||||
|
Y2txWFM1ODJyaW03b0xuRGlJMkVidEVZMGdiU1pTZ1hVCk0yeGF6VWU5LzF0Z1dL
|
||||||
|
cnlDUCtLL01EWWo2Q0dYcjdtSjRtSnFjUHNWdzAKLS0tIEI4aWpNc0xqU3ZsLzcz
|
||||||
|
TThFNXd0YjQ2MEMzc0JOQXZnTnBaTVg0V1hITzgK8GYZG8/fGXk6ELSB6rnLX0ke
|
||||||
|
QqiztfVnV/fpgEgJ/K60Ea3aBe3ELpejzFKZfno+jesvnL5DCMGz7QRRpnThLQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
Loading…
Reference in New Issue
Block a user