sokai/mynixos-config
1
1
Fork 0
forked from mirrors_public/oddlama_nix-config
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: finish vlan setup

Browse source
This commit is contained in:
oddlama 2024-12-20 01:05:17 +01:00
parent d0448757bf
commit 297d19fa0c
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
16 changed files with 115 additions and 100 deletions
Download patch file Download diff file Expand all files Collapse all files

30
hosts/sire/guests/grafana.nix
View file

@ -65,12 +65,13 @@ in
group = "influxdb2";
};
services.influxdb2.provision.organizations.machines.auths."grafana machines:telegraf (${config.node.name})" = {
readBuckets = [ "telegraf" ];
writeBuckets = [ "telegraf" ];
tokenFile =
nodes.sire-influxdb.config.age.secrets."grafana-influxdb-token-machines-${config.node.name}".path;
};
services.influxdb2.provision.organizations.machines.auths."grafana machines:telegraf (${config.node.name})" =
{
readBuckets = [ "telegraf" ];
writeBuckets = [ "telegraf" ];
tokenFile =
nodes.sire-influxdb.config.age.secrets."grafana-influxdb-token-machines-${config.node.name}".path;
};
age.secrets."grafana-influxdb-token-home-${config.node.name}" = {
inherit (config.age.secrets.grafana-influxdb-token-home) rekeyFile;
@ -78,12 +79,13 @@ in
group = "influxdb2";
};
services.influxdb2.provision.organizations.home.auths."grafana home:home_assistant (${config.node.name})" = {
readBuckets = [ "home_assistant" ];
writeBuckets = [ "home_assistant" ];
tokenFile =
nodes.sire-influxdb.config.age.secrets."grafana-influxdb-token-home-${config.node.name}".path;
};
services.influxdb2.provision.organizations.home.auths."grafana home:home_assistant (${config.node.name})" =
{
readBuckets = [ "home_assistant" ];
writeBuckets = [ "home_assistant" ];
tokenFile =
nodes.sire-influxdb.config.age.secrets."grafana-influxdb-token-home-${config.node.name}".path;
};
};
globals.services.grafana.domain = grafanaDomain;
@ -144,8 +146,8 @@ in
proxyWebsockets = true;
};
extraConfig = ''
allow ${globals.net.home-lan.cidrv4};
allow ${globals.net.home-lan.cidrv6};
allow ${globals.net.home-lan.vlans.services.cidrv4};
allow ${globals.net.home-lan.vlans.services.cidrv6};
deny all;
'';
};