xin/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

biotite: move all services to biotite except kanidm

Browse source
This commit is contained in:
xinyangli 2024-12-05 13:28:22 +08:00
parent 7bc5db676d
commit 756357552a
Signed by: xin
SSH key fingerprint: SHA256:UU5pRTl7NiLFJbWJZa+snLylZSXIz5rgHmwjzv8v4oE
13 changed files with 78 additions and 52 deletions
Download patch file Download diff file Expand all files Collapse all files

10
modules/nixos/monitor/default.nix
View file

@ -11,6 +11,7 @@ let
mkMerge
types
;
inherit (config.my-lib.settings) ntfyUrl;
cfg = config.custom.prometheus;
mkRulesOption = mkOption {
@ -121,12 +122,11 @@ in
name = "ntfy";
webhook_configs = [
{
url = "https://ntfy.xinyang.life/prometheus-alerts?tpl=yes&m=${lib.escapeURL ''
Alert {{.status}}
{{range .alerts}}-----{{range $k,$v := .labels}}
url = "${ntfyUrl}/prometheus-alerts?tpl=yes&m=${lib.escapeURL ''
{{range .alerts}}[{{ if eq .status "resolved" }} RESOLVED{{ else }}{{ if eq .status "firing" }}🔥 FIRING{{end}}{{end}}]{{range $k,$v := .labels}}
{{$k}}={{$v}}{{end}}
{{end}}
''}";
{{end}}''}";
send_resolved = true;
}
];

11
modules/nixos/monitor/grafana.nix
View file

@ -1,5 +1,6 @@
{ config, lib, ... }:
let
inherit (config.my-lib.settings) grafanaUrl idpUrl;
cfg = config.custom.monitoring.grafana;
in
{
@ -13,17 +14,17 @@ in
server = {
http_addr = "127.0.0.1";
http_port = 3003;
root_url = "https://grafana.xinyang.life";
domain = "grafana.xinyang.life";
root_url = grafanaUrl;
domain = lib.removePrefix "https://" grafanaUrl;
};
"auth.generic_oauth" = {
enabled = true;
name = "Kanidm";
client_id = "grafana";
scopes = "openid,profile,email,groups";
auth_url = "https://auth.xinyang.life/ui/oauth2";
token_url = "https://auth.xinyang.life/oauth2/token";
api_url = "https://auth.xinyang.life/oauth2/openid/grafana/userinfo";
auth_url = "${idpUrl}/ui/oauth2";
token_url = "${idpUrl}/oauth2/token";
api_url = "${idpUrl}/oauth2/openid/grafana/userinfo";
use_pkce = true;
use_refresh_token = true;
allow_sign_up = true;