nix-config/hosts/franz/arion/stats/default.nix

60 lines
1.7 KiB
Nix
Raw Normal View History

{config, ...}: let
vars = import ../../../../vars.nix;
in {
virtualisation.arion = {
projects.stats.settings = {
imports = [./arion-compose.nix];
};
};
2024-08-09 16:03:31 +02:00
sops.secrets."stats/oidc_client_id" = {
owner = vars.user;
};
sops.secrets."stats/oidc_client_secret" = {
owner = vars.user;
};
sops.templates."grafana.env" = {
path = "/home/${vars.user}/.docker/stats/grafana.env";
owner = vars.user;
mode = "0775";
content = ''
GF_AUTH_GENERIC_OAUTH_CLIENT_ID="${config.sops.placeholder."stats/oidc_client_id"}"
GF_AUTH_GENERIC_OAUTH_CLIENT_SECRET="${config.sops.placeholder."stats/oidc_client_secret"}"
'';
};
systemd.services.add-loki-logging-driver = {
description = "Add grafana loki docker driver";
after = ["network.target"];
wantedBy = ["multi-user.target"];
serviceConfig.Type = "oneshot";
script = let
dockercli = "${config.virtualisation.docker.package}/bin/docker";
in ''
# Put a true at the end to prevent getting non-zero return code, which will
# crash the whole service.
check=$(${dockercli} plugin ls | grep "loki" || true)
if [ -z "$check" ]; then
${dockercli} plugin install grafana/loki-docker-driver:latest --alias loki --grant-all-permissions
else
echo "loki docker driver already exists in docker"
fi
'';
};
virtualisation.docker.daemon.settings = {
debug = true;
log-driver = "loki";
log-opts = {
loki-url = "http://localhost:3100/loki/api/v1/push";
loki-batch-size = "400";
loki-max-backoff = "800ms";
loki-retries = "2";
loki-timeout = "1s";
keep-file = "true";
};
};
}