Compare commits

...

8 commits

23 changed files with 400 additions and 107 deletions

View file

@ -420,6 +420,21 @@
"type": "github" "type": "github"
} }
}, },
"nix-flatpak": {
"locked": {
"lastModified": 1721549352,
"narHash": "sha256-nlXJa8RSOX0kykrIYW33ukoHYq+FOSNztHLLgqKwOp8=",
"owner": "gmodena",
"repo": "nix-flatpak",
"rev": "dbce39ea8664820ba9037caaf1e2fad365ed6b4b",
"type": "github"
},
"original": {
"owner": "gmodena",
"repo": "nix-flatpak",
"type": "github"
}
},
"nix-index-database": { "nix-index-database": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -539,6 +554,7 @@
"hyprland": "hyprland", "hyprland": "hyprland",
"hyprland-contrib": "hyprland-contrib", "hyprland-contrib": "hyprland-contrib",
"neovim-nightly-overlay": "neovim-nightly-overlay", "neovim-nightly-overlay": "neovim-nightly-overlay",
"nix-flatpak": "nix-flatpak",
"nix-index-database": "nix-index-database", "nix-index-database": "nix-index-database",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",

View file

@ -18,6 +18,7 @@
neovim-nightly-overlay = { neovim-nightly-overlay = {
url = "github:nix-community/neovim-nightly-overlay"; url = "github:nix-community/neovim-nightly-overlay";
}; };
nix-flatpak.url = "github:gmodena/nix-flatpak";
hyprland-contrib = { hyprland-contrib = {
url = "github:hyprwm/contrib"; url = "github:hyprwm/contrib";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -51,11 +52,13 @@
, neovim-nightly-overlay , neovim-nightly-overlay
, nix-index-database , nix-index-database
, rust-overlay , rust-overlay
, nix-flatpak
, ... , ...
}: }:
let let
commonModules = [ commonModules = [
nur.nixosModules.nur nur.nixosModules.nur
nix-flatpak.nixosModules.nix-flatpak
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
nix-index-database.nixosModules.nix-index nix-index-database.nixosModules.nix-index
{ {

View file

@ -41,6 +41,16 @@
"bind" "bind"
]; ];
}; };
fileSystems."/nas/public/Public" = {
device = "/nas/Syncthing/Sync/Public";
fsType = "auto";
options = [
"defaults"
"nofail"
"nobootwait"
"bind"
];
};
swapDevices = [ ]; swapDevices = [ ];
@ -86,6 +96,7 @@
}; };
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.enableAllFirmware = true;
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.opengl = { hardware.opengl = {
enable = true; enable = true;

View file

@ -227,7 +227,7 @@ in
]; ];
}; };
extraConfig = /*hyprlang*/ '' extraConfig = /*hyprlang*/ ''
exec-once=dbus-update-activation-enviroment --all exec-once=dbus-update-activation-environment --all
exec-once=${gnome-keyring.path} ${config.sops.secrets."gnome-keyring/${config.home.username}".path} exec-once=${gnome-keyring.path} ${config.sops.secrets."gnome-keyring/${config.home.username}".path}
exec-once=foot --server exec-once=foot --server

View file

@ -5,32 +5,31 @@ let
in in
{ {
config = mkIf cfg.enable { config = mkIf cfg.enable {
programs.yazi = { programs.yazi = {
enable = true; enable = true;
enableZshIntegration = true; enableZshIntegration = true;
keymap = { keymap = {
manager.prepend_keymap = [ manager.prepend_keymap = [
{ # {
on = [ "m" ]; # on = [ "m" ];
run = "plugin bookmarks --args=save"; # run = "plugin bookmarks --args=save";
desc = "Save current position as a bookmark"; # desc = "Save current position as a bookmark";
} # }
{ # {
on = [ "'" ]; # on = [ "'" ];
run = "plugin bookmarks --args=jump"; # run = "plugin bookmarks --args=jump";
desc = "Jump to a bookmark"; # desc = "Jump to a bookmark";
} # }
{ # {
on = [ "b" "d" ]; # on = [ "b" "d" ];
run = "plugin bookmarks --args=delete"; # run = "plugin bookmarks --args=delete";
desc = "Delete a bookmark"; # desc = "Delete a bookmark";
} # }
{ # {
on = [ "b" "D" ]; # on = [ "b" "D" ];
run = "plugin bookmarks --args=delete_all"; # run = "plugin bookmarks --args=delete_all";
desc = "Delete all bookmarks"; # desc = "Delete all bookmarks";
} # }
]; ];
}; };
settings = { settings = {
@ -80,6 +79,12 @@ in
{ name = "*"; use = "open"; } { name = "*"; use = "open"; }
]; ];
}; };
plugin = {
prepend_previewers = [
{ mime = "{image,audio,video}/*"; run = "mediainfo"; }
{ mime = "application/x-subrip"; run = "mediainfo"; }
];
};
}; };
}; };
home.file = { home.file = {
@ -92,22 +97,31 @@ in
sha256 = "sha256-TSmZwy9jhf0D+6l4KbNQ6BjHbL0Vfo/yL3wt8bjo/EM="; sha256 = "sha256-TSmZwy9jhf0D+6l4KbNQ6BjHbL0Vfo/yL3wt8bjo/EM=";
}; };
}; };
".config/yazi/init.lua".text = /*lua*/ '' ".config/yazi/plugins/mediainfo.yazi" = {
require("bookmarks"):setup({ recursive = true;
last_directory = { enable = false, persist = false }, source = pkgs.fetchFromGitHub {
persist = "none", owner = "Ape";
desc_format = "full", repo = "mediainfo.yazi";
notify = { rev = "c69314e80f5b45fe87a0e06a10d064ed54110439";
enable = false, hash = "sha256-8xdBPdKSiwB7iRU8DJdTHY+BjfR9D3FtyVtDL9tNiy4=";
timeout = 1, };
message = { };
new = "New bookmark '<key>' -> '<folder>'", # ".config/yazi/init.lua".text = /*lua*/ ''
delete = "Deleted bookmark in '<key>'", # require("bookmarks"):setup({
delete_all = "Deleted all bookmarks", # last_directory = { enable = false, persist = false },
}, # persist = "none",
}, # desc_format = "full",
}) # notify = {
''; # enable = false,
# timeout = 1,
# message = {
# new = "New bookmark '<key>' -> '<folder>'",
# delete = "Deleted bookmark in '<key>'",
# delete_all = "Deleted all bookmarks",
# },
# },
# })
# '';
}; };
}; };
} }

View file

@ -30,11 +30,11 @@ in
shellAliases = { shellAliases = {
ls = "${pkgs.eza}/bin/eza -lah"; ls = "${pkgs.eza}/bin/eza -lah";
cat = "${pkgs.bat}/bin/bat"; cat = "${pkgs.bat}/bin/bat";
update = "sudo nixos-rebuild switch --flake $HOME/dotfiles"; update = "nh os switch";
superupdate = "(cd $HOME/dotfiles && nix flake update && sudo nixos-rebuild switch --flake $HOME/dotfiles)"; superupdate = "nh os switch --update";
uptest = "nh os test";
lg = "${pkgs.lazygit}/bin/lazygit"; lg = "${pkgs.lazygit}/bin/lazygit";
du = "${pkgs.dust}/bin/dust"; du = "${pkgs.dust}/bin/dust";
uptest = "sudo nixos-rebuild test --flake $HOME/dotfiles";
dry = "sudo nixos-rebuild dry-activate --flake $HOME/dotfiles"; dry = "sudo nixos-rebuild dry-activate --flake $HOME/dotfiles";
jq = "${pkgs.gojq}/bin/gojq"; jq = "${pkgs.gojq}/bin/gojq";
n = lib.mkIf config.profile.neovide.enable "neovide"; n = lib.mkIf config.profile.neovide.enable "neovide";

View file

@ -8,6 +8,7 @@
./services.nix ./services.nix
./games.nix ./games.nix
./environments.nix ./environments.nix
./flatpak.nix
]; ];
options.profile = { options.profile = {
@ -63,7 +64,6 @@
android.enable = lib.mkEnableOption "android"; android.enable = lib.mkEnableOption "android";
avahi.enable = lib.mkEnableOption "avahi"; avahi.enable = lib.mkEnableOption "avahi";
bluetooth.enable = lib.mkEnableOption "bluetooth"; bluetooth.enable = lib.mkEnableOption "bluetooth";
flatpak.enable = lib.mkEnableOption "flatpak";
gnome.enable = lib.mkEnableOption "gnome"; gnome.enable = lib.mkEnableOption "gnome";
kde.enable = lib.mkEnableOption "kde"; kde.enable = lib.mkEnableOption "kde";
networking.firewall = { networking.firewall = {

10
options/flatpak.nix Normal file
View file

@ -0,0 +1,10 @@
{ lib, ... }:
let
inherit (lib) mkEnableOption;
in
{
options.profile.flatpak = {
enable = mkEnableOption "flatpak";
zen-browser.enable = mkEnableOption "zen-browser";
};
}

View file

@ -22,5 +22,29 @@ in
wireguard.enable = mkEnableOption "wireguard"; wireguard.enable = mkEnableOption "wireguard";
photoprism.enable = mkEnableOption "photoprism"; photoprism.enable = mkEnableOption "photoprism";
navidrome.enable = mkEnableOption "navidrome"; navidrome.enable = mkEnableOption "navidrome";
telemetry = {
enable = mkEnableOption "telemetry";
grafana.enable = mkOption {
type = types.bool;
default = config.profile.services.telemetry.enable;
};
loki.enable = mkOption {
type = types.bool;
default = config.profile.services.telemetry.enable;
};
promtail.enable = mkOption {
type = types.bool;
default = config.profile.services.telemetry.enable;
};
tempo.enable = mkOption {
type = types.bool;
default = config.profile.services.telemetry.enable;
};
minio.enable = mkOption {
type = types.bool;
default = config.profile.services.telemetry.enable;
};
};
}; };
} }

View file

@ -75,6 +75,11 @@ in
dbeaver.enable = true; dbeaver.enable = true;
kde.enable = false; kde.enable = false;
flatpak = {
enable = true;
zen-browser.enable = true;
};
microsoft-edge.enable = true; microsoft-edge.enable = true;
nextcloud.enable = false; nextcloud.enable = false;

View file

@ -69,6 +69,7 @@
wireguard.enable = true; wireguard.enable = true;
photoprism.enable = true; photoprism.enable = true;
navidrome.enable = true; navidrome.enable = true;
telemetry.enable = true;
}; };
}; };
} }

31
secrets/telemetry.yaml Normal file
View file

@ -0,0 +1,31 @@
grafana:
admin_user: ENC[AES256_GCM,data:pg3WnfsF8L+/Tg==,iv:wh8VM567ClsFz7GS00OCh9kx3HZCz5GZ/BaTtOt3ksk=,tag:k6mJiktl1Met6Kzl738jpQ==,type:str]
admin_password: ENC[AES256_GCM,data:EFJfC78YtBLF5CIxLLhN9deZYcSL7/EfS4w=,iv:qrNi3WsRD26W5L67Fxch7qasEUh9vTj6HUWZs5PGz4o=,tag:bxW1CJyXOcz/pgN39ncQ+w==,type:str]
admin_email: ENC[AES256_GCM,data:2cvoq65K2/mdDuykkPVZryDJeNCK,iv:rU4jUYm+3dcvx1KooN9mWQDoovn7t+V7z1eU1m7VagE=,tag:Bhdbiq4BXO3nDwG9StUOkQ==,type:str]
secret_key: ENC[AES256_GCM,data:f4f1YF27VU/893HASHmCVL8vnsJEaHD33GOdFVpMj81MOutXqb7d03Hb1DYkDV3aMVmEdpvBcFK3SpZdFma3,iv:q6d59H1PniaVhw6tbd1maCelEGlAC4y2i38jMZ9Jn/Q=,tag:uSbCRstKy7C4Vwp+/FxF/Q==,type:str]
loki:
caddy:
basic_auth:
username: ENC[AES256_GCM,data:MRwky3O8LGS/4w==,iv:CUHjGRNc8NU5FqhqvpqbATmVE3Kg9Z0jMBFlzsAwON0=,tag:uZlxw9skd0VNLfZTJ/6ZSQ==,type:str]
#ENC[AES256_GCM,data:t+u4g7nvpq2U27CHgmu1xi2Ppwv7cJf1s6Et,iv:LtwoPoxsQn1MujHRoD6SqDLm8uN4uBpuIVmn23DDgjI=,tag:PKOHF5vcQzHszpp1sfuU0Q==,type:comment]
password: ENC[AES256_GCM,data:GcQ6x8ewxInmAcQwhhwJgXMHxd/ygkscsp2vg7PILEeaOv1heBX0fTHb0sRyAfhLxwKDH84LtGb37656,iv:UEQ7dgqNEKisalpPXFffsVzn6kXDt9DmJP6ec3LOHRE=,tag:CyPPqG2Vf8eeSVzAASintQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1kruum2varzua7w5n6n52vhwyek2arc685rhcwt0u7k2jf5mecsjslkl9ll
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1KzFkak5QQ01MUVV0djVH
cXlveDhxU3RRelhNL3JQbE1xVWNlaFYzem40CmtGYlpZMTJPS2lKUGl2Vy9CVW5j
bFoyNVlJM1lmSGhSM2lGREN3N3VXWTAKLS0tIE9xWFpoTUdrVVBtOS9lckRXWGc1
bzYzSEQrRkN6WVVmN254a2NCcUxGVFkK4aHv8tiFiNEnd7I5LB0Jd/4upkEEEXis
9A5hdTn20EqL62QuHeYRav1TRu42dp+R4iZAlVl9cRzThkzZKJdHlg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-08-29T05:57:46Z"
mac: ENC[AES256_GCM,data:JGrZUe8PLjlcHULvVa8Yi8ORAW5bMKOMxSGbJ2UFji9byRGu+JHaU7gdF45lrR5XKxJZLmZesWI9fRjsnlEd9WDTEroiwFo965mYFcdmbrJb37BIRO6Thy6C77GXMNcOVW2hBgcVDckNIbAk3qgvVG2QOZ5VKwxPLVQPsfWfCFs=,iv:Do05RY+cgahdv8/Nk6RIOxBA6x28GxyErrgSQRoIR80=,tag:HoqhdhZmcS3QxXGfZyxfFw==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

View file

@ -1,8 +1,9 @@
{ hardware-configuration, profile-path, config, ... }: { hardware-configuration, profile-path, config, pkgs, ... }:
{ {
imports = [ imports = [
profile-path profile-path
hardware-configuration hardware-configuration
./flatpak
./modules ./modules
./services ./services
./podman ./podman
@ -25,11 +26,11 @@
connect-timeout = 5 connect-timeout = 5
''; '';
nix.gc = { # nix.gc = {
automatic = true; # automatic = true;
dates = "weekly"; # dates = "weekly";
options = "--delete-older-than 7d"; # options = "--delete-older-than 7d";
}; # };
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
@ -65,4 +66,19 @@
RestartSec = "10s"; RestartSec = "10s";
}; };
}; };
programs.nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 4d --keep 3";
flake = "/home/${config.profile.user.name}/dotfiles";
};
environment.variables.FLAKE = "/home/${config.profile.user.name}/dotfiles";
environment.systemPackages = with pkgs; [
# Tools for nh
nix-output-monitor
nvd
];
} }

View file

@ -0,0 +1,19 @@
{ config, lib, ... }:
let
cfg = config.profile.flatpak;
inherit (lib.lists) optional;
in
{
config = lib.mkIf cfg.enable {
fonts.fontDir.enable = true;
services.flatpak = {
enable = true;
update.auto = {
enable = true;
onCalendar = "weekly"; # Default value
};
packages = [ ]
++ optional cfg.zen-browser.enable "io.github.zen_browser.zen";
};
};
}

View file

@ -7,7 +7,6 @@
./bluetooth.nix ./bluetooth.nix
./boot_loader.nix ./boot_loader.nix
./brightnessctl.nix ./brightnessctl.nix
./flatpak.nix
./font.nix ./font.nix
./gnome.nix ./gnome.nix
./hyprland.nix ./hyprland.nix

View file

@ -1,55 +0,0 @@
{ config, pkgs, lib, ... }:
let
cfg = config.profile.flatpak;
in
{
config = lib.mkIf cfg.enable {
# Allow flatpak to access fonts
fonts.fontDir.enable = true;
services.flatpak.enable = true;
# system.fsPackages = [ pkgs.bindfs ];
# Allows user installed fonts to be accessed by flatpak
# fileSystems =
# let
# mkRoSymBind = path: {
# device = path;
# fsType = "fuse.bindfs";
# options = [ "ro" "resolve-symlinks" "x-gvfs-hide" ];
# };
# aggregatedFonts = pkgs.buildEnv {
# name = "system-fonts";
# paths = config.fonts.packages;
# pathsToLink = [ "/share/fonts" ];
# };
# in
# {
# # Create an FHS mount to support flatpak host icons/fonts
# "/usr/share/icons" = mkRoSymBind (config.system.path + "/share/icons");
# "/usr/share/fonts" = mkRoSymBind (aggregatedFonts + "/share/fonts");
# };
xdg.portal = {
enable = true;
xdgOpenUsePortal = true;
# extraPortals = with pkgs; [
# # xdg-desktop-portal-gtk
# # xdg-desktop-portal-kde
# # xdg-desktop-portal-gnome
# ];
};
# Auto update flatpak every boot with systemd
# systemd.services.flatpak-update = {
# wantedBy = [ "multi-user.target" ];
# after = [ "network-online.target" ];
# wants = [ "network-online.target" ];
# description = "Auto update flatpak every boot after network is online";
# serviceConfig = {
# Type = "oneshot";
# ExecStart = ''${pkgs.flatpak}/bin/flatpak update --assumeyes --noninteractive --system'';
# };
# };
};
}

View file

@ -2,11 +2,11 @@
let let
dbus-sway-environment = pkgs.writeTextFile { dbus-sway-environment = pkgs.writeTextFile {
name = "dbus-sway-environment"; name = "dbus-sway-environment";
destination = "/bin/dbus-sway-enviroment"; destination = "/bin/dbus-sway-environment";
executable = true; executable = true;
text = '' text = ''
dbus-update-activation-enviroment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway
systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr
systemctl --user start pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr systemctl --user start pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr
''; '';

View file

@ -1,10 +1,14 @@
{ config, lib, ... }: { config, lib, pkgs, ... }:
let let
cfg = config.profile.programs.yazi; cfg = config.profile.programs.yazi;
inherit (lib) mkIf; inherit (lib) mkIf;
in in
{ {
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
mediainfo
ffmpegthumbnailer
];
programs.yazi = { programs.yazi = {
enable = true; enable = true;
settings = { settings = {

View file

@ -1,6 +1,8 @@
{ ... }: { ... }:
{ {
imports = [ imports = [
./telemetry
./caddy.nix ./caddy.nix
./cockpit.nix ./cockpit.nix
./forgejo.nix ./forgejo.nix

View file

@ -143,6 +143,26 @@ in
"living-room-system" "living-room-system"
]; ];
}; };
"/nas/Syncthing/Sync/General" = {
label = "General";
id = "General";
devices = [
"s20fe"
"work-laptop"
"windows"
"living-room-system"
];
};
"/nas/Syncthing/Sync/Public" = {
label = "Public";
id = "Public";
devices = [
"s20fe"
"work-laptop"
"windows"
"living-room-system"
];
};
}; };
devices = { devices = {
s20fe = { s20fe = {

View file

@ -0,0 +1,7 @@
{ ... }:
{
imports = [
./grafana.nix
./loki.nix
];
}

View file

@ -0,0 +1,59 @@
{ config, lib, pkgs, ... }:
let
cfg = config.profile.services.telemetry.grafana;
inherit (lib) mkIf;
grafanaDomain = "grafana.tigor.web.id";
in
{
config = mkIf cfg.enable {
sops.secrets =
let
opts = {
sopsFile = ../../../secrets/telemetry.yaml;
owner = "grafana";
};
in
{
"grafana/admin_user" = opts;
"grafana/admin_password" = opts;
"grafana/admin_email" = opts;
"grafana/secret_key" = opts;
};
services.caddy.virtualHosts.${grafanaDomain}.extraConfig = ''
reverse_proxy ${config.services.grafana.settings.server.http_addr}:${toString config.services.grafana.settings.server.http_port}
'';
services.grafana = {
enable = true;
package = pkgs.grafana;
settings = {
# https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/
server = {
protocol = "http"; # served behind caddy
http_addr = "0.0.0.0";
http_port = 44518;
domain = grafanaDomain;
root_url = "https://${grafanaDomain}";
enable_gzip = true;
};
database = {
type = "sqlite3";
cache_mode = "shared";
wal = true;
query_retries = 3;
};
security = {
# Admin credentials is already available in the secrets
admin_user = "$__file{${config.sops.secrets."grafana/admin_user".path}}";
admin_password = "$__file{${config.sops.secrets."grafana/admin_password".path}}";
admin_email = "$__file{${config.sops.secrets."grafana/admin_email".path}}";
secret_key = "$__file{${config.sops.secrets."grafana/secret_key".path}}";
cookie_secure = true;
cookie_samesite = "lax";
strict_transport_security = true;
};
};
};
};
}

View file

@ -0,0 +1,107 @@
{ config, lib, ... }:
let
cfg = config.profile.services.telemetry.loki;
inherit (lib) mkIf;
lokiDomain = "loki.tigor.web.id";
in
{
config = mkIf cfg.enable {
sops =
let
usernameKey = "loki/caddy/basic_auth/username";
passwordKey = "loki/caddy/basic_auth/password";
in
{
secrets =
let
opts = { sopsFile = ../../../secrets/telemetry.yaml; owner = "grafana"; };
in
{
${usernameKey} = opts;
${passwordKey} = opts;
};
templates = {
"loki/caddy/basic_auth".content = /*sh*/ ''
LOKI_USERNAME=${config.sops.placeholder.${usernameKey}}
LOKI_PASSWORD=${config.sops.placeholder.${passwordKey}}
'';
};
};
systemd.services."caddy".serviceConfig = {
EnvironmentFile = [ config.sops.templates."loki/caddy/basic_auth".path ];
};
services.caddy.virtualHosts.${lokiDomain}.extraConfig = /*caddy*/ ''
basicauth {
{$LOKI_USERNAME} {$LOKI_PASSWORD}
}
reverse_proxy ${config.services.loki.configuration.server.http_listen_address}:${toString config.services.loki.configuration.server.http_listen_port}
'';
services.loki =
let
dataDir = config.services.loki.dataDir;
in
{
enable = true;
configuration = {
# https://grafana.com/docs/loki/latest/configure/examples/configuration-examples/
auth_enabled = false;
server = {
http_listen_address = "0.0.0.0";
http_listen_port = 3100;
grpc_listen_port = 9095;
};
common = {
path_prefix = dataDir;
replication_factor = 1;
ring = {
instance_addr = "127.0.0.1";
kvstore.store = "inmemory";
};
};
schema_config = {
configs = [
{
from = "2024-08-29";
store = "tsdb";
object_store = "filesystem";
schema = "v13";
index = {
prefix = "index_";
period = "24h";
};
}
];
};
storage_config = {
filesystem = {
directory = "${dataDir}/chunks";
};
};
};
};
# https://grafana.com/docs/grafana/latest/datasources/loki/
services.grafana.provision.datasources.settings.datasources = [
{
name = "Loki";
type = "loki";
access = "proxy";
url = "http://${config.services.loki.configuration.server.http_listen_address}:${toString config.services.loki.configuration.server.http_listen_port}";
basicAuth = true;
basicAuthUser = "$__file{${config.sops.secrets."loki/caddy/basic_auth/username".path}}";
jsonData = {
timeout = 60;
maxLines = 1000;
};
secureJsonData = {
basicAuthPassword = "$__file{${config.sops.secrets."loki/caddy/basic_auth/password".path}}";
};
}
];
};
}