2023-08-13 17:00:41 +01:00
|
|
|
{
|
|
|
|
|
config,
|
|
|
|
|
pkgs,
|
|
|
|
|
inputs,
|
|
|
|
|
lib,
|
|
|
|
|
...
|
|
|
|
|
}: let
|
2023-02-26 12:05:55 +00:00
|
|
|
port = 8086;
|
|
|
|
|
path = "/data/influxdb";
|
|
|
|
|
certPath = "${path}/cert.pem";
|
|
|
|
|
keyPath = "${path}/key.pem";
|
|
|
|
|
in {
|
2023-08-13 17:00:41 +01:00
|
|
|
networking.firewall.allowedTCPPorts = [port];
|
2023-02-26 12:05:55 +00:00
|
|
|
|
|
|
|
|
systemd.services.influxdb2-prep = {
|
|
|
|
|
script = ''
|
|
|
|
|
mkdir -p ${path}
|
|
|
|
|
cp -rv /var/lib/tailscale-certs/cert.pem ${certPath}
|
|
|
|
|
cp -rv /var/lib/tailscale-certs/key.pem ${keyPath}
|
|
|
|
|
chown -Rv influxdb2:influxdb2 ${path}
|
|
|
|
|
'';
|
|
|
|
|
serviceConfig = {
|
|
|
|
|
Type = "oneshot";
|
|
|
|
|
ReloadPropagatedFrom = "tailscale-cert.service";
|
|
|
|
|
};
|
2023-08-13 17:00:41 +01:00
|
|
|
before = ["influxdb2.service"];
|
|
|
|
|
wantedBy = ["multi-user.target"];
|
2023-02-26 12:05:55 +00:00
|
|
|
after = [
|
|
|
|
|
"network.target"
|
|
|
|
|
"network-online.target"
|
|
|
|
|
"tailscaled.service"
|
|
|
|
|
"tailscale-cert.service"
|
|
|
|
|
];
|
2023-08-13 17:00:41 +01:00
|
|
|
wants = ["tailscale-cert.service"];
|
2023-02-26 12:05:55 +00:00
|
|
|
};
|
|
|
|
|
|
2023-04-22 09:44:50 +01:00
|
|
|
systemd.services.influxdb2 = {
|
|
|
|
|
after = [
|
|
|
|
|
"network.target"
|
|
|
|
|
"network-online.target"
|
|
|
|
|
"tailscaled.service"
|
|
|
|
|
"tailscale-cert.service"
|
|
|
|
|
"tailscale-auth.service"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
|
2023-02-26 12:05:55 +00:00
|
|
|
services.influxdb2 = {
|
|
|
|
|
enable = true;
|
|
|
|
|
settings = {
|
2023-11-02 18:04:13 +00:00
|
|
|
http-bind-address = "0.0.0.0:${toString port}";
|
2023-02-26 12:05:55 +00:00
|
|
|
tls-cert = "${certPath}";
|
|
|
|
|
tls-key = "${keyPath}";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
}
|
