From a8cb1f33b2c0ea49c434b5f251fe45938d050f6a Mon Sep 17 00:00:00 2001
From: Seth Flynn <getchoo@tuta.io>
Date: Thu, 20 Feb 2025 04:19:27 -0500
Subject: nixos: include nginx proxies in mixins

---
 modules/nixos/mixins/grafana.nix | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

(limited to 'modules/nixos/mixins/grafana.nix')

diff --git a/modules/nixos/mixins/grafana.nix b/modules/nixos/mixins/grafana.nix
index 6d6a942..03f2c6a 100644
--- a/modules/nixos/mixins/grafana.nix
+++ b/modules/nixos/mixins/grafana.nix
@@ -5,6 +5,10 @@
   ...
 }:
 
+let
+  grafanaCfg = config.services.grafana;
+in
+
 {
   config = lib.mkMerge [
     {
@@ -21,12 +25,23 @@
             domain = lib.mkDefault ("grafana." + config.networking.domain);
             enable_gzip = true;
             enforce_domain = true;
-            root_url = "https://" + config.services.grafana.settings.server.domain + "/";
+            root_url = "https://" + grafanaCfg.settings.server.domain + "/";
           };
         };
       };
     }
 
+    (lib.mkIf grafanaCfg.enable {
+      services = {
+        nginx.virtualHosts.${grafanaCfg.settings.server.domain} = {
+          locations."/" = {
+            proxyPass = "http://${grafanaCfg.settings.server.http_addr}:${toString grafanaCfg.settings.server.http_port}";
+            proxyWebsockets = true;
+          };
+        };
+      };
+    })
+
     (lib.mkIf config.services.kanidm.enableServer {
       services.grafana = {
         settings = {
@@ -56,7 +71,7 @@
       };
     })
 
-    (lib.mkIf (config.services.grafana.enable && config.services.kanidm.enableServer) {
+    (lib.mkIf (grafanaCfg.enable && config.services.kanidm.enableServer) {
       age.secrets.grafanaKanidm = {
         file = secretsDir + "/grafanaKanidmSecret.age";
         owner = config.users.users.grafana.name;
-- 
cgit v1.2.3