commit df3be1718a351df2bfa3ec8e2d592faabb62515e · pyrox.dev/nixpkgs

+44 -15

nixos/modules/services/monitoring/grafana.nix

···

       42
        
           AUTH_ANONYMOUS_ENABLED = boolToString cfg.auth.anonymous.enable;

     

       43
        
           AUTH_ANONYMOUS_ORG_NAME = cfg.auth.anonymous.org_name;

     

       44
        
           AUTH_ANONYMOUS_ORG_ROLE = cfg.auth.anonymous.org_role;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       45
        
       

     

       46
        
           ANALYTICS_REPORTING_ENABLED = boolToString cfg.analytics.reporting.enable;

     

       47
        
       

     
···

       528
        
             };

     

       529
        
           };

     

       530
        
       

     

       531
       -
           auth.anonymous = {

     

       532
       -
             enable = mkOption {

     

       533
       -
               description = "Whether to allow anonymous access.";

     

       534
       -
               default = false;

     

       535
       -
               type = types.bool;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       536
        
             };

     

       537
       -
             org_name = mkOption {

     

       538
       -
               description = "Which organization to allow anonymous access to.";

     

       539
       -
               default = "Main Org.";

     

       540
       -
               type = types.str;

     

       541
       -
             };

     

       542
       -
             org_role = mkOption {

     

       543
       -
               description = "Which role anonymous users have in the organization.";

     

       544
       -
               default = "Viewer";

     

       545
       -
               type = types.str;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       546
        
             };

     

       547
       -
       

     

       548
        
           };

     

       549
        
       

     

       550
        
           analytics.reporting = {

     
···

       609
        
               QT_QPA_PLATFORM = "offscreen";

     

       610
        
             } // mapAttrs' (n: v: nameValuePair "GF_${n}" (toString v)) envOptions;

     

       611
        
             script = ''

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       612
        
               ${optionalString (cfg.database.passwordFile != null) ''

     

       613
        
                 export GF_DATABASE_PASSWORD="$(cat ${escapeShellArg cfg.database.passwordFile})"

     

       614
        
               ''}

···

       42
        
           AUTH_ANONYMOUS_ENABLED = boolToString cfg.auth.anonymous.enable;

     

       43
        
           AUTH_ANONYMOUS_ORG_NAME = cfg.auth.anonymous.org_name;

     

       44
        
           AUTH_ANONYMOUS_ORG_ROLE = cfg.auth.anonymous.org_role;

     

       45
       +
           AUTH_GOOGLE_ENABLED = boolToString cfg.auth.google.enable;

     

       46
       +
           AUTH_GOOGLE_ALLOW_SIGN_UP = boolToString cfg.auth.google.allowSignUp;

     

       47
       +
           AUTH_GOOGLE_CLIENT_ID = cfg.auth.google.clientId;

     

       48
        
       

     

       49
        
           ANALYTICS_REPORTING_ENABLED = boolToString cfg.analytics.reporting.enable;

     

       50
        
       

     
···

       531
        
             };

     

       532
        
           };

     

       533
        
       

     

       534
       +
           auth = {

     

       535
       +
             anonymous = {

     

       536
       +
               enable = mkOption {

     

       537
       +
                 description = "Whether to allow anonymous access.";

     

       538
       +
                 default = false;

     

       539
       +
                 type = types.bool;

     

       540
       +
               };

     

       541
       +
               org_name = mkOption {

     

       542
       +
                 description = "Which organization to allow anonymous access to.";

     

       543
       +
                 default = "Main Org.";

     

       544
       +
                 type = types.str;

     

       545
       +
               };

     

       546
       +
               org_role = mkOption {

     

       547
       +
                 description = "Which role anonymous users have in the organization.";

     

       548
       +
                 default = "Viewer";

     

       549
       +
                 type = types.str;

     

       550
       +
               };

     

       551
        
             };

     

       552
       +
             google = {

     

       553
       +
               enable = mkOption {

     

       554
       +
                 description = "Whether to allow Google OAuth2.";

     

       555
       +
                 default = false;

     

       556
       +
                 type = types.bool;

     

       557
       +
               };

     

       558
       +
               allowSignUp = mkOption {

     

       559
       +
                 description = "Whether to allow sign up with Google OAuth2.";

     

       560
       +
                 default = false;

     

       561
       +
                 type = types.bool;

     

       562
       +
               };

     

       563
       +
               clientId = mkOption {

     

       564
       +
                 description = "Google OAuth2 client ID.";

     

       565
       +
                 default = "";

     

       566
       +
                 type = types.str;

     

       567
       +
               };

     

       568
       +
               clientSecretFile = mkOption {

     

       569
       +
                 description = "Google OAuth2 client secret.";

     

       570
       +
                 default = null;

     

       571
       +
                 type = types.nullOr types.path;

     

       572
       +
               };

     

       573
        
             };

     

       0
        
       
     

       574
        
           };

     

       575
        
       

     

       576
        
           analytics.reporting = {

     
···

       635
        
               QT_QPA_PLATFORM = "offscreen";

     

       636
        
             } // mapAttrs' (n: v: nameValuePair "GF_${n}" (toString v)) envOptions;

     

       637
        
             script = ''

     

       638
       +
               ${optionalString (cfg.auth.google.clientSecretFile != null) ''

     

       639
       +
                 export GF_AUTH_GOOGLE_CLIENT_SECRET="$(cat ${escapeShellArg cfg.auth.google.clientSecretFile})"

     

       640
       +
               ''}

     

       641
        
               ${optionalString (cfg.database.passwordFile != null) ''

     

       642
        
                 export GF_DATABASE_PASSWORD="$(cat ${escapeShellArg cfg.database.passwordFile})"

     

       643
        
               ''}