Add nixos-logs system with Grafana, Prometheus, and Loki; fix Traefik config formatting

2026-02-14 14:34:24 +01:00 · 2026-02-14 14:34:24 +01:00 · e6b7a95b57
commit e6b7a95b57
parent 11a870a60f
4 changed files with 126 additions and 11 deletions
--- a/nix-system-configs/modules/system/traefik.nix
+++ b/nix-system-configs/modules/system/traefik.nix
@ -78,7 +78,7 @@ in {

            # Prevents infinite loop of doom:
            # See: https://github.com/TecharoHQ/anubis/issues/970
-            JWT_RESTRICTION_HEADER="CF-Connecting-IP";
+            JWT_RESTRICTION_HEADER = "CF-Connecting-IP";

            # Metrics on separate port
            METRICS_BIND_NETWORK = "tcp";
@ -90,7 +90,6 @@ in {
            COOKIE_SAME_SITE = "None"; # Only if Secure=true and you need cross-site
          };
        };
-
      };
    };

@ -174,9 +173,9 @@ in {
          anubis = {
            rule = "Host(`anubis.prg-radio.org`)";
            service = "anubis";
-            entryPoints = [ "websecure" ];
+            entryPoints = ["websecure"];
            tls = {
-                certresolver = "acme";
+              certresolver = "acme";
            };
          };

@ -184,16 +183,16 @@ in {
          forgejo = {
            rule = "Host(`git.prg-radio.org`)";
            service = "forgejo";
-            entryPoints = [ "websecure" ];
+            entryPoints = ["websecure"];
            tls = {};
-            middlewares = [ "anubisForwardAuth" ];
+            middlewares = ["anubisForwardAuth"];
          };

          # Matrix HTTP router for client requests (Element etc.)
          matrix = {
            rule = "Host(`lgbtq.prg-radio.org`)";
            service = "matrix";
-            entryPoints = [ "websecure" ];
+            entryPoints = ["websecure"];
            tls = {};
          };

@ -201,7 +200,7 @@ in {
          wavelog = {
            rule = "Host(`wavelog.prg-radio.org`)";
            service = "wavelog";
-            entryPoints = [ "websecure" ];
+            entryPoints = ["websecure"];
            tls = {};
          };

@ -209,9 +208,9 @@ in {
          partdb = {
            rule = "Host(`partdb.prg-radio.org`)";
            service = "partdb";
-            entryPoints = [ "websecure" ];
+            entryPoints = ["websecure"];
            tls = {};
-            middlewares = [ "anubisForwardAuth" ];
+            middlewares = ["anubisForwardAuth"];
          };
        };

@ -344,4 +343,4 @@ in {

    system.stateVersion = "25.11";
  };
-}
+}