weird-row-server: grafana: add smtp configuration

wiro.world / dotfiles

fork atom

yep, more dotfiles

fork atom

wiro.world 1 month ago b2fd15d1 09f9eaba

verified

+19 -5

6 changed files

expand all

hosts

weird-row-server

authelia.nix

grafana.nix

secrets

default.nix

grafana-smtp-password.age

pds-env.age

vaultwarden.nix

+1 -1

hosts/weird-row-server/authelia.nix

··· 167 167 username = "resend"; 168 168 # Set in `AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE`. 169 169 # password = ""; 170 - sender = "authelia@wiro.world"; 170 + sender = "authelia@services.wiro.world"; 171 171 }; 172 172 }; 173 173 };

+15 -2

hosts/weird-row-server/grafana.nix

··· 4 4 ... 5 5 }: 6 6 7 - # TODO: configure SMTP for alerts 8 - 9 7 { 10 8 config = { 11 9 local.ports.grafana = 3002; ··· 18 16 19 17 age.secrets.grafana-oidc-secret = { 20 18 file = secrets/grafana-oidc-secret.age; 19 + owner = "grafana"; 20 + }; 21 + age.secrets.grafana-smtp-password = { 22 + file = secrets/grafana-smtp-password.age; 21 23 owner = "grafana"; 22 24 }; 23 25 services.grafana = { ··· 61 63 token_url = "https://auth.wiro.world/api/oidc/token"; 62 64 api_url = "https://auth.wiro.world/api/oidc/userinfo"; 63 65 use_pkce = true; 66 + }; 67 + 68 + smtp = { 69 + enabled = true; 70 + host = "smtp.resend.com:2587"; 71 + user = "resend"; 72 + password = "$__file{${config.age.secrets.grafana-smtp-password.path}}"; 73 + 74 + from_address = "grafana@services.wiro.world"; 75 + from_name = "wiro.world Grafana Alerts"; 76 + startTLS_policy = "MandatoryStartTLS"; 64 77 }; 65 78 }; 66 79 };

hosts/weird-row-server/secrets/default.nix

··· 11 11 "lldap-user-pass.age".publicKeys = deploy; 12 12 "headscale-oidc-secret.age".publicKeys = deploy; 13 13 "grafana-oidc-secret.age".publicKeys = deploy; 14 + "grafana-smtp-password.age".publicKeys = deploy; 14 15 "authelia-jwt-secret.age".publicKeys = deploy; 15 16 "authelia-issuer-private-key.age".publicKeys = deploy; 16 17 "authelia-storage-key.age".publicKeys = deploy;

hosts/weird-row-server/secrets/grafana-smtp-password.age

This is a binary file and will not be displayed.

hosts/weird-row-server/secrets/pds-env.age

This is a binary file and will not be displayed.

+2 -2

hosts/weird-row-server/vaultwarden.nix

··· 24 24 SMTP_SECURITY = "force_tls"; 25 25 SMTP_USERNAME = "resend"; 26 26 # SMTP_PASSWORD = ...; # Via secret env 27 - SMTP_FROM = "bitwarden@wiro.world"; 28 - SMTP_FROM_NAME = "Bitwarden wiro.world"; 27 + SMTP_FROM = "vaultwarden@services.wiro.world"; 28 + SMTP_FROM_NAME = "wiro.world Vaultwarden"; 29 29 }; 30 30 }; 31 31