- services.netdata.enable = true;
- services.netdata.configDir."stream.conf" = config.secrets.fullPaths."netdata-stream.conf";
- services.netdata.config.web."allow dashboard from" = "localhost";
- services.netdata.config.web."allow badges from" = "*";
- services.netdata.config.web."allow streaming from" = "*";
- services.netdata.config.web."allow netdata.conf from" = "fd*";
- services.netdata.config.web."allow management from" = "fd*";
- networking.firewall.allowedTCPPorts = [ 19999 ];
-
- secrets.keys = {
- "netdata-stream.conf" = {
- user = config.services.netdata.user;
- group = config.services.netdata.group;
- permissions = "0400";
- text = builtins.concatStringsSep "\n" (pkgs.lib.mapAttrsToList (_: key: ''
- [${key}]
- enabled = yes
- default history = 3600
- default memory = ram
- health enabled by default = auto
- '') config.myEnv.monitoring.netdata_keys);
- };
- };
- users.users."${config.services.netdata.user}".extraGroups = [ "keys" ];