45 lines
1.2 KiB
Nix
45 lines
1.2 KiB
Nix
{ config, containerCfg, pkgs, lib, builder, name, ... }:
|
|
let
|
|
serverCfg = config.syscfg.server;
|
|
influxPkg = pkgs.influxdb2;
|
|
|
|
image = pkgs.dockerTools.streamLayeredImage {
|
|
name = influxPkg.name;
|
|
tag = influxPkg.version;
|
|
contents = [ ];
|
|
config = {
|
|
Entrypoint = [ "${influxPkg}/bin/influxd" ];
|
|
ExposedPorts = {
|
|
"8086/tcp" = {}; # Combined Engine and UI port
|
|
};
|
|
};
|
|
};
|
|
in {
|
|
sops = true; # Highly recommended for initial admin passwords and setup tokens
|
|
db = false; # Using InfluxDB directly as the primary database
|
|
|
|
paths = [{
|
|
path = "${serverCfg.configPath}/influxdb/";
|
|
mode = "0700"; # Strict database permissions
|
|
}];
|
|
|
|
containers = {
|
|
server = builder.mkContainer {
|
|
subdomain = containerCfg.subdomain;
|
|
imageStream = image;
|
|
port = 8086;
|
|
secret = name;
|
|
extraEnv = {
|
|
INFLUXD_CONFIG_PATH = "var/lib/influxdb2/config";
|
|
INFLUXD_BOLT_PATH = "/var/lib/influxdb2/influxdb.bolt";
|
|
INFLUXD_ENGINE_PATH = "/var/lib/influxdb2/engine";
|
|
};
|
|
overrides = {
|
|
volumes = [
|
|
"${serverCfg.configPath}/influxdb/:/var/lib/influxdb2"
|
|
];
|
|
};
|
|
};
|
|
};
|
|
|
|
} |