about summary refs log tree commit diff
diff options
context:
space:
mode:
authorsefidel <contact@sefidel.net>2024-02-20 21:45:25 +0900
committersefidel <contact@sefidel.net>2024-02-20 21:45:25 +0900
commitcd017d1b617c4ee3c0e823b8681a14ec11f768b6 (patch)
tree81194889598304b7c9e8917578ff1cdd61a89637
parentbea3daf675c8e75fdd73779d0c5d6a487a3f5bd3 (diff)
downloadnixrc-cd017d1b617c4ee3c0e823b8681a14ec11f768b6.tar.gz
nixrc-cd017d1b617c4ee3c0e823b8681a14ec11f768b6.zip
fix(modules/blocky): fix blocking status buttons
-rw-r--r--modules/services/blocky/default.nix6
-rw-r--r--nixos/kanata/configuration.nix6
2 files changed, 9 insertions, 3 deletions
diff --git a/modules/services/blocky/default.nix b/modules/services/blocky/default.nix
index 327670e..f68ba71 100644
--- a/modules/services/blocky/default.nix
+++ b/modules/services/blocky/default.nix
@@ -7,6 +7,8 @@ in
 {
   options.modules.services.blocky = {
     enable = mkEnableOption "";
+
+    realHost = mkOption { type = types.str; default = "127.0.0.1"; };
   };
 
   config = mkIf cfg.enable {
@@ -17,7 +19,7 @@ in
           # Safety: NixOS firewall should block public access to 53.
           # Only machines connected to the tailscale is able to reach the service.
           dns = 53;
-          http = "127.0.0.1:4000";
+          http = 4000;
         };
 
         upstream.default = [
@@ -106,7 +108,7 @@ in
     };
 
     environment.etc."grafana-dashboards/blocky_rev3.json" = {
-      source = ./grafana_blocky_rev3.json;
+      text = replaceStrings ["\${VAR_BLOCKY_URL}"] ["https://${cfg.realHost}"] (builtins.readFile ./grafana_blocky_rev3.json);
       group = "grafana";
       user = "grafana";
     };
diff --git a/nixos/kanata/configuration.nix b/nixos/kanata/configuration.nix
index 488de30..6ad4735 100644
--- a/nixos/kanata/configuration.nix
+++ b/nixos/kanata/configuration.nix
@@ -207,7 +207,11 @@ in
 
     services.postgresql.enable = true;
 
-    services.blocky.enable = true;
+    services.blocky = {
+      enable = true;
+
+      realHost = "dns.kusanari.network";
+    };
 
     services.nextcloud = rec {
       enable = true;