From cf650d4570a1c1ebc1f85194d667a5a7d7c72543 Mon Sep 17 00:00:00 2001
From: Dave Gallant <davegallant@gmail.com>
Date: Sat, 24 Apr 2021 15:56:29 -0400
Subject: [PATCH] Add netdata systemd service

---
 flake.nix                 |  1 +
 main/netdata/default.nix  | 42 +++++++++++++++++++++++++++++++++++++++
 main/netdata/netdata.conf | 21 ++++++++++++++++++++
 main/packages.nix         |  1 +
 4 files changed, 65 insertions(+)
 create mode 100644 main/netdata/default.nix
 create mode 100644 main/netdata/netdata.conf

diff --git a/flake.nix b/flake.nix
index 590d963..7e992f8 100644
--- a/flake.nix
+++ b/flake.nix
@@ -16,6 +16,7 @@
         ./main/fonts.nix
         ./main/general.nix
         ./main/kernel.nix
+        ./main/netdata/default.nix
         ./main/packages.nix
         ./main/printing.nix
 
diff --git a/main/netdata/default.nix b/main/netdata/default.nix
new file mode 100644
index 0000000..e8568c9
--- /dev/null
+++ b/main/netdata/default.nix
@@ -0,0 +1,42 @@
+{ config, pkgs, ... }:
+let
+  netdata = pkgs.netdata;
+  netdataConf = ./netdata.conf;
+  netdataDir = "/var/lib/netdata";
+in {
+  users.extraGroups.netdata.gid = 220008;
+  users.extraUsers.netdata = {
+    description = "Netdata server user";
+    isSystemUser = true;
+    name = "netdata";
+    uid = 200008;
+  };
+  systemd.services.netdata = {
+    wantedBy = [ "multi-user.target" ];
+    after = [ "network.target" ];
+    preStart = ''
+      mkdir -p ${netdataDir}/config
+      mkdir -p ${netdataDir}/logs
+      cp -r ${netdata}/share/netdata/web ${netdataDir}/web
+      chmod -R 700 ${netdataDir}
+      chown -R netdata:netdata ${netdataDir}
+    '';
+    serviceConfig = {
+      Type = "forking";
+      ExecStart = "${netdata}/bin/netdata -c ${netdataConf} -u netdata";
+      Restart = "on-failure";
+    };
+  };
+
+  services.nginx.httpConfig = ''
+    server {
+      server_name netdata.thume.net;
+      location / {
+        proxy_set_header Host $http_host;
+        proxy_redirect off;
+        proxy_pass http://127.0.0.1:19999;
+      }
+    }
+  '';
+
+}
diff --git a/main/netdata/netdata.conf b/main/netdata/netdata.conf
new file mode 100644
index 0000000..e2797fd
--- /dev/null
+++ b/main/netdata/netdata.conf
@@ -0,0 +1,21 @@
+[global]
+  run as user = netdata
+
+  config directory = /var/lib/netdata/config
+  web files directory = /var/lib/netdata/web
+  cache directory = /var/lib/netdata
+  log directory = /var/lib/netdata/logs
+
+  # the default database size - 1 hour
+  history = 3600
+
+  # some defaults to run netdata with least priority
+  process scheduling policy = idle
+  OOM score = 1000
+
+[web]
+  # web files owner = root
+  web files group = netdata
+
+  # by default do not expose the netdata port
+  bind to = localhost
diff --git a/main/packages.nix b/main/packages.nix
index 8331f5c..efa4a12 100644
--- a/main/packages.nix
+++ b/main/packages.nix
@@ -44,6 +44,7 @@
 
         # monitoring
         htop
+        netdata
 
         # password managers
         bitwarden-cli