summary refs log tree commit diff
path: root/nixos/modules/services/network-filesystems/litestream/default.xml
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/modules/services/network-filesystems/litestream/default.xml')
-rw-r--r--nixos/modules/services/network-filesystems/litestream/default.xml60
1 files changed, 60 insertions, 0 deletions
diff --git a/nixos/modules/services/network-filesystems/litestream/default.xml b/nixos/modules/services/network-filesystems/litestream/default.xml
new file mode 100644
index 00000000000..0a2cfc3db1e
--- /dev/null
+++ b/nixos/modules/services/network-filesystems/litestream/default.xml
@@ -0,0 +1,60 @@
+<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="module-services-litestream">
+  <title>Litestream</title>
+  <para>
+    <link xlink:href="https://litestream.io/">Litestream</link> is a
+    standalone streaming replication tool for SQLite.
+  </para>
+  <section xml:id="module-services-litestream-configuration">
+    <title>Configuration</title>
+    <para>
+      Litestream service is managed by a dedicated user named
+      <literal>litestream</literal> which needs permission to the
+      database file. Here’s an example config which gives required
+      permissions to access
+      <link linkend="opt-services.grafana.settings.database.path">grafana
+      database</link>:
+    </para>
+    <programlisting>
+{ pkgs, ... }:
+{
+  users.users.litestream.extraGroups = [ &quot;grafana&quot; ];
+
+  systemd.services.grafana.serviceConfig.ExecStartPost = &quot;+&quot; + pkgs.writeShellScript &quot;grant-grafana-permissions&quot; ''
+    timeout=10
+
+    while [ ! -f /var/lib/grafana/data/grafana.db ];
+    do
+      if [ &quot;$timeout&quot; == 0 ]; then
+        echo &quot;ERROR: Timeout while waiting for /var/lib/grafana/data/grafana.db.&quot;
+        exit 1
+      fi
+
+      sleep 1
+
+      ((timeout--))
+    done
+
+    find /var/lib/grafana -type d -exec chmod -v 775 {} \;
+    find /var/lib/grafana -type f -exec chmod -v 660 {} \;
+  '';
+
+  services.litestream = {
+    enable = true;
+
+    environmentFile = &quot;/run/secrets/litestream&quot;;
+
+    settings = {
+      dbs = [
+        {
+          path = &quot;/var/lib/grafana/data/grafana.db&quot;;
+          replicas = [{
+            url = &quot;s3://mybkt.litestream.io/grafana&quot;;
+          }];
+        }
+      ];
+    };
+  };
+}
+</programlisting>
+  </section>
+</chapter>
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-28 21:26:33 +0000