diff options
Diffstat (limited to '')
-rw-r--r-- | profiles/nginx.nix | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/profiles/nginx.nix b/profiles/nginx.nix new file mode 100644 index 0000000..766739b --- /dev/null +++ b/profiles/nginx.nix @@ -0,0 +1,23 @@ +{ pkgs, lib, config, ... }: +{ + services.nginx = { + enable = true; + statusPage = true; # For monitoring scraping. + + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedTlsSettings = true; + recommendedProxySettings = true; + }; + + services.prometheus.exporters.nginx = { + enable = true; + listenAddress = "127.0.0.1"; + port = 9113; + }; + + # Nginx needs to be able to read the certificates + users.users.nginx.extraGroups = [ "acme" ]; + + networking.firewall.allowedTCPPorts = [ 80 443 ]; +} |