From 7f8b7e24fe67cfdb407f1415d6e7b223d2600f58 Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Tue, 9 May 2023 18:47:24 -0700 Subject: profiles/nginx: move common configuration to a profile Both tahoe and carmel are using nginx, and we can simplify the configuration by moving common parts to the profile and have these hosts import it. --- modules/services/default.nix | 1 - modules/services/monitoring/prometheus.nix | 11 +++++++++ modules/services/nginx/default.nix | 39 ------------------------------ 3 files changed, 11 insertions(+), 40 deletions(-) delete mode 100644 modules/services/nginx/default.nix (limited to 'modules') diff --git a/modules/services/default.nix b/modules/services/default.nix index b6b34d5..ac20bf6 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -8,7 +8,6 @@ ./gitolite ./monitoring ./navidrome - ./nginx ./samba ./sendsms ./syncthing diff --git a/modules/services/monitoring/prometheus.nix b/modules/services/monitoring/prometheus.nix index 916302b..45fa22c 100644 --- a/modules/services/monitoring/prometheus.nix +++ b/modules/services/monitoring/prometheus.nix @@ -83,6 +83,17 @@ in ]; scrapeConfigs = [ + { + job_name = "nginx"; + static_configs = [{ + targets = [ + "127.0.0.1:${ + toString config.services.prometheus.exporters.nginx.port + }" + ]; + labels = { instance = config.networking.hostName; }; + }]; + } { job_name = "blackbox-ping"; metrics_path = "/probe"; diff --git a/modules/services/nginx/default.nix b/modules/services/nginx/default.nix deleted file mode 100644 index ec71ba2..0000000 --- a/modules/services/nginx/default.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ config, lib, pkgs, ... }: -let cfg = config.my.services.nginx; -in -{ - options.my.services.nginx = with lib; { enable = mkEnableOption "Nginx"; }; - config = lib.mkIf cfg.enable { - services.nginx = { - enable = true; - statusPage = true; # For monitoring scraping. - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedTlsSettings = true; - recommendedProxySettings = true; - }; - - networking.firewall.allowedTCPPorts = [ 80 443 ]; - - # Nginx needs to be able to read the certificates - users.users.nginx.extraGroups = [ "acme" ]; - - services.prometheus = { - exporters.nginx = { - enable = true; - listenAddress = "127.0.0.1"; - }; - scrapeConfigs = [{ - job_name = "nginx"; - static_configs = [{ - targets = [ - "127.0.0.1:${ - toString config.services.prometheus.exporters.nginx.port - }" - ]; - labels = { instance = config.networking.hostName; }; - }]; - }]; - }; - }; -} -- cgit 1.4.1