From 7f8b7e24fe67cfdb407f1415d6e7b223d2600f58 Mon Sep 17 00:00:00 2001
From: Franck Cuny <franck@fcuny.net>
Date: Tue, 9 May 2023 18:47:24 -0700
Subject: profiles/nginx: move common configuration to a profile

Both tahoe and carmel are using nginx, and we can simplify the
configuration by moving common parts to the profile and have these hosts
import it.
---
 modules/services/default.nix               |  1 -
 modules/services/monitoring/prometheus.nix | 11 +++++++++
 modules/services/nginx/default.nix         | 39 ------------------------------
 3 files changed, 11 insertions(+), 40 deletions(-)
 delete mode 100644 modules/services/nginx/default.nix

(limited to 'modules')

diff --git a/modules/services/default.nix b/modules/services/default.nix
index b6b34d5..ac20bf6 100644
--- a/modules/services/default.nix
+++ b/modules/services/default.nix
@@ -8,7 +8,6 @@
     ./gitolite
     ./monitoring
     ./navidrome
-    ./nginx
     ./samba
     ./sendsms
     ./syncthing
diff --git a/modules/services/monitoring/prometheus.nix b/modules/services/monitoring/prometheus.nix
index 916302b..45fa22c 100644
--- a/modules/services/monitoring/prometheus.nix
+++ b/modules/services/monitoring/prometheus.nix
@@ -83,6 +83,17 @@ in
       ];
 
       scrapeConfigs = [
+        {
+          job_name = "nginx";
+          static_configs = [{
+            targets = [
+              "127.0.0.1:${
+              toString config.services.prometheus.exporters.nginx.port
+            }"
+            ];
+            labels = { instance = config.networking.hostName; };
+          }];
+        }
         {
           job_name = "blackbox-ping";
           metrics_path = "/probe";
diff --git a/modules/services/nginx/default.nix b/modules/services/nginx/default.nix
deleted file mode 100644
index ec71ba2..0000000
--- a/modules/services/nginx/default.nix
+++ /dev/null
@@ -1,39 +0,0 @@
-{ config, lib, pkgs, ... }:
-let cfg = config.my.services.nginx;
-in
-{
-  options.my.services.nginx = with lib; { enable = mkEnableOption "Nginx"; };
-  config = lib.mkIf cfg.enable {
-    services.nginx = {
-      enable = true;
-      statusPage = true; # For monitoring scraping.
-      recommendedGzipSettings = true;
-      recommendedOptimisation = true;
-      recommendedTlsSettings = true;
-      recommendedProxySettings = true;
-    };
-
-    networking.firewall.allowedTCPPorts = [ 80 443 ];
-
-    # Nginx needs to be able to read the certificates
-    users.users.nginx.extraGroups = [ "acme" ];
-
-    services.prometheus = {
-      exporters.nginx = {
-        enable = true;
-        listenAddress = "127.0.0.1";
-      };
-      scrapeConfigs = [{
-        job_name = "nginx";
-        static_configs = [{
-          targets = [
-            "127.0.0.1:${
-              toString config.services.prometheus.exporters.nginx.port
-            }"
-          ];
-          labels = { instance = config.networking.hostName; };
-        }];
-      }];
-    };
-  };
-}
-- 
cgit 1.4.1