blob: e32106f8d2e98c619a9cac598bcb9c5985ec49fb (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
{ pkgs, lib, config, ... }:
{
services.nginx = {
enable = true;
# For monitoring scraping. If we don't set a default port, it will
# by default use port 80, which will conflict with the
# configuration of the router, since we need to listen on port 80
# too for streaming.
statusPage = true;
defaultHTTPListenPort = 8008;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedTlsSettings = true;
recommendedProxySettings = true;
};
services.prometheus.exporters.nginx = {
enable = true;
scrapeUri = "http://127.0.0.1:${toString config.services.nginx.defaultHTTPListenPort}/nginx_status";
listenAddress = "127.0.0.1";
port = 9113;
};
# Nginx needs to be able to read the certificates
users.users.nginx.extraGroups = [ "acme" ];
networking.firewall.allowedTCPPorts = [ 80 443 ];
}
|
