blob: 766739bfa4d3fa6ce20d1dc51b47184a878245ed (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
{ pkgs, lib, config, ... }:
{
services.nginx = {
enable = true;
statusPage = true; # For monitoring scraping.
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedTlsSettings = true;
recommendedProxySettings = true;
};
services.prometheus.exporters.nginx = {
enable = true;
listenAddress = "127.0.0.1";
port = 9113;
};
# Nginx needs to be able to read the certificates
users.users.nginx.extraGroups = [ "acme" ];
networking.firewall.allowedTCPPorts = [ 80 443 ];
}
|
