|
|
|
@ -65,6 +65,7 @@ |
|
|
|
enable = true; |
|
|
|
recommendedProxySettings = true; |
|
|
|
recommendedTlsSettings = true; |
|
|
|
statusPage = true; |
|
|
|
virtualHosts."home.nora.codes" = { |
|
|
|
addSSL = true; |
|
|
|
enableACME = true; |
|
|
|
@ -106,6 +107,20 @@ |
|
|
|
}; |
|
|
|
networking.firewall.allowedTCPPorts = [ 80 443 ]; |
|
|
|
|
|
|
|
# Export nginx stats |
|
|
|
services.prometheus.exporters.nginx = { |
|
|
|
enable = true; |
|
|
|
port = 9003; |
|
|
|
openFirewall = true; |
|
|
|
}; |
|
|
|
|
|
|
|
# Have nginx log access and errors to systemd |
|
|
|
services.nginx.commonHttpConfig = '' |
|
|
|
log_format main '$connection ($pipe): $host "$request" from $remote_addr ref "$http_referer" ($request_length b, $request_time s) got $status ($bytes_sent b)'; |
|
|
|
access_log syslog:server=unix:/dev/log main; |
|
|
|
error_log stderr; |
|
|
|
''; |
|
|
|
|
|
|
|
# This value determines the NixOS release from which the default |
|
|
|
# settings for stateful data, like file locations and database versions |
|
|
|
# on your system were taken. It‘s perfectly fine and recommended to leave |
|
|
|
|
