stats: fix eval, fix default nginx status port
This commit is contained in:
parent
e450e6cdf1
commit
8860310068
|
@ -55,16 +55,16 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
services.nginx = lib.mkIf config.services.nginx.enable {
|
||||
nginx = lib.mkIf config.services.nginx.enable {
|
||||
virtualHosts.localhost = {
|
||||
listen = [
|
||||
{
|
||||
addr = "127.0.0.1";
|
||||
port = 9101;
|
||||
port = 9102;
|
||||
}
|
||||
{
|
||||
addr = "[::1]";
|
||||
port = 9101;
|
||||
port = 9102;
|
||||
}
|
||||
];
|
||||
locations."/nginx_status".extraConfig = ''
|
||||
|
@ -79,47 +79,45 @@ in
|
|||
};
|
||||
}
|
||||
|
||||
{
|
||||
services = lib.mkIf (pkgs.system != "riscv64-linux") {
|
||||
nginx = {
|
||||
enable = true;
|
||||
virtualHosts."_" = {
|
||||
listen =
|
||||
let
|
||||
port = 9100;
|
||||
in
|
||||
[
|
||||
{ addr = "0.0.0.0"; inherit port; }
|
||||
{ addr = "[::]"; inherit port; }
|
||||
];
|
||||
locations."/metrics" = {
|
||||
proxyPass = "http://127.0.0.1:${toString config.services.prometheus.exporters.node.port}/metrics";
|
||||
# ip ranges duplicated with matemat
|
||||
extraConfig = ''
|
||||
satisfy any;
|
||||
allow 2a00:8180:2c00:200::/56;
|
||||
allow 2a0f:5382:acab:1400::/56;
|
||||
allow fd23:42:c3d2:500::/56;
|
||||
allow 30c:c3d2:b946:76d0::/64;
|
||||
allow ::1/128;
|
||||
allow 172.22.99.0/24;
|
||||
allow 172.20.72.0/21;
|
||||
allow 127.0.0.0/8;
|
||||
deny all;
|
||||
'';
|
||||
};
|
||||
(lib.mkIf (pkgs.system != "riscv64-linux") {
|
||||
nginx = {
|
||||
enable = true;
|
||||
virtualHosts."_" = {
|
||||
listen =
|
||||
let
|
||||
port = 9100;
|
||||
in
|
||||
[
|
||||
{ addr = "0.0.0.0"; inherit port; }
|
||||
{ addr = "[::]"; inherit port; }
|
||||
];
|
||||
locations."/metrics" = {
|
||||
proxyPass = "http://127.0.0.1:${toString config.services.prometheus.exporters.node.port}/metrics";
|
||||
# ip ranges duplicated with matemat
|
||||
extraConfig = ''
|
||||
satisfy any;
|
||||
allow 2a00:8180:2c00:200::/56;
|
||||
allow 2a0f:5382:acab:1400::/56;
|
||||
allow fd23:42:c3d2:500::/56;
|
||||
allow 30c:c3d2:b946:76d0::/64;
|
||||
allow ::1/128;
|
||||
allow 172.22.99.0/24;
|
||||
allow 172.20.72.0/21;
|
||||
allow 127.0.0.0/8;
|
||||
deny all;
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
prometheus.exporters.node = {
|
||||
enable = true;
|
||||
enabledCollectors = [ "ethtool" "systemd" ];
|
||||
listenAddress = "127.0.0.1";
|
||||
openFirewall = true;
|
||||
port = 9101;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
prometheus.exporters.node = {
|
||||
enable = true;
|
||||
enabledCollectors = [ "ethtool" "systemd" ];
|
||||
listenAddress = "127.0.0.1";
|
||||
openFirewall = true;
|
||||
port = 9101;
|
||||
};
|
||||
})
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue