stats: fix eval, fix default nginx status port

2023-04-11 01:20:55 +02:00 · 2023-04-11 01:20:55 +02:00 · 8860310068
parent e450e6cdf1
commit 8860310068
1 changed files with 39 additions and 41 deletions
--- a/modules/stats.nix
+++ b/modules/stats.nix
@ -55,16 +55,16 @@ in
          };
        };

-        services.nginx = lib.mkIf config.services.nginx.enable {
+        nginx = lib.mkIf config.services.nginx.enable {
          virtualHosts.localhost = {
            listen = [
              {
                addr = "127.0.0.1";
-                port = 9101;
+                port = 9102;
              }
              {
                addr = "[::1]";
-                port = 9101;
+                port = 9102;
              }
            ];
            locations."/nginx_status".extraConfig = ''
@ -79,47 +79,45 @@ in
        };
      }

-      {
-        services = lib.mkIf (pkgs.system != "riscv64-linux") {
-          nginx = {
-            enable = true;
-            virtualHosts."_" = {
-              listen =
-                let
-                  port = 9100;
-                in
-                [
-                  { addr = "0.0.0.0"; inherit port; }
-                  { addr = "[::]"; inherit port; }
-                ];
-              locations."/metrics" = {
-                proxyPass = "http://127.0.0.1:${toString config.services.prometheus.exporters.node.port}/metrics";
-                # ip ranges duplicated with matemat
-                extraConfig = ''
-                  satisfy any;
-                  allow 2a00:8180:2c00:200::/56;
-                  allow 2a0f:5382:acab:1400::/56;
-                  allow fd23:42:c3d2:500::/56;
-                  allow 30c:c3d2:b946:76d0::/64;
-                  allow ::1/128;
-                  allow 172.22.99.0/24;
-                  allow 172.20.72.0/21;
-                  allow 127.0.0.0/8;
-                  deny all;
-                '';
-              };
+      (lib.mkIf (pkgs.system != "riscv64-linux") {
+        nginx = {
+          enable = true;
+          virtualHosts."_" = {
+            listen =
+              let
+                port = 9100;
+              in
+              [
+                { addr = "0.0.0.0"; inherit port; }
+                { addr = "[::]"; inherit port; }
+              ];
+            locations."/metrics" = {
+              proxyPass = "http://127.0.0.1:${toString config.services.prometheus.exporters.node.port}/metrics";
+              # ip ranges duplicated with matemat
+              extraConfig = ''
+                satisfy any;
+                allow 2a00:8180:2c00:200::/56;
+                allow 2a0f:5382:acab:1400::/56;
+                allow fd23:42:c3d2:500::/56;
+                allow 30c:c3d2:b946:76d0::/64;
+                allow ::1/128;
+                allow 172.22.99.0/24;
+                allow 172.20.72.0/21;
+                allow 127.0.0.0/8;
+                deny all;
+              '';
            };
          };
-
-          prometheus.exporters.node = {
-            enable = true;
-            enabledCollectors = [ "ethtool" "systemd" ];
-            listenAddress = "127.0.0.1";
-            openFirewall = true;
-            port = 9101;
-          };
        };
-      }
+
+        prometheus.exporters.node = {
+          enable = true;
+          enabledCollectors = [ "ethtool" "systemd" ];
+          listenAddress = "127.0.0.1";
+          openFirewall = true;
+          port = 9101;
+        };
+      })
    ];
  };
 }