nixos-config/nixos/system/all/nginx.nix

42 lines
1.3 KiB
Nix
Raw Normal View History

{ pkgs, lib, ... }:
2019-10-24 02:20:38 +02:00
let
access_log_sink = "workhorse.private:12304";
error_log_sink = "workhorse.private:12305";
2021-11-01 09:20:42 +01:00
in
{
2022-06-23 09:51:30 +02:00
security.acme.defaults.email = "contact@ingolf-wagner.de";
2020-05-19 20:44:20 +02:00
security.acme.acceptTerms = true;
services.nginx = {
2020-03-06 19:02:43 +01:00
# Use recommended settings
recommendedGzipSettings = lib.mkDefault true;
recommendedOptimisation = lib.mkDefault true;
recommendedProxySettings = lib.mkDefault true;
recommendedTlsSettings = lib.mkDefault true;
2020-03-15 15:53:00 +01:00
# for graylog logging
commonHttpConfig = ''
log_format graylog2_json escape=json '{ "timestamp": "$time_iso8601", '
'"facility": "nginx", '
2020-03-11 03:57:21 +01:00
'"src_addr": "$remote_addr", '
'"body_bytes_sent": $body_bytes_sent, '
'"request_time": $request_time, '
'"response_status": $status, '
'"request": "$request", '
'"request_method": "$request_method", '
'"host": "$host",'
'"upstream_cache_status": "$upstream_cache_status",'
'"upstream_addr": "$upstream_addr",'
'"http_x_forwarded_for": "$http_x_forwarded_for",'
'"http_referrer": "$http_referer", '
'"http_user_agent": "$http_user_agent" }';
access_log syslog:server=${access_log_sink} graylog2_json;
error_log syslog:server=${error_log_sink};
'';
};
2019-10-24 02:20:38 +02:00
services.nginx.package = pkgs.nginxMainline;
}