{ pkgs, lib, ... }: let access_log_sink = ":"; error_log_sink = ":"; in { security.acme.defaults.email = "contact@ingolf-wagner.de"; security.acme.acceptTerms = true; services.nginx = { # Use recommended settings recommendedGzipSettings = lib.mkDefault true; recommendedOptimisation = lib.mkDefault true; recommendedProxySettings = lib.mkDefault true; recommendedTlsSettings = lib.mkDefault true; # for loki logging #commonHttpConfig = '' # log_format logfmt 'timestamp=$time_iso8601 ' # 'facility=nginx ' # 'src_addr=$remote_addr ' # 'body_bytes_sent=$body_bytes_sent ' # 'request_time=$request_time ' # 'response_status=$status ' # 'request="$request" ' # 'request_method="$request_method" ' # 'host="$host" ' # 'upstream_cache_status="$upstream_cache_status" ' # 'upstream_addr="$upstream_addr" ' # 'http_x_forwarded_for="$http_x_forwarded_for" ' # 'http_referrer="$http_referer" ' # 'http_user_agent="$http_user_agent"'; # # # log to local journald # access_log syslog:server=unix:/dev/log logfmt; # ''; # for graylog logging #commonHttpConfig = '' # log_format graylog2_json escape=json '{ "timestamp": "$time_iso8601", ' # '"facility": "nginx", ' # '"src_addr": "$remote_addr", ' # '"body_bytes_sent": $body_bytes_sent, ' # '"request_time": $request_time, ' # '"response_status": $status, ' # '"request": "$request", ' # '"request_method": "$request_method", ' # '"host": "$host",' # '"upstream_cache_status": "$upstream_cache_status",' # '"upstream_addr": "$upstream_addr",' # '"http_x_forwarded_for": "$http_x_forwarded_for",' # '"http_referrer": "$http_referer", ' # '"http_user_agent": "$http_user_agent" }'; # access_log syslog:server=${access_log_sink} graylog2_json; # error_log syslog:server=${error_log_sink}; #''; }; services.nginx.package = pkgs.nginxMainline; }