felixalb/pvv-nixos-config
1
0
Fork 0
mirror of https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git synced 2026-06-16 09:39:14 +02:00
Code Issues Projects Releases Wiki Activity

ildkule/loki: restrict incoming connections to pvv + ntnu

Browse Source
This commit is contained in:
h7x4
2026-06-13 03:23:12 +09:00
parent cd54eabe47
commit 34570c554b
1 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
hosts/ildkule/services/monitoring/loki.nix
+10 -1
View File
@@ -1,4 +1,4 @@
{ config, pkgs, ... }: { config, pkgs, values, ... }:
let let
cfg = config.services.loki; cfg = config.services.loki;
@@ -90,6 +90,15 @@ in {
"/".return = "403"; "/".return = "403";
"/loki/api/v1/push" = { "/loki/api/v1/push" = {
proxyPass = "http://${cfg.configuration.server.http_listen_address}:${toString cfg.configuration.server.http_listen_port}/loki/api/v1/push"; proxyPass = "http://${cfg.configuration.server.http_listen_address}:${toString cfg.configuration.server.http_listen_port}/loki/api/v1/push";
extraConfig = ''
allow 127.0.0.1;
allow ::1;
allow ${values.ipv4-space};
allow ${values.ipv6-space};
allow ${values.ntnu.ipv4-space};
allow ${values.ntnu.ipv6-space};
deny all;
'';
}; };
}; };
}; };