felixalb/pvv-nixos-config
1
0
Fork 0
mirror of https://git.pvv.ntnu.no/Drift/pvv-nixos-config.git synced 2026-06-16 09:39:14 +02:00
Code Issues Projects Releases Wiki Activity

{ildkule/loki,base/fluentbit}: send data over https

Browse Source
This commit is contained in:
h7x4
2026-06-13 03:22:18 +09:00
parent d8d2ed1a8f
commit cd54eabe47
2 changed files with 11 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files
base/services/fluentbit.nix
+4 -2
View File
@@ -62,8 +62,10 @@ in
name = "loki"; name = "loki";
match = "*"; match = "*";
host = "ildkule.pvv.ntnu.no"; host = "loki.pvv.ntnu.no";
port = 3100; port = 443;
tls = "on";
"tls.verify" = "on";
uri = "/loki/api/v1/push"; uri = "/loki/api/v1/push";
compress = "gzip"; compress = "gzip";
hosts/ildkule/services/monitoring/loki.nix
+11 -17
View File
@@ -3,7 +3,6 @@
let let
cfg = config.services.loki; cfg = config.services.loki;
stateDir = "/data/monitoring/loki"; stateDir = "/data/monitoring/loki";
# internalPort = 83100;
in { in {
services.loki = { services.loki = {
enable = true; enable = true;
@@ -82,21 +81,16 @@ in {
}; };
}; };
services.nginx.virtualHosts."loki-internal" = { services.nginx.virtualHosts."loki.pvv.ntnu.no" = {
listen = [{ forceSSL = true;
addr = "0.0.0.0"; enableACME = true;
port = 3100; kTLS = true;
ssl = false;
}];
locations = {
"/loki/api/v1/push" = {
proxyPass = "http://${cfg.configuration.server.http_listen_address}:${toString cfg.configuration.server.http_listen_port}";
};
"/" = {
return = "403";
};
};
};
networking.firewall.allowedTCPPorts = [ 3100 ]; locations = {
"/".return = "403";
"/loki/api/v1/push" = {
proxyPass = "http://${cfg.configuration.server.http_listen_address}:${toString cfg.configuration.server.http_listen_port}/loki/api/v1/push";
};
};
};
} }