Skip to content

Commit

Permalink
Add basic nginx config for monitoring
Browse files Browse the repository at this point in the history
  • Loading branch information
@janlelis
janlelis committed Sep 10, 2023
1 parent 50fdae7 commit 8bd481c
Show file tree
Hide file tree
Showing 2 changed files with 73 additions and 1 deletion.
3 changes: 2 additions & 1 deletion playbooks/install_monitoring.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@
remote_user: root
become: yes
roles:
- include_role:
- name: common
include_role:
name: common
tasks_from: monitoring.yml
- cloudalchemy.prometheus
Expand Down
71 changes: 71 additions & 0 deletions roles/nginx/tasks/monitoring-todo.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
#jinja2: lstrip_blocks: True

## PROMETHEUS ##
server {
listen 443 ssl http2;
server_name {{ prom.domains.prometheus }};
root /home/{{ user }}/www/prom/;

access_log /home/{{ user }}/log/{{ prom.domains.prometheus }}/nginx.access.log;
error_log /home/{{ user }}/log/{{ prom.domains.prometheus }}/nginx.error.log;

include ssl_extra;
ssl_certificate /etc/letsencrypt/live/{{ prom.domains.prometheus }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ prom.domains.prometheus }}/privkey.pem;

location / {
auth_basic "{{ stats.basic_auth.message|default('restricted access') }}";
auth_basic_user_file /etc/nginx/.htpasswd-stats;
proxy_pass http://localhost:9090/;
}
}

## GRAFANA ##
server {
listen 443 ssl http2;
server_name {{ prom.domains.grafana }};
root /home/{{ user }}/www/prom/;

access_log /home/{{ user }}/log/{{ prom.domains.grafana }}/nginx.access.log;
error_log /home/{{ user }}/log/{{ prom.domains.grafana }}/nginx.error.log;

include ssl_extra;
ssl_certificate /etc/letsencrypt/live/{{ prom.domains.prometheus }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ prom.domains.prometheus }}/privkey.pem;

location / {
auth_basic "{{ stats.basic_auth.message|default('restricted access') }}";
auth_basic_user_file /etc/nginx/.htpasswd-stats;
proxy_pass http://localhost:7000/;
}
}

## ALERT MANAGER ##
server {
listen 443 ssl http2;
server_name {{ prom.domains.alertmanager }};
root /home/{{ user }}/www/prom/;

access_log /home/{{ user }}/log/{{ prom.domains.alertmanager }}/nginx.access.log;
error_log /home/{{ user }}/log/{{ prom.domains.alertmanager }}/nginx.error.log;

include ssl_extra;
ssl_certificate /etc/letsencrypt/live/{{ prom.domains.prometheus }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ prom.domains.prometheus }}/privkey.pem;

location / {
auth_basic "{{ stats.basic_auth.message|default('restricted access') }}";
auth_basic_user_file /etc/nginx/.htpasswd-stats;
proxy_pass http://localhost:9093/;
}
}

## HTTP REDIRECTS ##
server {
listen 80;
server_name {{ prom.domains.prometheus }} {{ prom.domains.grafana }} {{ prom.domains.alertmanager }};

location / {
return 301 https://$host$request_uri;
}
}

0 comments on commit 8bd481c

Please sign in to comment.