Oauth proxy and monitoring init

4 files changed, 33 insertions, 4 deletions

diff --git a/playbooks/roles/nginx_proxy/templates/docker-compose.yml b/playbooks/roles/nginx_proxy/templates/docker-compose.yml
index 33b3243..ee44e45 100644
--- a/playbooks/roles/nginx_proxy/templates/docker-compose.yml
+++ b/playbooks/roles/nginx_proxy/templates/docker-compose.yml
@@ -19,9 +19,11 @@ services:
       # src
       - "2222:2222"
     volumes:
-      - /var/run/docker.sock:/tmp/docker.sock:ro
-      - {{ nginx_proxy_base }}/certs:/etc/nginx/certs
-      - {{ nginx_proxy_base }}/toplevel.conf.d:/etc/nginx/toplevel.conf.d
+      - "/var/run/docker.sock:/tmp/docker.sock:ro"
+      - "{{ nginx_proxy_base }}/certs:/etc/nginx/certs"
+      - "{{ nginx_proxy_base }}/toplevel.conf.d:/etc/nginx/toplevel.conf.d"
+      - "{{ nginx_proxy_base }}/stubs.conf:/etc/nginx/conf.d/stubs.conf"
+      - "{{ nginx_proxy_base }}/htpasswd:/etc/nginx/htpasswd"
     environment:
       - TZ={{ timezone }}
       - DEPLOYMENT_TIME={{ deployment_time }}
@@ -33,6 +35,22 @@ services:
     labels:
       - com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy
 
+  nginx-prometheus-exporter:
+    image: nginx/nginx-prometheus-exporter
+    restart: always
+    environment:
+      - TZ={{ timezone }}
+      - DEPLOYMENT_TIME={{ deployment_time }}
+      - VIRTUAL_HOST={{ outbound_domain }}
+      - VIRTUAL_PORT=9113
+      - LETSENCRYPT_HOST={{ outbound_domain }}
+    command:
+      - '--nginx.scrape-uri=http://nginx-proxy:81/nginx_status'
+    depends_on:
+      - nginx-proxy
+    networks:
+      - proxy
+
   nginx-acme-companion:
     image: nginxproxy/acme-companion
     depends_on:
@@ -40,7 +58,7 @@ services:
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock:ro
       - acme:/etc/acme.sh
-      - {{ nginx_proxy_base }}/certs:/etc/nginx/certs
+      - "{{ nginx_proxy_base }}/certs:/etc/nginx/certs"
     environment:
       - TZ={{ timezone }}
       - DEPLOYMENT_TIME={{ deployment_time }}
diff --git a/playbooks/roles/nginx_proxy/templates/htpasswd/outbound.liz.coffee b/playbooks/roles/nginx_proxy/templates/htpasswd/outbound.liz.coffee
new file mode 100644
index 0000000..1bfc222
--- /dev/null
+++ b/playbooks/roles/nginx_proxy/templates/htpasswd/outbound.liz.coffee
@@ -0,0 +1 @@
+{{ metrics_htpasswd }}
diff --git a/playbooks/roles/nginx_proxy/templates/htpasswd/vpn.liz.coffee_7edfc244708a7b5c7d4b4385c178aa8e03afde7f b/playbooks/roles/nginx_proxy/templates/htpasswd/vpn.liz.coffee_7edfc244708a7b5c7d4b4385c178aa8e03afde7f
new file mode 100644
index 0000000..1bfc222
--- /dev/null
+++ b/playbooks/roles/nginx_proxy/templates/htpasswd/vpn.liz.coffee_7edfc244708a7b5c7d4b4385c178aa8e03afde7f
@@ -0,0 +1 @@
+{{ metrics_htpasswd }}
diff --git a/playbooks/roles/nginx_proxy/templates/stubs.conf b/playbooks/roles/nginx_proxy/templates/stubs.conf
new file mode 100644
index 0000000..57765b7
--- /dev/null
+++ b/playbooks/roles/nginx_proxy/templates/stubs.conf
@@ -0,0 +1,9 @@
+server {
+    listen 81;
+    location /nginx_status {
+        stub_status;
+
+        access_log off;
+        allow all;
+    }
+}