From 08e92ca3b8ee6c38c3e19126378e51b46cf63b16 Mon Sep 17 00:00:00 2001 From: Elizabeth Hunt Date: Mon, 11 Aug 2025 18:39:55 -0700 Subject: Oauth proxy and monitoring init --- .../roles/nginx_proxy/templates/docker-compose.yml | 26 ++++++++++++++++++---- .../templates/htpasswd/outbound.liz.coffee | 1 + ...coffee_7edfc244708a7b5c7d4b4385c178aa8e03afde7f | 1 + playbooks/roles/nginx_proxy/templates/stubs.conf | 9 ++++++++ 4 files changed, 33 insertions(+), 4 deletions(-) create mode 100644 playbooks/roles/nginx_proxy/templates/htpasswd/outbound.liz.coffee create mode 100644 playbooks/roles/nginx_proxy/templates/htpasswd/vpn.liz.coffee_7edfc244708a7b5c7d4b4385c178aa8e03afde7f create mode 100644 playbooks/roles/nginx_proxy/templates/stubs.conf (limited to 'playbooks/roles/nginx_proxy/templates') diff --git a/playbooks/roles/nginx_proxy/templates/docker-compose.yml b/playbooks/roles/nginx_proxy/templates/docker-compose.yml index 33b3243..ee44e45 100644 --- a/playbooks/roles/nginx_proxy/templates/docker-compose.yml +++ b/playbooks/roles/nginx_proxy/templates/docker-compose.yml @@ -19,9 +19,11 @@ services: # src - "2222:2222" volumes: - - /var/run/docker.sock:/tmp/docker.sock:ro - - {{ nginx_proxy_base }}/certs:/etc/nginx/certs - - {{ nginx_proxy_base }}/toplevel.conf.d:/etc/nginx/toplevel.conf.d + - "/var/run/docker.sock:/tmp/docker.sock:ro" + - "{{ nginx_proxy_base }}/certs:/etc/nginx/certs" + - "{{ nginx_proxy_base }}/toplevel.conf.d:/etc/nginx/toplevel.conf.d" + - "{{ nginx_proxy_base }}/stubs.conf:/etc/nginx/conf.d/stubs.conf" + - "{{ nginx_proxy_base }}/htpasswd:/etc/nginx/htpasswd" environment: - TZ={{ timezone }} - DEPLOYMENT_TIME={{ deployment_time }} @@ -33,6 +35,22 @@ services: labels: - com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy + nginx-prometheus-exporter: + image: nginx/nginx-prometheus-exporter + restart: always + environment: + - TZ={{ timezone }} + - DEPLOYMENT_TIME={{ deployment_time }} + - VIRTUAL_HOST={{ outbound_domain }} + - VIRTUAL_PORT=9113 + - LETSENCRYPT_HOST={{ outbound_domain }} + command: + - '--nginx.scrape-uri=http://nginx-proxy:81/nginx_status' + depends_on: + - nginx-proxy + networks: + - proxy + nginx-acme-companion: image: nginxproxy/acme-companion depends_on: @@ -40,7 +58,7 @@ services: volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - acme:/etc/acme.sh - - {{ nginx_proxy_base }}/certs:/etc/nginx/certs + - "{{ nginx_proxy_base }}/certs:/etc/nginx/certs" environment: - TZ={{ timezone }} - DEPLOYMENT_TIME={{ deployment_time }} diff --git a/playbooks/roles/nginx_proxy/templates/htpasswd/outbound.liz.coffee b/playbooks/roles/nginx_proxy/templates/htpasswd/outbound.liz.coffee new file mode 100644 index 0000000..1bfc222 --- /dev/null +++ b/playbooks/roles/nginx_proxy/templates/htpasswd/outbound.liz.coffee @@ -0,0 +1 @@ +{{ metrics_htpasswd }} diff --git a/playbooks/roles/nginx_proxy/templates/htpasswd/vpn.liz.coffee_7edfc244708a7b5c7d4b4385c178aa8e03afde7f b/playbooks/roles/nginx_proxy/templates/htpasswd/vpn.liz.coffee_7edfc244708a7b5c7d4b4385c178aa8e03afde7f new file mode 100644 index 0000000..1bfc222 --- /dev/null +++ b/playbooks/roles/nginx_proxy/templates/htpasswd/vpn.liz.coffee_7edfc244708a7b5c7d4b4385c178aa8e03afde7f @@ -0,0 +1 @@ +{{ metrics_htpasswd }} diff --git a/playbooks/roles/nginx_proxy/templates/stubs.conf b/playbooks/roles/nginx_proxy/templates/stubs.conf new file mode 100644 index 0000000..57765b7 --- /dev/null +++ b/playbooks/roles/nginx_proxy/templates/stubs.conf @@ -0,0 +1,9 @@ +server { + listen 81; + location /nginx_status { + stub_status; + + access_log off; + allow all; + } +} -- cgit v1.2.3-70-g09d2