diff --git a/.env.examples b/.env.examples new file mode 100644 index 0000000..5afa6b8 --- /dev/null +++ b/.env.examples @@ -0,0 +1 @@ +NGINX_EXPORTER_PORTS=127.0.0.1:9113 diff --git a/.gitignore b/.gitignore index fba53aa..3b2e3fa 100644 --- a/.gitignore +++ b/.gitignore @@ -15,3 +15,4 @@ d2/book1/books python/build .*.kate-swp !releases/whl/*.whl +.env diff --git a/d1/nginx_config.py b/d1/nginx_config.py index 3572036..2b9fc17 100644 --- a/d1/nginx_config.py +++ b/d1/nginx_config.py @@ -84,6 +84,7 @@ def forward( location_body_get = lambda target_endpoint: \ r''' proxy_set_header Host $http_host; + proxy_http_version 1.1; proxy_set_header X-Forwarded-For $t1; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Upgrade $http_upgrade; @@ -292,6 +293,22 @@ stream { servers.append( r''' +server { + server_name _; + listen 80 default_server; + + location = /_metrics { + stub_status; + access_log off; + allow 172.0.0.0/8; # allow only local exporter + deny all; + } + + location ~ { + deny all; + } +} + server { set $t1 $remote_addr; if ($http_x_forwarded_for) @@ -370,6 +387,7 @@ server { proxy_set_header Connection $connection_upgrade; proxy_redirect off; proxy_buffering off; + proxy_http_version 1.1; proxy_pass http://app:80; } } diff --git a/docker-compose.yml b/docker-compose.yml index a8dc8f8..1312c52 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,6 +8,18 @@ services: - ./d1/:/app/d1/:ro - ./tmp/cache/:/app/tmp/cache/:ro restart: on-failure + nginx-exporter: + image: docker.io/nginx/nginx-prometheus-exporter@sha256:6edfb73afd11f2d83ea4e8007f5068c3ffaa38078a6b0ad1339e5bd2f637aacd + #profiles: + # - podman + #env_file: + # .envs/nginx-exporter.env + environment: + SCRAPE_URI: http://ssl-app:80/_status + # LISTEN_ADDRESS: 0.0.0.0:9113 + ports: + - ${NGINX_EXPORTER_PORTS:-"127.0.0.1:9113"}:9113 + ssl-app: build: context: .