diff options
Diffstat (limited to '')
-rw-r--r-- | modules/server/nginx/default.nix | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/modules/server/nginx/default.nix b/modules/server/nginx/default.nix new file mode 100644 index 00000000000..c81fee44294 --- /dev/null +++ b/modules/server/nginx/default.nix @@ -0,0 +1,25 @@ +/* NGINX ROOT CONFIGURATION + * + * Mostly sets up IP anonymisation in logs + */ + +{ config, ... }: + +{ + services.nginx = { + enable = true; + appendHttpConfig = '' + map $remote_addr $remote_addr_anon { + ~(?P<ip>\d+\.\d+\.\d+)\. $ip.X; + ~(?P<ip>[^:]+:[^:]+): $ip::X; + default 0.0.0.0; + } + + log_format anonymous '$remote_addr_anon - $remote_user [$time_local] ' + '"$request" $status $body_bytes_sent ' + '"$http_referer" "$http_user_agent"'; + access_log /var/spool/nginx/logs/access.log anonymous; + charset UTF-8; + ''; + }; +} |