Skip to content
Snippets Groups Projects
Verified Commit e71de82c authored by nd's avatar nd
Browse files

add promtail and geoip support

parent 08c567f7
No related branches found
No related tags found
No related merge requests found
geoip_country /usr/share/GeoIP/GeoIPv6.dat;
geoip_city /usr/share/GeoIP/GeoIPCity.dat;
geoip_org /usr/share/GeoIP/GeoIPASNum.dat;
log_format vcombined '$host:$server_port $remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';
log_format promtail_analytics escape=json '{'
'"msec": "$msec", ' # request unixtime in seconds with a milliseconds resolution
'"connection": "$connection", ' # connection serial number
'"connection_requests": "$connection_requests", ' # number of requests made in connection
'"pid": "$pid", ' # process pid
'"request_id": "$request_id", ' # the unique request id
'"request_length": "$request_length", ' # request length (including headers and body)
'"remote_addr": "$remote_addr", ' # client IP
'"remote_user": "$remote_user", ' # client HTTP username
'"remote_port": "$remote_port", ' # client port
'"time_local": "$time_local", '
'"time_iso8601": "$time_iso8601", ' # local time in the ISO 8601 standard format
'"request": "$request", ' # full path no arguments if the request
'"request_uri": "$request_uri", ' # full path and arguments if the request
'"args": "$args", ' # args
'"status": "$status", ' # response status code
'"body_bytes_sent": "$body_bytes_sent", ' # the number of body bytes exclude headers sent to a client
'"bytes_sent": "$bytes_sent", ' # the number of bytes sent to a client
'"http_referer": "$http_referer", ' # HTTP referer
'"http_user_agent": "$http_user_agent", ' # user agent
'"http_x_forwarded_for": "$http_x_forwarded_for", ' # http_x_forwarded_for
'"http_host": "$http_host", ' # the request Host: header
'"server_name": "$server_name", ' # the name of the vhost serving the request
'"request_time": "$request_time", ' # request processing time in seconds with msec resolution
'"upstream": "$upstream_addr", ' # upstream backend server for proxied requests
'"upstream_connect_time": "$upstream_connect_time", ' # upstream handshake time incl. TLS
'"upstream_header_time": "$upstream_header_time", ' # time spent receiving upstream headers
'"upstream_response_time": "$upstream_response_time", ' # time spend receiving upstream body
'"upstream_response_length": "$upstream_response_length", ' # upstream response length
'"upstream_cache_status": "$upstream_cache_status", ' # cache HIT/MISS where applicable
'"ssl_protocol": "$ssl_protocol", ' # TLS protocol
'"ssl_cipher": "$ssl_cipher", ' # TLS cipher
'"scheme": "$scheme", ' # http or https
'"request_method": "$request_method", ' # request method
'"server_protocol": "$server_protocol", ' # request protocol, like HTTP/1.1 or HTTP/2.0
'"pipe": "$pipe", ' # "p" if request was pipelined, "." otherwise
'"gzip_ratio": "$gzip_ratio", '
'"http_cf_ray": "$http_cf_ray",'
'"geoip_country_code": "$geoip_country_code",'
'"geoip_region": "$geoip_region",'
'"geoip_city": "$geoip_city",'
'"geoip_org": "$geoip_org",'
'"geoip_latitude": "$geoip_latitude",'
'"geoip_longitude": "$geoip_longitude"'
'}';
access_log /var/log/nginx/access.log vcombined;
access_log /var/log/nginx/access-promtail.log promtail_analytics;
error_log /var/log/nginx/error.log warn;
......@@ -4,6 +4,7 @@ pid /run/nginx.pid;
load_module /usr/lib/nginx/modules/ngx_http_headers_more_filter_module.so;
load_module /usr/lib/nginx/modules/ngx_stream_module.so;
load_module /usr/lib/nginx/modules/ngx_http_geoip_module.so;
events {
use epoll;
......
......@@ -23,7 +23,10 @@
- nginx
- libnginx-mod-http-headers-more-filter
- libnginx-mod-stream
- libnginx-mod-http-geoip
- goaccess
- geoip-database
- geoip-database-extra
notify:
- delete nginx index.nginx-debian.html
- restart nginx
......
......@@ -3,3 +3,9 @@ set_real_ip_from {{ ip }};
{% endfor %}
real_ip_header {{ nginx.real_ip_header }};
real_ip_recursive on;
{% for ip in nginx.real_ip_from %}
geoip_proxy {{ ip }};
{% endfor %}
geoip_proxy_recursive on;
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment