diff options
author | Jesse Luehrs <doy@tozt.net> | 2021-07-03 10:31:56 -0400 |
---|---|---|
committer | Jesse Luehrs <doy@tozt.net> | 2021-07-03 10:31:56 -0400 |
commit | 507b1b8e4a7314a83cdbed59304c228560bd54cd (patch) | |
tree | 8a81809080d8dd53c9889933e951ca518a525af6 | |
parent | bd238d32a0d29978836985ed192bf06b438bfd91 (diff) | |
download | puppet-tozt-507b1b8e4a7314a83cdbed59304c228560bd54cd.tar.gz puppet-tozt-507b1b8e4a7314a83cdbed59304c228560bd54cd.zip |
stop exposing prometheus to the internet directly
-rw-r--r-- | modules/certbot/manifests/init.pp | 1 | ||||
-rw-r--r-- | modules/tozt/files/nginx/prometheus-tls.conf | 14 | ||||
-rw-r--r-- | modules/tozt/files/nginx/prometheus.conf | 10 | ||||
-rw-r--r-- | modules/tozt/manifests/prometheus.pp | 5 |
4 files changed, 0 insertions, 30 deletions
diff --git a/modules/certbot/manifests/init.pp b/modules/certbot/manifests/init.pp index b2059a4..0c88db4 100644 --- a/modules/certbot/manifests/init.pp +++ b/modules/certbot/manifests/init.pp @@ -16,7 +16,6 @@ class certbot($config_dir=undef) { "rss.tozt.net", "metabase.tozt.net", "bitwarden.tozt.net", - "prometheus.tozt.net", "grafana.tozt.net", ] diff --git a/modules/tozt/files/nginx/prometheus-tls.conf b/modules/tozt/files/nginx/prometheus-tls.conf deleted file mode 100644 index 25e8eba..0000000 --- a/modules/tozt/files/nginx/prometheus-tls.conf +++ /dev/null @@ -1,14 +0,0 @@ -server { - listen 443 ssl; - server_name prometheus.tozt.net; - - access_log /var/log/nginx/prometheus.access.log; - error_log /var/log/nginx/prometheus.error.log; - - include ssl; - - location / { - proxy_pass http://127.0.0.1:9090/; - } -} -# vim:ft=nginx diff --git a/modules/tozt/files/nginx/prometheus.conf b/modules/tozt/files/nginx/prometheus.conf deleted file mode 100644 index d90c1ad..0000000 --- a/modules/tozt/files/nginx/prometheus.conf +++ /dev/null @@ -1,10 +0,0 @@ -server { - listen 80; - server_name prometheus.tozt.net; - - access_log /var/log/nginx/prometheus.access.log; - error_log /var/log/nginx/prometheus.error.log; - - rewrite ^(.*) https://$host$1 permanent; -} -# vim:ft=nginx diff --git a/modules/tozt/manifests/prometheus.pp b/modules/tozt/manifests/prometheus.pp index 13bc406..05ad53c 100644 --- a/modules/tozt/manifests/prometheus.pp +++ b/modules/tozt/manifests/prometheus.pp @@ -48,11 +48,6 @@ class tozt::prometheus { } nginx::site { - "prometheus-tls": - source => 'puppet:///modules/tozt/nginx/prometheus-tls.conf', - require => Class['certbot']; - "prometheus": - source => 'puppet:///modules/tozt/nginx/prometheus.conf'; "grafana-tls": source => 'puppet:///modules/tozt/nginx/grafana-tls.conf', require => Class['certbot']; |