vidhar: ...

2 files changed, 7 insertions, 0 deletions

diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix
index 69ca1403..d8f9cdb4 100644
--- a/hosts/vidhar/default.nix
+++ b/hosts/vidhar/default.nix
@@ -131,6 +131,8 @@
 
         access_log syslog:server=unix:/dev/log main;
         error_log syslog:server=unix:/dev/log info;
+
+        client_body_temp_path /run/nginx-client-bodies;
       '';
       upstreams.grafana = {
         servers = { "unix:${config.services.grafana.socket}" = {}; };
@@ -175,6 +177,9 @@
       serviceConfig = {
         ExecReload = lib.mkForce "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
         LoadCredential = [ "selfsigned.key:${config.sops.secrets."selfsigned.key".path}" ];
+
+        RuntimeDirectory = lib.mkForce [ "nginx" "nginx-client-bodies" ];
+        RuntimeDirectoryMode = "0750";
       };
     };
 
diff --git a/hosts/vidhar/prometheus/default.nix b/hosts/vidhar/prometheus/default.nix
index 4a666e95..8d7b0fe8 100644
--- a/hosts/vidhar/prometheus/default.nix
+++ b/hosts/vidhar/prometheus/default.nix
@@ -400,6 +400,8 @@ in {
           ssl_client_certificate ${./ca/ca.crt};
           ssl_trusted_certificate ${./ca/ca.crt};
           ssl_verify_client on;
+
+          client_max_body_size    0;
         '';
         locations."/" = {
           proxyPass = "http://prometheus/";