Merge pull request 'goaccess setup and integration' (#1 ) from goaccess into main

Reviewed-on: https://gitea.novicelab.io/novicelab.io/nginx/pulls/1
Change access log format to VCOMBINED and error log format to debug
2026-03-17 08:56:17 +00:00 · 2026-03-17 08:48:06 +00:00 · 2026-03-17 08:41:27 +00:00 · 2026-03-17 08:39:33 +00:00 · 2026-03-17 08:36:08 +00:00 · 2026-03-17 08:34:36 +00:00
21 changed files with 150 additions and 278 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,8 @@
 .env
 /data/
 /certbot/
 /goaccess/
 /data/public/
 !/data/nginx.conf
-!/data/conf.d/**
+!/data/conf.d/**
 !/goaccess/goaccess.conf
--- a/data/conf.d/adminer.conf
+++ b/data/conf.d/adminer.conf
@@ -62,8 +62,8 @@ server {
    # ssl_dhparam /etc/nginx/ssl/dhparam.pem;
    # Logging
-    access_log /var/log/nginx/adminer.novicelab.io_access.log;
+    access_log /var/log/nginx/adminer.novicelab.io_access.log VCOMBINED;
-    error_log /var/log/nginx/adminer.novicelab.io_error.log;
+    error_log /var/log/nginx/adminer.novicelab.io_error.log debug;
    # Root and index
    # root /var/www/html;
--- a/data/conf.d/auth.conf
+++ b/data/conf.d/auth.conf
@@ -62,8 +62,8 @@ server {
    # ssl_dhparam /etc/nginx/ssl/dhparam.pem;
    # Logging
-    access_log /var/log/nginx/auth.novicelab.io_access.log;
+    access_log /var/log/nginx/auth.novicelab.io_access.log VCOMBINED;
-    error_log /var/log/nginx/auth.novicelab.io_error.log;
+    error_log /var/log/nginx/auth.novicelab.io_error.log debug;
    # Root and index
    # root /var/www/html;
--- a/data/conf.d/book.conf
+++ b/data/conf.d/book.conf
@@ -62,8 +62,8 @@ server {
    # ssl_dhparam /etc/nginx/ssl/dhparam.pem;
    # Logging
-    access_log /var/log/nginx/book.novicelab.io_access.log;
+    access_log /var/log/nginx/book.novicelab.io_access.log VCOMBINED;
-    error_log /var/log/nginx/book.novicelab.io_error.log;
+    error_log /var/log/nginx/book.novicelab.io_error.log debug;
    # Root and index
    # root /var/www/html;
--- a/data/conf.d/cluster.conf
+++ b/data/conf.d/cluster.conf
@@ -38,8 +38,8 @@ server {
    add_header Content-Security-Policy "default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';" always;
    # Logging
-    access_log /var/log/nginx/*.novicelab.io_access.log;
+    access_log /var/log/nginx/*.novicelab.io_access.log VCOMBINED;
-    error_log /var/log/nginx/*.novicelab.io_error.log;
+    error_log /var/log/nginx/*.novicelab.io_error.log debug;
    location / {
        proxy_pass http://10.0.0.20:80; # Assuming HAProxy is on port 8080
--- a/data/conf.d/collabora.conf
+++ b/data/conf.d/collabora.conf
@@ -1,44 +0,0 @@
 server {
    listen 80;
    server_name collabora.novicelab.io;
    return 301 https://$host$request_uri;
 }
 server {
    listen 443 ssl; # http2;
    server_name collabora.novicelab.io;
    ssl_certificate     /etc/letsencrypt/live/novicelab.io/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/novicelab.io/privkey.pem;
    ssl_protocols       TLSv1.2 TLSv1.3;
    ssl_ciphers         HIGH:!aNULL:!MD5;
    ssl_session_cache   shared:SSL:10m;
    # Security headers
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
    add_header X-Frame-Options DENY;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    resolver 127.0.0.11 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 5s;
    # set $opencloud_backend 10.0.0.251:9980;
    location / {
        proxy_pass              http://10.0.0.251:9980;
        #proxy_pass         http://$opencloud_backend/;
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
    }
    location ~ ^/cool/(.*)/ws$ {
        proxy_pass http://10.0.0.251:9980;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $host;
    }
 }
--- a/data/conf.d/couch.conf
+++ b/data/conf.d/couch.conf
@@ -1,92 +0,0 @@
 server {
    listen 80;
    server_name couch.novicelab.io;
    return 301 https://$host$request_uri;
 }
 server {
    listen 443 ssl; # http2;
    server_name couch.novicelab.io;
    ssl_certificate     /etc/letsencrypt/live/novicelab.io/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/novicelab.io/privkey.pem;
    ssl_protocols       TLSv1.2 TLSv1.3;
    ssl_ciphers         HIGH:!aNULL:!MD5;
    ssl_session_cache   shared:SSL:10m;
    # Security headers
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
    add_header X-Frame-Options DENY;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    resolver 127.0.0.11 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 5s;
    set $couch_backend 10.0.0.251:5984;
    # # Block access to _utils (Fauxton) in production
    # location /_utils {
    #     deny all;
    #     return 403;
    # }
    # # Block _config endpoint externally
    # location /_config {
    #     deny all;
    #     return 403;
    # }
    # # Block _node endpoint externally
    # location /_node {
    #     # deny all;
    #     # return 403;
    #     proxy_pass         http://$couch_backend/_node; 
    #     proxy_redirect     off;
    #     proxy_set_header   Host $host;
    #     proxy_set_header   X-Real-IP $remote_addr;
    #     proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
    #     proxy_set_header   X-Forwarded-Proto $scheme;
    #     # Timeouts
    #     proxy_connect_timeout 10s;
    #     proxy_read_timeout    60s;
    # }
    location / {
        # Handle CORS preflight without hitting CouchDB auth
        if ($request_method = OPTIONS) {
            add_header Access-Control-Allow-Origin  $http_origin always;
            add_header Access-Control-Allow-Methods "GET, PUT, POST, HEAD, DELETE, OPTIONS" always;
            add_header Access-Control-Allow-Headers "accept, authorization, content-type, origin, referer, x-csrf-token" always;
            add_header Access-Control-Allow-Credentials "true" always;
            add_header Access-Control-Max-Age 3600;
            add_header Content-Length 0;
            add_header Content-Type text/plain;
            return 204;
        }
        # Pass all other requests to CouchDB
        # proxy_pass              http://127.0.0.1:5984;
        proxy_pass         http://$couch_backend/;
        proxy_redirect          off;
        proxy_buffering         off;
        proxy_method            $request_method;  
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        # Forward CORS headers from CouchDB responses too
        add_header Access-Control-Allow-Origin      $http_origin always;
        add_header Access-Control-Allow-Credentials "true" always;
        proxy_connect_timeout 10s;
        proxy_read_timeout    60s;
        # Headers for WebSocket support
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
 }
--- a/data/conf.d/gitea.conf
+++ b/data/conf.d/gitea.conf
@@ -31,8 +31,8 @@ server {
    add_header Content-Security-Policy "default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';" always;
    # Logging
-    access_log /var/log/nginx/gitea.novicelab.io_access.log;
+    access_log /var/log/nginx/gitea.novicelab.io_access.log VCOMBINED;
-    error_log /var/log/nginx/gitea.novicelab.io_error.log;
+    error_log /var/log/nginx/gitea.novicelab.io_error.log debug;
    set $gitea_backend gitea:3000; 
--- a/data/conf.d/goaccess.conf
+++ b/data/conf.d/goaccess.conf
@@ -0,0 +1,68 @@
 server {
    listen 80;
    listen [::]:80;
    server_name goaccess.novicelab.io;
    # ACME challenge for Let's Encrypt certificate renewal
    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }
    location / {
        return 301 https://$server_name$request_uri;
    }
 }
 map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
 }
 # Server block for GoAccess dashboard
 server {
    listen 443 ssl; # http2;
    server_name goaccess.novicelab.io;
    # SSL configuration
    ssl_certificate /etc/letsencrypt/live/novicelab.io/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/novicelab.io/privkey.pem;
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:10m;
    ssl_session_tickets off;
    ssl_protocols TLSv1.3;
    # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
    # add_header X-Content-Type-Options nosniff;
    # add_header X-Frame-Options DENY;
    # add_header X-XSS-Protection "1; mode=block";
    resolver 127.0.0.11 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 5s;
        # Logging
    access_log /var/log/nginx/goaccess.novicelab.io_access.log VCOMBINED;
    error_log /var/log/nginx/goaccess.novicelab.io_error.log debug;
    set $goaccess_backend goaccess:7890; 
    root /usr/share/nginx/html;
    index report.html;
    location / {
        try_files $uri $uri/ =404;
    }
    location /ws {
        proxy_pass http://$goaccess_backend;
        proxy_set_header Host $http_host;
 		proxy_set_header X-Real-IP $remote_addr;
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header X-Forwarded-Proto $scheme;
 		#enable ws upgrade
 		proxy_http_version 1.1;
 		proxy_set_header Upgrade $http_upgrade;
 		proxy_set_header Connection "Upgrade";
 	}
 }
--- a/data/conf.d/harbor.conf
+++ b/data/conf.d/harbor.conf
@@ -31,8 +31,8 @@ server {
    add_header Content-Security-Policy "default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';" always;
    # Logging
-    access_log /var/log/nginx/harbor.novicelab.io_access.log;
+    access_log /var/log/nginx/harbor.novicelab.io_access.log VCOMBINED;
-    error_log /var/log/nginx/harbor.novicelab.io_error.log;
+    error_log /var/log/nginx/harbor.novicelab.io_error.log debug;
    # set $harbor_backend 10.0.0.251:9090; 
    set $harbor_backend nginx-harbor:80; 
--- a/data/conf.d/hugo.conf
+++ b/data/conf.d/hugo.conf
@@ -2,7 +2,7 @@
 server {
    listen 80;
    listen [::]:80;
-    server_name novicelab.io www.novicelab.io; 
+    server_name novicelab.io www.novicelab.io x.y.novicelab.io; 
    # ACME challenge for Let's Encrypt certificate renewal
    location /.well-known/acme-challenge/ {
@@ -17,7 +17,7 @@ server {
 server {
    listen 443 ssl; #http2;
    listen [::]:443 ssl; # http2;
-    server_name novicelab.io www.novicelab.io;
+    server_name novicelab.io www.novicelab.io x.y.novicelab.io;
    # SSL Certificate paths
    ssl_certificate /etc/letsencrypt/live/novicelab.io/fullchain.pem;
@@ -62,8 +62,8 @@ server {
    # ssl_dhparam /etc/nginx/ssl/dhparam.pem;
    # Logging
-    access_log /var/log/nginx/novicelab.io_access.log;
+    access_log /var/log/nginx/novicelab.io_access.log VCOMBINED;
-    error_log /var/log/nginx/novicelab.io_error.log;
+    error_log /var/log/nginx/novicelab.io_error.log debug;
    # Root and index
    # root /var/www/html;
--- a/data/conf.d/kenvip.conf
+++ b/data/conf.d/kenvip.conf
--- a/data/conf.d/minio.conf
+++ b/data/conf.d/minio.conf
@@ -41,8 +41,8 @@ server {
    add_header Content-Security-Policy "default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';" always;
    # Logging
-    access_log /var/log/nginx/minio.novicelab.io_access.log;
+    access_log /var/log/nginx/minio.novicelab.io_access.log VCOMBINED;
-    error_log /var/log/nginx/minio.novicelab.io_error.log;
+    error_log /var/log/nginx/minio.novicelab.io_error.log debug;
    # resolver 127.0.0.11 valid=30s;
    set $minio_backend minio:9001; 
@@ -107,8 +107,8 @@ server {
    add_header Content-Security-Policy "default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';" always;
    # Logging
-    access_log /var/log/nginx/s3.novicelab.io_access.log;
+    access_log /var/log/nginx/s3.novicelab.io_access.log VCOMBINED;
-    error_log /var/log/nginx/s3.novicelab.io_error.log;
+    error_log /var/log/nginx/s3.novicelab.io_error.log debug;
    # resolver 127.0.0.11 valid=30s;
    set $s3_backend minio:9000; 
--- a/data/conf.d/opencloud.conf
+++ b/data/conf.d/opencloud.conf
@@ -15,8 +15,8 @@ server {
    ssl_session_cache   shared:SSL:10m;
    # Logging
-    access_log /var/log/nginx/opencloud.novicelab.io_access.log;
+    access_log /var/log/nginx/opencloud.novicelab.io_access.log VCOMBINED;
-    error_log /var/log/nginx/opencloud.novicelab.io_error.log;
+    error_log /var/log/nginx/opencloud.novicelab.io_error.log debug;
    # Security headers
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
--- a/data/conf.d/plane.conf
+++ b/data/conf.d/plane.conf
@@ -40,8 +40,8 @@ server {
    add_header Content-Security-Policy "default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';" always;
    # Logging
-    access_log /var/log/nginx/plane.novicelab.io_access.log;
+    access_log /var/log/nginx/plane.novicelab.io_access.log VCOMBINED;
-    error_log /var/log/nginx/plane.novicelab.io_error.log;
+    error_log /var/log/nginx/plane.novicelab.io_error.log debug;
    # resolver 127.0.0.11 valid=30s;
    # set $plane_backend 10.0.0.251:9020; 
--- a/data/conf.d/s3.conf
+++ b/data/conf.d/s3.conf
--- a/data/conf.d/tre.conf
+++ b/data/conf.d/tre.conf
@@ -1,58 +0,0 @@
 server {
    # listen 80;
    # server_name *.novicelab.io;
    # resolver 127.0.0.11 valid=30s;
    # set $haproxy_backend haproxy:80;
    listen 443 ssl; #http2;
    listen [::]:443 ssl; # http2;
    server_name tre.novicelab.io;
    # SSL Certificate paths
    ssl_certificate /etc/letsencrypt/live/novicelab.io/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/novicelab.io/privkey.pem;
    # SSL Protocol - TLS 1.2 and 1.3 only
    ssl_protocols TLSv1.2 TLSv1.3;
    # Cipher suites (prioritize TLS 1.3, secure TLS 1.2 fallback)
    ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384';
    ssl_prefer_server_ciphers off;
    # SSL session configuration
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:10m;
    ssl_session_tickets off;
    resolver 127.0.0.11 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 5s;
    # Security Headers
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
    add_header Content-Security-Policy "default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';" always;
    # Logging
    access_log /var/log/nginx/tre.novicelab.io_access.log;
    error_log /var/log/nginx/tre.novicelab.io_error.log;
    location /data-catalog {
        proxy_pass https://10.0.0.251:8888; # Assuming HAProxy is on port 8080
        # proxy_pass http://haproxy_backend;
        proxy_http_version 1.1;
        proxy_set_header Connection "";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        # Performance optimizations
        proxy_buffering off;
        proxy_request_buffering off;
        proxy_connect_timeout 5s;
        proxy_send_timeout 30s;
        proxy_read_timeout 30s;
    }
 }
--- a/data/conf.d/umami.conf
+++ b/data/conf.d/umami.conf
@@ -62,8 +62,8 @@ server {
    # ssl_dhparam /etc/nginx/ssl/dhparam.pem;
    # Logging
-    access_log /var/log/nginx/umami.novicelab.io_access.log;
+    access_log /var/log/nginx/umami.novicelab.io_access.log VCOMBINED;
-    error_log /var/log/nginx/umami.novicelab.io_error.log;
+    error_log /var/log/nginx/umami.novicelab.io_error.log debug;
    # Root and index
    # root /var/www/html;
--- a/data/conf.d/vault.conf
+++ b/data/conf.d/vault.conf
@@ -31,8 +31,8 @@ server {
    add_header Content-Security-Policy "default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';" always;
    # Logging
-    access_log /var/log/nginx/vault.novicelab.io_access.log;
+    access_log /var/log/nginx/vault.novicelab.io_access.log VCOMBINED;
-    error_log /var/log/nginx/vault.novicelab.io_error.log;
+    error_log /var/log/nginx/vault.novicelab.io_error.log debug;
    set $vault_backend vaultwarden:443;
    location / {
--- a/data/nginx.conf
+++ b/data/nginx.conf
@@ -10,7 +10,7 @@ events {
 }
 http {
-    include       mime.types;
+    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    keepalive_timeout 65;
@@ -23,30 +23,31 @@ http {
    resolver 8.8.8.8 valid=30s ipv6=off;
    resolver_timeout 11s;
-    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+    # log_format json_combined escape=json '{'
-                        '$status $body_bytes_sent "$http_referer" '
+    #     '"method":"$request_method",'
-                        '"$http_user_agent" "$http_x_forwarded_for"';
+    #     '"scheme":"$scheme",'
-
+    #     '"domain":"$host",'
-    # JSON format — preferred for log aggregators (ELK, Loki, Datadog, etc.)
+    #     '"uri":"$request_uri",'
-    log_format  json_log escape=json
+    #     '"query_string":"$query_string",'
-        '{'
+    #     '"referer":"$http_referer",'
-            '"time":"$time_iso8601",'
+    #     '"content_type":"$sent_http_content_type",'
-            '"remote_addr":"$remote_addr",'
+    #     '"status": $status,'
-            '"method":"$request_method",'
+    #     '"bytes_sent":$body_bytes_sent,'
-            '"uri":"$request_uri",'
+    #     '"request_time":$request_time,'
-            '"status":$status,'
+    #     '"user_agent":"$http_user_agent",'
-            '"bytes_sent":$body_bytes_sent,'
+    #     '"cache":"$upstream_cache_status",'
-            '"request_time":$request_time,'
+    #     '"upstream_time": "$upstream_response_time",'
-            '"upstream_response_time":"$upstream_response_time",'
+    #     '"timestamp":"$time_iso8601",'
-            '"referer":"$http_referer",'
+    #     '"ip":"$http_x_forwarded_for"'
-            '"user_agent":"$http_user_agent",'
+    # '}';
-            '"x_forwarded_for":"$http_x_forwarded_for",'
+    log_format VCOMBINED '$host:$server_port '
-            '"host":"$host"'
+                     '$remote_addr $remote_user [$time_local] '
-        '}';
+                     '"$request" $status $body_bytes_sent '
                     '"$http_referer" "$http_user_agent"';
-    access_log  /var/log/nginx/access.log json_log;
+    access_log  /var/log/nginx/access.log VCOMBINED;
-    error_log   /var/log/nginx/error.log;
+    error_log   /var/log/nginx/error.log debug;
    sendfile on;
    tcp_nopush on;
@@ -93,34 +94,4 @@ http {
    # Include all server configurations
    include /etc/nginx/conf.d/*.conf;
-}
+}
 # Existing http {} block stays as-is...
 # TCP stream proxy for SMTP ports
 # stream {
 #     upstream mailserver_smtp {
 #         server mailserver:25;   # docker-mailserver container name
 #     }
 #     upstream mailserver_submission {
 #         server mailserver:587;
 #     }
 #     # Port 25 — inbound MTA-to-MTA (if you ever receive external mail)
 #     server {
 #         listen 25;
 #         proxy_pass mailserver_smtp;
 #         proxy_timeout 1m;
 #         proxy_connect_timeout 10s;
 #     }
 #     # Port 587 — STARTTLS submission (for mail clients or apps)
 #     server {
 #         listen 587;
 #         proxy_pass mailserver_submission;
 #         proxy_timeout 1m;
 #         proxy_connect_timeout 10s;
 #     }
 # }
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,5 +1,5 @@
 services:
-  web:
+  nginx:
    container_name: nginx
    image: nginx:latest
    ports:
@@ -8,6 +8,8 @@ services:
    volumes:
      - ./data/nginx.conf:/etc/nginx/nginx.conf:ro
      - ./data/conf.d:/etc/nginx/conf.d:ro
      - ./data/logs:/var/log/nginx
      - ./data/public:/usr/share/nginx/html:rw
      - ./certbot/conf:/etc/letsencrypt
      - ./certbot/www:/var/www/certbot
    restart: always
@@ -16,6 +18,7 @@ services:
      - nginx
  certbot:
    container_name: certbot
    image: certbot/dns-cloudflare:latest
    restart: unless-stopped
    volumes:
@@ -26,6 +29,27 @@ services:
    networks: 
      - nginx
  goaccess:
    container_name: goaccess
    image: allinurl/goaccess
    user: "0:0"
    ports:
      - 0.0.0.0:7890:7890
    volumes:
      - ./goaccess/goaccess.conf:/srv/config/goaccess.conf
      - ./data/logs:/srv/logs:rw
      - ./data/public:/srv/report:rw
      - ./certbot/conf:/etc/letsencrypt  
    command: ["--no-global-config", 
              "--config-file=/srv/config/goaccess.conf", 
              "--ssl-cert=/etc/letsencrypt/live/novicelab.io/fullchain.pem",
              "--ssl-key=/etc/letsencrypt/live/novicelab.io/privkey.pem"] 
    environment:
      - TZ=Africa/Nairobi
    restart: unless-stopped 
    networks: 
      - nginx 
 networks:
  nginx:
    driver: bridge
Author	SHA1	Message	Date
kbrianngeno	56a221fb9d	Merge pull request 'goaccess setup and integration' (#1 ) from goaccess into main Reviewed-on: https://gitea.novicelab.io/novicelab.io/nginx/pulls/1	2026-03-17 08:56:17 +00:00
kbrianngeno	dc320d83d4	Change access log format to VCOMBINED and error log format to debug	2026-03-17 08:48:06 +00:00
kbrianngeno	382a3dd438	Track goaccess/goaccess.conf and ignore real-time html file (report.html)	2026-03-17 08:41:27 +00:00
kbrianngeno	ff464ef99f	Add goaccess nginx configuration	2026-03-17 08:39:33 +00:00
kbrianngeno	b710eaa41b	Change log format to VCOMBINED for access logs and debug for error logs	2026-03-17 08:36:08 +00:00
kbrianngeno	9a810fe545	Add goaccess for log visualization on hugo pages	2026-03-17 08:34:36 +00:00