multiple changes
This commit is contained in:
root
@@ -61,10 +61,10 @@ server {
|
||||
root /mnt/git_repo/;
|
||||
}
|
||||
location ~ ^.*\.git/(HEAD|info/refs|objects/info/.*|git-(upload|receive)-pack)$ {
|
||||
satisfy any;
|
||||
allow 192.168.95.0/24;
|
||||
allow 127.0.0.1;
|
||||
deny all;
|
||||
# satisfy any;
|
||||
# allow 192.168.95.0/24;
|
||||
# allow 127.0.0.1;
|
||||
# deny all;
|
||||
|
||||
include snippets/ldap.conf;
|
||||
|
||||
|
||||
@@ -7,6 +7,148 @@ server {
|
||||
|
||||
include snippets/letsencrypt.conf;
|
||||
}
|
||||
server {
|
||||
listen 80;
|
||||
|
||||
server_name confrancher.triton.fet.at;
|
||||
# deny all;
|
||||
# satisfy any;
|
||||
allow 192.168.86.0/24;
|
||||
# allow 128.130.95.206;
|
||||
# allow 128.130.95.200;
|
||||
|
||||
root /var/www/rancher;
|
||||
index index.html;
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name portainer.triton.fet.at www.portainer.triton.fet.at;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/triton.fet.at/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/triton.fet.at/privkey.pem;
|
||||
ssl_trusted_certificate /etc/letsencrypt/live/triton.fet.at/chain.pem;
|
||||
include snippets/ssl.conf;
|
||||
|
||||
# include snippets/ldap.conf;
|
||||
|
||||
location / {
|
||||
|
||||
proxy_pass http://rancher:9000;
|
||||
# include snippets/proxy_header.conf;
|
||||
# proxy_set_header Authorization "";
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "";
|
||||
|
||||
proxy_set_header X-Forwarded-Host $server_name;
|
||||
proxy_set_header X-Upstream $upstream_addr;
|
||||
|
||||
}
|
||||
location /api/websocket/ {
|
||||
set $upstream_endpoint http://rancher:9000;
|
||||
proxy_buffering off;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Server $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $server_name;
|
||||
proxy_set_header X-Upstream $upstream_addr;
|
||||
proxy_http_version 1.1;
|
||||
proxy_pass $upstream_endpoint;
|
||||
proxy_redirect http://rancher:9000 $scheme://$host/;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
server_name www.rancher.fet.at www.triton2.fet.at rancher.fet.at *.rancher.fet.at *.triton2.fet.at triton2.fet.at;
|
||||
|
||||
client_max_body_size 1000M;
|
||||
|
||||
|
||||
location / {
|
||||
|
||||
#include snippets/ldap.conf;
|
||||
proxy_pass http://rancher:80;
|
||||
include snippets/proxy_header.conf;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
# proxy_set_header Authorization "";
|
||||
# proxy_set_header REMOTE_USER $remote_user;
|
||||
}
|
||||
|
||||
location /.well-known/ {
|
||||
default_type "text/plain";
|
||||
root /var/www/html;
|
||||
}
|
||||
location = /.well-known/acme-challenge/ {
|
||||
return 404;
|
||||
}
|
||||
|
||||
# include snippets/letsencrypt.conf;
|
||||
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name www.rancher.fet.at www.triton2.fet.at rancher.fet.at *.rancher.fet.at *.triton2.fet.at triton2.fet.at;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/triton2.fet.at/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/triton2.fet.at/privkey.pem;
|
||||
ssl_trusted_certificate /etc/letsencrypt/live/triton2.fet.at/chain.pem;
|
||||
include snippets/ssl.conf;
|
||||
include snippets/header.conf;
|
||||
|
||||
client_max_body_size 1000M;
|
||||
|
||||
location / {
|
||||
|
||||
#include snippets/ldap.conf;
|
||||
proxy_pass https://rancher:443;
|
||||
include snippets/proxy_header.conf;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
# proxy_set_header Authorization "";
|
||||
# proxy_set_header REMOTE_USER $remote_user;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name proxy.rancher.fet.at;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem;
|
||||
ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem;
|
||||
include snippets/ssl.conf;
|
||||
include snippets/header.conf;
|
||||
|
||||
client_max_body_size 1000M;
|
||||
location / {
|
||||
|
||||
#include snippets/ldap.conf;
|
||||
proxy_pass http://rancher:81;
|
||||
include snippets/proxy_header.conf;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
# proxy_set_header Authorization "";
|
||||
# proxy_set_header REMOTE_USER $remote_user;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
|
||||
Reference in New Issue
Block a user