helmi/nginx-proxy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Init commit

Browse Source
This commit is contained in:
root
2025-10-10 16:24:16 +00:00
parent 8ad23b1307
commit 1bdb0e552c
8 changed files with 93 additions and 127 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
conf.d/default.conf
View File

@@ -20,7 +20,7 @@ server {
include /etc/nginx/conf.d/fet.at/*.conf; include /etc/nginx/conf.d/fet.at/*.conf;
include /etc/nginx/conf.d/triton20.fet.at/*.conf; #include /etc/nginx/conf.d/triton20.fet.at/*.conf;
include /etc/nginx/conf.d/luna.fet.at/*.conf; #include /etc/nginx/conf.d/luna.fet.at/*.conf;

53
conf.d/fet.at/default.conf
View File

@@ -2,9 +2,54 @@ server {
listen 443 ssl; listen 443 ssl;
server_name fet.at; server_name fet.at;
include ssl.conf; include ssl.conf;
set $proxy_host triton20;
set $proxy_port 8080;
include default_proxy.conf; #changed 22.9.22, andis
client_max_body_size 50M;
# set $proxy_host triton20;
# set $proxy_port 8080;
set $proxy_host fetsite2023;
set $proxy_port 8000;
# location / { return 503 'Andis rulez'; }
#include default_proxy.conf;
location / {
include proxy.conf;
include secure.conf;
proxy_pass http://$proxy_host:$proxy_port;
#more_set_headers "Content-Security-Policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' ; frame-ancestors 'self'";
more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; base-uri 'self'; form-action 'self'; connect-src 'self'; frame-ancestors 'none'";
}
location /etherpad {
include proxy.conf;
include secure.conf;
proxy_cookie_path ~^/(.+)$ "/$1; SameSite=none";
#more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
more_set_headers "Content-Security-Policy: default-src 'self'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'self' ";
proxy_pass http://$proxy_host:$proxy_port;
}
location /admin {
include proxy.conf;
include secure.conf;
proxy_cookie_path ~^/(.+)$ "/$1; SameSite=none";
more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
proxy_pass http://$proxy_host:$proxy_port;
}
}
server {
listen 443 ssl;
server_name www.fet.at;
include ssl.conf;
return 302 https://fet.at$request_uri;
} }

12
conf.d/fet.at/docker.conf
View File

@@ -3,9 +3,17 @@ server {
include ssl.conf; include ssl.conf;
server_name docker.fet.at; server_name docker.fet.at;
set $proxy_host triton20; set $proxy_host docker;
set $proxy_port 5000; set $proxy_port 5000;
include default_proxy.conf; location / {
include proxy.conf;
include secure.conf;
proxy_set_header X-Forwarded-Proto https;
client_max_body_size 0;
proxy_pass http://$proxy_host:$proxy_port;
}
} }

8
conf.d/fet.at/git.conf
View File

@@ -1,13 +1,17 @@
server { server {
listen 443 ssl; listen 443 ssl;
include ssl.conf; include ssl.conf;
#changed 29.11.22, pet
client_max_body_size 50M;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
server_name git.fet.at; server_name git.fet.at;
set $proxy_host zyklon; set $proxy_host zyklon;
set $proxy_port 3000; set $proxy_port 3000;
location / { location / {
include proxy.conf; include proxy.conf;
# add_header Content-Security-Policy "default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self'; frame-ancestors 'none'"; more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self'; frame-ancestors 'none'";
proxy_pass http://zyklon:3000; proxy_pass http://zyklon:3000;
} }
} }

61
conf.d/fet.at/horde.conf.txt
View File

@@ -1,61 +0,0 @@
server {
listen 443 ssl;
include ssl.conf;
server_name fet.htu.tuwien.ac.at;
location / {
return 302 https://mail.fet.at$request_uri;
}
}
server {
listen 443 ssl;
include ssl.conf;
server_name mail.fet.at www.mail.fet.at;
# add_header "Strict-Transport-Security max-age=63072000; includeSubdomains; preload" always;
location / {
include secure.conf;
root /var/www/mail;
}
location /mail5/ {
# include proxy.conf;
# include secure.conf;
proxy_pass http://192.168.249.4/;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host horde.fet.htu.tuwien.ac.at;
proxy_set_header X-Forwarded-Host $host;
}
location /mail3/ {
include proxy.conf;
include secure.conf;
proxy_pass http://192.168.249.4/;
proxy_set_header Host squirrelmail.fet.htu.tuwien.ac.at;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_buffering off;
}
location /images/ {
include secure.conf;
root /var/www/mail;
}
location = /mail {
return 301 https://$host;
}
location /mail/ {
include secure.conf;
root /var/www/mail;
}
}

18
conf.d/fet.at/jenkins.conf
View File

@@ -9,3 +9,21 @@ server {
include default_proxy.conf; include default_proxy.conf;
} }
server {
listen 443 ssl;
include ssl.conf;
server_name jenkins2.fet.at;
set $proxy_host jenkins;
set $proxy_port 8080;
location / {
include proxy.conf;
include secure.conf;
proxy_set_header "X-Forwarded-Port" "443";
proxy_set_header "X-Forwarded-Proto" "https";
proxy_set_header "X-Forwarded-Host" "jenkins2.fet.at";
more_set_headers "Content-Security-Policy: default-src 'self'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'self'";
proxy_pass http://$proxy_host:$proxy_port;
}
}

61
conf.d/fet.at/mail.conf
View File

@@ -1,61 +1,12 @@
server { server {
listen 443 ssl; listen 443 ssl;
include ssl.conf; include ssl.conf;
server_name fet.htu.tuwien.ac.at;
location / {
return 302 https://mail.fet.at$request_uri;
}
}
server {
listen 443 ssl;
include ssl.conf;
server_name mail.fet.at www.mail.fet.at;
# add_header "Strict-Transport-Security max-age=63072000; includeSubdomains; preload" always;
location / {
include secure.conf;
root /var/www/mail;
}
location /mail5/ { server_name mail.fet.at;
# include proxy.conf; set $proxy_host webmail;
# include secure.conf; set $proxy_port 80;
proxy_pass http://192.168.249.4/;
proxy_set_header X-Forwarded-For $remote_addr; include insecure_proxy.conf;
proxy_set_header Host horde.fet.htu.tuwien.ac.at;
proxy_set_header X-Forwarded-Host $host;
}
location /mail3/ {
include proxy.conf;
include secure.conf;
proxy_pass http://192.168.249.4/;
proxy_set_header Host squirrelmail.fet.htu.tuwien.ac.at;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_buffering off;
}
location /images/ {
include secure.conf;
root /var/www/mail;
}
location = /mail {
return 301 https://$host;
}
location /mail/ {
include secure.conf;
root /var/www/mail;
}
rewrite ^(/.*)$ /roundcube$1 break;
} }

3
conf.d/fet.at/ticket.conf
View File

@@ -5,7 +5,8 @@ server {
server_name ticket.fet.at; server_name ticket.fet.at;
set $proxy_host proteus; set $proxy_host proteus;
set $proxy_port 80; set $proxy_port 80;
more_set_headers "Content-Security-Policy-Report-Only: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
include default_proxy.conf; include insecure_proxy.conf;
} }