helmi/nginx-proxy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Init commit

Browse Source
This commit is contained in:
root
2025-10-10 16:24:16 +00:00
parent 8ad23b1307
commit 1bdb0e552c
8 changed files with 93 additions and 127 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
conf.d/default.conf
View File

@@ -20,7 +20,7 @@ server {
include /etc/nginx/conf.d/fet.at/*.conf;
include /etc/nginx/conf.d/triton20.fet.at/*.conf;
include /etc/nginx/conf.d/luna.fet.at/*.conf;
#include /etc/nginx/conf.d/triton20.fet.at/*.conf;
#include /etc/nginx/conf.d/luna.fet.at/*.conf;

51
conf.d/fet.at/default.conf
View File

@@ -3,8 +3,53 @@ server {
server_name fet.at;
include ssl.conf;
set $proxy_host triton20;
set $proxy_port 8080;
#changed 22.9.22, andis
client_max_body_size 50M;
include default_proxy.conf;
# set $proxy_host triton20;
# set $proxy_port 8080;
set $proxy_host fetsite2023;
set $proxy_port 8000;
# location / { return 503 'Andis rulez'; }
#include default_proxy.conf;
location / {
include proxy.conf;
include secure.conf;
proxy_pass http://$proxy_host:$proxy_port;
#more_set_headers "Content-Security-Policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' ; frame-ancestors 'self'";
more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; base-uri 'self'; form-action 'self'; connect-src 'self'; frame-ancestors 'none'";
}
location /etherpad {
include proxy.conf;
include secure.conf;
proxy_cookie_path ~^/(.+)$ "/$1; SameSite=none";
#more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
more_set_headers "Content-Security-Policy: default-src 'self'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'self' ";
proxy_pass http://$proxy_host:$proxy_port;
}
location /admin {
include proxy.conf;
include secure.conf;
proxy_cookie_path ~^/(.+)$ "/$1; SameSite=none";
more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
proxy_pass http://$proxy_host:$proxy_port;
}
}
server {
listen 443 ssl;
server_name www.fet.at;
include ssl.conf;
return 302 https://fet.at$request_uri;
}

12
conf.d/fet.at/docker.conf
View File

@@ -3,9 +3,17 @@ server {
include ssl.conf;
server_name docker.fet.at;
set $proxy_host triton20;
set $proxy_host docker;
set $proxy_port 5000;
include default_proxy.conf;
location / {
include proxy.conf;
include secure.conf;
proxy_set_header X-Forwarded-Proto https;
client_max_body_size 0;
proxy_pass http://$proxy_host:$proxy_port;
}
}

6
conf.d/fet.at/git.conf
View File

@@ -1,13 +1,17 @@
server {
listen 443 ssl;
include ssl.conf;
#changed 29.11.22, pet
client_max_body_size 50M;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
server_name git.fet.at;
set $proxy_host zyklon;
set $proxy_port 3000;
location / {
include proxy.conf;
# add_header Content-Security-Policy "default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self'; frame-ancestors 'none'";
more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self'; frame-ancestors 'none'";
proxy_pass http://zyklon:3000;
}
}

61
conf.d/fet.at/horde.conf.txt
View File

@@ -1,61 +0,0 @@
server {
listen 443 ssl;
include ssl.conf;
server_name fet.htu.tuwien.ac.at;
location / {
return 302 https://mail.fet.at$request_uri;
}
}
server {
listen 443 ssl;
include ssl.conf;
server_name mail.fet.at www.mail.fet.at;
# add_header "Strict-Transport-Security max-age=63072000; includeSubdomains; preload" always;
location / {
include secure.conf;
root /var/www/mail;
}
location /mail5/ {
# include proxy.conf;
# include secure.conf;
proxy_pass http://192.168.249.4/;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host horde.fet.htu.tuwien.ac.at;
proxy_set_header X-Forwarded-Host $host;
}
location /mail3/ {
include proxy.conf;
include secure.conf;
proxy_pass http://192.168.249.4/;
proxy_set_header Host squirrelmail.fet.htu.tuwien.ac.at;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_buffering off;
}
location /images/ {
include secure.conf;
root /var/www/mail;
}
location = /mail {
return 301 https://$host;
}
location /mail/ {
include secure.conf;
root /var/www/mail;
}
}

18
conf.d/fet.at/jenkins.conf
View File

@@ -9,3 +9,21 @@ server {
include default_proxy.conf;
}
server {
listen 443 ssl;
include ssl.conf;
server_name jenkins2.fet.at;
set $proxy_host jenkins;
set $proxy_port 8080;
location / {
include proxy.conf;
include secure.conf;
proxy_set_header "X-Forwarded-Port" "443";
proxy_set_header "X-Forwarded-Proto" "https";
proxy_set_header "X-Forwarded-Host" "jenkins2.fet.at";
more_set_headers "Content-Security-Policy: default-src 'self'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'self'";
proxy_pass http://$proxy_host:$proxy_port;
}
}

63
conf.d/fet.at/mail.conf
View File

@@ -1,61 +1,12 @@
server {
listen 443 ssl;
include ssl.conf;
server_name fet.htu.tuwien.ac.at;
location / {
return 302 https://mail.fet.at$request_uri;
server_name mail.fet.at;
set $proxy_host webmail;
set $proxy_port 80;
include insecure_proxy.conf;
rewrite ^(/.*)$ /roundcube$1 break;
}
}
server {
listen 443 ssl;
include ssl.conf;
server_name mail.fet.at www.mail.fet.at;
# add_header "Strict-Transport-Security max-age=63072000; includeSubdomains; preload" always;
location / {
include secure.conf;
root /var/www/mail;
}
location /mail5/ {
# include proxy.conf;
# include secure.conf;
proxy_pass http://192.168.249.4/;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host horde.fet.htu.tuwien.ac.at;
proxy_set_header X-Forwarded-Host $host;
}
location /mail3/ {
include proxy.conf;
include secure.conf;
proxy_pass http://192.168.249.4/;
proxy_set_header Host squirrelmail.fet.htu.tuwien.ac.at;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_buffering off;
}
location /images/ {
include secure.conf;
root /var/www/mail;
}
location = /mail {
return 301 https://$host;
}
location /mail/ {
include secure.conf;
root /var/www/mail;
}
}

3
conf.d/fet.at/ticket.conf
View File

@@ -5,7 +5,8 @@ server {
server_name ticket.fet.at;
set $proxy_host proteus;
set $proxy_port 80;
more_set_headers "Content-Security-Policy-Report-Only: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
include default_proxy.conf;
include insecure_proxy.conf;
}