helmi/nginx-proxy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial Config

Browse Source
This commit is contained in:
root
2022-08-14 07:35:33 +00:00
commit 8ad23b1307
18 changed files with 404 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
conf.d/default.conf Normal file
View File

@@ -0,0 +1,26 @@
server {
listen 80 default_server;
location ^~ /.well-known/acme-challenge/ {
content_by_lua_block {
auto_ssl:challenge_server()
}
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2;
include ldap.conf;
include ssl.conf;
add_header X-debug-message "Fallback Entry" always;
return 404;
}
include /etc/nginx/conf.d/fet.at/*.conf;
include /etc/nginx/conf.d/triton20.fet.at/*.conf;
include /etc/nginx/conf.d/luna.fet.at/*.conf;

10
conf.d/fet.at/default.conf Normal file
View File

@@ -0,0 +1,10 @@
server {
listen 443 ssl;
server_name fet.at;
include ssl.conf;
set $proxy_host triton20;
set $proxy_port 8080;
include default_proxy.conf;
}

8
conf.d/fet.at/discord.conf Normal file
View File

@@ -0,0 +1,8 @@
server {
listen 443 ssl;
include ssl.conf;
server_name discord.fet.at;
return 302 https://discord.gg/7qRuuMA;
}

11
conf.d/fet.at/docker.conf Normal file
View File

@@ -0,0 +1,11 @@
server {
listen 443 ssl;
include ssl.conf;
server_name docker.fet.at;
set $proxy_host triton20;
set $proxy_port 5000;
include default_proxy.conf;
}

8
conf.d/fet.at/facebook.conf Normal file
View File

@@ -0,0 +1,8 @@
server {
listen 443 ssl;
include ssl.conf;
server_name facebook.fet.at;
return 302 https://www.facebook.com/FachschaftET/;
}

14
conf.d/fet.at/git.conf Normal file
View File

@@ -0,0 +1,14 @@
server {
listen 443 ssl;
include ssl.conf;
server_name git.fet.at;
set $proxy_host zyklon;
set $proxy_port 3000;
location / {
include proxy.conf;
# add_header Content-Security-Policy "default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self'; frame-ancestors 'none'";
proxy_pass http://zyklon:3000;
}
}

61
conf.d/fet.at/horde.conf.txt Normal file
View File

@@ -0,0 +1,61 @@
server {
listen 443 ssl;
include ssl.conf;
server_name fet.htu.tuwien.ac.at;
location / {
return 302 https://mail.fet.at$request_uri;
}
}
server {
listen 443 ssl;
include ssl.conf;
server_name mail.fet.at www.mail.fet.at;
# add_header "Strict-Transport-Security max-age=63072000; includeSubdomains; preload" always;
location / {
include secure.conf;
root /var/www/mail;
}
location /mail5/ {
# include proxy.conf;
# include secure.conf;
proxy_pass http://192.168.249.4/;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host horde.fet.htu.tuwien.ac.at;
proxy_set_header X-Forwarded-Host $host;
}
location /mail3/ {
include proxy.conf;
include secure.conf;
proxy_pass http://192.168.249.4/;
proxy_set_header Host squirrelmail.fet.htu.tuwien.ac.at;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_buffering off;
}
location /images/ {
include secure.conf;
root /var/www/mail;
}
location = /mail {
return 301 https://$host;
}
location /mail/ {
include secure.conf;
root /var/www/mail;
}
}

11
conf.d/fet.at/infoscreen.conf Normal file
View File

@@ -0,0 +1,11 @@
server {
listen 443 ssl;
include ssl.conf;
server_name infoscreen.fet.at;
set $proxy_host proteus;
set $proxy_port 80;
include default_proxy.conf;
}

8
conf.d/fet.at/instagram.conf Normal file
View File

@@ -0,0 +1,8 @@
server {
listen 443 ssl;
include ssl.conf;
server_name instagram.fet.at;
return 302 https://www.instagram.com/fet_tuwien;
}

11
conf.d/fet.at/instagram.fet.at Normal file
View File

@@ -0,0 +1,11 @@
server {
listen 443 ssl;
include ssl.conf;
server_name instagram.fet.at;
location / {
return 302 https://www.instagram.com/fet_tuwien/;
}
}

11
conf.d/fet.at/jenkins.conf Normal file
View File

@@ -0,0 +1,11 @@
server {
listen 443 ssl;
include ssl.conf;
server_name jenkins.fet.at;
set $proxy_host triton20;
set $proxy_port 49155;
include default_proxy.conf;
}

61
conf.d/fet.at/mail.conf Normal file
View File

@@ -0,0 +1,61 @@
server {
listen 443 ssl;
include ssl.conf;
server_name fet.htu.tuwien.ac.at;
location / {
return 302 https://mail.fet.at$request_uri;
}
}
server {
listen 443 ssl;
include ssl.conf;
server_name mail.fet.at www.mail.fet.at;
# add_header "Strict-Transport-Security max-age=63072000; includeSubdomains; preload" always;
location / {
include secure.conf;
root /var/www/mail;
}
location /mail5/ {
# include proxy.conf;
# include secure.conf;
proxy_pass http://192.168.249.4/;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host horde.fet.htu.tuwien.ac.at;
proxy_set_header X-Forwarded-Host $host;
}
location /mail3/ {
include proxy.conf;
include secure.conf;
proxy_pass http://192.168.249.4/;
proxy_set_header Host squirrelmail.fet.htu.tuwien.ac.at;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_buffering off;
}
location /images/ {
include secure.conf;
root /var/www/mail;
}
location = /mail {
return 301 https://$host;
}
location /mail/ {
include secure.conf;
root /var/www/mail;
}
}

8
conf.d/fet.at/telegram.conf Normal file
View File

@@ -0,0 +1,8 @@
server {
listen 443 ssl;
include ssl.conf;
server_name telegram.fet.at;
return 302 https://t.me/FETInfo;
}

11
conf.d/fet.at/ticket.conf Normal file
View File

@@ -0,0 +1,11 @@
server {
listen 443 ssl;
include ssl.conf;
server_name ticket.fet.at;
set $proxy_host proteus;
set $proxy_port 80;
include default_proxy.conf;
}

45
conf.d/luna.fet.at/patrick.conf Normal file
View File

@@ -0,0 +1,45 @@
server {
listen 443 ssl http2;
server_name patrick.luna.fet.at;
include ssl.conf;
include ldap.conf;
client_max_body_size 1000M;
location / {
include secure.conf;
include proxy.conf;
proxy_pass http://lunochod:8001;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
#proxy_pass_header content-security-policy; ##pet, 3.1.22
}
location /dev {
include proxy.conf;
proxy_pass http://lunochod:8001;
# include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
location /etherpad {
include proxy.conf;
proxy_pass http://lunochod:8001;
# include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'";
}
location /admin {
include proxy.conf;
proxy_pass http://lunochod:8001;
# include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
}

11
conf.d/luna.fet.at/portainer.conf Normal file
View File

@@ -0,0 +1,11 @@
server {
listen 443 ssl;
include ssl.conf;
server_name portainer.luna.fet.at;
set $proxy_host luna;
set $proxy_port 9000;
include default_proxy.conf;
}

44
conf.d/triton20.fet.at/default.conf Normal file
View File

@@ -0,0 +1,44 @@
server {
listen 443 ssl;
include ssl.conf;
server_name *.triton20.fet.at triton20.fet.at;
set $proxy_host triton20;
set $proxy_port 443;
include default_proxy.conf;
}
server {
listen 443 ssl http2;
server_name portainer.triton20.fet.at www.portainer.triton20.fet.at;
include ssl.conf;
location / {
proxy_pass http://triton20:9000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "";
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Upstream $upstream_addr;
}
location /api/websocket/ {
set $upstream_endpoint http://triton20:9000;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Upstream $upstream_addr;
proxy_http_version 1.1;
proxy_pass $upstream_endpoint;
proxy_redirect http://triton20:9000 $scheme://$host/;
}
}

45
conf.d/triton20.fet.at/patrick.conf Normal file
View File

@@ -0,0 +1,45 @@
server {
listen 443 ssl http2;
server_name patrick.triton20.fet.at;
include ssl.conf;
include ldap.conf;
client_max_body_size 1000M;
location / {
include secure.conf;
include proxy.conf;
proxy_pass http://triton20:8107;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
#proxy_pass_header content-security-policy; ##pet, 3.1.22
}
location /dev {
include proxy.conf;
proxy_pass http://triton20:8107;
# include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
location /etherpad {
include proxy.conf;
proxy_pass http://triton20:8107;
# include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'";
}
location /admin {
include proxy.conf;
proxy_pass http://triton20:8107;
# include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
}