helmi/nginx-proxy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Init Commit

Browse Source
This commit is contained in:
root
2025-10-10 16:24:31 +00:00
parent 1bdb0e552c
commit b6203cad9b
15 changed files with 416 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
conf.d/fet.at/bierwiegen.conf Normal file
View File

@@ -0,0 +1,8 @@
server {
listen 443 ssl;
include ssl.conf;
server_name bierwiegen.fet.at;
return 302 https://bierwiegen.com/;
}

12
conf.d/fet.at/crashkurs.conf Normal file
View File

@@ -0,0 +1,12 @@
server {
listen 443 ssl;
include ssl.conf;
server_name crashkurs.fet.at;
set $proxy_host proteus;
set $proxy_port 80;
more_set_headers "Content-Security-Policy-Report-Only: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
include insecure_proxy.conf;
}

25
conf.d/fet.at/default.conf.save Normal file
View File

@@ -0,0 +1,25 @@
server {
listen 443 ssl;
server_name fet.at;
include ssl.conf;
set $proxy_host triton20;
set $proxy_port 8080;
location / {
include proxy.conf;
include secure.conf;
proxy_pass http://$proxy_host:$proxy_port;
}
location /etherpad {
include proxy.conf;
include secure.conf;
more_clear_headers Content-Security-Policy;
proxy_cookie_path ~^/(.+)$ "/$1; SameSite=none";
more_set_headers "Content-Security-Policy-Report-Only: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
proxy_pass http://$proxy_host:$proxy_port;
}
}

12
conf.d/fet.at/legacy.conf Normal file
View File

@@ -0,0 +1,12 @@
server {
listen 443 ssl;
include ssl.conf;
server_name legacy.fet.at;
set $proxy_host 192.168.86.39;
set $proxy_port 3333;
include internal_proxy.conf;
}

11
conf.d/fet.at/legacy.conf~ Normal file
View File

@@ -0,0 +1,11 @@
server {
listen 443 ssl;
include ssl.conf;
server_name legacy.fet.at;
set $proxy_host 192.168.249.5;
set $proxy_port 3333;
include internal_proxy.conf;
}

83
conf.d/fet.at/mail.conf.save Normal file
View File

@@ -0,0 +1,83 @@
server {
listen 443 ssl;
include ssl.conf;
server_name fet.htu.tuwien.ac.at;
location / {
return 302 https://mail.fet.at$request_uri;
}
}
server {
listen 443 ssl;
include ssl.conf;
server_name mail.fet.at www.mail.fet.at;
proxy_cookie_domain fet.htu.tuwien.ac.at mail.fet.at;
location / {
include secure.conf;
root /var/www/mail;
}
location /mail5/ {
# include proxy.conf;
include secure.conf;
more_set_headers "Content-Security-Policy: default-src 'self'; img-src 'self' 'https://fet.htu.tuwien.ac.at'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; font-src 'self'; base-uri 'self'; form-action 'self'; connect-src 'self'; frame-ancestors 'self'";
proxy_pass http://192.168.249.4/;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host horde.fet.htu.tuwien.ac.at;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Accept-Encoding "";
sub_filter_types text/xml text/javascript application/javascript;
sub_filter_once off;
sub_filter 'fet.htu.tuwien.ac.at' 'mail.fet.at';
}
location /mail3/ {
include secure.conf;
return 302 https://mail3.fet.at$request_uri;
}
location /images/ {
include secure.conf;
root /var/www/mail;
}
location = /mail {
return 301 https://$host;
}
location /mail/ {
include secure.conf;
root /var/www/mail;
}
}
server {
listen 443 ssl;
include ssl.conf;
server_name mail3.fet.at;
proxy_cookie_domain fet.htu.tuwien.ac.at mail3.fet.at; # fix cookies
location / {
include secure.conf;
more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self' 'https://fet.htu.tuwien.ac.at'; script-src 'self' ; style-src 'self' 'unsafe-inline'; font-src 'self'; base-uri 'self'; form-action 'self'; connect-src 'self'; frame-ancestors 'self' ; frame-src 'self'";
rewrite ^/mail3(.*)$ $1;
more_set_headers "X-Frame-Options: sameorigin";
proxy_pass http://192.168.249.4/;
proxy_set_header Host squirrelmail.fet.htu.tuwien.ac.at;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $host;
sub_filter_types text/xml;
sub_filter_once off;
sub_filter 'fet.htu.tuwien.ac.at' 'mail3.fet.at';
}
}

34
conf.d/fet.at/mail2022.conf Normal file
View File

@@ -0,0 +1,34 @@
server {
listen 80;
server_name mail2022.fet.at;# autodiscover.* autoconfig.*;
return 301 https://mail2022.fet.at$request_uri;
}
server {
listen 443 ssl;
server_name mail2022.fet.at;# autodiscover.* autoconfig.*;
include ssl.conf;
include ldap.conf;
set $proxy_host phobos;
set $proxy_port 80;
client_max_body_size 50M;
#ssl_protocols TLSv1.2;
#ssl_ciphers HIGH:!aNULL:!MD5:!SHA1:!kRSA;
#ssl_prefer_server_ciphers off;
location / {
include proxy.conf;
include secure.conf;
#proxy_set_header Host $http_host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Authorization "";
# proxy_pass_header Authorization;
more_set_headers "Content-Security-Policy: default-src 'self'; img-src 'self'; script-src 'self' 'unsafe-inline' https://mail2022.fet.at/; style-src 'self' 'unsafe-inline' https://mail2022.fet.at/; font-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://mail2022.fet.at/ ; frame-ancestors 'self' ";
proxy_ssl_verify off;
proxy_pass http://$proxy_host:$proxy_port;
}
}

32
conf.d/fet.at/mail2022.conf.save Normal file
View File

@@ -0,0 +1,32 @@
server {
listen 80;
server_name mail2022.fet.at;# autodiscover.* autoconfig.*;
return 301 https://mail2022.fet.at$request_uri;
}
server {
listen 443 ssl;
server_name mail2022.fet.at;# autodiscover.* autoconfig.*;
include ssl.conf;
include ldap.conf;
set $proxy_host phobos;
set $proxy_port 443;
client_max_body_size 50M;
#ssl_protocols TLSv1.2;
#ssl_ciphers HIGH:!aNULL:!MD5:!SHA1:!kRSA;
#ssl_prefer_server_ciphers off;
location / {
include proxy.conf;
include secure.conf;
#proxy_set_header Host $http_host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Proto $scheme;
more_set_headers "Content-Security-Policy: default-src 'self'; img-src 'self'; script-src 'self' 'unsafe-inline' https://mail2022.fet.at/; style-src 'self' 'unsafe-inline' https://mail2022.fet.at/; font-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://mail2022.fet.at/ ; frame-ancestors 'self' ";
proxy_pass https://$proxy_host:$proxy_port;
}
}

34
conf.d/fet.at/mailtest.conf Normal file
View File

@@ -0,0 +1,34 @@
server {
listen 80;
server_name mailtest.fet.at;# autodiscover.* autoconfig.*;
return 301 https://mailtest.fet.at$request_uri;
}
server {
listen 443 ssl;
server_name mailtest.fet.at;# autodiscover.* autoconfig.*;
include ssl.conf;
#include ldap.conf;
set $proxy_host phobos;
set $proxy_port 443;
client_max_body_size 50M;
#ssl_protocols TLSv1.2;
#ssl_ciphers HIGH:!aNULL:!MD5:!SHA1:!kRSA;
#ssl_prefer_server_ciphers off;
location / {
include proxy.conf;
include secure.conf;
proxy_set_header Host 127.0.0.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
more_set_headers "Content-Security-Policy: default-src 'self'; img-src 'self'; script-src 'self' 'unsafe-inline' https://mail2022.fet.at/; style-src 'self' 'unsafe-inline' https://mail2022.fet.at/; font-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://mail2022.fet.at/ ; frame-ancestors 'self' ";
proxy_pass https://$proxy_host:$proxy_port;
proxy_buffer_size 128k;
proxy_buffers 64 512k;
proxy_busy_buffers_size 512k;
}
}

18
conf.d/fet.at/onlyschafe.conf Normal file
View File

@@ -0,0 +1,18 @@
server {
listen 443 ssl;
include ssl.conf;
server_name onlyschafe.fet.at;
set $proxy_host onlyschafe;
set $proxy_port 8080;
#more_set_headers "Content-Security-Policy-Report-Only: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
#location ~ ^(/index.php/Intern/.+|/index.php/Spezial) {
# allow 192.168.86.0/24;
# deny all;
# error_page 403 https://wiki.fet.at/index.php/Interne_Seite;
#}
include insecure_proxy.conf;
}

44
conf.d/fet.at/patrickdev2022.conf Normal file
View File

@@ -0,0 +1,44 @@
server {
listen 443 ssl;
server_name patrickdev2022.fet.at;
include ssl.conf;
include ldap.conf;
#changed 22.9.22, andis
client_max_body_size 50M;
set $proxy_host patrickDEV2022;
set $proxy_port 8107;
# include default_proxy.conf;
location / {
include proxy.conf;
include secure.conf;
proxy_pass http://$proxy_host:$proxy_port;
}
location /etherpad {
include proxy.conf;
include secure.conf;
proxy_cookie_path ~^/(.+)$ "/$1; SameSite=none";
more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.fet.at; style-src 'self' 'unsafe-inline' *.fet.at; font-src 'self' 'unsafe-inline' *.fet.at; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' *.fet.at ; frame-ancestors 'none'";
proxy_pass http://$proxy_host:$proxy_port;
}
location /admin {
include proxy.conf;
include secure.conf;
proxy_cookie_path ~^/(.+)$ "/$1; SameSite=none";
more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
proxy_pass http://$proxy_host:$proxy_port;
}
location /dev {
include proxy.conf;
include secure.conf;
proxy_cookie_path ~^/(.+)$ "/$1; SameSite=none";
more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
proxy_pass http://$proxy_host:$proxy_port;
}
}

55
conf.d/fet.at/test.conf Normal file
View File

@@ -0,0 +1,55 @@
server {
listen 443 ssl;
server_name test.fet.at;
include ssl.conf;
#changed 22.9.22, andis
client_max_body_size 50M;
# set $proxy_host triton20;
# set $proxy_port 8080;
set $proxy_host fetsite2022;
set $proxy_port 8005;
# location / { return 503 'Andis rulez'; }
#include default_proxy.conf;
location / {
include proxy.conf;
include secure.conf;
proxy_pass http://$proxy_host:$proxy_port;
#more_set_headers "Content-Security-Policy: default-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' ; frame-ancestors 'self'";
more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; base-uri 'self'; form-action 'self'; connect-src 'self'; frame-ancestors 'none'";
}
location /etherpad {
include proxy.conf;
include secure.conf;
proxy_cookie_path ~^/(.+)$ "/$1; SameSite=none";
#more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://test.fet.at/; style-src 'self' 'unsafe-inline' https://test.fet.at/; font-src 'self' 'unsafe-inline' https://test.fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://test.fet.at/ ; frame-ancestors 'none'";
more_set_headers "Content-Security-Policy: default-src 'self'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://test.fet.at/; style-src 'self' 'unsafe-inline' https://test.fet.at/; font-src 'self' 'unsafe-inline'; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://test.fet.at/ ; frame-ancestors 'self' ";
proxy_pass http://$proxy_host:$proxy_port;
}
location /admin {
include proxy.conf;
include secure.conf;
proxy_cookie_path ~^/(.+)$ "/$1; SameSite=none";
more_set_headers "Content-Security-Policy: default-src 'none'; img-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://test.fet.at/; style-src 'self' 'unsafe-inline' https://test.fet.at/; font-src 'self' 'unsafe-inline' https://test.fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://test.fet.at/ ; frame-ancestors 'none'";
proxy_pass http://$proxy_host:$proxy_port;
}
}
server {
listen 443 ssl;
server_name www.test.fet.at;
include ssl.conf;
return 302 https://test.fet.at$request_uri;
}

12
conf.d/fet.at/unterlagen.conf Normal file
View File

@@ -0,0 +1,12 @@
server {
listen 443 ssl;
include ssl.conf;
server_name unterlagen.fet.at;
set $proxy_host proteus;
set $proxy_port 80;
more_set_headers "Content-Security-Policy-Report-Only: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
include insecure_proxy.conf;
}

18
conf.d/fet.at/wiki.conf Normal file
View File

@@ -0,0 +1,18 @@
server {
listen 443 ssl;
include ssl.conf;
server_name wiki.fet.at;
set $proxy_host wiki;
set $proxy_port 8080;
#more_set_headers "Content-Security-Policy-Report-Only: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
#location ~ ^(/index.php/Intern/.+|/index.php/Spezial) {
# allow 192.168.86.0/24;
# deny all;
# error_page 403 https://wiki.fet.at/index.php/Interne_Seite;
#}
include insecure_proxy.conf;
}

18
conf.d/fet.at/workshop.conf Normal file
View File

@@ -0,0 +1,18 @@
server {
listen 443 ssl;
include ssl.conf;
server_name workshop.fet.at;
set $proxy_host proteus;
set $proxy_port 80;
#more_set_headers "Content-Security-Policy-Report-Only: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fet.at/; style-src 'self' 'unsafe-inline' https://fet.at/; font-src 'self' 'unsafe-inline' https://fet.at/; base-uri 'self'; form-action 'self'; connect-src 'self' 'unsafe-inline' https://fet.at/ ; frame-ancestors 'none'";
#location ~ ^(/index.php/Intern/.+|/index.php/Spezial) {
# allow 192.168.86.0/24;
# deny all;
# error_page 403 https://wiki.fet.at/index.php/Interne_Seite;
#}
include insecure_proxy.conf;
}