add loxi and certbot

This commit is contained in:
Super User 2024-10-02 18:43:28 +00:00
parent b7117bb700
commit d17d4f8c73
4 changed files with 36 additions and 4 deletions

View file

@ -23,8 +23,11 @@ http {
server { server {
listen 80; listen 80;
listen [::]:80; listen [::]:80;
location / {
return 301 https://$host$request_uri; return 301 https://$host$request_uri;
} }
}
server { server {
listen 443 ssl default_server; listen 443 ssl default_server;
listen [::]:443 ssl default_server; listen [::]:443 ssl default_server;

View file

@ -38,10 +38,24 @@ server {
location /messages { location /messages {
proxy_pass http://10.0.0.9:3000/messages; proxy_pass http://10.0.0.9:3000/messages;
proxy_set_header X-Real-IP $remote_addr;
add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Headers' 'X-Username'; add_header 'Access-Control-Allow-Headers' 'X-Username';
} }
location /loxsi/ {
rewrite /loxsi/(.*) /$1 break;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass http://10.0.20.20:8000/;
}
location /kelderapi/ { location /kelderapi/ {
proxy_pass http://10.0.0.9:5000/kelderapi/; proxy_pass http://10.0.0.9:5000/kelderapi/;
} }
@ -58,7 +72,22 @@ server {
proxy_set_header Connection "upgrade"; proxy_set_header Connection "upgrade";
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_pass http://10.0.0.11:5000/socket.io/; proxy_pass http://10.0.0.8:3000/socket.io/;
}
} }
}
server {
listen 80;
listen [::]:80;
server_name kelder.zeus.ugent.be zeusgw.ugent.be;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}

View file

@ -1,10 +1,10 @@
[Container] [Container]
ContainerName=nginx ContainerName=nginx
Image=cgr.dev/chainguard/nginx Image=cgr.dev/chainguard/nginx
UserNS=auto
Network=nginx.network Network=nginx.network
Volume=/var/lib/configs/container-config/nginx:/etc/nginx:z,ro Volume=/var/lib/configs/container-config/nginx:/etc/nginx:z,ro
Volume=/etc/certificates/private:/etc/certificates:z,ro Volume=/etc/letsencrypt:/etc/letsencrypt:z,ro
Volume=certbot.volume:/var/www/certbot:z,ro
PublishPort=80:80 PublishPort=80:80
PublishPort=[::]:80:80 PublishPort=[::]:80:80
PublishPort=443:443 PublishPort=443:443