Compare commits
32 Commits
93dedc5321
...
b49761ca08
Author | SHA1 | Date | |
---|---|---|---|
b49761ca08 | |||
0f43e8109f | |||
b5869436b1 | |||
e6f1fab5eb | |||
203e144756 | |||
9102f0e5a7 | |||
eab1638c96 | |||
caca1bb55d | |||
cd86631adc | |||
d9845e2c9f | |||
0e8f37aff0 | |||
dd107f725b | |||
0818cbc3ab | |||
dbfde7a072 | |||
5cbe89e3ad | |||
ace8e188f7 | |||
67af977239 | |||
b6fb15d69e | |||
|
22e4d77637 | ||
|
79fb3d950a | ||
|
e927b8f0c7 | ||
|
de6abea682 | ||
b48c8ddbbf | |||
ce52b0752d | |||
c9a18395b0 | |||
843b06f94f | |||
d61e5a9302 | |||
38abef5751 | |||
5146a8e583 | |||
|
8d4b1cce75 | ||
|
b58ee55827 | ||
|
c619bdb86a |
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
*.apk-new
|
14
conf.d/stream.conf
Normal file
14
conf.d/stream.conf
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
# /etc/nginx/conf.d/stream.conf
|
||||||
|
|
||||||
|
stream {
|
||||||
|
# Specifies the main log format.
|
||||||
|
log_format main '$remote_addr [$time_local] '
|
||||||
|
'$protocol $status $bytes_sent $bytes_received '
|
||||||
|
'$session_time "$upstream_addr" '
|
||||||
|
'"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';
|
||||||
|
|
||||||
|
access_log /var/log/nginx/stream.log main;
|
||||||
|
|
||||||
|
# Includes servers configs.
|
||||||
|
include stream.d/*.conf;
|
||||||
|
}
|
6
http/default.conf
Normal file
6
http/default.conf
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
server {
|
||||||
|
listen 443 ssl default_server;
|
||||||
|
server_name *.tronnet.net;
|
||||||
|
include snippets/ssl-acme.conf;
|
||||||
|
return 301 https://tronnet.net;
|
||||||
|
}
|
9
http/gitea.conf
Normal file
9
http/gitea.conf
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
server {
|
||||||
|
listen 443 ssl;
|
||||||
|
server_name git.tronnet.net;
|
||||||
|
include snippets/ssl-acme.conf;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://gitea.dmz:3000;
|
||||||
|
proxy_redirect default;
|
||||||
|
}
|
||||||
|
}
|
11
http/homepage.conf
Normal file
11
http/homepage.conf
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
server {
|
||||||
|
listen 443 ssl;
|
||||||
|
server_name tronnet.net;
|
||||||
|
include snippets/ssl-acme.conf;
|
||||||
|
include snippets/proxy-errors.conf;
|
||||||
|
include snippets/error-pages.conf;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://sites.dmz:80;
|
||||||
|
proxy_redirect default;
|
||||||
|
}
|
||||||
|
}
|
9
http/mail.conf
Normal file
9
http/mail.conf
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
server {
|
||||||
|
listen 443 ssl;
|
||||||
|
server_name mail.tronnet.net;
|
||||||
|
include snippets/ssl-acme.conf;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://mail.dmz/;
|
||||||
|
proxy_redirect default;
|
||||||
|
}
|
||||||
|
}
|
11
http/minecraft.conf
Normal file
11
http/minecraft.conf
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
server {
|
||||||
|
listen 443 ssl;
|
||||||
|
server_name minecraft.tronnet.net;
|
||||||
|
include snippets/ssl-acme.conf;
|
||||||
|
include snippets/proxy-errors.conf;
|
||||||
|
include snippets/error-pages.conf;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://minecraft.root:80;
|
||||||
|
proxy_redirect default;
|
||||||
|
}
|
||||||
|
}
|
11
http/opns.conf
Normal file
11
http/opns.conf
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
server {
|
||||||
|
listen 443 ssl;
|
||||||
|
server_name opns.tronnet.net;
|
||||||
|
include snippets/ssl-acme.conf;
|
||||||
|
include snippets/proxy-errors.conf;
|
||||||
|
include snippets/error-pages.conf;
|
||||||
|
location / {
|
||||||
|
proxy_pass https://10.0.0.1:10443;
|
||||||
|
proxy_redirect default;
|
||||||
|
}
|
||||||
|
}
|
18
http/paas.conf
Normal file
18
http/paas.conf
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
server {
|
||||||
|
listen 443 ssl;
|
||||||
|
server_name paas.tronnet.net;
|
||||||
|
include snippets/ssl-acme.conf;
|
||||||
|
include snippets/error-pages.conf;
|
||||||
|
location /dashboard/ {
|
||||||
|
include snippets/proxy-errors.conf;
|
||||||
|
proxy_pass http://proxmoxaas.dmz:8080/;
|
||||||
|
proxy_redirect default;
|
||||||
|
}
|
||||||
|
location /api/ {
|
||||||
|
proxy_pass http://proxmoxaas.dmz:8081/api/;
|
||||||
|
proxy_redirect default;
|
||||||
|
}
|
||||||
|
location = / {
|
||||||
|
return 301 "/dashboard/";
|
||||||
|
}
|
||||||
|
}
|
@ -1,7 +1,7 @@
|
|||||||
server {
|
server {
|
||||||
listen 443 ssl http2;
|
listen 443 ssl;
|
||||||
server_name pve.tronnet.net;
|
server_name pve.tronnet.net;
|
||||||
include /etc/nginx/snippets/ssl-acme.conf;
|
include snippets/ssl-acme.conf;
|
||||||
location / {
|
location / {
|
||||||
proxy_pass https://geigatron-0-pve.tn:8006;
|
proxy_pass https://geigatron-0-pve.tn:8006;
|
||||||
proxy_redirect default;
|
proxy_redirect default;
|
@ -2,4 +2,4 @@ server {
|
|||||||
listen 80 default_server;
|
listen 80 default_server;
|
||||||
server_name *.tronnet.net;
|
server_name *.tronnet.net;
|
||||||
return 301 https://$host$request_uri;
|
return 301 https://$host$request_uri;
|
||||||
}
|
}
|
11
http/root.conf
Normal file
11
http/root.conf
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
server {
|
||||||
|
listen 443 ssl;
|
||||||
|
server_name root.tronnet.net;
|
||||||
|
include snippets/ssl-acme.conf;
|
||||||
|
include snippets/proxy-errors.conf;
|
||||||
|
include snippets/error-pages.conf;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://root.root:80;
|
||||||
|
proxy_redirect default;
|
||||||
|
}
|
||||||
|
}
|
@ -1,8 +1,9 @@
|
|||||||
server {
|
server {
|
||||||
listen 443 ssl http2;
|
listen 443 ssl;
|
||||||
server_name status.tronnet.net;
|
server_name status.tronnet.net;
|
||||||
include /etc/nginx/snippets/ssl-acme.conf;
|
include snippets/ssl-acme.conf;
|
||||||
include /etc/nginx/snippets/error-pages.conf;
|
include snippets/proxy-errors.conf;
|
||||||
|
include snippets/error-pages.conf;
|
||||||
location / {
|
location / {
|
||||||
proxy_pass http://sites.dmz:8080;
|
proxy_pass http://sites.dmz:8080;
|
||||||
proxy_redirect default;
|
proxy_redirect default;
|
11
http/wiki.conf
Normal file
11
http/wiki.conf
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
server {
|
||||||
|
listen 443 ssl;
|
||||||
|
server_name wiki.tronnet.net;
|
||||||
|
include snippets/ssl-acme.conf;
|
||||||
|
include snippets/proxy-errors.conf;
|
||||||
|
include snippets/error-pages.conf;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://sites.dmz:8081;
|
||||||
|
proxy_redirect default;
|
||||||
|
}
|
||||||
|
}
|
171
mime.types
171
mime.types
@ -1,89 +1,98 @@
|
|||||||
|
|
||||||
types {
|
types {
|
||||||
text/html html htm shtml;
|
text/html html htm shtml;
|
||||||
text/css css;
|
text/css css;
|
||||||
text/xml xml;
|
text/xml xml;
|
||||||
image/gif gif;
|
image/gif gif;
|
||||||
image/jpeg jpeg jpg;
|
image/jpeg jpeg jpg;
|
||||||
application/javascript js;
|
application/javascript js;
|
||||||
application/atom+xml atom;
|
application/atom+xml atom;
|
||||||
application/rss+xml rss;
|
application/rss+xml rss;
|
||||||
|
|
||||||
text/mathml mml;
|
text/mathml mml;
|
||||||
text/plain txt;
|
text/plain txt;
|
||||||
text/vnd.sun.j2me.app-descriptor jad;
|
text/vnd.sun.j2me.app-descriptor jad;
|
||||||
text/vnd.wap.wml wml;
|
text/vnd.wap.wml wml;
|
||||||
text/x-component htc;
|
text/x-component htc;
|
||||||
|
|
||||||
image/png png;
|
image/avif avif;
|
||||||
image/tiff tif tiff;
|
image/png png;
|
||||||
image/vnd.wap.wbmp wbmp;
|
image/svg+xml svg svgz;
|
||||||
image/x-icon ico;
|
image/tiff tif tiff;
|
||||||
image/x-jng jng;
|
image/vnd.wap.wbmp wbmp;
|
||||||
image/x-ms-bmp bmp;
|
image/webp webp;
|
||||||
image/svg+xml svg svgz;
|
image/x-icon ico;
|
||||||
image/webp webp;
|
image/x-jng jng;
|
||||||
|
image/x-ms-bmp bmp;
|
||||||
|
|
||||||
application/font-woff woff;
|
font/woff woff;
|
||||||
application/java-archive jar war ear;
|
font/woff2 woff2;
|
||||||
application/json json;
|
|
||||||
application/mac-binhex40 hqx;
|
|
||||||
application/msword doc;
|
|
||||||
application/pdf pdf;
|
|
||||||
application/postscript ps eps ai;
|
|
||||||
application/rtf rtf;
|
|
||||||
application/vnd.apple.mpegurl m3u8;
|
|
||||||
application/vnd.ms-excel xls;
|
|
||||||
application/vnd.ms-fontobject eot;
|
|
||||||
application/vnd.ms-powerpoint ppt;
|
|
||||||
application/vnd.wap.wmlc wmlc;
|
|
||||||
application/vnd.google-earth.kml+xml kml;
|
|
||||||
application/vnd.google-earth.kmz kmz;
|
|
||||||
application/x-7z-compressed 7z;
|
|
||||||
application/x-cocoa cco;
|
|
||||||
application/x-java-archive-diff jardiff;
|
|
||||||
application/x-java-jnlp-file jnlp;
|
|
||||||
application/x-makeself run;
|
|
||||||
application/x-perl pl pm;
|
|
||||||
application/x-pilot prc pdb;
|
|
||||||
application/x-rar-compressed rar;
|
|
||||||
application/x-redhat-package-manager rpm;
|
|
||||||
application/x-sea sea;
|
|
||||||
application/x-shockwave-flash swf;
|
|
||||||
application/x-stuffit sit;
|
|
||||||
application/x-tcl tcl tk;
|
|
||||||
application/x-x509-ca-cert der pem crt;
|
|
||||||
application/x-xpinstall xpi;
|
|
||||||
application/xhtml+xml xhtml;
|
|
||||||
application/xspf+xml xspf;
|
|
||||||
application/zip zip;
|
|
||||||
|
|
||||||
application/octet-stream bin exe dll;
|
application/java-archive jar war ear;
|
||||||
application/octet-stream deb;
|
application/json json;
|
||||||
application/octet-stream dmg;
|
application/mac-binhex40 hqx;
|
||||||
application/octet-stream iso img;
|
application/msword doc;
|
||||||
application/octet-stream msi msp msm;
|
application/pdf pdf;
|
||||||
|
application/postscript ps eps ai;
|
||||||
|
application/rtf rtf;
|
||||||
|
application/vnd.apple.mpegurl m3u8;
|
||||||
|
application/vnd.google-earth.kml+xml kml;
|
||||||
|
application/vnd.google-earth.kmz kmz;
|
||||||
|
application/vnd.ms-excel xls;
|
||||||
|
application/vnd.ms-fontobject eot;
|
||||||
|
application/vnd.ms-powerpoint ppt;
|
||||||
|
application/vnd.oasis.opendocument.graphics odg;
|
||||||
|
application/vnd.oasis.opendocument.presentation odp;
|
||||||
|
application/vnd.oasis.opendocument.spreadsheet ods;
|
||||||
|
application/vnd.oasis.opendocument.text odt;
|
||||||
|
application/vnd.openxmlformats-officedocument.presentationml.presentation
|
||||||
|
pptx;
|
||||||
|
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
|
||||||
|
xlsx;
|
||||||
|
application/vnd.openxmlformats-officedocument.wordprocessingml.document
|
||||||
|
docx;
|
||||||
|
application/vnd.wap.wmlc wmlc;
|
||||||
|
application/wasm wasm;
|
||||||
|
application/x-7z-compressed 7z;
|
||||||
|
application/x-cocoa cco;
|
||||||
|
application/x-java-archive-diff jardiff;
|
||||||
|
application/x-java-jnlp-file jnlp;
|
||||||
|
application/x-makeself run;
|
||||||
|
application/x-perl pl pm;
|
||||||
|
application/x-pilot prc pdb;
|
||||||
|
application/x-rar-compressed rar;
|
||||||
|
application/x-redhat-package-manager rpm;
|
||||||
|
application/x-sea sea;
|
||||||
|
application/x-shockwave-flash swf;
|
||||||
|
application/x-stuffit sit;
|
||||||
|
application/x-tcl tcl tk;
|
||||||
|
application/x-x509-ca-cert der pem crt;
|
||||||
|
application/x-xpinstall xpi;
|
||||||
|
application/xhtml+xml xhtml;
|
||||||
|
application/xspf+xml xspf;
|
||||||
|
application/zip zip;
|
||||||
|
|
||||||
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
|
application/octet-stream bin exe dll;
|
||||||
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
|
application/octet-stream deb;
|
||||||
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
|
application/octet-stream dmg;
|
||||||
|
application/octet-stream iso img;
|
||||||
|
application/octet-stream msi msp msm;
|
||||||
|
|
||||||
audio/midi mid midi kar;
|
audio/midi mid midi kar;
|
||||||
audio/mpeg mp3;
|
audio/mpeg mp3;
|
||||||
audio/ogg ogg;
|
audio/ogg ogg;
|
||||||
audio/x-m4a m4a;
|
audio/x-m4a m4a;
|
||||||
audio/x-realaudio ra;
|
audio/x-realaudio ra;
|
||||||
|
|
||||||
video/3gpp 3gpp 3gp;
|
video/3gpp 3gpp 3gp;
|
||||||
video/mp2t ts;
|
video/mp2t ts;
|
||||||
video/mp4 mp4;
|
video/mp4 mp4;
|
||||||
video/mpeg mpeg mpg;
|
video/mpeg mpeg mpg;
|
||||||
video/quicktime mov;
|
video/quicktime mov;
|
||||||
video/webm webm;
|
video/webm webm;
|
||||||
video/x-flv flv;
|
video/x-flv flv;
|
||||||
video/x-m4v m4v;
|
video/x-m4v m4v;
|
||||||
video/x-mng mng;
|
video/x-mng mng;
|
||||||
video/x-ms-asf asx asf;
|
video/x-ms-asf asx asf;
|
||||||
video/x-ms-wmv wmv;
|
video/x-ms-wmv wmv;
|
||||||
video/x-msvideo avi;
|
video/x-msvideo avi;
|
||||||
}
|
}
|
1
modules/10_stream.conf
Normal file
1
modules/10_stream.conf
Normal file
@ -0,0 +1 @@
|
|||||||
|
load_module "modules/ngx_stream_module.so";
|
32
nginx.conf
32
nginx.conf
@ -1,21 +1,23 @@
|
|||||||
user nginx;
|
user nginx;
|
||||||
worker_processes auto;
|
worker_processes auto;
|
||||||
pid /run/nginx.pid;
|
pcre_jit on;
|
||||||
|
load_module /usr/lib/nginx/modules/ngx_stream_module.so;
|
||||||
events {
|
events {
|
||||||
worker_connections 768;
|
worker_connections 768;
|
||||||
}
|
}
|
||||||
http {
|
http {
|
||||||
|
server_tokens off;
|
||||||
sendfile on;
|
sendfile on;
|
||||||
tcp_nopush on;
|
tcp_nopush on;
|
||||||
types_hash_max_size 2048;
|
types_hash_max_size 2048;
|
||||||
|
|
||||||
# mime types
|
# mime types
|
||||||
include /etc/nginx/mime.types;
|
include mime.types;
|
||||||
default_type application/octet-stream;
|
default_type application/octet-stream;
|
||||||
|
|
||||||
# logging
|
# logging
|
||||||
access_log /var/log/nginx/access.log;
|
access_log access.log;
|
||||||
error_log /var/log/nginx/error.log;
|
error_log error.log;
|
||||||
|
|
||||||
# gzip
|
# gzip
|
||||||
gzip on;
|
gzip on;
|
||||||
@ -27,11 +29,25 @@ http {
|
|||||||
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
|
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
|
||||||
|
|
||||||
# ssl parameters
|
# ssl parameters
|
||||||
include /etc/nginx/ssl-params.conf;
|
include ssl-params.conf;
|
||||||
|
|
||||||
# proxy parameters
|
# proxy parameters
|
||||||
include /etc/nginx/proxy-params.conf;
|
include proxy-params.conf;
|
||||||
|
|
||||||
# include sites
|
# enable http2
|
||||||
include /etc/nginx/sites/*;
|
http2 on;
|
||||||
|
|
||||||
|
# include http
|
||||||
|
include http/*.conf;
|
||||||
|
}
|
||||||
|
stream {
|
||||||
|
# logging
|
||||||
|
log_format basic '$remote_addr:$remote_port - $time_local '
|
||||||
|
'$protocol stat:$status bs:$bytes_sent br:$bytes_received '
|
||||||
|
st:'$session_time';
|
||||||
|
access_log access.log basic;
|
||||||
|
error_log error.log;
|
||||||
|
|
||||||
|
# include stream
|
||||||
|
include stream/*.conf;
|
||||||
}
|
}
|
||||||
|
@ -10,3 +10,17 @@ send_timeout 3600s;
|
|||||||
proxy_set_header X-Real-IP $remote_addr;
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
proxy_set_header X-Forwarded-For $remote_addr;
|
proxy_set_header X-Forwarded-For $remote_addr;
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
|
|
||||||
|
proxy_hide_header X-Powered-By;
|
||||||
|
proxy_hide_header X-Frame-Options;
|
||||||
|
add_header X-Frame-Options SAMEORIGIN;
|
||||||
|
proxy_hide_header X-XSS-Protection;
|
||||||
|
add_header X-XSS-Protection 0;
|
||||||
|
proxy_hide_header X-Content-Type-Options;
|
||||||
|
add_header X-Content-Type-Options nosniff;
|
||||||
|
proxy_hide_header Referrer-Policy;
|
||||||
|
add_header Referrer-Policy strict-origin-when-cross-origin;
|
||||||
|
proxy_hide_header Strict-Transport-Security;
|
||||||
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload;";
|
||||||
|
proxy_hide_header Access-Control-Allow-Origin;
|
||||||
|
add_header Access-Control-Allow-Origin https://tronnet.net;
|
||||||
|
@ -1,14 +0,0 @@
|
|||||||
server {
|
|
||||||
listen 443 ssl http2;
|
|
||||||
server_name client.tronnet.net;
|
|
||||||
include /etc/nginx/snippets/ssl-acme.conf;
|
|
||||||
location / {
|
|
||||||
include /etc/nginx/snippets/error-pages.conf;
|
|
||||||
proxy_pass http://proxmoxaas.dmz:8080;
|
|
||||||
proxy_redirect default;
|
|
||||||
}
|
|
||||||
location /api/ {
|
|
||||||
proxy_pass http://proxmoxaas.dmz:80;
|
|
||||||
proxy_redirect default;
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,6 +0,0 @@
|
|||||||
server {
|
|
||||||
listen 443 ssl http2 default_server;
|
|
||||||
server_name *.tronnet.net;
|
|
||||||
include /etc/nginx/snippets/ssl-acme.conf;
|
|
||||||
return 301 https://tronnet.net;
|
|
||||||
}
|
|
@ -1,10 +0,0 @@
|
|||||||
server {
|
|
||||||
listen 443 ssl http2;
|
|
||||||
server_name tronnet.net;
|
|
||||||
include /etc/nginx/snippets/ssl-acme.conf;
|
|
||||||
include /etc/nginx/snippets/error-pages.conf;
|
|
||||||
location / {
|
|
||||||
proxy_pass http://sites.dmz:80;
|
|
||||||
proxy_redirect default;
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,10 +0,0 @@
|
|||||||
server {
|
|
||||||
listen 443 ssl http2;
|
|
||||||
server_name ldap.tronnet.net;
|
|
||||||
include /etc/nginx/snippets/ssl-acme.conf;
|
|
||||||
include /etc/nginx/snippets/error-pages.conf;
|
|
||||||
location / {
|
|
||||||
proxy_pass http://ldap.dmz:80;
|
|
||||||
proxy_redirect default;
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,10 +0,0 @@
|
|||||||
server {
|
|
||||||
listen 443 ssl http2;
|
|
||||||
server_name mail.tronnet.net;
|
|
||||||
include /etc/nginx/snippets/ssl-acme.conf;
|
|
||||||
include /etc/nginx/snippets/error-pages.conf;
|
|
||||||
location / {
|
|
||||||
proxy_pass https://mail2.dmz;
|
|
||||||
proxy_redirect default;
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,10 +0,0 @@
|
|||||||
server {
|
|
||||||
listen 443 ssl http2;
|
|
||||||
server_name nextcloud.tronnet.net;
|
|
||||||
include /etc/nginx/snippets/ssl-acme.conf;
|
|
||||||
include /etc/nginx/snippets/error-pages.conf;
|
|
||||||
location / {
|
|
||||||
proxy_pass http://nextcloud2.dmz:11000;
|
|
||||||
proxy_redirect default;
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,10 +0,0 @@
|
|||||||
server {
|
|
||||||
listen 443 ssl http2;
|
|
||||||
server_name opns.tronnet.net;
|
|
||||||
include /etc/nginx/snippets/ssl-acme.conf;
|
|
||||||
include /etc/nginx/snippets/error-pages.conf;
|
|
||||||
location / {
|
|
||||||
proxy_pass https://10.0.0.1:10443;
|
|
||||||
proxy_redirect default;
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,10 +0,0 @@
|
|||||||
server {
|
|
||||||
listen 443 ssl http2;
|
|
||||||
server_name root.tronnet.net;
|
|
||||||
include /etc/nginx/snippets/ssl-acme.conf;
|
|
||||||
include /etc/nginx/snippets/error-pages.conf;
|
|
||||||
location / {
|
|
||||||
proxy_pass http://root.root:80;
|
|
||||||
proxy_redirect default;
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,10 +0,0 @@
|
|||||||
server {
|
|
||||||
listen 443 ssl http2;
|
|
||||||
server_name wiki.tronnet.net;
|
|
||||||
include /etc/nginx/snippets/ssl-acme.conf;
|
|
||||||
include /etc/nginx/snippets/error-pages.conf;
|
|
||||||
location / {
|
|
||||||
proxy_pass http://sites.dmz:8081;
|
|
||||||
proxy_redirect default;
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,14 +1,3 @@
|
|||||||
proxy_intercept_errors on;
|
|
||||||
|
|
||||||
error_page 400 /ErrorPages/HTTP400.html;
|
|
||||||
error_page 401 /ErrorPages/HTTP401.html;
|
|
||||||
error_page 403 /ErrorPages/HTTP403.html;
|
|
||||||
error_page 404 /ErrorPages/HTTP404.html;
|
|
||||||
error_page 500 /ErrorPages/HTTP500.html;
|
|
||||||
error_page 501 /ErrorPages/HTTP501.html;
|
|
||||||
error_page 502 /ErrorPages/HTTP502.html;
|
|
||||||
error_page 503 /ErrorPages/HTTP503.html;
|
|
||||||
|
|
||||||
location /ErrorPages/ {
|
location /ErrorPages/ {
|
||||||
alias /var/www/html/ErrorPages/;
|
alias /var/www/html/ErrorPages/;
|
||||||
internal;
|
internal;
|
||||||
|
9
snippets/proxy-errors.conf
Normal file
9
snippets/proxy-errors.conf
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
proxy_intercept_errors on;
|
||||||
|
error_page 400 /ErrorPages/HTTP400.html;
|
||||||
|
error_page 401 /ErrorPages/HTTP401.html;
|
||||||
|
error_page 403 /ErrorPages/HTTP403.html;
|
||||||
|
error_page 404 /ErrorPages/HTTP404.html;
|
||||||
|
error_page 500 /ErrorPages/HTTP500.html;
|
||||||
|
error_page 501 /ErrorPages/HTTP501.html;
|
||||||
|
error_page 502 /ErrorPages/HTTP502.html;
|
||||||
|
error_page 503 /ErrorPages/HTTP503.html;
|
@ -2,4 +2,4 @@
|
|||||||
location '/.well-known/acme-challenge' {
|
location '/.well-known/acme-challenge' {
|
||||||
default_type "text/plain";
|
default_type "text/plain";
|
||||||
root /var/www/html;
|
root /var/www/html;
|
||||||
}
|
}
|
||||||
|
@ -9,9 +9,6 @@ ssl_stapling on;
|
|||||||
ssl_stapling_verify on;
|
ssl_stapling_verify on;
|
||||||
resolver 8.8.8.8 8.8.4.4 valid=300s;
|
resolver 8.8.8.8 8.8.4.4 valid=300s;
|
||||||
resolver_timeout 5s;
|
resolver_timeout 5s;
|
||||||
add_header X-Frame-Options SAMEORIGIN;
|
|
||||||
add_header X-Content-Type-Options nosniff;
|
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
|
||||||
ssl_dhparam /etc/ssl/certs/dhparam.pem;
|
ssl_dhparam /etc/ssl/certs/dhparam.pem;
|
||||||
|
|
||||||
# ssl cert paths
|
# ssl cert paths
|
||||||
|
5
stream/minecraft.conf
Normal file
5
stream/minecraft.conf
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
server {
|
||||||
|
listen 25565 reuseport;
|
||||||
|
proxy_timeout 30s;
|
||||||
|
proxy_pass minecraft.root:25565;
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user