Browse Source

move templates, make jinja-env-approach-friendly

env-friendly
Charles Reid 3 years ago
parent
commit
2023d87e87
  1. 3
      .gitignore
  2. 0
      conf.d/http.DOMAIN.conf.j2
  3. 0
      conf.d/https.DOMAIN.conf.j2
  4. 71
      conf.d_examples/http.charlesreid1.com.conf
  5. 148
      conf.d_examples/https.charlesreid1.com.conf
  6. 101
      conf.d_examples/https.charlesreid1.com.subdomains.conf

3
.gitignore vendored

@ -1,5 +1,8 @@ @@ -1,5 +1,8 @@
*.j2
site/
letsencrypt/
letsencrypt_certs/
nginx.conf.default
conf.d/
conf.d_templates/http.DOMAIN.conf
conf.d_templates/https.DOMAIN.conf

0
conf.d_templates/http.DOMAIN.conf.j2 → conf.d/http.DOMAIN.conf.j2

0
conf.d_templates/https.DOMAIN.conf.j2 → conf.d/https.DOMAIN.conf.j2

71
conf.d_examples/http.charlesreid1.com.conf

@ -1,71 +0,0 @@ @@ -1,71 +0,0 @@
####################
#
# charlesreid1.com
# http/80
#
# basically, just redirects to https
#
####################
server {
listen 80;
listen [::]:80;
server_name charlesreid1.com;
location / {
return 301 https://charlesreid1.com$request_uri;
}
}
server {
listen 80;
listen [::]:80;
server_name www.charlesreid1.com;
location / {
return 301 https://www.charlesreid1.com$request_uri;
}
}
server {
listen 80;
listen [::]:80;
server_name git.charlesreid1.com;
location / {
return 301 https://git.charlesreid1.com$request_uri;
}
}
server {
listen 80;
listen [::]:80;
server_name pages.charlesreid1.com;
location / {
return 301 https://pages.charlesreid1.com$request_uri;
}
}
server {
listen 80;
listen [::]:80;
server_name hooks.charlesreid1.com;
location / {
return 301 https://hooks.charlesreid1.com$request_uri;
}
}
server {
listen 80;
listen [::]:80;
server_name bots.charlesreid1.com;
location / {
return 301 https://bots.charlesreid1.com$request_uri;
}
}
### server {
### listen 80;
### listen [::]:80;
### server_name files.charlesreid1.com;
### location / {
### return 301 https://files.charlesreid1.com$request_uri;
### }
### }

148
conf.d_examples/https.charlesreid1.com.conf

@ -1,148 +0,0 @@ @@ -1,148 +0,0 @@
####################
#
# charlesreid1.com
# https/443
#
# charlesreid1.com and www.charlesreid1.com
# should handle the following cases:
# - w/ and wiki/ should reverse proxy story_mw
# - phpMyAdmin/ should reverse proxy stormy_myadmin
#
# git.charlesreid1.com should handle:
# - all requests should reverse proxy stormy_gitea
#
####################
# default
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name charlesreid1.com default_server;
ssl_certificate /etc/letsencrypt/live/charlesreid1.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/charlesreid1.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
client_max_body_size 100m;
location / {
try_files $uri $uri/ =404;
root /www/charlesreid1.com/htdocs;
index index.html;
}
location /wiki/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://stormy_mw:8989/wiki/;
}
location /w/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://stormy_mw:8989/w/;
}
#location /phpMyAdmin/ {
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $remote_addr;
# proxy_set_header Host $host;
# proxy_pass http://stormy_myadmin:80/;
#}
# ~ means case-sensitive regex match, rather than string literal
# (ignores .git, .gitignore, etc.)
location ~ /\.git {
deny all;
}
}
# www
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name www.charlesreid1.com;
ssl_certificate /etc/letsencrypt/live/www.charlesreid1.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.charlesreid1.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
client_max_body_size 100m;
root /www/charlesreid1.com/htdocs;
location / {
try_files $uri $uri/ =404;
index index.html;
}
location /wiki/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://stormy_mw:8989/wiki/;
}
location /w/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://stormy_mw:8989/w/;
}
#location /phpMyAdmin/ {
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $remote_addr;
# proxy_set_header Host $host;
# proxy_pass http://stormy_myadmin:80/;
#}
location ~ /\.git {
deny all;
}
}
# gitea
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name git.charlesreid1.com;
ssl_certificate /etc/letsencrypt/live/git.charlesreid1.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/git.charlesreid1.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
client_max_body_size 100m;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://stormy_gitea:3000/;
}
}
### # files
### server {
### listen 443 ssl;
### listen [::]:443 ssl;
### server_name files.charlesreid1.com;
###
### ssl_certificate /etc/letsencrypt/live/files.charlesreid1.com/fullchain.pem;
### ssl_certificate_key /etc/letsencrypt/live/files.charlesreid1.com/privkey.pem;
### include /etc/letsencrypt/options-ssl-nginx.conf;
###
### client_max_body_size 100m;
###
### location / {
### proxy_set_header X-Real-IP $remote_addr;
### proxy_set_header X-Forwarded-For $remote_addr;
### proxy_set_header Host $host;
### proxy_pass http://stormy_files:8081/;
### }
### }

101
conf.d_examples/https.charlesreid1.com.subdomains.conf

@ -1,101 +0,0 @@ @@ -1,101 +0,0 @@
####################
#
# charlesreid1.com
# https/443
#
# charlesreid1.com subdomains
# reverse-proxied by the server
# running pod-webhooks.
# - pages.charlesreid1.com
# - hooks.charlesreid1.com
# - bots.charlesreid1.com
#
# address of pod-webhooks server:
# localhost
####################
# pages
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name pages.charlesreid1.com;
ssl_certificate /etc/letsencrypt/live/pages.charlesreid1.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/pages.charlesreid1.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
client_max_body_size 100m;
port_in_redirect off;
location / {
# https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://localhost:7777/;
proxy_redirect http://localhost:7777/ http://pages.charlesreid1.com/;
}
}
# webhooks
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name hooks.charlesreid1.com;
ssl_certificate /etc/letsencrypt/live/hooks.charlesreid1.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/hooks.charlesreid1.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
client_max_body_size 100m;
gzip on;
gzip_http_version 1.0;
gzip_proxied any;
gzip_min_length 500;
gzip_disable "MSIE [1-6]\.";
gzip_types text/plain text/xml text/css
text/comma-separated-values
text/javascript
application/x-javascript
application/atom+xml;
location / {
# / takes user to static hooks subdomain page
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://localhost:7778;
}
location /webhook {
# /webhook* anything takes user to port 5000, api
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://localhost:5000/webhook;
}
}
# bots
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name bots.charlesreid1.com;
ssl_certificate /etc/letsencrypt/live/bots.charlesreid1.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/bots.charlesreid1.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
client_max_body_size 100m;
port_in_redirect off;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://localhost:7779;
proxy_redirect http://localhost:7779/ http://bots.charlesreid1.com/;
}
}
Loading…
Cancel
Save