docker/d-nginx-subdomains
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: docker:9a1ed4b59a7d302fcb52b0d881e90604afa646cf
Branches Tags
docker:master docker:gh-pages
..
compare: docker:master
Branches Tags
docker:master docker:gh-pages

11 Commits
9a1ed4b59a ... master

Author SHA1 Message Date
Charles Reid
a87dcd5f3d update .gitignore 2019-07-16 12:19:09 -07:00
C Reid
e9dc8c6b42 explicitly specify both ipv4 and ipv6 in subdomains nginx config file 2019-07-13 08:07:06 -07:00
C Reid
a859c5837c add clean config script 2019-07-13 06:40:50 -07:00
C Reid
3037db52d6 move configuration templates to conf.d_templates, clean conf.d 2019-07-12 23:07:56 -07:00
C Reid
12781c12e9 updates to subdomains config file 2019-03-25 13:19:37 -07:00
Charles Reid
71467e35ff include explanatory comment 2018-09-08 19:33:38 -07:00
Charles Reid
abb4187794 Update mkdocs.yml for mkdocs 1.0 2018-08-11 12:33:18 -07:00
Charles Reid
65d3c81478 Update mkdocs-material for mkdocs 1.0 2018-08-11 12:20:43 -07:00
Charles Reid
72e6866ea6 typo sniper 2018-07-30 23:58:37 +00:00
Charles Reid
3d82d7728b Merge branch 'master' of https://git.charlesreid1.com/docker/d-nginx-subdomains 
* 'master' of https://git.charlesreid1.com/docker/d-nginx-subdomains:
  add license to footer, add links to readme, trim redundancy
  fix bullet item list typo
  update mkdocs
  propagate change to index
  fix last command
  update gitignore and add css
  init commit of docs
 2018-07-19 11:47:20 -07:00
Charles Reid
5a7bf7faa7 update which files the nginx config file is trying 2018-07-19 11:46:43 -07:00
9 changed files with 107 additions and 58 deletions
Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -3,3 +3,4 @@ letsencrypt/
letsencrypt_certs/
nginx.conf.default
rojo.charlesreid1.com
conf.d/http.subdomains.conf

2
conf.d/client-allow.conf
View File

@@ -1,2 +0,0 @@
allow 10.5.0.1;
allow 45.56.87.232;

54
conf.d/http.subdomains.conf
View File

@@ -1,54 +0,0 @@
####################
#
# charlesreid1 subdomains
# (http only, https happens with krash)
#
# runs on #blackbeard
#
# nginx only listens on the private vpn ip,
# because it is reverse-proxied by another
# nginx instance (krash).
# binding to the private vpn ip happens
# at the docker level, not the nginx level.
#
# 7777 pages.charlesreid1.com
# 7778 hooks.charlesreid1.com
# 7779 bots.charlesreid1.com
#
####################
server {
listen 7777;
server_name pages.charlesreid1.com;
include /etc/nginx/conf.d/client-allow.conf;
deny all;
location / {
try_files $uri $uri/ =404;
root /www/pages.charlesreid1.com/htdocs;
index index.html;
}
}
server {
listen 7778;
server_name hooks.charlesreid1.com;
include /etc/nginx/conf.d/client-allow.conf;
deny all;
location / {
try_files $uri $uri/ =404;
root /www/hooks.charlesreid1.com/htdocs;
index index.html;
}
}
server {
listen 7779;
server_name bots.charlesreid1.com;
include /etc/nginx/conf.d/client-allow.conf;
deny all;
location / {
try_files $uri $uri/ =404;
root /www/bots.charlesreid1.com/htdocs;
index index.html;
}
}

1
conf.d_templates/client-allow.conf Normal file
View File

@@ -0,0 +1 @@
allow {{ nginx_charlesreid1_ip }};

69
conf.d_templates/http.subdomains.conf.j2 Normal file
View File

@@ -0,0 +1,69 @@
####################
#
# charlesreid1 subdomains
# (this is http only)
# (the https happens in pod-charlesreid1)
# (this happens in pod-webhooks)
#
# We use a client-allow.conf to block all IPs
# except for the IP of the machine running
# pod-charlesreid1. This is because this pod
# is reverse-proxied by the machine running
# pod-charlesreid1.
#
# Binding to a private ip happens
# at the docker level, not the nginx level.
#
# 7777 pages.{{ server_name_default }}
# 7778 hooks.{{ server_name_default }}
# 7779 bots.{{ server_name_default }}
#
####################
server {
listen 7777;
listen [::]:7777;
server_name pages.{{ server_name_default }};
## Only allow IPs in client-allow.conf
#include /etc/nginx/conf.d/client-allow.conf;
#deny all;
port_in_redirect off;
location / {
index index.html;
try_files $uri $uri/ $uri/index.html =404;
root /www/pages.{{ server_name_default }}/htdocs;
}
}
server {
listen 7778;
listen [::]:7778;
server_name hooks.{{ server_name_default }};
## Only allow IPs in client-allow.conf
#include /etc/nginx/conf.d/client-allow.conf;
#deny all;
location / {
index index.html;
try_files $uri $uri/ $uri/index.html =404;
root /www/hooks.{{ server_name_default }}/htdocs;
}
}
server {
listen 7779;
listen [::]:7779;
server_name bots.{{ server_name_default }};
## Only allow IPs in client-allow.conf
#include /etc/nginx/conf.d/client-allow.conf;
#deny all;
location / {
index index.html;
try_files $uri $uri/ $uri/index.html =404;
root /www/bots.{{ server_name_default }}/htdocs;
}
}

1
docs/index.md
View File

@@ -34,6 +34,7 @@ inside the container:
```
server {
listen *:7777;
}
```
Meanwhile, in the `docker-compose.yml` file,

2
mkdocs-material

Submodule mkdocs-material updated: ff95dcb846...b0c6890853

5
mkdocs.yml
View File

@@ -21,7 +21,7 @@ theme:
font:
text: 'Roboto'
code: 'Roboto Mono'
pages:
nav:
- 'Home': 'index.md'
# Extensions
@@ -31,3 +31,6 @@ markdown_extensions:
guess_lang: false
- toc:
permalink: true
strict: true

30
scripts/clean_config.py Normal file
View File

@@ -0,0 +1,30 @@
import glob
import os
import subprocess
"""
Clean d-nginx-subdomains conf.d directory
This script cleans out the conf.d directory
in the d-nginx-subdomains repo.
This script should be run before you generate a new set
of config files from the nginx config file templates in
d-nginx-subdomains/conf.d_templates/
This script cleans out all the config files in the folder
d-nginx-subdomains/conf.d/
That way there are no old config files to clash with the
new ones.
"""
HERE = os.path.abspath(os.path.dirname(__file__))
CONF = os.path.abspath(os.path.join(HERE,'..','conf.d'))
for f in glob.glob(os.path.join(CONF,"*.conf")):
if os.path.basename(f)!="_.conf":
cmd = ['rm','-fr',f]
subprocess.call(cmd)