diff options
author | Patrick Spek <p.spek@tyil.nl> | 2022-09-24 08:49:12 +0200 |
---|---|---|
committer | Patrick Spek <p.spek@tyil.nl> | 2022-09-24 08:49:12 +0200 |
commit | 0886cc26aa5e3aa8d02271a4c02b317db1183516 (patch) | |
tree | a4f16c03b8d47a8fcd86a8546aafc4160e0605d5 | |
parent | 0c9bd065726c97be3d41b5ec0976298e44083704 (diff) |
Add nginx site for k3s reverse proxies
-rw-r--r-- | playbooks.d/webserver-nginx/share/sites.d/revproxy/k3s | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/playbooks.d/webserver-nginx/share/sites.d/revproxy/k3s b/playbooks.d/webserver-nginx/share/sites.d/revproxy/k3s new file mode 100644 index 0000000..7b33139 --- /dev/null +++ b/playbooks.d/webserver-nginx/share/sites.d/revproxy/k3s @@ -0,0 +1,30 @@ +server { + listen 80 default_server; + listen [::]:80 default_server; + + include /etc/nginx/snippets.d/certbot.conf; + + location / { + return 301 https://$host$request_uri; + } +} + +server { + listen 443 ssl http2 default_server; + listen [::]:443 ssl http2 default_server; + + ssl_certificate /etc/letsencrypt/live/$ssl_server_name/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/$ssl_server_name/privkey.pem; + + include /etc/nginx/snippets.d/certbot.conf; + + location / { + proxy_http_version 1.1; + proxy_set_header Connection $http_connection; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header X-Forwarded-For $remote_addr; + + proxy_pass http://10.57.100.7:8080; + } +} |