diff options
Diffstat (limited to 'playbooks.d/webserver-nginx')
6 files changed, 102 insertions, 0 deletions
diff --git a/playbooks.d/webserver-nginx/share/sites.d/http/nl.tyil.media b/playbooks.d/webserver-nginx/share/sites.d/http/nl.tyil.media new file mode 100644 index 0000000..92d387c --- /dev/null +++ b/playbooks.d/webserver-nginx/share/sites.d/http/nl.tyil.media @@ -0,0 +1,13 @@ +server { + listen 80; + listen [::]:80; + + server_name nl.tyil.media; + + include /etc/nginx/snippets.d/certbot.conf; + include /etc/nginx/snippets.d/headers.conf; + + location / { + return 301 https://$host$request_uri; + } +} diff --git a/playbooks.d/webserver-nginx/share/sites.d/http/nl.tyil.s3 b/playbooks.d/webserver-nginx/share/sites.d/http/nl.tyil.s3 new file mode 100644 index 0000000..8b0d1d5 --- /dev/null +++ b/playbooks.d/webserver-nginx/share/sites.d/http/nl.tyil.s3 @@ -0,0 +1,13 @@ +server { + listen 80; + listen [::]:80; + + server_name s3.tyil.nl; + + include /etc/nginx/snippets.d/certbot.conf; + include /etc/nginx/snippets.d/headers.conf; + + location / { + return 301 https://$host$request_uri; + } +} diff --git a/playbooks.d/webserver-nginx/share/sites.d/http/nl.tyil.s3.misskey b/playbooks.d/webserver-nginx/share/sites.d/http/nl.tyil.s3.misskey new file mode 100644 index 0000000..e616f75 --- /dev/null +++ b/playbooks.d/webserver-nginx/share/sites.d/http/nl.tyil.s3.misskey @@ -0,0 +1,13 @@ +server { + listen 80; + listen [::]:80; + + server_name misskey.s3.tyil.nl; + + include /etc/nginx/snippets.d/certbot.conf; + include /etc/nginx/snippets.d/headers.conf; + + location / { + return 301 https://$host$request_uri; + } +} diff --git a/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.media b/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.media new file mode 100644 index 0000000..9d811dc --- /dev/null +++ b/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.media @@ -0,0 +1,22 @@ +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name media.tyil.nl; + + ssl_certificate /etc/letsencrypt/live/media.tyil.nl/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/media.tyil.nl/privkey.pem; + + include /etc/nginx/snippets.d/ssl.conf; + include /etc/nginx/snippets.d/certbot.conf; + + location / { + proxy_http_version 1.1; + proxy_set_header Connection $http_connection; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header X-Forwarded-For $remote_addr; + + proxy_pass http://172.31.0.1:2003; + } +} diff --git a/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.s3 b/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.s3 new file mode 100644 index 0000000..5efcd2e --- /dev/null +++ b/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.s3 @@ -0,0 +1,20 @@ +upstream s3_backend { + server 10.57.21.1:3900; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name s3.tyil.nl *.s3.tyil.nl; + + ssl_certificate /etc/letsencrypt/live/s3.tyil.nl/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/s3.tyil.nl/privkey.pem; + + location / { + proxy_pass http://s3_backend; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $host; + proxy_max_temp_file_size 0; + } +} diff --git a/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.s3.misskey b/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.s3.misskey new file mode 100644 index 0000000..ae3204b --- /dev/null +++ b/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.s3.misskey @@ -0,0 +1,21 @@ +upstream s3_backend { + server 10.57.21.1:3900; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name misskey.s3.tyil.nl; + + ssl_certificate /etc/letsencrypt/live/misskey.s3.tyil.nl/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/misskey.s3.tyil.nl/privkey.pem; + + include /etc/nginx/snippets.d/certbot.conf; + include /etc/nginx/snippets.d/headers.conf; + include /etc/nginx/snippets.d/ssl.conf; + + location / { + root /var/www/nl.tyil.s3.misskey; + } +} |