From 40f4bf22b4e552d3c765d7bec0347ec2e9b5cd36 Mon Sep 17 00:00:00 2001 From: Patrick Spek Date: Sat, 24 Sep 2022 09:00:06 +0200 Subject: Use revproxy dir --- playbooks.d/webserver-nginx/playbook.bash | 8 +++--- playbooks.d/webserver-nginx/share/sites.d/k3s | 30 ---------------------- .../webserver-nginx/share/sites.d/revproxy/k3s | 30 ++++++++++++++++++++++ 3 files changed, 35 insertions(+), 33 deletions(-) delete mode 100644 playbooks.d/webserver-nginx/share/sites.d/k3s create mode 100644 playbooks.d/webserver-nginx/share/sites.d/revproxy/k3s (limited to 'playbooks.d/webserver-nginx') diff --git a/playbooks.d/webserver-nginx/playbook.bash b/playbooks.d/webserver-nginx/playbook.bash index 20dcd14..ddc2ee6 100644 --- a/playbooks.d/webserver-nginx/playbook.bash +++ b/playbooks.d/webserver-nginx/playbook.bash @@ -27,9 +27,11 @@ playbook_add() "$(config "fs.etcdir")/nginx/sites-available.d" \ "$(config "fs.etcdir")/nginx/sites-available.d/http" \ "$(config "fs.etcdir")/nginx/sites-available.d/https" \ + "$(config "fs.etcdir")/nginx/sites-available.d/revproxy" \ "$(config "fs.etcdir")/nginx/sites-enabled.d" \ "$(config "fs.etcdir")/nginx/sites-enabled.d/http" \ "$(config "fs.etcdir")/nginx/sites-enabled.d/https" \ + "$(config "fs.etcdir")/nginx/sites-enabled.d/revproxy" \ "$(config "fs.etcdir")/nginx/snippets.d" \ "$(config "fs.logdir")/nginx/access" \ /var/www @@ -87,11 +89,11 @@ playbook_sync() > "$(config "fs.etcdir")/nginx/snippets.d/$snippet" done - for path_dir in "$BASHTARD_ETCDIR/playbooks.d/$BASHTARD_PLAYBOOK/share/sites.d"/* + for sites_dir in "$BASHTARD_ETCDIR/playbooks.d/$BASHTARD_PLAYBOOK/share/sites.d"/* do - dir="$(basename "$path_dir")" + dir="$(basename "$sites_dir")" - for path_site in "$path_dir"/* + for path_site in "$sites_dir"/* do site="$(basename "$path_site")" diff --git a/playbooks.d/webserver-nginx/share/sites.d/k3s b/playbooks.d/webserver-nginx/share/sites.d/k3s deleted file mode 100644 index 7b33139..0000000 --- a/playbooks.d/webserver-nginx/share/sites.d/k3s +++ /dev/null @@ -1,30 +0,0 @@ -server { - listen 80 default_server; - listen [::]:80 default_server; - - include /etc/nginx/snippets.d/certbot.conf; - - location / { - return 301 https://$host$request_uri; - } -} - -server { - listen 443 ssl http2 default_server; - listen [::]:443 ssl http2 default_server; - - ssl_certificate /etc/letsencrypt/live/$ssl_server_name/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/$ssl_server_name/privkey.pem; - - include /etc/nginx/snippets.d/certbot.conf; - - location / { - proxy_http_version 1.1; - proxy_set_header Connection $http_connection; - proxy_set_header Host $host; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header X-Forwarded-For $remote_addr; - - proxy_pass http://10.57.100.7:8080; - } -} diff --git a/playbooks.d/webserver-nginx/share/sites.d/revproxy/k3s b/playbooks.d/webserver-nginx/share/sites.d/revproxy/k3s new file mode 100644 index 0000000..7b33139 --- /dev/null +++ b/playbooks.d/webserver-nginx/share/sites.d/revproxy/k3s @@ -0,0 +1,30 @@ +server { + listen 80 default_server; + listen [::]:80 default_server; + + include /etc/nginx/snippets.d/certbot.conf; + + location / { + return 301 https://$host$request_uri; + } +} + +server { + listen 443 ssl http2 default_server; + listen [::]:443 ssl http2 default_server; + + ssl_certificate /etc/letsencrypt/live/$ssl_server_name/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/$ssl_server_name/privkey.pem; + + include /etc/nginx/snippets.d/certbot.conf; + + location / { + proxy_http_version 1.1; + proxy_set_header Connection $http_connection; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header X-Forwarded-For $remote_addr; + + proxy_pass http://10.57.100.7:8080; + } +} -- cgit v1.1