diff options
| author | Paweł Dybiec <pawel.to.malpa@gmail.com> | 2019-04-17 17:48:49 +0200 |
|---|---|---|
| committer | Paweł Dybiec <pawel.to.malpa@gmail.com> | 2019-04-17 17:48:49 +0200 |
| commit | 76173530dcacc33725590a7c6d8862fac5466dc3 (patch) | |
| tree | 8d87481f094ff0f5c189be7ab95c32e9eb6e8e65 /compose/nginx | |
| parent | Added vault.password to gitignore (diff) | |
Change docker compose dir
Diffstat (limited to 'compose/nginx')
| -rw-r--r-- | compose/nginx/Dockerfile | 4 | ||||
| -rw-r--r-- | compose/nginx/conf.d/dybiec.info.conf | 168 | ||||
| -rw-r--r-- | compose/nginx/nginx.conf | 31 | ||||
| -rw-r--r-- | compose/nginx/static-html/index.html | 1 |
4 files changed, 204 insertions, 0 deletions
diff --git a/compose/nginx/Dockerfile b/compose/nginx/Dockerfile new file mode 100644 index 0000000..fcca1df --- /dev/null +++ b/compose/nginx/Dockerfile @@ -0,0 +1,4 @@ +FROM nginx:1.15.8-alpine +COPY static-html /usr/share/nginx/html +COPY conf.d /etc/nginx/conf.d +COPY nginx.conf /etc/nginx/nginx.conf diff --git a/compose/nginx/conf.d/dybiec.info.conf b/compose/nginx/conf.d/dybiec.info.conf new file mode 100644 index 0000000..90cd471 --- /dev/null +++ b/compose/nginx/conf.d/dybiec.info.conf @@ -0,0 +1,168 @@ +server { + listen 80; + listen 443 ssl; + server_name .dybiec.info; + + ssl_certificate /etc/letsencrypt/live/dybiec.info/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dybiec.info/privkey.pem; + + location / { + root /usr/share/nginx/html; + index index.html; + } + +} +server { + listen 80; + listen 443 ssl; + server_name cnt.dybiec.info; + + ssl_certificate /etc/letsencrypt/live/dybiec.info/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dybiec.info/privkey.pem; + + location / { + proxy_pass http://localhost:5004; + } +} +server { + listen 80; + listen 443 ssl; + server_name registry.dybiec.info; + + ssl_certificate /etc/letsencrypt/live/dybiec.info/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dybiec.info/privkey.pem; + + location / { + proxy_pass http://localhost:5000; + proxy_set_header Host $http_host; # required for docker client's sake + proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + client_max_body_size 0; + } +} +server { + listen 80; + server_name git.dybiec.info; + return 301 https://$server_name$request_uri; +} +server { + listen 443 ssl; + server_name git.dybiec.info; + + ssl_certificate /etc/letsencrypt/live/dybiec.info/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dybiec.info/privkey.pem; + + location / { + proxy_pass http://localhost:5001; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_http_version 1.1; + } + gzip_proxied any; + gzip_types + text/css + text/javascript + text/xml + text/plain + application/javascript + application/x-javascript + application/json; + +} +server { + listen 80; + server_name grafana.dybiec.info; + return 301 https://$server_name$request_uri; +} +server { + listen 443 ssl; + server_name grafana.dybiec.info; + + ssl_certificate /etc/letsencrypt/live/dybiec.info/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dybiec.info/privkey.pem; + + location / { + proxy_pass http://localhost:5002; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_http_version 1.1; + } + gzip_proxied any; + gzip_types + text/css + text/javascript + text/xml + text/plain + application/javascript + application/x-javascript + application/json; + +} +server { + listen 80; + server_name prometheus.dybiec.info; + return 301 https://$server_name$request_uri; +} +server { + listen 443 ssl; + server_name prometheus.dybiec.info; + + ssl_certificate /etc/letsencrypt/live/dybiec.info/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dybiec.info/privkey.pem; + + location / { + proxy_pass http://localhost:5003; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_http_version 1.1; + } + gzip_proxied any; + gzip_types + text/css + text/javascript + text/xml + text/plain + application/javascript + application/x-javascript + application/json; + +} +server { + listen 80; + server_name octoprint.dybiec.info; + return 301 https://$server_name$request_uri; +} +server { + listen 443 ssl; + server_name octoprint.dybiec.info; + + ssl_certificate /etc/letsencrypt/live/dybiec.info/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/dybiec.info/privkey.pem; + + location / { + proxy_pass http://192.168.255.6/; + proxy_redirect off; + proxy_http_version 1.1; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + + client_max_body_size 0; + } + gzip_proxied any; + gzip_types + text/css + text/javascript + text/xml + text/plain + application/javascript + application/x-javascript + application/json; + +} diff --git a/compose/nginx/nginx.conf b/compose/nginx/nginx.conf new file mode 100644 index 0000000..aa6cbd7 --- /dev/null +++ b/compose/nginx/nginx.conf @@ -0,0 +1,31 @@ +user nginx; +worker_processes 1; + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + tcp_nopush on; + + keepalive_timeout 65; + + gzip on; + + include /etc/nginx/conf.d/*.conf; +} diff --git a/compose/nginx/static-html/index.html b/compose/nginx/static-html/index.html new file mode 100644 index 0000000..ce01362 --- /dev/null +++ b/compose/nginx/static-html/index.html @@ -0,0 +1 @@ +hello |