2024-11-04 20:32:57 +00:00
|
|
|
user www-data;
|
|
|
|
worker_processes auto;
|
|
|
|
pid /run/nginx.pid;
|
|
|
|
include /etc/nginx/modules-enabled/*.conf;
|
|
|
|
|
2024-11-05 20:34:22 +00:00
|
|
|
error_log syslog:server=unix:/dev/log;
|
|
|
|
|
2024-11-04 20:32:57 +00:00
|
|
|
events {
|
|
|
|
worker_connections 768;
|
|
|
|
}
|
|
|
|
|
|
|
|
stream {
|
|
|
|
# Map of Host -> IP
|
|
|
|
# We will route the traffic to this endpoints.
|
|
|
|
map $ssl_preread_server_name $selected_upstream {
|
|
|
|
hostnames;
|
|
|
|
|
|
|
|
# if not knonw, use some non existing response thingy :shrug:
|
|
|
|
default 255.255.255.255:1;
|
|
|
|
|
|
|
|
## CLOUD
|
|
|
|
proxmox.tjo.cloud batuu.system.tjo.space:4443;
|
|
|
|
postgresql.tjo.cloud batuu.system.tjo.space:4443;
|
2024-11-27 20:38:20 +00:00
|
|
|
monitor.tjo.cloud nevaroo.system.tjo.space:4443;
|
|
|
|
loki.monitor.tjo.cloud nevaroo.system.tjo.space:4443;
|
|
|
|
prometheus.monitor.tjo.cloud nevaroo.system.tjo.space:4443;
|
|
|
|
grpc.otel.monitor.tjo.cloud nevaroo.system.tjo.space:4443;
|
|
|
|
http.otel.monitor.tjo.cloud nevaroo.system.tjo.space:4443;
|
2024-11-04 20:32:57 +00:00
|
|
|
vault.tjo.cloud batuu.system.tjo.space:4443;
|
|
|
|
|
|
|
|
## HETZNER
|
2024-11-27 20:38:20 +00:00
|
|
|
tjo.space nevaroo.system.tjo.space:4443;
|
|
|
|
chat.tjo.space nevaroo.system.tjo.space:4443;
|
|
|
|
webhook.chat.tjo.space nevaroo.system.tjo.space:4443;
|
|
|
|
matrix.chat.tjo.space nevaroo.system.tjo.space:4443;
|
|
|
|
yt.tjo.space nevaroo.system.tjo.space:4443;
|
|
|
|
search.tjo.space nevaroo.system.tjo.space:4443;
|
|
|
|
send.tjo.space nevaroo.system.tjo.space:4443;
|
2024-11-04 20:32:57 +00:00
|
|
|
|
|
|
|
## BATUU
|
|
|
|
cloud.tjo.space batuu.system.tjo.space:4443;
|
|
|
|
collabora.tjo.space batuu.system.tjo.space:4443;
|
|
|
|
code.tjo.space batuu.system.tjo.space:4443;
|
|
|
|
vault.tjo.space batuu.system.tjo.space:4443;
|
|
|
|
rss.tjo.space batuu.system.tjo.space:4443;
|
|
|
|
id.tjo.space batuu.system.tjo.space:4443;
|
|
|
|
ldap.id.tjo.space batuu.system.tjo.space:4443;
|
|
|
|
mnts.dev batuu.system.tjo.space:4443;
|
|
|
|
paperless.tjo.space batuu.system.tjo.space:4443;
|
|
|
|
penpot.tjo.space batuu.system.tjo.space:4443;
|
|
|
|
|
|
|
|
## JAKKU
|
|
|
|
books.tjo.space jakku.system.tjo.space:4443;
|
|
|
|
media.tjo.space jakku.system.tjo.space:4443;
|
|
|
|
next.media.tjo.space jakku.system.tjo.space:4443;
|
|
|
|
request.media.tjo.space jakku.system.tjo.space:4443;
|
|
|
|
tdarr.media.tjo.space jakku.system.tjo.space:4443;
|
|
|
|
stuff.tjo.space jakku.system.tjo.space:4443;
|
|
|
|
auth.media.tjo.space jakku.system.tjo.space:4443;
|
|
|
|
sonarr.media.tjo.space jakku.system.tjo.space:4443;
|
|
|
|
radarr.media.tjo.space jakku.system.tjo.space:4443;
|
|
|
|
lidarr.media.tjo.space jakku.system.tjo.space:4443;
|
|
|
|
prowlarr.media.tjo.space jakku.system.tjo.space:4443;
|
|
|
|
qbittorrent.media.tjo.space jakku.system.tjo.space:4443;
|
|
|
|
bazarr.media.tjo.space jakku.system.tjo.space:4443;
|
|
|
|
readarr.media.tjo.space jakku.system.tjo.space:4443;
|
|
|
|
}
|
|
|
|
|
|
|
|
geoip2 /var/geoip.mmdb {
|
|
|
|
$geoip2_data_country_iso_code country iso_code;
|
|
|
|
$geoip2_data_latitude location latitude;
|
|
|
|
$geoip2_data_longitude location longitude;
|
|
|
|
}
|
|
|
|
|
2024-11-25 18:53:12 +00:00
|
|
|
log_format geoip_with_upstream 'country=$geoip2_data_country_iso_code '
|
2024-11-08 21:30:33 +00:00
|
|
|
'lat=$geoip2_data_latitude '
|
|
|
|
'long=$geoip2_data_longitude '
|
|
|
|
'ip=$remote_addr '
|
|
|
|
'protocol=$protocol '
|
|
|
|
'server_name=$ssl_preread_server_name '
|
|
|
|
'server_port=$server_port '
|
|
|
|
'upstream=$selected_upstream '
|
|
|
|
'status=$status '
|
|
|
|
'bytes_sent=$bytes_sent '
|
|
|
|
'bytes_received=$bytes_received '
|
|
|
|
'session_time=$session_time';
|
2024-11-04 20:32:57 +00:00
|
|
|
|
2024-11-25 18:53:12 +00:00
|
|
|
log_format geoip 'country=$geoip2_data_country_iso_code '
|
|
|
|
'lat=$geoip2_data_latitude '
|
|
|
|
'long=$geoip2_data_longitude '
|
|
|
|
'ip=$remote_addr '
|
|
|
|
'protocol=$protocol '
|
|
|
|
'server_port=$server_port '
|
|
|
|
'status=$status '
|
|
|
|
'bytes_sent=$bytes_sent '
|
|
|
|
'bytes_received=$bytes_received '
|
|
|
|
'session_time=$session_time';
|
|
|
|
|
2024-11-08 21:30:33 +00:00
|
|
|
# HTTPS
|
|
|
|
server {
|
2024-11-25 18:53:12 +00:00
|
|
|
access_log syslog:server=unix:/dev/log geoip_with_upstream;
|
2024-11-08 21:30:33 +00:00
|
|
|
listen 0.0.0.0:443;
|
|
|
|
listen [::]:443;
|
|
|
|
proxy_pass $selected_upstream;
|
|
|
|
proxy_protocol on;
|
|
|
|
include /etc/nginx/partials/server.conf;
|
|
|
|
include /etc/nginx/partials/blocked.conf;
|
2024-11-26 19:23:06 +00:00
|
|
|
include /etc/nginx/partials/manual-blocks.conf;
|
2024-11-08 21:30:33 +00:00
|
|
|
}
|
2024-11-05 20:37:02 +00:00
|
|
|
|
2024-11-08 21:30:33 +00:00
|
|
|
# GIT
|
2024-11-11 20:31:32 +00:00
|
|
|
server {
|
2024-11-25 18:53:12 +00:00
|
|
|
access_log syslog:server=unix:/dev/log geoip;
|
2024-11-11 20:31:32 +00:00
|
|
|
listen 0.0.0.0:22;
|
|
|
|
listen [::]:22;
|
2024-11-25 19:53:38 +00:00
|
|
|
proxy_pass batuu.system.tjo.space:2244;
|
2024-11-25 19:59:09 +00:00
|
|
|
proxy_protocol on;
|
2024-11-11 20:31:32 +00:00
|
|
|
include /etc/nginx/partials/server.conf;
|
|
|
|
include /etc/nginx/partials/blocked.conf;
|
2024-11-26 19:23:06 +00:00
|
|
|
include /etc/nginx/partials/manual-blocks.conf;
|
2024-11-11 20:31:32 +00:00
|
|
|
}
|
2024-11-04 20:32:57 +00:00
|
|
|
|
2024-11-08 21:30:33 +00:00
|
|
|
# EMAIL
|
|
|
|
server {
|
2024-11-25 18:53:12 +00:00
|
|
|
access_log syslog:server=unix:/dev/log geoip;
|
2024-11-08 21:30:33 +00:00
|
|
|
listen 0.0.0.0:25;
|
|
|
|
listen [::]:25;
|
|
|
|
listen 0.0.0.0:143;
|
|
|
|
listen [::]:143;
|
|
|
|
listen 0.0.0.0:465;
|
|
|
|
listen [::]:465;
|
|
|
|
listen 0.0.0.0:587;
|
|
|
|
listen [::]:587;
|
|
|
|
listen 0.0.0.0:993;
|
|
|
|
listen [::]:993;
|
|
|
|
listen 0.0.0.0:4190;
|
|
|
|
listen [::]:4190;
|
2024-11-25 19:53:38 +00:00
|
|
|
proxy_pass nevaroo.system.tjo.space:$server_port;
|
2024-11-11 20:31:32 +00:00
|
|
|
proxy_protocol off; # Configure downstream first.
|
2024-11-04 20:32:57 +00:00
|
|
|
include /etc/nginx/partials/server.conf;
|
|
|
|
include /etc/nginx/partials/blocked.conf;
|
2024-11-26 19:23:06 +00:00
|
|
|
include /etc/nginx/partials/manual-blocks.conf;
|
2024-11-04 20:32:57 +00:00
|
|
|
}
|
|
|
|
}
|