tjo-cloud/ingress
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(nginx): ssh issues

Browse source
This commit is contained in:
Tine 2024-11-25 19:53:12 +01:00
parent c62913a719
commit a11bc54dd6
Signed by: mentos1386
SSH key fingerprint: SHA256:MNtTsLbihYaWF8j1fkOHfkKNlnN1JQfxEU/rBU8nCGw
3 changed files with 27 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
root/etc/alloy/config.alloy
View file

@ -23,8 +23,18 @@ prometheus.scrape "exporters" {
//=== //===
// Logs // Logs
//=== //===
loki.relabel "journal" {
forward_to = []
rule {
source_labels = ["__journal__systemd_unit"]
target_label = "journal.unit"
}
}
loki.source.journal "default" { loki.source.journal "default" {
forward_to = [loki.process.drop_old.receiver] forward_to = [loki.process.drop_old.receiver]
relabel_rules = loki.relabel.journal.rules
} }
loki.process "drop_old" { loki.process "drop_old" {
stage.drop { stage.drop {

20
root/etc/nginx/nginx.conf
View file

@ -72,7 +72,7 @@ stream {
$geoip2_data_longitude location longitude; $geoip2_data_longitude location longitude;
} }
log_format geoip 'country=$geoip2_data_country_iso_code ' log_format geoip_with_upstream 'country=$geoip2_data_country_iso_code '
'lat=$geoip2_data_latitude ' 'lat=$geoip2_data_latitude '
'long=$geoip2_data_longitude ' 'long=$geoip2_data_longitude '
'ip=$remote_addr ' 'ip=$remote_addr '
@ -85,8 +85,20 @@ stream {
'bytes_received=$bytes_received ' 'bytes_received=$bytes_received '
'session_time=$session_time'; 'session_time=$session_time';
log_format geoip 'country=$geoip2_data_country_iso_code '
'lat=$geoip2_data_latitude '
'long=$geoip2_data_longitude '
'ip=$remote_addr '
'protocol=$protocol '
'server_port=$server_port '
'status=$status '
'bytes_sent=$bytes_sent '
'bytes_received=$bytes_received '
'session_time=$session_time';
# HTTPS # HTTPS
server { server {
access_log syslog:server=unix:/dev/log geoip_with_upstream;
listen 0.0.0.0:443; listen 0.0.0.0:443;
listen [::]:443; listen [::]:443;
proxy_pass $selected_upstream; proxy_pass $selected_upstream;
@ -97,9 +109,10 @@ stream {
# GIT # GIT
server { server {
access_log syslog:server=unix:/dev/log geoip;
listen 0.0.0.0:22; listen 0.0.0.0:22;
listen [::]:22; listen [::]:22;
proxy_pass batuu.system.tjo.cloud:22; proxy_pass batuu.system.tjo.space:22;
proxy_protocol off; # Configure downstream first. proxy_protocol off; # Configure downstream first.
include /etc/nginx/partials/server.conf; include /etc/nginx/partials/server.conf;
include /etc/nginx/partials/blocked.conf; include /etc/nginx/partials/blocked.conf;
@ -107,6 +120,7 @@ stream {
# EMAIL # EMAIL
server { server {
access_log syslog:server=unix:/dev/log geoip;
listen 0.0.0.0:25; listen 0.0.0.0:25;
listen [::]:25; listen [::]:25;
listen 0.0.0.0:143; listen 0.0.0.0:143;
@ -119,7 +133,7 @@ stream {
listen [::]:993; listen [::]:993;
listen 0.0.0.0:4190; listen 0.0.0.0:4190;
listen [::]:4190; listen [::]:4190;
proxy_pass mail.system.tjo.cloud:$server_port; proxy_pass mail.system.tjo.space:$server_port;
proxy_protocol off; # Configure downstream first. proxy_protocol off; # Configure downstream first.
include /etc/nginx/partials/server.conf; include /etc/nginx/partials/server.conf;
include /etc/nginx/partials/blocked.conf; include /etc/nginx/partials/blocked.conf;

1
root/etc/nginx/partials/server.conf
View file

@ -1,5 +1,4 @@
# Default server configuration # Default server configuration
access_log syslog:server=unix:/dev/log geoip;
resolver 9.9.9.9 1.1.1.1 8.8.8.8 8.8.4.4; resolver 9.9.9.9 1.1.1.1 8.8.8.8 8.8.4.4;
set_real_ip_from 0.0.0.0/0; set_real_ip_from 0.0.0.0/0;
ssl_preread on; ssl_preread on;