fix(nginx): ssh issues
This commit is contained in:
parent
c62913a719
commit
a11bc54dd6
SSH key fingerprint:
SHA256:MNtTsLbihYaWF8j1fkOHfkKNlnN1JQfxEU/rBU8nCGw
3 changed files with 27 additions and 4 deletions
|
|
@ -23,8 +23,18 @@ prometheus.scrape "exporters" {
|
|||
//===
|
||||
// Logs
|
||||
//===
|
||||
loki.relabel "journal" {
|
||||
forward_to = []
|
||||
|
||||
rule {
|
||||
source_labels = ["__journal__systemd_unit"]
|
||||
target_label = "journal.unit"
|
||||
}
|
||||
}
|
||||
|
||||
loki.source.journal "default" {
|
||||
forward_to = [loki.process.drop_old.receiver]
|
||||
relabel_rules = loki.relabel.journal.rules
|
||||
}
|
||||
loki.process "drop_old" {
|
||||
stage.drop {
|
||||
|
|
|
|||
|
|
@ -72,7 +72,7 @@ stream {
|
|||
$geoip2_data_longitude location longitude;
|
||||
}
|
||||
|
||||
log_format geoip 'country=$geoip2_data_country_iso_code '
|
||||
log_format geoip_with_upstream 'country=$geoip2_data_country_iso_code '
|
||||
'lat=$geoip2_data_latitude '
|
||||
'long=$geoip2_data_longitude '
|
||||
'ip=$remote_addr '
|
||||
|
|
@ -85,8 +85,20 @@ stream {
|
|||
'bytes_received=$bytes_received '
|
||||
'session_time=$session_time';
|
||||
|
||||
log_format geoip 'country=$geoip2_data_country_iso_code '
|
||||
'lat=$geoip2_data_latitude '
|
||||
'long=$geoip2_data_longitude '
|
||||
'ip=$remote_addr '
|
||||
'protocol=$protocol '
|
||||
'server_port=$server_port '
|
||||
'status=$status '
|
||||
'bytes_sent=$bytes_sent '
|
||||
'bytes_received=$bytes_received '
|
||||
'session_time=$session_time';
|
||||
|
||||
# HTTPS
|
||||
server {
|
||||
access_log syslog:server=unix:/dev/log geoip_with_upstream;
|
||||
listen 0.0.0.0:443;
|
||||
listen [::]:443;
|
||||
proxy_pass $selected_upstream;
|
||||
|
|
@ -97,9 +109,10 @@ stream {
|
|||
|
||||
# GIT
|
||||
server {
|
||||
access_log syslog:server=unix:/dev/log geoip;
|
||||
listen 0.0.0.0:22;
|
||||
listen [::]:22;
|
||||
proxy_pass batuu.system.tjo.cloud:22;
|
||||
proxy_pass batuu.system.tjo.space:22;
|
||||
proxy_protocol off; # Configure downstream first.
|
||||
include /etc/nginx/partials/server.conf;
|
||||
include /etc/nginx/partials/blocked.conf;
|
||||
|
|
@ -107,6 +120,7 @@ stream {
|
|||
|
||||
# EMAIL
|
||||
server {
|
||||
access_log syslog:server=unix:/dev/log geoip;
|
||||
listen 0.0.0.0:25;
|
||||
listen [::]:25;
|
||||
listen 0.0.0.0:143;
|
||||
|
|
@ -119,7 +133,7 @@ stream {
|
|||
listen [::]:993;
|
||||
listen 0.0.0.0:4190;
|
||||
listen [::]:4190;
|
||||
proxy_pass mail.system.tjo.cloud:$server_port;
|
||||
proxy_pass mail.system.tjo.space:$server_port;
|
||||
proxy_protocol off; # Configure downstream first.
|
||||
include /etc/nginx/partials/server.conf;
|
||||
include /etc/nginx/partials/blocked.conf;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
# Default server configuration
|
||||
access_log syslog:server=unix:/dev/log geoip;
|
||||
resolver 9.9.9.9 1.1.1.1 8.8.8.8 8.8.4.4;
|
||||
set_real_ip_from 0.0.0.0/0;
|
||||
ssl_preread on;
|
||||
|
|
|
|||
Loading…
Reference in a new issue