ingress/root/etc/nginx/nginx.conf
2024-11-08 22:30:33 +01:00

127 lines
4.6 KiB
Nginx Configuration File

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
error_log syslog:server=unix:/dev/log;
events {
worker_connections 768;
}
stream {
# Map of Host -> IP
# We will route the traffic to this endpoints.
map $ssl_preread_server_name $selected_upstream {
hostnames;
# if not knonw, use some non existing response thingy :shrug:
default 255.255.255.255:1;
## CLOUD
proxmox.tjo.cloud batuu.system.tjo.space:4443;
postgresql.tjo.cloud batuu.system.tjo.space:4443;
monitor.tjo.cloud hetzner.system.tjo.cloud:4443;
loki.monitor.tjo.cloud hetzner.system.tjo.cloud:4443;
prometheus.monitor.tjo.cloud hetzner.system.tjo.cloud:4443;
grpc.otel.monitor.tjo.cloud hetzner.system.tjo.cloud:4443;
http.otel.monitor.tjo.cloud hetzner.system.tjo.cloud:4443;
vault.tjo.cloud batuu.system.tjo.space:4443;
## HETZNER
tjo.space hetzner.system.tjo.cloud:4443;
chat.tjo.space hetzner.system.tjo.cloud:4443;
webhook.chat.tjo.space hetzner.system.tjo.cloud:4443;
matrix.chat.tjo.space hetzner.system.tjo.cloud:4443;
yt.tjo.space hetzner.system.tjo.cloud:4443;
search.tjo.space hetzner.system.tjo.cloud:4443;
send.tjo.space hetzner.system.tjo.cloud:4443;
## BATUU
cloud.tjo.space batuu.system.tjo.space:4443;
collabora.tjo.space batuu.system.tjo.space:4443;
code.tjo.space batuu.system.tjo.space:4443;
vault.tjo.space batuu.system.tjo.space:4443;
rss.tjo.space batuu.system.tjo.space:4443;
id.tjo.space batuu.system.tjo.space:4443;
ldap.id.tjo.space batuu.system.tjo.space:4443;
mnts.dev batuu.system.tjo.space:4443;
paperless.tjo.space batuu.system.tjo.space:4443;
penpot.tjo.space batuu.system.tjo.space:4443;
## JAKKU
books.tjo.space jakku.system.tjo.space:4443;
media.tjo.space jakku.system.tjo.space:4443;
next.media.tjo.space jakku.system.tjo.space:4443;
request.media.tjo.space jakku.system.tjo.space:4443;
tdarr.media.tjo.space jakku.system.tjo.space:4443;
stuff.tjo.space jakku.system.tjo.space:4443;
auth.media.tjo.space jakku.system.tjo.space:4443;
sonarr.media.tjo.space jakku.system.tjo.space:4443;
radarr.media.tjo.space jakku.system.tjo.space:4443;
lidarr.media.tjo.space jakku.system.tjo.space:4443;
prowlarr.media.tjo.space jakku.system.tjo.space:4443;
qbittorrent.media.tjo.space jakku.system.tjo.space:4443;
bazarr.media.tjo.space jakku.system.tjo.space:4443;
readarr.media.tjo.space jakku.system.tjo.space:4443;
}
geoip2 /var/geoip.mmdb {
$geoip2_data_country_iso_code country iso_code;
$geoip2_data_latitude location latitude;
$geoip2_data_longitude location longitude;
}
log_format geoip 'country=$geoip2_data_country_iso_code '
'lat=$geoip2_data_latitude '
'long=$geoip2_data_longitude '
'ip=$remote_addr '
'protocol=$protocol '
'server_name=$ssl_preread_server_name '
'server_port=$server_port '
'upstream=$selected_upstream '
'status=$status '
'bytes_sent=$bytes_sent '
'bytes_received=$bytes_received '
'session_time=$session_time';
# HTTPS
server {
listen 0.0.0.0:443;
listen [::]:443;
proxy_pass $selected_upstream;
proxy_protocol on;
include /etc/nginx/partials/server.conf;
include /etc/nginx/partials/blocked.conf;
}
# GIT
server {
listen 0.0.0.0:22;
listen [::]:22;
proxy_pass batuu.system.tjo.cloud:22;
proxy_protocol on;
include /etc/nginx/partials/server.conf;
include /etc/nginx/partials/blocked.conf;
}
# EMAIL
server {
listen 0.0.0.0:25;
listen [::]:25;
listen 0.0.0.0:143;
listen [::]:143;
listen 0.0.0.0:465;
listen [::]:465;
listen 0.0.0.0:587;
listen [::]:587;
listen 0.0.0.0:993;
listen [::]:993;
listen 0.0.0.0:4190;
listen [::]:4190;
proxy_pass mail.system.tjo.cloud:$server_port;
proxy_protocol on;
include /etc/nginx/partials/server.conf;
include /etc/nginx/partials/blocked.conf;
}
}