144 lines
5.5 KiB
Nginx Configuration File
144 lines
5.5 KiB
Nginx Configuration File
user www-data;
|
|
worker_processes auto;
|
|
pid /run/nginx.pid;
|
|
include /etc/nginx/modules-enabled/*.conf;
|
|
|
|
error_log syslog:server=unix:/dev/log;
|
|
|
|
events {
|
|
worker_connections 768;
|
|
}
|
|
|
|
stream {
|
|
# Map of Host -> IP
|
|
# We will route the traffic to this endpoints.
|
|
map $ssl_preread_server_name $selected_upstream {
|
|
hostnames;
|
|
|
|
# if not knonw, use some non existing response thingy :shrug:
|
|
default 255.255.255.255:1;
|
|
|
|
## CLOUD
|
|
proxmox.tjo.cloud batuu.system.tjo.space:4443;
|
|
postgresql.tjo.cloud batuu.system.tjo.space:4443;
|
|
monitor.tjo.cloud hetzner.system.tjo.cloud:4443;
|
|
loki.monitor.tjo.cloud hetzner.system.tjo.cloud:4443;
|
|
prometheus.monitor.tjo.cloud hetzner.system.tjo.cloud:4443;
|
|
grpc.otel.monitor.tjo.cloud hetzner.system.tjo.cloud:4443;
|
|
http.otel.monitor.tjo.cloud hetzner.system.tjo.cloud:4443;
|
|
vault.tjo.cloud batuu.system.tjo.space:4443;
|
|
|
|
## HETZNER
|
|
tjo.space hetzner.system.tjo.cloud:4443;
|
|
chat.tjo.space hetzner.system.tjo.cloud:4443;
|
|
webhook.chat.tjo.space hetzner.system.tjo.cloud:4443;
|
|
matrix.chat.tjo.space hetzner.system.tjo.cloud:4443;
|
|
yt.tjo.space hetzner.system.tjo.cloud:4443;
|
|
search.tjo.space hetzner.system.tjo.cloud:4443;
|
|
send.tjo.space hetzner.system.tjo.cloud:4443;
|
|
|
|
## BATUU
|
|
cloud.tjo.space batuu.system.tjo.space:4443;
|
|
collabora.tjo.space batuu.system.tjo.space:4443;
|
|
code.tjo.space batuu.system.tjo.space:4443;
|
|
vault.tjo.space batuu.system.tjo.space:4443;
|
|
rss.tjo.space batuu.system.tjo.space:4443;
|
|
id.tjo.space batuu.system.tjo.space:4443;
|
|
ldap.id.tjo.space batuu.system.tjo.space:4443;
|
|
mnts.dev batuu.system.tjo.space:4443;
|
|
paperless.tjo.space batuu.system.tjo.space:4443;
|
|
penpot.tjo.space batuu.system.tjo.space:4443;
|
|
|
|
## JAKKU
|
|
books.tjo.space jakku.system.tjo.space:4443;
|
|
media.tjo.space jakku.system.tjo.space:4443;
|
|
next.media.tjo.space jakku.system.tjo.space:4443;
|
|
request.media.tjo.space jakku.system.tjo.space:4443;
|
|
tdarr.media.tjo.space jakku.system.tjo.space:4443;
|
|
stuff.tjo.space jakku.system.tjo.space:4443;
|
|
auth.media.tjo.space jakku.system.tjo.space:4443;
|
|
sonarr.media.tjo.space jakku.system.tjo.space:4443;
|
|
radarr.media.tjo.space jakku.system.tjo.space:4443;
|
|
lidarr.media.tjo.space jakku.system.tjo.space:4443;
|
|
prowlarr.media.tjo.space jakku.system.tjo.space:4443;
|
|
qbittorrent.media.tjo.space jakku.system.tjo.space:4443;
|
|
bazarr.media.tjo.space jakku.system.tjo.space:4443;
|
|
readarr.media.tjo.space jakku.system.tjo.space:4443;
|
|
}
|
|
|
|
geoip2 /var/geoip.mmdb {
|
|
$geoip2_data_country_iso_code country iso_code;
|
|
$geoip2_data_latitude location latitude;
|
|
$geoip2_data_longitude location longitude;
|
|
}
|
|
|
|
log_format geoip_with_upstream 'country=$geoip2_data_country_iso_code '
|
|
'lat=$geoip2_data_latitude '
|
|
'long=$geoip2_data_longitude '
|
|
'ip=$remote_addr '
|
|
'protocol=$protocol '
|
|
'server_name=$ssl_preread_server_name '
|
|
'server_port=$server_port '
|
|
'upstream=$selected_upstream '
|
|
'status=$status '
|
|
'bytes_sent=$bytes_sent '
|
|
'bytes_received=$bytes_received '
|
|
'session_time=$session_time';
|
|
|
|
log_format geoip 'country=$geoip2_data_country_iso_code '
|
|
'lat=$geoip2_data_latitude '
|
|
'long=$geoip2_data_longitude '
|
|
'ip=$remote_addr '
|
|
'protocol=$protocol '
|
|
'server_port=$server_port '
|
|
'status=$status '
|
|
'bytes_sent=$bytes_sent '
|
|
'bytes_received=$bytes_received '
|
|
'session_time=$session_time';
|
|
|
|
# HTTPS
|
|
server {
|
|
access_log syslog:server=unix:/dev/log geoip_with_upstream;
|
|
listen 0.0.0.0:443;
|
|
listen [::]:443;
|
|
proxy_pass $selected_upstream;
|
|
proxy_protocol on;
|
|
include /etc/nginx/partials/server.conf;
|
|
include /etc/nginx/partials/blocked.conf;
|
|
include /etc/nginx/partials/manual-blocks.conf;
|
|
}
|
|
|
|
# GIT
|
|
server {
|
|
access_log syslog:server=unix:/dev/log geoip;
|
|
listen 0.0.0.0:22;
|
|
listen [::]:22;
|
|
proxy_pass batuu.system.tjo.space:2244;
|
|
proxy_protocol on;
|
|
include /etc/nginx/partials/server.conf;
|
|
include /etc/nginx/partials/blocked.conf;
|
|
include /etc/nginx/partials/manual-blocks.conf;
|
|
}
|
|
|
|
# EMAIL
|
|
server {
|
|
access_log syslog:server=unix:/dev/log geoip;
|
|
listen 0.0.0.0:25;
|
|
listen [::]:25;
|
|
listen 0.0.0.0:143;
|
|
listen [::]:143;
|
|
listen 0.0.0.0:465;
|
|
listen [::]:465;
|
|
listen 0.0.0.0:587;
|
|
listen [::]:587;
|
|
listen 0.0.0.0:993;
|
|
listen [::]:993;
|
|
listen 0.0.0.0:4190;
|
|
listen [::]:4190;
|
|
proxy_pass nevaroo.system.tjo.space:$server_port;
|
|
proxy_protocol off; # Configure downstream first.
|
|
include /etc/nginx/partials/server.conf;
|
|
include /etc/nginx/partials/blocked.conf;
|
|
include /etc/nginx/partials/manual-blocks.conf;
|
|
}
|
|
}
|