From Tom, 4 Weeks ago, written in Plain Text.
This paste will kick the bucket in 1 Second.
Embed
  1. #/etc/nginx/conf.d/gateway.conf
  2. #
  3. ############################
  4. # Port    81 = Gateway     #
  5. # Port    82 = Wordpress   #
  6. # Port    83 = Nextcloud   #
  7. # Port    84 = Stikked     #
  8. # Port    85 = Roundcube   #
  9. # Port    86 = Rainloop    #
  10. # Port    87 = osTicket    #
  11. # Port    88 = Stikked     #
  12. # Port    89 = Office      #
  13. # Port    90 = FF-Sync     #
  14. # Port    91 = Framadate   #
  15. # Port    92 = Conbee      #
  16. # Port  8001 = VDR         #
  17. # Port 32400 = Plex        #
  18. ############################
  19. #
  20. ###############################################################
  21. # Subdomain für Wordpress                                     #
  22. ###############################################################
  23. #
  24. #### Let's Enrypt ####
  25. server {
  26. listen 80;
  27. server_name escher.cc 192.168.200.10;
  28. charset utf-8;
  29. root /var/www;
  30. location ^~ /.well-known/acme-challenge {
  31. proxy_pass http://127.0.0.1:81;
  32. proxy_set_header Host $host;
  33.  }
  34. location / {
  35.  return 301 https://$host$request_uri;
  36.  }
  37. }
  38. #### Wordpress (82) ####
  39. server {
  40. listen 443 ssl http2;
  41. server_name escher.cc 192.168.200.10;
  42. charset utf-8;
  43. include /etc/nginx/ssl.conf;
  44. include /etc/nginx/proxy.conf;
  45. include /etc/nginx/header.conf;
  46. location ^~ / {
  47. client_max_body_size 1024M;
  48. proxy_max_temp_file_size 1024M;
  49. proxy_connect_timeout 300;
  50. proxy_read_timeout 300;
  51. proxy_send_timeout 300;
  52. send_timeout 300;
  53. proxy_set_header Host $host;
  54. proxy_set_header X-Real-IP $remote_addr;
  55. proxy_set_header X-Forwarded-Proto $scheme;
  56. proxy_pass http://127.0.0.1:82;
  57. proxy_http_version 1.1;
  58. proxy_set_header Connection "";
  59. proxy_buffering off;
  60. proxy_request_buffering off;
  61.  }
  62. }
  63. ###############################################################
  64. # Subdomain für Nextcloud                                     #
  65. ###############################################################
  66. #
  67. server {
  68. listen 80;
  69. server_name cloud.escher.cc;
  70. charset utf-8;
  71. root /var/www;
  72. location ^~ /.well-known/acme-challenge {
  73. proxy_pass http://127.0.0.1:81;
  74.  }
  75. location / {
  76.   return 301 https://$host$request_uri;
  77.  }
  78.  
  79.  
  80. }
  81. server {
  82. listen 443 ssl http2;
  83. server_name cloud.escher.cc;
  84. charset utf-8;
  85. include /etc/nginx/ssl.conf;
  86. include /etc/nginx/proxy.conf;
  87. include /etc/nginx/header.conf;
  88. location = /.well-known/carddav {
  89. return 301 $scheme://$host/remote.php/dav;
  90. }
  91. location = /.well-known/caldav {
  92. return 301 $scheme://$host/remote.php/dav;
  93. }
  94. location ^~ / {
  95. #
  96. location = /.well-known/webfinger {
  97. return 301 /index.php$uri;
  98. }
  99. #
  100. location ^~ /.well-known {
  101. location = /.well-known/nodeinfo {
  102. return 301 /index.php$uri; }
  103. }
  104. #
  105. client_max_body_size 10240M;
  106. proxy_max_temp_file_size 10240M;
  107. proxy_connect_timeout 300;
  108. proxy_send_timeout 300;
  109. proxy_read_timeout 300;
  110. send_timeout 3600;
  111. proxy_set_header Host $host;
  112. proxy_set_header X-Real-IP $remote_addr;
  113. proxy_set_header X-Forwarded-Proto $scheme;
  114. proxy_pass http://127.0.0.1:83;
  115. proxy_http_version 1.1;
  116. proxy_set_header Connection "";
  117. proxy_buffering off;
  118. proxy_request_buffering off;
  119.  }
  120.  
  121. }
  122. ##############################################################
  123. # Subdomain für Roundcube                                    #
  124. ##############################################################
  125. #
  126. #server {
  127. #listen 80;
  128. #server_name mail.escher.cc;
  129. #charset utf-8;
  130. #root /var/www;
  131. #location ^~ /.well-known/acme-challenge {
  132. #proxy_pass http://127.0.0.1:81;
  133. #}
  134. #location / {
  135. #return 301 https://$host$request_uri;
  136. #}
  137.  
  138.  
  139. #}
  140. #server {
  141. #listen 443 ssl http2;
  142. #server_name mail.escher.cc;
  143. #charset utf-8;
  144. #include /etc/nginx/ssl.conf;
  145. #location ^~ / {
  146. #client_max_body_size 1024M;
  147. #proxy_max_temp_file_size 1024M;
  148. #proxy_connect_timeout 300;
  149. #proxy_send_timeout 300;
  150. #proxy_read_timeout 300;
  151. #send_timeout 300;
  152. #proxy_set_header Host $host;
  153. #proxy_set_header X-Real-IP $remote_addr;
  154. #proxy_set_header X-Forwarded-Proto $scheme;
  155. #proxy_cookie_path / "/; secure; HttpOnly";
  156. #proxy_pass http://127.0.0.1:85;
  157. #proxy_http_version 1.1;
  158. #proxy_set_header Connection "";
  159. #proxy_buffering off;
  160. #proxy_request_buffering off;
  161. # }
  162.  
  163. #}
  164. ##############################################################
  165. # Subdomain für Rainloop                                     #
  166. ##############################################################
  167. #
  168. #server {
  169. #listen 80;
  170. #server_name mail.escher.cc;
  171. #charset utf-8;
  172. #root /var/www;
  173. #location ^~ /.well-known/acme-challenge {
  174. #proxy_pass http://127.0.0.1:81;
  175. #}
  176. #location / {
  177. #return 301 https://$host$request_uri;
  178. #}
  179. #
  180. #
  181. #}
  182. #server {
  183. #listen 443 ssl http2;
  184. #server_name mail.escher.cc;
  185. #charset utf-8;
  186. #include /etc/nginx/ssl.conf;
  187. #location ^~ / {
  188. #client_max_body_size 1024M;
  189. #proxy_max_temp_file_size 1024M;
  190. #proxy_connect_timeout 300;
  191. #proxy_send_timeout 300;
  192. #proxy_read_timeout 300;
  193. #send_timeout 300;
  194. #proxy_set_header Host $host;
  195. #proxy_set_header X-Real-IP $remote_addr;
  196. #proxy_set_header X-Forwarded-Proto $scheme;
  197. #proxy_cookie_path / "/; secure; HttpOnly";
  198. #proxy_pass http://127.0.0.1:86;
  199. #proxy_http_version 1.1;
  200. #proxy_set_header Connection "";
  201. #proxy_buffering off;
  202. #proxy_request_buffering off;
  203. # }
  204. #
  205. #}
  206. ##############################################################
  207. # Subdomain für Plex                                         #
  208. ##############################################################
  209. #
  210. server {
  211.  
  212. listen 80;
  213. server_name plex.escher.cc;
  214. charset utf-8;
  215. root /var/www;
  216. location ^~ /.well-known/acme-challenge {
  217. proxy_pass http://127.0.0.1:81;
  218.  }
  219. location / {
  220. return 301 https://$host$request_uri;
  221. }
  222.  
  223.  
  224. }
  225. server {
  226. listen 443 ssl http2;
  227. server_name plex.escher.cc;
  228. charset utf-8;
  229. include /etc/nginx/ssl.conf;
  230. location ^~ / {
  231. client_max_body_size 1024M;
  232. proxy_max_temp_file_size 1024M;
  233. proxy_connect_timeout 300;
  234. proxy_read_timeout 300;
  235. proxy_send_timeout 300;
  236. send_timeout 300;
  237. proxy_set_header Host $host;
  238. proxy_set_header X-Real-IP $remote_addr;
  239. proxy_set_header X-Forwarded-Proto $scheme;
  240. proxy_cookie_path / "/; secure; HttpOnly";
  241. proxy_pass http://127.0.0.1:32400;
  242. proxy_http_version 1.1;
  243. proxy_set_header Connection "";
  244. proxy_buffering off;
  245. proxy_request_buffering off;
  246. }
  247.  
  248. }
  249. ##############################################################
  250. # Collabora                                                  #
  251. ##############################################################
  252. server {
  253. listen 80;
  254. server_name office.escher.cc;
  255. charset utf-8;
  256. root /var/www;
  257. # static files
  258. location ^~ /loleaflet {
  259.     proxy_pass https://localhost:9980;
  260.     proxy_set_header Host $http_host;
  261. }
  262.  
  263. # WOPI discovery URL
  264. location ^~ /hosting/discovery {
  265.     proxy_pass https://localhost:9980;
  266.     proxy_set_header Host $http_host;
  267. }
  268.  
  269. # main websocket
  270. location ~ ^/lool {
  271.     proxy_pass https://localhost:9980;
  272.     proxy_set_header Upgrade $http_upgrade;
  273.     proxy_set_header Connection "Upgrade";
  274.     proxy_set_header Host $http_host;
  275.     proxy_read_timeout 36000s;
  276. }
  277.  
  278. # for mobile editing
  279. location ^~ /hosting/capabilities {
  280.     proxy_pass https://localhost:9980;
  281.     proxy_set_header Host $http_host;
  282. }
  283. }
  284.  
  285.  
  286.  
  287. ########################################################
  288. # Subdomain für FF-Sync                                #
  289. ########################################################
  290.  
  291. server {
  292. listen 80;
  293. server_name sync.escher.cc;
  294. charset utf-8;
  295. root /var/www;
  296. location ^~ /.well-known/acme-challenge {
  297. proxy_pass http://127.0.0.1:81;
  298.  }
  299. location / {
  300. return 301 https://$host$request_uri;
  301. }
  302. }
  303. server {
  304. listen 443 ssl http2;
  305. server_name sync.escher.cc;
  306. charset utf-8;
  307. include /etc/nginx/ssl.conf;
  308. location ^~ / {
  309. client_max_body_size 1024M;
  310. proxy_max_temp_file_size 1024M;
  311. proxy_connect_timeout 300;
  312. proxy_send_timeout 300;
  313. proxy_read_timeout 300;
  314. send_timeout 300;
  315. proxy_set_header Host $host;
  316. proxy_set_header X-Real-IP $remote_addr;
  317. proxy_set_header X-Forwarded-Proto $scheme;
  318. proxy_cookie_path / "/; secure; HttpOnly";
  319. proxy_pass http://192.168.200.10:5000;
  320. proxy_http_version 1.1;
  321. proxy_set_header Connection "";
  322. proxy_buffering off;
  323. proxy_request_buffering off;
  324. }
  325. }
  326. ##############################################################
  327. # Subdomain für osTicket                                     #
  328. ##############################################################
  329.  
  330. server {
  331. listen 80;
  332. server_name ticket.escher.cc;
  333. charset utf-8;
  334. root /var/www;
  335. location ^~ /.well-known/acme-challenge {
  336. proxy_pass http://127.0.0.1:81;
  337.  }
  338. location / {
  339. return 301 https://$host$request_uri;
  340. }
  341.  
  342.  
  343. }
  344. server {
  345. listen 443 ssl http2;
  346. server_name ticket.escher.cc;
  347. charset utf-8;
  348. include /etc/nginx/ssl.conf;
  349. location ^~ / {
  350. client_max_body_size 1024M;
  351. proxy_max_temp_file_size 1024M;
  352. proxy_connect_timeout 300;
  353. proxy_send_timeout 300;
  354. proxy_read_timeout 300;
  355. send_timeout 300;
  356. proxy_set_header Host $host;
  357. proxy_set_header X-Real-IP $remote_addr;
  358. proxy_set_header X-Forwarded-Proto $scheme;
  359. proxy_cookie_path / "/; secure; HttpOnly";
  360. proxy_pass http://127.0.0.1:87;
  361. proxy_http_version 1.1;
  362. proxy_set_header Connection "";
  363. proxy_buffering off;
  364. proxy_request_buffering off;
  365. }
  366.  
  367. }
  368. ##############################################################
  369. #  Stikked                                                   #
  370. ##############################################################
  371. #
  372. server {
  373.  
  374. listen 80;
  375. server_name paste.escher.cc;
  376. charset utf-8;
  377. root /var/www;
  378. location ^~ /.well-known/acme-challenge {
  379. proxy_pass http://127.0.0.1:81;
  380.  }
  381. location / {
  382. return 301 https://$host$request_uri;
  383. }
  384.  
  385.  
  386. }
  387. server {
  388. listen 443 ssl http2;
  389. server_name paste.escher.cc;
  390. charset utf-8;
  391. location ^~ / {
  392. client_max_body_size 1024M;
  393. proxy_max_temp_file_size 1024M;
  394. proxy_connect_timeout 300;
  395. proxy_send_timeout 300;
  396. proxy_read_timeout 300;
  397. send_timeout 300;
  398. proxy_set_header Host $host;
  399. proxy_set_header X-Real-IP $remote_addr;
  400. proxy_set_header X-Forwarded-Proto $scheme;
  401. proxy_cookie_path / "/; secure; HttpOnly";
  402. proxy_pass http://127.0.0.1:84;
  403. proxy_http_version 1.1;
  404. proxy_set_header Connection "";
  405. proxy_buffering off;
  406. proxy_request_buffering off;
  407. }
  408. }
  409. #
  410. ##############################################################
  411. # Subdomain für VDR                                          #
  412. ##############################################################
  413. #
  414. server {
  415.  
  416. listen 80;
  417. server_name vdr.escher.cc;
  418. charset utf-8;
  419. root /var/www;
  420. location ^~ /.well-known/acme-challenge {
  421. proxy_pass http://127.0.0.1:81;
  422.  }
  423. location / {
  424. return 301 https://$host$request_uri;
  425. }
  426.  
  427.  
  428. }
  429. server {
  430. listen 443 ssl http2;
  431. server_name vdr.escher.cc;
  432. charset utf-8;
  433. include /etc/nginx/ssl.conf;
  434. location ^~ / {
  435. client_max_body_size 1024M;
  436. proxy_max_temp_file_size 1024M;
  437. proxy_connect_timeout 300;
  438. proxy_send_timeout 300;
  439. proxy_read_timeout 300;
  440. send_timeout 300;
  441. proxy_set_header Host $host;
  442. proxy_set_header X-Real-IP $remote_addr;
  443. proxy_set_header X-Forwarded-Proto $scheme;
  444. proxy_cookie_path / "/; secure; HttpOnly";
  445. proxy_pass http://192.168.200.10:8001;
  446. proxy_http_version 1.1;
  447. proxy_set_header Connection "";
  448. proxy_buffering off;
  449. proxy_request_buffering off;
  450. }
  451.  
  452. }
  453. #
  454. #### Mailcow ####
  455. #
  456. server {
  457. listen 443 ssl http2;
  458. server_name mail.escher.cc;
  459. charset utf-8;
  460. include /etc/nginx/ssl.conf;
  461. location ^~ / {
  462. client_max_body_size 1024M;
  463. proxy_max_temp_file_size 1024M;
  464. proxy_connect_timeout 300;
  465. proxy_send_timeout 300;
  466. proxy_read_timeout 300;
  467. send_timeout 300;
  468. proxy_set_header Host $host;
  469. proxy_set_header X-Real-IP $remote_addr;
  470. proxy_set_header X-Forwarded-Proto $scheme;
  471. proxy_cookie_path / "/; secure; HttpOnly";
  472. proxy_pass https://192.168.200.10:444;
  473. proxy_http_version 1.1;
  474. proxy_set_header Connection "";
  475. proxy_buffering off;
  476. proxy_request_buffering off;
  477.  }
  478.  
  479. }
  480.  
  481. ##############################################################
  482. #  Framadate                                                 #
  483. ##############################################################
  484. #
  485. upstream php-handler {
  486.   server unix:/run/php/php8.0-fpm.sock;
  487. }
  488. server {
  489.     listen 80;
  490.     server_name date.escher.cc;
  491.     return 301 https://$host$request_uri;
  492. }
  493.  
  494. server {
  495.     listen 443 http2 ssl;
  496.     server_name date.escher.cc;
  497.  
  498. #    include gzip_params;
  499. #    include ssl_params;
  500.  
  501.     root /var/www/framadate/;
  502.     index index.html index.htm index.php;
  503.     access_log /var/log/nginx/framadate.access.log;
  504.     error_log /var/log/nginx/framadate.error.log;
  505.  
  506.     client_max_body_size 20M;
  507.  
  508.     location / {
  509.         index index.php index.html;
  510.  
  511.         rewrite ^/([a-zA-Z0-9-]+)$ /studs.php?poll=$1;
  512.         rewrite ^/([a-zA-Z0-9-]+)/action/([a-zA-Z_-]+)/(.+)$ /studs.php?poll=$1&$2=$3;
  513.         rewrite "^/([a-zA-Z0-9-]+)/vote/([a-zA-Z0-9]{16})$" /studs.php?poll=$1&vote=$2;
  514.         rewrite "^/([a-zA-Z0-9-]{24})/admin$" /adminstuds.php?poll=$1;
  515.         rewrite "^/([a-zA-Z0-9-]{24})/admin/vote/([a-zA-Z0-9]{16})$" /adminstuds.php?poll=$1&vote=$2;
  516.         rewrite "^/([a-zA-Z0-9-]{24})/admin/action/([a-zA-Z_-]+)(/(.+))?$" /adminstuds.php?poll=$1&$2=$4;
  517.     }
  518.  
  519.     location = /admin {
  520.         return 301 https://$host$request_uri/;
  521.     }
  522.  
  523.     location /admin/ {
  524.         auth_basic "Administration de Framapad";
  525.         auth_basic_user_file /var/www/framadate/.htpasswd;
  526.     }
  527.  
  528.     location ~* \.(jpg|jpeg|gif|css|png|js|map|woff|woff2|ttf|svg|eot)$ {
  529.         expires 30d;
  530.         access_log off;
  531.     }
  532.  
  533.     location ~ /\. {
  534.         deny all;
  535.     }
  536.  
  537.     location ~ \.php$ {
  538.         include fastcgi_params;
  539.         fastcgi_pass unix:/run/php/php8.0-fpm.sock;
  540. #        fastcgi_pass php-handler;
  541.         fastcgi_index index.php;
  542.         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  543.         fastcgi_param PHP_VALUE "upload_max_filesize = 20M \n post_max_size=21M";
  544.         client_max_body_size 21M;
  545.         fastcgi_buffers 64 4K;
  546.     }
  547. }
  548. ##############################################################
  549. # Subdomain für Phoscon Conbee                               #
  550. ##############################################################
  551. #
  552. server {
  553.  
  554. listen 80;
  555. server_name conbee.escher.cc;
  556. charset utf-8;
  557. root /var/www;
  558. location ^~ /.well-known/acme-challenge {
  559. proxy_pass http://127.0.0.1:81;
  560.  }
  561. location / {
  562. return 301 https://$host$request_uri;
  563. }
  564.  
  565. }
  566. # }
  567. server {
  568. listen 443 ssl http2;
  569. server_name conbee.escher.cc;
  570. charset utf-8;
  571. location ^~ / {
  572. client_max_body_size 1024M;
  573. proxy_max_temp_file_size 1024M;
  574. proxy_connect_timeout 300;
  575. proxy_send_timeout 300;
  576. proxy_read_timeout 300;
  577. send_timeout 300;
  578. proxy_set_header Host $host;
  579. proxy_set_header X-Real-IP $remote_addr;
  580. proxy_set_header X-Forwarded-Proto $scheme;
  581. proxy_cookie_path / "/; secure; HttpOnly";
  582. proxy_pass http://192.168.200.5;
  583. proxy_http_version 1.1;
  584. proxy_set_header Connection "";
  585. proxy_buffering off;
  586. proxy_request_buffering off;
  587. }
  588. }
  589.  

Replies to /etc/nginx/conf.d/gateway.conf rss

Title Name Language When
Re: /etc/nginx/conf.d/gateway.conf Melodic Baboon nginx 1 Week ago.