Von T. Escher, 1 Monat vorher, geschrieben in Plain Text.
Einbetten
  1. #/etc/nginx/conf.d/gateway.conf
  2. #
  3. ############################
  4. # Port    81 = Gateway     #
  5. # Port    82 = Wordpress   #
  6. # Port    83 = Nextcloud   #
  7. # Port    84 = Stikked     #
  8. # Port    85 = Roundcube   #
  9. # Port    86 = Rainloop    #
  10. # Port    87 = osTicket    #
  11. # Port    88 = Stikked     #
  12. # Port    89 = Office      #
  13. # Port    90 = FF-Sync     #
  14. # Port    91 = Framadate   #
  15. # Port 32400 = Plex        #
  16. ############################
  17. #
  18. ###############################################################
  19. # Subdomain für Wordpress                                     #
  20. ###############################################################
  21. #
  22. server {
  23. listen 80;
  24. server_name escher.cc 192.168.178.10;
  25. charset utf-8;
  26. root /var/www;
  27. location ^~ /.well-known/acme-challenge {
  28. proxy_pass http://127.0.0.1:81;
  29. proxy_set_header Host $host;
  30. proxy_redirect off;
  31.  }
  32. location / {
  33.  return 301 https://$host$request_uri;
  34.  }
  35.  
  36.  
  37. }
  38. server {
  39. listen 443 ssl http2;
  40. server_name escher.cc 192.168.178.10;
  41. charset utf-8;
  42. include /etc/nginx/ssl.conf;
  43. location ^~ / {
  44. client_max_body_size 1024M;
  45. proxy_max_temp_file_size 1024M;
  46. proxy_connect_timeout 300;
  47. proxy_send_timeout 300;
  48. proxy_read_timeout 300;
  49. send_timeout 300;
  50. proxy_set_header Host $host;
  51. proxy_set_header X-Real-IP $remote_addr;
  52. proxy_set_header X-Forwarded-Proto $scheme;
  53. proxy_pass http://127.0.0.1:82;
  54. proxy_http_version 1.1;
  55. proxy_set_header Connection "";
  56. proxy_redirect off;
  57. proxy_buffering off;
  58. proxy_request_buffering off;
  59.  }
  60. }
  61. ###############################################################
  62. # Subdomain für Nextcloud                                     #
  63. ###############################################################
  64. #
  65. server {
  66. listen 80;
  67. server_name cloud.escher.cc;
  68. charset utf-8;
  69. root /var/www;
  70. location ^~ /.well-known/acme-challenge {
  71. proxy_pass http://127.0.0.1:81;
  72. proxy_redirect off;
  73.  }
  74. location / {
  75.   return 301 https://$host$request_uri;
  76.  }
  77.  
  78.  
  79. }
  80. server {
  81. listen 443 ssl http2;
  82. server_name cloud.escher.cc;
  83. charset utf-8;
  84. include /etc/nginx/ssl.conf;
  85. include /etc/nginx/proxy.conf;
  86. include /etc/nginx/header.conf;
  87. location = /.well-known/carddav {
  88. return 301 $scheme://$host/remote.php/dav;
  89. }
  90. location = /.well-known/caldav {
  91. return 301 $scheme://$host/remote.php/dav;
  92. }
  93. location ^~ / {
  94. client_max_body_size 10240M;
  95. proxy_max_temp_file_size 10240M;
  96. proxy_connect_timeout 300;
  97. proxy_send_timeout 300;
  98. proxy_read_timeout 300;
  99. send_timeout 300;
  100. proxy_set_header Host $host;
  101. proxy_set_header X-Real-IP $remote_addr;
  102. proxy_set_header X-Forwarded-Proto $scheme;
  103. proxy_pass http://127.0.0.1:83;
  104. proxy_http_version 1.1;
  105. proxy_set_header Connection "";
  106. proxy_redirect off;
  107. proxy_buffering off;
  108. proxy_request_buffering off;
  109.  }
  110.  
  111. }
  112. ##############################################################
  113. # Subdomain für Roundcube                                    #
  114. ##############################################################
  115. #
  116. #server {
  117. #listen 80;
  118. #server_name mail.escher.cc;
  119. #charset utf-8;
  120. #root /var/www;
  121. #location ^~ /.well-known/acme-challenge {
  122. #proxy_pass http://127.0.0.1:81;
  123. #proxy_redirect off;
  124. #}
  125. #location / {
  126. #return 301 https://$host$request_uri;
  127. #}
  128.  
  129.  
  130. #}
  131. #server {
  132. #listen 443 ssl http2;
  133. #server_name mail.escher.cc;
  134. #charset utf-8;
  135. #include /etc/nginx/ssl.conf;
  136. #location ^~ / {
  137. #client_max_body_size 1024M;
  138. #proxy_max_temp_file_size 1024M;
  139. #proxy_connect_timeout 300;
  140. #proxy_send_timeout 300;
  141. #proxy_read_timeout 300;
  142. #send_timeout 300;
  143. #proxy_set_header Host $host;
  144. #proxy_set_header X-Real-IP $remote_addr;
  145. #proxy_set_header X-Forwarded-Proto $scheme;
  146. #proxy_cookie_path / "/; secure; HttpOnly";
  147. #proxy_pass http://127.0.0.1:85;
  148. #proxy_redirect off;
  149. #proxy_http_version 1.1;
  150. #proxy_set_header Connection "";
  151. #proxy_redirect off;
  152. #proxy_buffering off;
  153. #proxy_request_buffering off;
  154. # }
  155.  
  156. #}
  157. ##############################################################
  158. # Subdomain für Rainloop                                     #
  159. ##############################################################
  160. #
  161. server {
  162. listen 80;
  163. server_name mail.escher.cc;
  164. charset utf-8;
  165. root /var/www;
  166. location ^~ /.well-known/acme-challenge {
  167. proxy_pass http://127.0.0.1:81;
  168. proxy_redirect off;
  169. }
  170. location / {
  171. return 301 https://$host$request_uri;
  172. }
  173.  
  174.  
  175. }
  176. server {
  177. listen 443 ssl http2;
  178. server_name mail.escher.cc;
  179. charset utf-8;
  180. include /etc/nginx/ssl.conf;
  181. location ^~ / {
  182. client_max_body_size 1024M;
  183. proxy_max_temp_file_size 1024M;
  184. proxy_connect_timeout 300;
  185. proxy_send_timeout 300;
  186. proxy_read_timeout 300;
  187. send_timeout 300;
  188. proxy_set_header Host $host;
  189. proxy_set_header X-Real-IP $remote_addr;
  190. proxy_set_header X-Forwarded-Proto $scheme;
  191. proxy_cookie_path / "/; secure; HttpOnly";
  192. proxy_pass http://127.0.0.1:86;
  193. proxy_redirect off;
  194. proxy_http_version 1.1;
  195. proxy_set_header Connection "";
  196. proxy_redirect off;
  197. proxy_buffering off;
  198. proxy_request_buffering off;
  199.  }
  200.  
  201. }
  202. ##############################################################
  203. # Subdomain für Plex                                         #
  204. ##############################################################
  205. #
  206. server {
  207.  
  208. listen 80;
  209. server_name plex.escher.cc;
  210. charset utf-8;
  211. root /var/www;
  212. location ^~ /.well-known/acme-challenge {
  213. proxy_pass http://127.0.0.1:81;
  214. proxy_redirect off;
  215.  }
  216. location / {
  217. return 301 https://$host$request_uri;
  218. }
  219.  
  220.  
  221. }
  222. server {
  223. listen 443 ssl http2;
  224. server_name plex.escher.cc;
  225. charset utf-8;
  226. include /etc/nginx/ssl.conf;
  227. location ^~ / {
  228. client_max_body_size 1024M;
  229. proxy_max_temp_file_size 1024M;
  230. proxy_connect_timeout 300;
  231. proxy_send_timeout 300;
  232. proxy_read_timeout 300;
  233. send_timeout 300;
  234. proxy_set_header Host $host;
  235. proxy_set_header X-Real-IP $remote_addr;
  236. proxy_set_header X-Forwarded-Proto $scheme;
  237. proxy_cookie_path / "/; secure; HttpOnly";
  238. proxy_pass https://127.0.0.1:32400;
  239. proxy_redirect off;
  240. proxy_http_version 1.1;
  241. proxy_set_header Connection "";
  242. proxy_redirect off;
  243. proxy_buffering off;
  244. proxy_request_buffering off;
  245. }
  246.  
  247. }
  248. ##############################################################
  249. # OnlyOffice                                                 #
  250. ##############################################################
  251.  
  252. server {
  253. listen 80;
  254. server_name office.escher.cc;
  255. charset utf-8;
  256. root /var/www;
  257. location ^~ /.well-known/acme-challenge {
  258. proxy_pass http://127.0.0.1:81;
  259. proxy_redirect off;
  260.  }
  261. location / {
  262. return 301 https://$host$request_uri;
  263. }
  264.  
  265.  
  266. }
  267. server {
  268. listen 443 ssl http2;
  269. server_name office.escher.cc;
  270. charset utf-8;
  271. include /etc/nginx/ssl.conf;
  272. location ^~ / {
  273. client_max_body_size 1024M;
  274. proxy_max_temp_file_size 1024M;
  275. proxy_connect_timeout 300;
  276. proxy_send_timeout 300;
  277. proxy_read_timeout 300;
  278. send_timeout 300;
  279. proxy_set_header Host $host;
  280. proxy_set_header X-Real-IP $remote_addr;
  281. proxy_set_header X-Forwarded-Proto $scheme;
  282. proxy_cookie_path / "/; secure; HttpOnly";
  283. proxy_pass http://192.168.178.10:8443;
  284. proxy_redirect off;
  285. proxy_http_version 1.1;
  286. proxy_set_header Connection "";
  287. proxy_redirect off;
  288. proxy_buffering off;
  289. proxy_request_buffering off;
  290. }
  291.  
  292. }
  293. ########################################################
  294. # Subdomain für FF-Sync                                #
  295. ########################################################
  296.  
  297. server {
  298. listen 80;
  299. server_name sync.escher.cc;
  300. charset utf-8;
  301. root /var/www;
  302. location ^~ /.well-known/acme-challenge {
  303. proxy_pass http://127.0.0.1:81;
  304. proxy_redirect off;
  305.  }
  306. location / {
  307. return 301 https://$host$request_uri;
  308. }
  309. }
  310. server {
  311. listen 443 ssl http2;
  312. server_name sync.escher.cc;
  313. charset utf-8;
  314. include /etc/nginx/ssl.conf;
  315. location ^~ / {
  316. client_max_body_size 1024M;
  317. proxy_max_temp_file_size 1024M;
  318. proxy_connect_timeout 300;
  319. proxy_send_timeout 300;
  320. proxy_read_timeout 300;
  321. send_timeout 300;
  322. proxy_set_header Host $host;
  323. proxy_set_header X-Real-IP $remote_addr;
  324. proxy_set_header X-Forwarded-Proto $scheme;
  325. proxy_cookie_path / "/; secure; HttpOnly";
  326. proxy_pass http://127.0.0.1:5000;
  327. proxy_redirect off;
  328. proxy_http_version 1.1;
  329. proxy_set_header Connection "";
  330. proxy_redirect off;
  331. proxy_buffering off;
  332. proxy_request_buffering off;
  333. }
  334. }
  335. ##############################################################
  336. # Subdomain für osTicket                                     #
  337. ##############################################################
  338.  
  339. server {
  340. listen 80;
  341. server_name ticket.escher.cc;
  342. charset utf-8;
  343. root /var/www;
  344. location ^~ /.well-known/acme-challenge {
  345. proxy_pass http://127.0.0.1:81;
  346. proxy_redirect off;
  347.  }
  348. location / {
  349. return 301 https://$host$request_uri;
  350. }
  351.  
  352.  
  353. }
  354. server {
  355. listen 443 ssl http2;
  356. server_name ticket.escher.cc;
  357. charset utf-8;
  358. include /etc/nginx/ssl.conf;
  359. location ^~ / {
  360. client_max_body_size 1024M;
  361. proxy_max_temp_file_size 1024M;
  362. proxy_connect_timeout 300;
  363. proxy_send_timeout 300;
  364. proxy_read_timeout 300;
  365. send_timeout 300;
  366. proxy_set_header Host $host;
  367. proxy_set_header X-Real-IP $remote_addr;
  368. proxy_set_header X-Forwarded-Proto $scheme;
  369. proxy_cookie_path / "/; secure; HttpOnly";
  370. proxy_pass http://127.0.0.1:87;
  371. proxy_redirect off;
  372. proxy_http_version 1.1;
  373. proxy_set_header Connection "";
  374. proxy_redirect off;
  375. proxy_buffering off;
  376. proxy_request_buffering off;
  377. }
  378.  
  379. }
  380. ##############################################################
  381. #  Stikked                                                   #
  382. ##############################################################
  383. #
  384. server {
  385.  
  386. listen 80;
  387. server_name paste.escher.cc;
  388. charset utf-8;
  389. root /var/www;
  390. location ^~ /.well-known/acme-challenge {
  391. proxy_pass http://127.0.0.1:81;
  392. proxy_redirect off;
  393.  }
  394. location / {
  395. return 301 https://$host$request_uri;
  396. }
  397.  
  398.  
  399. }
  400. server {
  401. listen 443 ssl http2;
  402. server_name paste.escher.cc;
  403. charset utf-8;
  404. location ^~ / {
  405. client_max_body_size 1024M;
  406. proxy_max_temp_file_size 1024M;
  407. proxy_connect_timeout 300;
  408. proxy_send_timeout 300;
  409. proxy_read_timeout 300;
  410. send_timeout 300;
  411. proxy_set_header Host $host;
  412. proxy_set_header X-Real-IP $remote_addr;
  413. proxy_set_header X-Forwarded-Proto $scheme;
  414. proxy_cookie_path / "/; secure; HttpOnly";
  415. proxy_pass http://127.0.0.1:84;
  416. proxy_redirect off;
  417. proxy_http_version 1.1;
  418. proxy_set_header Connection "";
  419. proxy_redirect off;
  420. proxy_buffering off;
  421. proxy_request_buffering off;
  422. }
  423. }
  424.  
  425. ##############################################################
  426. #  Framadate                                                 #
  427. ##############################################################
  428. #
  429. server {
  430.  
  431. listen 80;
  432. server_name date.escher.cc;
  433. charset utf-8;
  434. root /var/www;
  435. location ^~ /.well-known/acme-challenge {
  436. proxy_pass http://127.0.0.1:81;
  437. proxy_redirect off;
  438.  }
  439. location / {
  440. return 301 https://$host$request_uri;
  441. }
  442.  
  443.  
  444. }
  445. server {
  446. listen 443 ssl http2;
  447. server_name date.escher.cc;
  448. charset utf-8;
  449. location ^~ / {
  450. client_max_body_size 1024M;
  451. proxy_max_temp_file_size 1024M;
  452. proxy_connect_timeout 300;
  453. proxy_send_timeout 300;
  454. proxy_read_timeout 300;
  455. send_timeout 300;
  456. proxy_set_header Host $host;
  457. proxy_set_header X-Real-IP $remote_addr;
  458. proxy_set_header X-Forwarded-Proto $scheme;
  459. proxy_cookie_path / "/; secure; HttpOnly";
  460. proxy_pass http://127.0.0.1:91;
  461. proxy_redirect off;
  462. proxy_http_version 1.1;
  463. proxy_set_header Connection "";
  464. proxy_redirect off;
  465. proxy_buffering off;
  466. proxy_request_buffering off;
  467. }
  468. }
captcha