From 38658871e538f826fe08c3f8e82c49d6ad86cb7b Mon Sep 17 00:00:00 2001 From: Chewing_Bever Date: Sat, 9 Jan 2021 15:23:04 +0100 Subject: [PATCH] Added nefarious & miniflux nginx configs --- nginx/sites-available/firefly-iii.conf | 2 +- nginx/sites-available/miniflux.conf | 10 +++++++ nginx/sites-available/nefarious.conf | 36 ++++++++++++++++++++++++++ nginx/sites-available/portainer.conf | 2 +- nginx/templates/http.conf.template | 10 +++---- 5 files changed, 53 insertions(+), 7 deletions(-) create mode 100644 nginx/sites-available/miniflux.conf create mode 100644 nginx/sites-available/nefarious.conf diff --git a/nginx/sites-available/firefly-iii.conf b/nginx/sites-available/firefly-iii.conf index 9a677f2..1a9f1c4 100644 --- a/nginx/sites-available/firefly-iii.conf +++ b/nginx/sites-available/firefly-iii.conf @@ -1,6 +1,6 @@ server { listen 443 ssl; - server_name PLACEHOLDER; + server_name DOMAIN; location / { proxy_set_header Host $host; diff --git a/nginx/sites-available/miniflux.conf b/nginx/sites-available/miniflux.conf new file mode 100644 index 0000000..da25654 --- /dev/null +++ b/nginx/sites-available/miniflux.conf @@ -0,0 +1,10 @@ +server { + listen 443 ssl; + server_name DOMAIN; + + location / { + resolver 127.0.0.11; + proxy_pass http://miniflux_app_1:8080; + } +} + diff --git a/nginx/sites-available/nefarious.conf b/nginx/sites-available/nefarious.conf new file mode 100644 index 0000000..0f3eed0 --- /dev/null +++ b/nginx/sites-available/nefarious.conf @@ -0,0 +1,36 @@ +server { + listen 443 ssl; + server_name DOMAIN; + + location / { + resolver 127.0.0.11; + proxy_pass http://nefarious_transmission_1:9091; + } +} + +server { + listen 443 ssl; + server_name DOMAIN; + + location / { + resolver 127.0.0.11; + proxy_pass http://nefarious_jackett_1:9117; + } +} + +server { + listen 443 ssl; + server_name DOMAIN; + + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $server_name; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Ssl on; + + resolver 127.0.0.11; + proxy_pass http://nefarious_app_1:80; + } +} diff --git a/nginx/sites-available/portainer.conf b/nginx/sites-available/portainer.conf index 94c9498..98b1e44 100644 --- a/nginx/sites-available/portainer.conf +++ b/nginx/sites-available/portainer.conf @@ -1,6 +1,6 @@ server { listen 443 ssl; - server_name PLACEHOLDER; + server_name DOMAIN; location / { proxy_set_header Connection "upgrade"; diff --git a/nginx/templates/http.conf.template b/nginx/templates/http.conf.template index 5f20a03..2b62f29 100644 --- a/nginx/templates/http.conf.template +++ b/nginx/templates/http.conf.template @@ -11,13 +11,13 @@ http { # ssl_ciphers EECDH+CHACHA20:EECDH+AES; # Cache settings - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 10m; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; # Still gotta figure out what these do - ssl_session_tickets off; - ssl_prefer_server_ciphers on; - ssl_ecdh_curve X25519:prime256v1:secp521r1:secp384r1; + ssl_session_tickets off; + ssl_prefer_server_ciphers on; + ssl_ecdh_curve X25519:prime256v1:secp521r1:secp384r1; # Auto-route all HTTP requests to HTTPS