From da1df2e79816b5543322a6360caceb7daa117c48 Mon Sep 17 00:00:00 2001
From: Chewing_Bever <roosensjef@gmail.com>
Date: Tue, 5 Jan 2021 13:26:59 +0100
Subject: [PATCH] Added site configs; updated some stuff

---
 nginx/config/{http => conf.d/http.conf}       |  6 +++---
 nginx/config/nginx.conf                       |  2 +-
 nginx/config/sites-available/firefly-iii.conf | 19 +++++++++++++++++++
 nginx/config/sites-available/portainer.conf   | 11 +++++++++++
 nginx/docker-compose.yml                      | 10 +++++++---
 nginx/{.env.example => nginx.env.example}     |  0
 nginx/nginx/entrypoint.sh                     |  4 ----
 portainer/docker-compose.yml                  |  2 ++
 8 files changed, 43 insertions(+), 11 deletions(-)
 rename nginx/config/{http => conf.d/http.conf} (71%)
 create mode 100644 nginx/config/sites-available/firefly-iii.conf
 create mode 100644 nginx/config/sites-available/portainer.conf
 rename nginx/{.env.example => nginx.env.example} (100%)

diff --git a/nginx/config/http b/nginx/config/conf.d/http.conf
similarity index 71%
rename from nginx/config/http
rename to nginx/config/conf.d/http.conf
index 0710a30..cc88b33 100644
--- a/nginx/config/http
+++ b/nginx/config/conf.d/http.conf
@@ -1,8 +1,8 @@
 http {
     # SSL CONFIGURATION
     # Key locations
-    ssl_certificate     /etc/letsencrypt/live/karaoke.roosens.me/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/karaoke.roosens.me/privkey.pem;
+    ssl_certificate     /etc/letsencrypt/live/your.domain.here/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/your.domain.here/privkey.pem;
 
     # Allowed protocols
     ssl_protocols TLSv1.2;
@@ -21,5 +21,5 @@ http {
 
 
     # LOAD SITES
-    include conf.d/sites_enabled/*.conf;
+    include sites_enabled/*.conf;
 }
diff --git a/nginx/config/nginx.conf b/nginx/config/nginx.conf
index b745839..6f321f0 100644
--- a/nginx/config/nginx.conf
+++ b/nginx/config/nginx.conf
@@ -5,4 +5,4 @@ user nginx nginx;
 worker_processes auto;
 
 # Load config segments
-include conf.d/http;
+include conf.d/*;
diff --git a/nginx/config/sites-available/firefly-iii.conf b/nginx/config/sites-available/firefly-iii.conf
new file mode 100644
index 0000000..9a677f2
--- /dev/null
+++ b/nginx/config/sites-available/firefly-iii.conf
@@ -0,0 +1,19 @@
+server {
+    listen 443 ssl;
+    server_name PLACEHOLDER;
+
+    location / {
+        proxy_set_header Host              $host;
+        proxy_set_header X-Real-IP         $remote_addr;
+        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Host  $server_name;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Ssl   on;
+        proxy_set_header Upgrade           $http_upgrade;
+        proxy_set_header Connection        "upgrade";
+
+        resolver 127.0.0.11;
+        proxy_pass http://firefly_app_1:8080;
+    }
+}
+
diff --git a/nginx/config/sites-available/portainer.conf b/nginx/config/sites-available/portainer.conf
new file mode 100644
index 0000000..94c9498
--- /dev/null
+++ b/nginx/config/sites-available/portainer.conf
@@ -0,0 +1,11 @@
+server {
+    listen 443 ssl;
+    server_name PLACEHOLDER;
+
+    location / {
+        proxy_set_header Connection "upgrade";
+
+        resolver 127.0.0.11;
+        proxy_pass http://portainer_app_1:9000;
+    }
+}
diff --git a/nginx/docker-compose.yml b/nginx/docker-compose.yml
index 4e00eab..d7aedec 100644
--- a/nginx/docker-compose.yml
+++ b/nginx/docker-compose.yml
@@ -1,19 +1,23 @@
 version: '3.5'
 services:
-    nginx:
+    app:
         build: './nginx'
         image: 'nginx-certbot:stable-alpine'
+
+        env_file:
+            - 'nginx.env.example'
+        networks:
+            - 'nginx'
         ports:
             - '80:80'
             - '443:443'
-        networks:
-            - 'nginx'
         volumes:
             - 'certs:/etc/letsencrypt'
             - './config:/etc/nginx/conf.d'
 
 networks:
     nginx:
+        external: true
 
 volumes:
     certs:
diff --git a/nginx/.env.example b/nginx/nginx.env.example
similarity index 100%
rename from nginx/.env.example
rename to nginx/nginx.env.example
diff --git a/nginx/nginx/entrypoint.sh b/nginx/nginx/entrypoint.sh
index 9a2fb8f..ede0c39 100644
--- a/nginx/nginx/entrypoint.sh
+++ b/nginx/nginx/entrypoint.sh
@@ -1,8 +1,4 @@
 #!/usr/bin/env sh
 
-# Should be passed as env vars
-# DOMAINS=suzy.roosens.me,next.roosens.me,tm.roosens.me
-# EMAIL=roosensjef@gmail.com
-
 certbot certonly --standalone -d "$DOMAINS" --email "$EMAIL" -n --agree-tos --expand
 /usr/sbin/nginx -g "daemon off;"
diff --git a/portainer/docker-compose.yml b/portainer/docker-compose.yml
index e863a8a..31b62b3 100644
--- a/portainer/docker-compose.yml
+++ b/portainer/docker-compose.yml
@@ -9,6 +9,8 @@ services:
             - 'com.centurylinklabs.watchtower.enable=true'
         networks:
             - 'nginx'
+        ports:
+            - '8000:8000'
         volumes:
             - '/var/run/docker.sock:/var/run/docker.sock'
             - 'data:/data'