diff --git a/etc/nginx/nginx.conf b/etc/nginx/nginx.conf new file mode 100644 index 0000000..bc0559a --- /dev/null +++ b/etc/nginx/nginx.conf @@ -0,0 +1,26 @@ +#user http; +worker_processes 1; + +events { + worker_connections 1024; +} + + +http { + include mime.types; + include sites/*.conf; + + types_hash_max_size 4096; + client_max_body_size 3g; + + proxy_buffers 1000 64k; + send_timeout 300s; + + gzip on; + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_buffers 16 8k; + gzip_http_version 1.1; +} + diff --git a/etc/nginx/sites/code.nxshock.me.conf b/etc/nginx/sites/code.nxshock.me.conf new file mode 100644 index 0000000..2a0dc00 --- /dev/null +++ b/etc/nginx/sites/code.nxshock.me.conf @@ -0,0 +1,40 @@ +# code.nxshock.me -> 127.0.0.1:8005 +server { + http2 on; + server_name code.nxshock.me; + + location / { + proxy_pass http://127.0.0.1:8005; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection upgrade; + proxy_set_header Accept-Encoding gzip; + proxy_buffering off; + proxy_request_buffering off; + } + + access_log /dev/null; + error_log /dev/null; + + + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/nxshock.me/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/nxshock.me/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = code.nxshock.me) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + server_name code.nxshock.me; + listen 80; + return 404; # managed by Certbot + + +} diff --git a/etc/nginx/sites/git.nxshock.me.conf b/etc/nginx/sites/git.nxshock.me.conf new file mode 100644 index 0000000..5ed70bb --- /dev/null +++ b/etc/nginx/sites/git.nxshock.me.conf @@ -0,0 +1,37 @@ +# git.nxshock.me -> 127.0.0.1:3000 +server { + http2 on; + server_name git.nxshock.me; + + location / { + proxy_pass http://127.0.0.1:3000; + proxy_set_header Host $host; + proxy_buffering off; + proxy_request_buffering off; + } + + access_log /dev/null; + error_log /dev/null; + + + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/nxshock.me/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/nxshock.me/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = git.nxshock.me) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + server_name git.nxshock.me; + listen 80; + return 404; # managed by Certbot + + +} diff --git a/etc/nginx/sites/music.nxshock.me.conf b/etc/nginx/sites/music.nxshock.me.conf new file mode 100644 index 0000000..8d8f911 --- /dev/null +++ b/etc/nginx/sites/music.nxshock.me.conf @@ -0,0 +1,37 @@ +# music.nxshock.me -> 127.0.0.1:8001 +server { + http2 on; + server_name music.nxshock.me; + + location / { + proxy_pass http://127.0.0.1:8001; + proxy_set_header Host $host; + proxy_buffering off; + proxy_request_buffering off; + } + + access_log /dev/null; + error_log /dev/null; + + + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/nxshock.me/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/nxshock.me/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = music.nxshock.me) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + server_name music.nxshock.me; + listen 80; + return 404; # managed by Certbot + + +} diff --git a/etc/nginx/sites/ntfy.nxshock.me.conf b/etc/nginx/sites/ntfy.nxshock.me.conf new file mode 100644 index 0000000..88f97ab --- /dev/null +++ b/etc/nginx/sites/ntfy.nxshock.me.conf @@ -0,0 +1,43 @@ +# ntfy.nxshock.me -> 127.0.0.1:8090 +server { + http2 on; + server_name ntfy.nxshock.me; + + location / { + proxy_pass http://127.0.0.1:8090; + proxy_set_header Host $host; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + proxy_buffering off; + proxy_request_buffering off; + proxy_redirect off; + } + + access_log /dev/null; + error_log /dev/null; + + + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/nxshock.me/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/nxshock.me/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = ntfy.nxshock.me) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + server_name ntfy.nxshock.me; + listen 80; + return 404; # managed by Certbot + + +} diff --git a/etc/nginx/sites/nxshock.me.conf b/etc/nginx/sites/nxshock.me.conf new file mode 100644 index 0000000..be94960 --- /dev/null +++ b/etc/nginx/sites/nxshock.me.conf @@ -0,0 +1,41 @@ +server { + http2 on; + server_name nxshock.me; + + location ^~ /.well-known/acme-challenge/ { + allow all; + root /var/lib/letsencrypt/; + default_type "text/plain"; + try_files $uri =404; + } + + location / { + root /srv/http; + index index.html; + proxy_buffering off; + proxy_request_buffering off; + } + + access_log /dev/null; + error_log /dev/null; + + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/nxshock.me/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/nxshock.me/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + if ($host = nxshock.me) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name nxshock.me; + return 404; # managed by Certbot + + +} diff --git a/etc/nginx/sites/share.nxshock.me.conf b/etc/nginx/sites/share.nxshock.me.conf new file mode 100644 index 0000000..cc22a80 --- /dev/null +++ b/etc/nginx/sites/share.nxshock.me.conf @@ -0,0 +1,37 @@ +# share.nxshock.me -> 127.0.0.1:8001 +server { + http2 on; + server_name share.nxshock.me; + + location / { + proxy_pass http://127.0.0.1:8002; + proxy_set_header Host $host; + proxy_buffering off; + proxy_request_buffering off; + } + + access_log /dev/null; + error_log /dev/null; + + + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/nxshock.me/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/nxshock.me/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = share.nxshock.me) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + server_name share.nxshock.me; + listen 80; + return 404; # managed by Certbot + + +}