initial commit
This commit is contained in:
commit
6255ca497d
13 changed files with 168 additions and 0 deletions
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
|
|
@ -0,0 +1 @@
|
|||
*.log
|
||||
13
Dockerfile
Executable file
13
Dockerfile
Executable file
|
|
@ -0,0 +1,13 @@
|
|||
FROM nginx:latest
|
||||
RUN apt-get update && apt-get install -y cron && apt-get clean
|
||||
|
||||
COPY cron-restart-nginx /etc/cron.d/cron-restart-nginx
|
||||
|
||||
RUN chmod 0644 /etc/cron.d/cron-restart-nginx
|
||||
|
||||
RUN crontab /etc/cron.d/cron-restart-nginx
|
||||
|
||||
COPY entrypoint.sh /entrypoint.sh
|
||||
RUN chmod +x /entrypoint.sh
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
2
cron-restart-nginx
Normal file
2
cron-restart-nginx
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
0 0 1 * * nginx -s reload
|
||||
|
||||
27
docker-compose.yml
Executable file
27
docker-compose.yml
Executable file
|
|
@ -0,0 +1,27 @@
|
|||
services:
|
||||
nginx:
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile
|
||||
volumes:
|
||||
- ./nginx.conf:/etc/nginx/nginx.conf
|
||||
- ./sites-available:/etc/nginx/sites-available
|
||||
- ./sites-enabled:/etc/nginx/sites-enabled
|
||||
- ./log:/var/log/nginx
|
||||
- /etc/letsencrypt:/etc/letsencrypt:ro
|
||||
|
||||
restart: always
|
||||
ports:
|
||||
- 443:443
|
||||
networks:
|
||||
- vaultwarden-network
|
||||
- forgejo-network
|
||||
- nextcloud-network
|
||||
|
||||
networks:
|
||||
vaultwarden-network:
|
||||
external: true
|
||||
forgejo-network:
|
||||
external: true
|
||||
nextcloud-network:
|
||||
external: true
|
||||
4
entrypoint.sh
Normal file
4
entrypoint.sh
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
#!/bin/bash
|
||||
service cron start
|
||||
|
||||
nginx -g "daemon off;"
|
||||
43
nginx.conf
Executable file
43
nginx.conf
Executable file
|
|
@ -0,0 +1,43 @@
|
|||
user www-data;
|
||||
worker_processes auto;
|
||||
pid /run/nginx.pid;
|
||||
error_log /var/log/nginx/error.log;
|
||||
include /etc/nginx/modules-enabled/*.conf;
|
||||
|
||||
events {
|
||||
worker_connections 128;
|
||||
}
|
||||
|
||||
http {
|
||||
##
|
||||
# Basic Settings
|
||||
##
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
types_hash_max_size 2048;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
##
|
||||
# SSL Settings
|
||||
##
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
|
||||
ssl_prefer_server_ciphers on;
|
||||
|
||||
##
|
||||
# Logging Settings
|
||||
##
|
||||
access_log /var/log/nginx/access.log;
|
||||
|
||||
##
|
||||
# Gzip Settings
|
||||
##
|
||||
gzip on;
|
||||
|
||||
##
|
||||
# Virtual Host Settings
|
||||
##
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
include /etc/nginx/sites-enabled/*;
|
||||
}
|
||||
20
sites-available/default
Executable file
20
sites-available/default
Executable file
|
|
@ -0,0 +1,20 @@
|
|||
# default 301,404
|
||||
|
||||
# default redirect HTTP to HTTPS
|
||||
server {
|
||||
listen 80 default_server;
|
||||
server_name _;
|
||||
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
# default 404 for non-existent page
|
||||
server {
|
||||
listen 443 ssl default_server;
|
||||
server_name _;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/gaems.at/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/gaems.at/privkey.pem;
|
||||
|
||||
return 404;
|
||||
}
|
||||
15
sites-available/git.gaems.at
Executable file
15
sites-available/git.gaems.at
Executable file
|
|
@ -0,0 +1,15 @@
|
|||
# git.gaems.at
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name git.gaems.at;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/gaems.at/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/gaems.at/privkey.pem;
|
||||
|
||||
location / {
|
||||
proxy_pass http://forgejo:3000;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
}
|
||||
}
|
||||
25
sites-available/nextcloud.gaems.at
Executable file
25
sites-available/nextcloud.gaems.at
Executable file
|
|
@ -0,0 +1,25 @@
|
|||
# nextcloud.gaems.at
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name nextcloud.gaems.at;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/gaems.at/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/gaems.at/privkey.pem;
|
||||
|
||||
location / {
|
||||
proxy_pass http://nextcloud:80;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $https;
|
||||
|
||||
# Performance for Nextcloud
|
||||
client_max_body_size 512M;
|
||||
gzip on;
|
||||
gzip_vary on;
|
||||
gzip_comp_level 5;
|
||||
gzip_min_length 256;
|
||||
gzip_proxied any;
|
||||
gzip_types application/json application/javascript text/css text/xml;
|
||||
}
|
||||
}
|
||||
15
sites-available/vault.gaems.at
Executable file
15
sites-available/vault.gaems.at
Executable file
|
|
@ -0,0 +1,15 @@
|
|||
# vault.gaems.at
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name vault.gaems.at;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/gaems.at/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/gaems.at/privkey.pem;
|
||||
|
||||
location / {
|
||||
proxy_pass http://vaultwarden;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
}
|
||||
}
|
||||
1
sites-enabled/default
Symbolic link
1
sites-enabled/default
Symbolic link
|
|
@ -0,0 +1 @@
|
|||
../sites-available/default
|
||||
1
sites-enabled/git.gaems.at
Symbolic link
1
sites-enabled/git.gaems.at
Symbolic link
|
|
@ -0,0 +1 @@
|
|||
../sites-available/git.gaems.at
|
||||
1
sites-enabled/vault.gaems.at
Symbolic link
1
sites-enabled/vault.gaems.at
Symbolic link
|
|
@ -0,0 +1 @@
|
|||
../sites-available/vault.gaems.at
|
||||
Loading…
Reference in a new issue