tomi
/
proxy-docker


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990
							# Proxy configuration
#
# Redirect http to https
server {
        listen 80;
        listen [::]:80;
        return 301 https://$host$request_uri;
}

# Default server
server {
        listen 443              default_server ssl;
        listen [::]:443         default_server ssl;

        server_name             _;

        # SSL configuration
        #
        ssl_certificate         /etc/ssl/private/slurm.ch.chained.crt;
        ssl_certificate_key     /etc/ssl/private/slurm.ch.key;

        ssl on;
        ssl_session_cache       builtin:1000    shared:SSL:10m;
        ssl_protocols           TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers             'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128$
        ssl_prefer_server_ciphers on;

        ssl_dhparam             /etc/ssl/private/dhparams.pem;

        add_header Strict-Transport-Security "max-age=63072000; includeSubdomai$
}

# Apache section
server {
        listen 443;
        listen [::]:443;

        server_name ~^(?<site_id>.+)?\.?slurm\.ch$;

        location / {
                proxy_pass              http://localhost:8000;
                proxy_redirect          off;
                proxy_read_timeout      90;
                proxy_set_header        Host $host;
                proxy_set_header        X-Real-IP $remote_addr;
                proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_$
                proxy_set_header        X-Forwarded-Host $server_name;
                proxy_set_header        X-Forwarded-Proto $scheme;
        }
}


# Gogs section
server {
        listen 443;
        listen [::]:443;

        server_name git.slurm.ch;

        location / {
                proxy_pass              http://localhost:10080;
                proxy_redirect          off;
                proxy_read_timeout      90;
                proxy_set_header        Host $host;
                proxy_set_header        X-Real-IP $remote_addr;
                proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_$
                proxy_set_header        X-Forwarded-Host $server_name;
                proxy_set_header        X-Forwarded-Proto $scheme;
        }
}

# Docker section
server {
        listen 443;
        listen [::]:443;

        server_name docker.slurm.ch;

        location / {
                proxy_pass              http://localhost:5000;
                proxy_redirect          off;
                proxy_read_timeout      90;
                proxy_set_header        Host $host;
                proxy_set_header        X-Real-IP $remote_addr;
                proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_$
                proxy_set_header        X-Forwarded-Host $server_name;
                proxy_set_header        X-Forwarded-Proto $scheme;
        }
}