ixvd/neb
ixvd/neb
2
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

migration: apoc

Browse source
This commit is contained in:
Strix 2023-10-20 15:50:35 +02:00
parent cbcaa180b3
commit 2de847f6f9
No known key found for this signature in database
GPG key ID: 49B2E37B8915B774
19 changed files with 314 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

13
servers/apoc/docker-compose.d/custom/nginx/Dockerfile Normal file
View file

@ -0,0 +1,13 @@
FROM nginx:alpine
RUN apk add \
certbot \
certbot-nginx
COPY content /usr/share/nginx/html
COPY conf.d/ /etc/nginx/conf.d/
COPY nginx.conf /etc/nginx/nginx.conf
COPY entrypoint.sh /entrypoint
ENTRYPOINT [ "sh", "/entrypoint" ]
CMD [ "nginx", "-g", "daemon off;" ]

17
servers/apoc/docker-compose.d/custom/nginx/conf.d/default.conf Normal file
View file

@ -0,0 +1,17 @@
server {
listen 80;
server_name apoc.ixvd.net;
# SSL is managed by certbot, no need for a ssl listen; it will be generated automagically!
# default html page
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}

15
servers/apoc/docker-compose.d/custom/nginx/conf.d/git.conf Normal file
View file

@ -0,0 +1,15 @@
server {
listen 80;
server_name git.ixvd.net;
location / {
proxy_pass http://git:3000;
proxy_set_header Connection $http_connection;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 0;
}
}

20
servers/apoc/docker-compose.d/custom/nginx/conf.d/keycloak.conf Normal file
View file

@ -0,0 +1,20 @@
server {
listen 80;
server_name my.ixvd.net;
set_real_ip_from 0.0.0.0/0;
real_ip_header X-Real-IP;
real_ip_recursive on;
location / {
proxy_pass http://keycloak;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port 443;
}
};

8
servers/apoc/docker-compose.d/custom/nginx/conf.d/rainloop.conf Normal file
View file

@ -0,0 +1,8 @@
server {
listen 80;
server_name mail.ixvd.net;
location / {
proxy_pass http://rainloop:8888$request_uri;
}
}

23
servers/apoc/docker-compose.d/custom/nginx/content/index.html Normal file
View file

@ -0,0 +1,23 @@
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html {
color-scheme: light dark;
}
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to apoc!</h1>
</body>
</html>

28
servers/apoc/docker-compose.d/custom/nginx/entrypoint.sh Normal file
View file

@ -0,0 +1,28 @@
#!/bin/sh
trap exit TERM
if [ -n "${CERTBOT_DOMAINS}" ]; then
echo "registering..."
if ! certbot show_account; then
certbot register -n \
--agree-tos \
-m "${CERTBOT_EMAIL}"
fi
for d in $(echo "${CERTBOT_DOMAINS}" | sed 's/,/ /g'); do
echo "requesting for $d..."
certbot --nginx -n --keep -d "$d"
done
while :; do
echo "renewing domains..."
certbot --nginx --keep -n renew
sleep 12h &
wait $!
done &
else
echo "skipping certbot due to no domains!"
fi &
exec "$@"

35
servers/apoc/docker-compose.d/custom/nginx/nginx.conf Normal file
View file

@ -0,0 +1,35 @@
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# docker resolver and quad9;
resolver 127.0.0.11 9.9.9.9 ipv6=off;
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}