StepanovPlaton/HomeServerServices
1
0
Fork 0
mirror of https://github.com/StepanovPlaton/HomeServerServices.git synced 2026-04-03 20:30:44 +04:00
Code Issues Packages Projects Releases Wiki Activity
Files
95cd3c441c490d6abf2b946f48208fa4dd08503a
HomeServerServices/proxy/nginx/conf.d/default.conf.example
StepanovPlaton 95cd3c441c Add cloud web office
2026-02-12 18:39:50 +04:00

201 lines
6.1 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# 1. Редирект с HTTP на HTTPS (для всех доменов сразу)
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name domain.ru www.domain.ru git.domain.ru disk.domain.ru cloud.domain.ru m.domain.ru chat.domain.ru todo.domain.ru draw.domain.ru;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}
# 2. Основной сайт и WWW
server {
listen 443 ssl;
server_name domain.ru www.domain.ru;
# Используем один сертификат, если он мультидоменный (Certbot обычно делает один на домен + www)
# Если сертификаты разные, лучше объединить их через Certbot (флаг -d домен1 -d домен2)
ssl_certificate /etc/letsencrypt/live/domain.ru/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.ru/privkey.pem;
location / {
proxy_pass http://homepage:4321;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# 3. Gitea
server {
listen 443 ssl;
server_name git.domain.ru;
ssl_certificate /etc/letsencrypt/live/git.domain.ru/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/git.domain.ru/privkey.pem;
# Меняем домашнюю страницу на страницу админа
location = / {
return 301 /username;
}
location / {
proxy_pass http://gitea:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# 4. Disk
server {
listen 443 ssl;
server_name disk.domain.ru;
ssl_certificate /etc/letsencrypt/live/disk.domain.ru/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/disk.domain.ru/privkey.pem;
client_max_body_size 0;
location / {
proxy_pass http://filebrowser:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# 5. Cloud
server {
listen 443 ssl;
server_name cloud.stepanovplaton.ru;
ssl_certificate /etc/letsencrypt/live/cloud.stepanovplaton.ru/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/cloud.stepanovplaton.ru/privkey.pem;
client_max_body_size 0;
location / {
proxy_pass http://nextcloud;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 443 ssl;
server_name office.stepanovplaton.ru;
ssl_certificate /etc/letsencrypt/live/office.stepanovplaton.ru/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/office.stepanovplaton.ru/privkey.pem;
location ^~ /browser {
proxy_pass http://nextcloud-collabora:9980;
proxy_set_header Host $host;
}
location ^~ /hosting/discovery {
proxy_pass http://nextcloud-collabora:9980;
proxy_set_header Host $host;
}
location ^~ /hosting/capabilities {
proxy_pass http://nextcloud-collabora:9980;
proxy_set_header Host $host;
}
location ~ ^/cool/(.*)/ws$ {
proxy_pass http://nextcloud-collabora:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade"; # Явно указываем Upgrade
proxy_set_header Host $host;
proxy_read_timeout 36000s;
}
location ^~ /cool/adminws {
proxy_pass http://nextcloud-collabora:9980;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_read_timeout 36000s;
}
location / {
proxy_pass http://nextcloud-collabora:9980;
proxy_set_header Host $host;
}
}
server {
listen 443 ssl;
server_name talk.stepanovplaton.ru;
ssl_certificate /etc/letsencrypt/live/talk.stepanovplaton.ru/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/talk.stepanovplaton.ru/privkey.pem;
location / {
return 200 "Nextcloud Talk TURN server not configured";
add_header Content-Type text/plain;
}
}
# 6. Matrix
server {
listen 443 ssl;
server_name m.domain.ru;
ssl_certificate /etc/letsencrypt/live/m.domain.ru/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/m.domain.ru/privkey.pem;
location / {
proxy_pass http://matrix-synapse:8008;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 50M;
}
}
server {
listen 443 ssl;
server_name chat.domain.ru;
ssl_certificate /etc/letsencrypt/live/chat.domain.ru/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/chat.domain.ru/privkey.pem;
location / {
proxy_pass http://matrix-element:8083;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 50M;
}
}
# 7. Memos
server {
listen 443 ssl;
server_name todo.domain.ru;
ssl_certificate /etc/letsencrypt/live/todo.domain.ru/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/todo.domain.ru/privkey.pem;
location / {
proxy_pass http://memos:5230;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 50M;
}
}
Reference in New Issue View Git Blame Copy Permalink