m5p3nc3r/ansible-playbooks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
04ef0de69991660b1a7664bbea3b5cb87d520864
ansible-playbooks/apptabulous/reverseproxy/conf.d/reverse_proxy.conf
T

106 lines
2.4 KiB
Plaintext
Executable File
Raw Blame History

# Create a map of known attack locations
map $request_uri $block_uri {
default 0;
~*/wp-.* 1;
~*\.env 1;
/etc 1;
}
# m5p3nc3r webserver
server {
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
server_name m5p3nc3r.co.uk www.m5p3nc3r.co.uk;
ssl_certificate /etc/letsencrypt/live/m5p3nc3r.co.uk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/m5p3nc3r.co.uk/privkey.pem;
if ($block_uri = 1) {
return 403;
}
location / {
proxy_pass http://website:3000;
}
}
# gitea.m5p3nc3r webserver
server {
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
server_name gitea.m5p3nc3r.co.uk;
ssl_certificate /etc/letsencrypt/live/m5p3nc3r.co.uk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/m5p3nc3r.co.uk/privkey.pem;
# if ($block_uri = 1) {
# return 403;
# }
location / {
proxy_pass http://gitea:3000;
}
}
# apptabulous webserver
server {
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
server_name apptabulous.co.uk www.apptabulous.co.uk;
ssl_certificate /etc/letsencrypt/live/apptabulous.co.uk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/apptabulous.co.uk/privkey.pem;
if ($block_uri = 1) {
return 403;
}
location / {
proxy_pass http://apptabulous_website:3000;
}
}
# Container registry
# server {
# listen 80;
# listen [::]:80;
# listen 443 ssl;
# listen [::]:443 ssl;
# server_name hub.apptabulous.co.uk;
# ssl_certificate /etc/letsencrypt/live/apptabulous.co.uk/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/apptabulous.co.uk/privkey.pem;
# # disable any limits to avoid HTTP 413 for large image uploads
# client_max_body_size 0;
# # required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
# chunked_transfer_encoding on;
# location / {
# proxy_pass http://rpi4-2:5000;
# }
# }
# # Watchtower
# server {
# listen 80;
# listen [::]:80;
# listen 443 ssl;
# listen [::]:443 ssl;
# server_name watchtower.apptabulous.co.uk;
# ssl_certificate /etc/letsencrypt/live/apptabulous.co.uk/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/apptabulous.co.uk/privkey.pem;
# location / {
# proxy_pass http://rpi4-2:8080;
# }
# }
Reference in New Issue View Git Blame Copy Permalink