bastian/deploy_home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

moved fulfillr w/ddns to https

Browse Source
This commit is contained in:
Bastian de Byl
2023-08-11 23:52:56 -04:00
parent 433bbae701
commit 6b459a26f0
7 changed files with 98 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
ansible/roles/podman/templates/nginx/sites/fulfillr.debyltech.com.conf.j2
View File

@@ -1,24 +1,21 @@
upstream fulfillr {
server 127.0.0.1:9054;
geo $whitelisted {
default 0;
192.168.0.0/16 1;
}
server {
resolver 192.168.1.10 ipv6=off;
modsecurity on;
modsecurity_rules_file /etc/nginx/modsec_includes.conf;
listen 80;
server_name {{ fulfillr_server_name }};
location '/.well-known/acme-challenge' {
default_type "text/plain";
root /srv/http/letsencrypt;
}
location / {
allow 192.168.0.0/16;
allow 127.0.0.1;
deny all;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_buffering off;
proxy_pass http://fulfillr;
return 302 https://$host$request_uri;
}
}