aurore/ansible
aurore/ansible
11
2
Fork 0
Code Issues 1 Pull requests 13 Releases Wiki Activity
ansible/roles/nginx-reverse-proxy/templates/nginx/nginx-sites-available-main.j2
Alexandre Iooss 2158c5c6b9
Pass Matrix Webhook through reverse proxy
2019-04-01 17:57:20 +02:00

108 lines
2.9 KiB
Django/Jinja
Raw Blame History

# {{ ansible_managed }}
server {
# Common proxy snippet
include "snippets/proxy-common.conf";
# Set witch server name we define
server_name auro.re;
# Permanentely moved to HTTPS
location / {
return 301 https://$host$request_uri;
}
# For Matrix Synapse Discord Appservice Media
location /_matrix {
proxy_pass http://synapse.adm.auro.re:8008;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
# Common proxy snippet
include "snippets/proxy-common-ssl.conf";
# Set witch server name we define
server_name auro.re;
# Separate log files
access_log /var/log/nginx/main.access.log;
error_log /var/log/nginx/main.error.log;
# Use LetsEncrypt SSL
ssl_certificate /etc/letsencrypt/live/auro.re/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/auro.re/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/auro.re/chain.pem;
location / {
proxy_redirect off;
proxy_pass http://www.adm.auro.re;
proxy_set_header Host auro.re;
proxy_set_header P-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
# "A man is not dead while his name is still spoken." -- Going Postal
add_header X-Clacks-Overhead "GNU Terry Pratchett";
}
# For Matrix identity server
location /_matrix/identity {
proxy_pass http://synapse.adm.auro.re:8090/_matrix/identity;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
# For Matrix Synapse
location /_matrix {
proxy_pass http://synapse.adm.auro.re:8008;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
listen 8448 ssl;
listen [::]:8448 ssl;
# Set witch server name we define
server_name auro.re;
# Separate log files
access_log /var/log/nginx/main.access.log;
error_log /var/log/nginx/main.error.log;
# Use LetsEncrypt SSL
ssl_certificate /etc/letsencrypt/live/auro.re/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/auro.re/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/auro.re/chain.pem;
# For Matrix Synapse federation
location / {
proxy_pass http://synapse.adm.auro.re:8008;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
listen 9442 ssl;
listen [::]:9442 ssl;
# Set witch server name we define
server_name auro.re;
# Separate log files
access_log /var/log/nginx/main.access.log;
error_log /var/log/nginx/main.error.log;
# Use LetsEncrypt SSL
ssl_certificate /etc/letsencrypt/live/auro.re/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/auro.re/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/auro.re/chain.pem;
# For Matrix Appservice Webhooks
location / {
proxy_pass http://synapse.adm.auro.re:9000;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
Reference in a new issue View git blame Copy permalink