# # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration server { listen 80 default_server; listen [::]:80 default_server; server_name leifsopplevelser.no elastic.kevinmidboe.com kibana.kevinmidboe.com ruterna.no api.kevinmidboe.com dev.kevinmidboe.com kevinmidboe.com; return 302 https://$host$request_uri; } server { listen 443; listen [::]:443; server_name ruterna.no; location / { proxy_pass http://localhost:30011/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } ssl_certificate /etc/letsencrypt/live/ruterna.no/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/ruterna.no/privkey.pem; # managed by Certbot } server { listen 443; server_name sonarr.kevinmidboe.com; location / { proxy_pass http://10.0.0.102:8989; } ssl_certificate /etc/letsencrypt/live/sonarr.kevinmidboe.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/sonarr.kevinmidboe.com/privkey.pem; # managed by Certbot } server { listen 443; server_name xoa.kevinmidboe.com; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # Proxy configuration proxy_pass http://10.0.0.43/; proxy_http_version 1.1; proxy_set_header Connection "upgrade"; proxy_set_header Upgrade $http_upgrade; proxy_redirect default; # Issue https://github.com/vatesfr/xen-orchestra/issues/1471 proxy_read_timeout 1800; # Error will be only every 30m # For the VM import feature, this size must be larger than the file we want to upload. # Without a proper value, nginx will have error "client intended to send too large body" client_max_body_size 4G; } ssl_certificate /etc/letsencrypt/live/xoa.kevinmidboe.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/xoa.kevinmidboe.com/privkey.pem; # managed by Certbot } server { listen 443; server_name tau.kevinmidboe.com; location / { proxy_pass http://10.0.0.44:8181; } ssl_certificate /etc/letsencrypt/live/tau.kevinmidboe.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/tau.kevinmidboe.com/privkey.pem; # managed by Certbot } server { listen 443; server_name kibana.kevinmidboe.com; location / { proxy_pass http://10.0.0.115:5601; } ssl_certificate /etc/letsencrypt/live/kibana.kevinmidboe.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/kibana.kevinmidboe.com/privkey.pem; # managed by Certbot } server { listen 443; server_name dev.kevinmidboe.com; location / { proxy_pass http://localhost:11001; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } } server { # SSL configuration # listen 443 ssl default_server; listen [::]:443 ssl default_server; server_name api.kevinmidboe.com; location /files { alias /var/www/public_files/; } location /messenger { proxy_pass http://localhost:12322; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } ssl_certificate /etc/letsencrypt/live/api.kevinmidboe.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/api.kevinmidboe.com/privkey.pem; # managed by Certbot location /api { proxy_pass http://localhost:31459; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } ssl_certificate /etc/letsencrypt/live/api.kevinmidboe.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/api.kevinmidboe.com/privkey.pem; # managed by Certbot } server { listen 443; listen [::]:443; server_name kevinmidboe.com; root /usr/share/nginx/html/; location /jobb { index index.html; } location /km { index index.html plex.html; } location /seasoned { index index.html verified.html; } location /seasonedUI { index index.html; } location /vibrate { index index.html; } location /assets { alias /www/data/assets; autoindex on; } location /clipboard { index index.html; } location /shows { if ($request_method = OPTIONS ) { add_header Access-Control-Allow-Origin "https://kevinmidboe.com"; add_header Access-Control-Allow-Methods "GET, OPTIONS, POST"; add_header 'Access-Control-Allow-Headers' 'Content-Type'; return 200; } proxy_pass http://10.0.0.115:9301; } location / { proxy_pass http://localhost:5000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } error_page 502 /502.html; location = /502.html { root /home/kevin; } ssl_certificate /etc/letsencrypt/live/kevinmidboe.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/kevinmidboe.com/privkey.pem; # managed by Certbot } server { listen 443; listen [::]:443; server_name textbars.app; location / { root /home/kevin/wavecube; include /etc/nginx/mime.types; proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header X-REAL-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } ssl_certificate /etc/letsencrypt/live/textbars.app/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/textbars.app/privkey.pem; # managed by Certbot } server { listen 443; listen [::]:443; server_name api.leifsopplevelser.no; location / { proxy_pass http://localhost:30021; } ssl_certificate /etc/letsencrypt/live/api.leifsopplevelser.no/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/api.leifsopplevelser.no/privkey.pem; # managed by Certbot } server { listen 443; listen [::]:443; server_name upload.leifsopplevelser.no; location / { proxy_pass http://localhost:30022; } ssl_certificate /etc/letsencrypt/live/upload.leifsopplevelser.no/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/upload.leifsopplevelser.no/privkey.pem; # managed by Certbot } server { listen 443; listen [::]:443; server_name leifsopplevelser.no; location /assets { root /home/kevin/leifs-image-processor/; } location / { proxy_pass http://localhost:30020; } ssl_certificate /etc/letsencrypt/live/leifsopplevelser.no/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/leifsopplevelser.no/privkey.pem; # managed by Certbot } server { listen 443; listen [::]:443; server_name elastic.kevinmidboe.com kevinmidboe.com; location / { add_header 'Access-Control-Allow-Origin' "https://kevinmidboe.com"; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; # # Custom headers and headers various browsers *should* be OK with but aren't # add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range'; # # Tell client that this pre-flight info is valid for 20 days # add_header 'Access-Control-Max-Age' 1728000; add_header 'Content-Type' 'text/plain; charset=utf-8'; add_header 'Content-Length' 0; return 204; } if ($request_method = 'GET') { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range'; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range'; } proxy_pass http://10.0.0.115:9301; } ssl_certificate /etc/letsencrypt/live/elastic.kevinmidboe.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/elastic.kevinmidboe.com/privkey.pem; # managed by Certbot }