# # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # Default should define all the routes to upgrade to https and global rules! server { if ($host = es.schleppe.cloud) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = elastic.schleppe.cloud) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = elastic.kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = blog.kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = vinlottis.no) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = seasoned.show) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = ruterna.no) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = request.movie) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = planetposen.no) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = upload.leifsopplevelser.no) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = api.leifsopplevelser.no) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = knowit.vin) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = xoa.kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = tau.kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = sonarr.kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = planet.kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = kibana.kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = dev.kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = chatbot.kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = api.kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = hitler.kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = proxy.kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = prox.kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = memestream.schleppe.cloud) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = drone.kevinmidboe.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 default_server; listen [::]:80 default_server; server_name planetposen.no *.leifsopplevelser.no ruterna.no *.kevinmidboe.com kevinmidboe.com knowit.vin vinlottis.no seasoned.show request.movie; return 302 https://$host$request_uri; } server { listen 443; server_name sonarr.kevinmidboe.com; location / { proxy_pass http://10.0.0.51:8989; } ssl_certificate /etc/letsencrypt/live/sonarr.kevinmidboe.com-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/sonarr.kevinmidboe.com-0001/privkey.pem; # managed by Certbot } server { listen 443; server_name tau.kevinmidboe.com; location / { proxy_pass http://10.0.0.51:8181; } ssl_certificate /etc/letsencrypt/live/tau.kevinmidboe.com-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/tau.kevinmidboe.com-0001/privkey.pem; # managed by Certbot } server { listen 443; server_name xoa.kevinmidboe.com; location / { auth_basic "User authentication"; auth_basic_user_file /etc/apache2/.htpasswd; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # Proxy configuration proxy_pass http://10.0.0.43/; proxy_http_version 1.1; proxy_set_header Connection "upgrade"; proxy_set_header Upgrade $http_upgrade; proxy_redirect default; # Issue https://github.com/vatesfr/xen-orchestra/issues/1471 proxy_read_timeout 1800; # Error will be only every 30m # For the VM import feature, this size must be larger than the file we want to upload. # Without a proper value, nginx will have error "client intended to send too large body" client_max_body_size 4G; } ssl_certificate /etc/letsencrypt/live/vinlottis.no-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/vinlottis.no-0001/privkey.pem; # managed by Certbot } server { listen 443; server_name dev.kevinmidboe.com; location / { proxy_pass http://localhost:11001; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } ssl_certificate /etc/letsencrypt/live/dev.kevinmidboe.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/dev.kevinmidboe.com/privkey.pem; # managed by Certbot } server { listen 443 http2; listen [::]:443 http2; server_name blog.kevinmidboe.com; location / { proxy_http_version 1.1; add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'Content-Type'; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $host; proxy_pass http://10.0.0.59:80; } ssl_certificate /etc/letsencrypt/live/blog.kevinmidboe.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/blog.kevinmidboe.com/privkey.pem; # managed by Certbot } server { listen 443 http2; listen [::]:443 http2; server_name bookit.schleppe.cloud; root /usr/share/nginx/html/Bookit-Frontend/build; location / { index index.html; } ssl_certificate /etc/letsencrypt/live/bookit.schleppe.cloud/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/bookit.schleppe.cloud/privkey.pem; # managed by Certbot } server { listen 443; listen [::]:443; server_name kevinmidboe.com; root /usr/share/nginx/html/; location /jobb { index index.html; } location /km { index index.html plex.html; } location /seasoned { index index.html verified.html; } location /seasonedUI { index index.html; } location /vibrate { index index.html; } location /assets { alias /www/data/assets; autoindex on; } location /clipboard { index index.html; } location /cubewave { alias /home/kevin/cubewave; index index.html; } location /bookit { alias /home/kevin/Bookit-Frontend/build; index index.html; } location /klp { index index.html; } location /kurs { alias /usr/share/nginx/html/kurs; } location /camera { alias /usr/share/nginx/html/camera/dist/; index index.html; } location /shows { if ($request_method = OPTIONS ) { add_header Access-Control-Allow-Origin "https://kevinmidboe.com"; add_header Access-Control-Allow-Methods "GET, OPTIONS, POST"; add_header 'Access-Control-Allow-Headers' 'Content-Type'; return 200; } proxy_pass http://10.0.0.115:9301; } location /api { # if ($request_method = OPTIONS) { # return 204; # } # proxy_http_version 1.1; # proxy_set_header Upgrade $http_upgrade; # proxy_set_header X-Real-IP $remote_addr; # proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; # proxy_set_header X-Forwarded-for 'request.movie'; proxy_set_header X-Forwarded-for $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; # proxy_set_header X-Forwarded-for 'request.movie'; # add_header X-Forwarded-for 'request.movie'; # proxy_set_header Connection 'upgrade'; # proxy_set_header Host $host; # proxy_pass_header Set-Cookie; # proxy_cache_bypass $http_upgrade; proxy_http_version 1.1; # proxy_set_header 'Access-Control-Allow-Origin' 'http://request.movie'; # proxy_set_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT'; # proxy_set_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, Set-Cookie'; # proxy_set_header 'Access-Control-Allow-Credentials' 'true'; # proxy_set_header Origin 'https://request.movie'; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $host; proxy_pass http://seasoned.schleppe:31459; # add_header 'Access-Control-Allow-Origin' 'https://request.movie' always; # add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT' always; # add_header 'Access-Control-Allow-Credentials' 'true' always; } location / { proxy_pass http://10.0.0.54:5000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } error_page 502 /502.html; location = /502.html { root /home/kevin; } ssl_certificate /etc/letsencrypt/live/kevinmidboe.com-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/kevinmidboe.com-0001/privkey.pem; # managed by Certbot }