mirror of
https://github.com/kp2pml30/dotfiles.git
synced 2026-02-16 23:34:42 +04:00
124 lines
3 KiB
Nginx Configuration File
124 lines
3 KiB
Nginx Configuration File
map $ssl_preread_server_name $name {
|
|
chat.signal.org signal-service;
|
|
ud-chat.signal.org signal-service;
|
|
storage.signal.org storage-service;
|
|
cdn.signal.org signal-cdn;
|
|
cdn2.signal.org signal-cdn2;
|
|
cdn3.signal.org signal-cdn3;
|
|
cdsi.signal.org cdsi;
|
|
contentproxy.signal.org content-proxy;
|
|
sfu.voip.signal.org sfu;
|
|
svr2.signal.org svr2;
|
|
updates.signal.org updates;
|
|
updates2.signal.org updates2;
|
|
|
|
x.kp2pml30.moe xray-entrypoint;
|
|
pr.kp2pml30.moe signal-proxy;
|
|
|
|
kp2pml30.moe ssl-terminator;
|
|
dns.kp2pml30.moe ssl-terminator;
|
|
git.kp2pml30.moe ssl-terminator;
|
|
cache.nix.kp2pml30.moe ssl-terminator;
|
|
backend.kp2pml30.moe ssl-terminator;
|
|
|
|
default deny;
|
|
}
|
|
|
|
upstream signal-service {
|
|
server chat.signal.org:443;
|
|
}
|
|
|
|
upstream storage-service {
|
|
server storage.signal.org:443;
|
|
}
|
|
|
|
upstream signal-cdn {
|
|
server cdn.signal.org:443;
|
|
}
|
|
|
|
upstream signal-cdn2 {
|
|
server cdn2.signal.org:443;
|
|
}
|
|
|
|
upstream signal-cdn3 {
|
|
server cdn3.signal.org:443;
|
|
}
|
|
|
|
upstream cdsi {
|
|
server cdsi.signal.org:443;
|
|
}
|
|
|
|
upstream content-proxy {
|
|
server contentproxy.signal.org:443;
|
|
}
|
|
|
|
upstream sfu {
|
|
server sfu.voip.signal.org:443;
|
|
}
|
|
|
|
upstream svr2 {
|
|
server svr2.signal.org:443;
|
|
}
|
|
|
|
upstream updates {
|
|
server updates.signal.org:443;
|
|
}
|
|
|
|
upstream updates2 {
|
|
server updates2.signal.org:443;
|
|
}
|
|
|
|
upstream xray-entrypoint {
|
|
server 127.0.0.1:8010;
|
|
}
|
|
|
|
upstream deny {
|
|
server 127.0.0.1:9;
|
|
}
|
|
|
|
upstream self {
|
|
server 127.0.0.1:80;
|
|
}
|
|
|
|
upstream ssl-terminator {
|
|
server 127.0.0.1:8443;
|
|
}
|
|
|
|
upstream signal-proxy {
|
|
server 127.0.0.1:8444;
|
|
}
|
|
|
|
server {
|
|
listen 443;
|
|
ssl_preread on;
|
|
proxy_pass $name;
|
|
}
|
|
|
|
server {
|
|
listen 8443 ssl;
|
|
server_name kp2pml30.moe git.kp2pml30.moe cache.nix.kp2pml30.moe backend.kp2pml30.moe dns.kp2pml30.moe;
|
|
proxy_pass self;
|
|
|
|
ssl_certificate /var/lib/acme/kp2pml30.moe/fullchain.pem;
|
|
ssl_certificate_key /var/lib/acme/kp2pml30.moe/key.pem;
|
|
ssl_trusted_certificate /var/lib/acme/kp2pml30.moe/chain.pem;
|
|
}
|
|
|
|
server {
|
|
listen 8444 ssl;
|
|
server_name pr.kp2pml30.moe;
|
|
ssl_preread on;
|
|
proxy_pass $name;
|
|
|
|
ssl_certificate /var/lib/acme/kp2pml30.moe/fullchain.pem;
|
|
ssl_certificate_key /var/lib/acme/kp2pml30.moe/key.pem;
|
|
ssl_trusted_certificate /var/lib/acme/kp2pml30.moe/chain.pem;
|
|
}
|
|
|
|
log_format proxy_log '$remote_addr [$time_local] '
|
|
'$protocol $status $bytes_sent $bytes_received '
|
|
'$session_time "$upstream_addr" '
|
|
'"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"'
|
|
'Proxy: "$ssl_preread_server_name" $name"';
|
|
|
|
access_log /var/log/nginx/aboba-access.log proxy_log buffer=1k flush=1m;
|