Add config files for new ingress-blowhole

Signed-off-by: Magic_RB <magic_rb@redalder.org>
This commit is contained in:
Magic_RB 2023-09-03 18:08:34 +02:00
parent bdf4915191
commit dfd63ff1f1
No known key found for this signature in database
GPG key ID: 08D5287CC5DDCA0E
4 changed files with 55 additions and 9 deletions

View file

@ -0,0 +1,14 @@
include /local/security.conf;
location / {
include /local/headers.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://home-assistant/;
# Disable buffering when the nginx proxy gets very resource heavy upon streaming
proxy_buffering off;
}

View file

@ -0,0 +1,27 @@
include /local/security.conf;
client_max_body_size 100M;
location / {
# Proxy main Jellyfin traffic
# The / at the end is significant.
# https://www.acunetix.com/blog/articles/a-fresh-look-on-reverse-proxy-related-attacks/
proxy_pass http://jellyfin/;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
# Disable buffering when the nginx proxy gets very resource heavy upon streaming
proxy_buffering off;
}

View file

@ -294,9 +294,17 @@ EOF
} }
template { template {
data = var. data = var.jellyfin
destination = "local/upstreams.conf" destination = "local/jellyfin.conf"
change_mode = "signal"
change_signal = "SIGHUP"
}
template {
data = var.hass
destination = "local/hass.conf"
change_mode = "signal" change_mode = "signal"
change_signal = "SIGHUP" change_signal = "SIGHUP"
} }

View file

@ -39,7 +39,7 @@ server {
server_name jellyfin.in.redalder.org; server_name jellyfin.in.redalder.org;
include /local/jellyfin.conf include /local/jellyfin.conf;
} }
server { server {
@ -47,7 +47,7 @@ server {
server_name _; server_name _;
include /local/jellyfin.conf include /local/jellyfin.conf;
} }
@ -70,7 +70,7 @@ server {
server_name hass.in.redalder.org; server_name hass.in.redalder.org;
include /local/hass.conf include /local/hass.conf;
} }
server { server {
@ -80,10 +80,7 @@ server {
include /local/security.conf; include /local/security.conf;
location / { include /local/hass.conf;
include /local/headers.conf;
include /local/hass.conf
}
} }
server { server {