diff --git a/basic_configs/nginx-vps/nginx.conf b/basic_configs/nginx-vps/nginx.conf new file mode 100644 index 0000000..2ce2a82 --- /dev/null +++ b/basic_configs/nginx-vps/nginx.conf @@ -0,0 +1,101 @@ +set $domain 272254864.xyz; +set $ssl_cert /etc/nginx/.lego/certificates/$domain.crt; +set $ssl_key /etc/nginx/.lego/certificates/$domain.key; + +worker_processes auto; + +events { + multi_accept on; + worker_connections 256; +} + +server { + listen 80; + return 301 https://$host$request_uri; +} + +upstream dufs { + server 10.44.82.16:10001; +} +upstream cgit { + server 10.44.82.16:10002; +} +upstream navi { + server 10.44.82.16:10003; +} +upstream ai { + server 10.44.82.16:10004; +} +upstream dns { + server 10.44.82.16:10005; +} +upstream invid { + server 10.44.82.16:10006; +} +upstream searx { + server 10.44.82.16:10007; +} + +server { + listen 10.44.82.1:443 ssl; + server_name files.$domain; + ssl_certificate $ssl_cert; + ssl_certificate_key $ssl_key; + + proxy_pass dufs; +} + +server { + listen 443 ssl; + server_name git.$domain; + ssl_certificate $ssl_cert; + ssl_certificate_key $ssl_key; + + proxy_pass cgit; +} + +server { + listen 10.44.82.1:443 ssl; + server_name music.$domain; + ssl_certificate $ssl_cert; + ssl_certificate_key $ssl_key; + + proxy_pass navi; +} + +server { + listen 10.44.82.1:443 ssl; + server_name ai.$domain; + ssl_certificate $ssl_cert; + ssl_certificate_key $ssl_key; + + proxy_pass ai; +} + +server { + listen 10.44.82.1:443 ssl; + server_name dns.$domain; + ssl_certificate $ssl_cert; + ssl_certificate_key $ssl_key; + + proxy_ssl on; + proxy_pass dns; +} + +server { + listen 10.44.82.1:443 ssl; + server_name yt.$domain; + ssl_certificate $ssl_cert; + ssl_certificate_key $ssl_key; + + proxy_pass invid; +} + +server { + listen 10.44.82.1:443 ssl; + server_name search.$domain; + ssl_certificate $ssl_cert; + ssl_certificate_key $ssl_key; + + proxy_pass searx; +} diff --git a/basic_configs/wg_base.conf b/basic_configs/wg_base.conf new file mode 100644 index 0000000..c7fa34b --- /dev/null +++ b/basic_configs/wg_base.conf @@ -0,0 +1,8 @@ +[Interface] +PrivateKey = ${WG_PRIV_KEY} +Address = 10.44.82.1/24 +ListenPort = 2107 + +[Peer] +PublicKey = ${WG_PEER_PUB_KEY} +AllowedIPs = 10.44.82.4/32