diff --git a/web-configs/README.md b/web-configs/README.md new file mode 100644 index 00000000..713b6ac4 --- /dev/null +++ b/web-configs/README.md @@ -0,0 +1,2 @@ +# Example Webserver Configs +These are example webserver configurations for how to run cobalt. \ No newline at end of file diff --git a/web-configs/nginx/nginx-no-ssl.conf b/web-configs/nginx/nginx-no-ssl.conf new file mode 100644 index 00000000..bcd70319 --- /dev/null +++ b/web-configs/nginx/nginx-no-ssl.conf @@ -0,0 +1,59 @@ +# Define the location for where cobalt web runs. Change the port to fit your needs. +upstream cobaltweb { + server 127.0.0.1:9000; + keepalive 64; +} + +# Define the location for where cobalt API runs. Change the port to fit your needs. +upstream cobaltapi { + server 127.0.0.1:9001; + keepalive 64; +} + +# Server block definition for cobalt web. +server { + # Listen for for requests to the domain on port 80. + listen 80; + listen [::]:80; + server_name co.wukko.sh; + + # Set loggging. + access_log /var/log/nginx/co.wukko.sh.access.log; + error_log /var/log/nginx/co.wukko.sh.error.log; + + # Pass all requests to cobalt web, as defined above. + location / { + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://cobaltweb; + proxy_http_version 1.1; + proxy_pass_request_headers on; + proxy_set_header Connection "keep-alive"; + proxy_store off; + } +} + +# Server block definition for cobalt API. +server { + # Listen for for requests to the domain on port 80. + listen 80; + listen [::]:80; + server_name co.wuk.sh; + + # Set loggging. + access_log /var/log/nginx/co.wuk.sh.access.log; + error_log /var/log/nginx/co.wuk.sh.error.log; + + # Pass all requests to cobalt API, as defined above. + location / { + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://cobaltapi; + proxy_http_version 1.1; + proxy_pass_request_headers on; + proxy_set_header Connection "keep-alive"; + proxy_store off; + } +} \ No newline at end of file diff --git a/web-configs/nginx/nginx-ssl.conf b/web-configs/nginx/nginx-ssl.conf new file mode 100644 index 00000000..fd687576 --- /dev/null +++ b/web-configs/nginx/nginx-ssl.conf @@ -0,0 +1,85 @@ +# Redirect any HTTP traffic to HTTPS +server { + listen 80; + listen [::]:80; + server_name co.wukko.sh; + return 301 https://$host$request_uri; + +} + +# Redirect any HTTP traffic to HTTPS +server { + listen 80; + listen [::]:80; + server_name co.wuk.sh; + return 301 https://$host$request_uri; + +} + +# Define the location for where cobalt web runs. Change the port to fit your needs. +upstream cobaltweb { + server 127.0.0.1:9000; + keepalive 64; +} + +# Define the location for where cobalt API runs. Change the port to fit your needs. +upstream cobaltapi { + server 127.0.0.1:9001; + keepalive 64; +} + +# Server block definition for cobalt web. +server { + # Listen for for requests to the domain on port 443. + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name co.wukko.sh; + + # Set loggging. + access_log /var/log/nginx/co.wukko.sh.access.log; + error_log /var/log/nginx/co.wukko.sh.error.log; + + # Set your HTTPS certificate. + ssl_certificate /etc/letsencrypt/live/co.wukko.sh/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/co.wukko.sh/privkey.pem; + + # Pass all requests to cobalt web, as defined above. + location / { + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://cobaltweb; + proxy_http_version 1.1; + proxy_pass_request_headers on; + proxy_set_header Connection "keep-alive"; + proxy_store off; + } +} + +# Server block definition for cobalt API. +server { + # Listen for for requests to the domain on port 443. + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name co.wuk.sh; + + # Set loggging. + access_log /var/log/nginx/co.wuk.sh.access.log; + error_log /var/log/nginx/co.wuk.sh.error.log; + + # Set your HTTPS certificate. + ssl_certificate /etc/letsencrypt/live/co.wuk.sh/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/co.wuk.sh/privkey.pem; + + # Pass all requests to cobalt API, as defined above. + location / { + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://cobaltapi; + proxy_http_version 1.1; + proxy_pass_request_headers on; + proxy_set_header Connection "keep-alive"; + proxy_store off; + } +} \ No newline at end of file