add c4c secret

2022-11-14 04:47:42 -07:00 · 2022-11-14 04:47:42 -07:00 · db48c7c962
parent e7fb85dc95
commit db48c7c962
7 changed files with 76 additions and 1 deletions
--- a/.gitignore
+++ b/.gitignore
--- a/cloudflare-nginx/docker-compose.yml
+++ b/cloudflare-nginx/docker-compose.yml
@ -1,4 +1,4 @@
-version: '2'
+version: '3.5'
 services:
  nginx:
    image: nginx:stable
@ -9,4 +9,11 @@ services:
    ports:
    # - 80:80
    - 443:443
+    networks:
+    - felia-nginx
+    restart: unless-stopped
+
+networks:
+  felia-nginx:
+    name: felia-nginx-net

--- a/cloudflare-nginx/nginx/conf.d/c4c.pegasust.com.conf
+++ b/cloudflare-nginx/nginx/conf.d/c4c.pegasust.com.conf
@ -0,0 +1,33 @@
+# NOTE: Felia is under Cox ISP, which blocks port 80 anyways.
+# we're just going to leave it like this for now
+# server {
+#     listen 80;
+#     listen [::]:80;
+#     server_name localhost;
+#     return 302 https://$server_name$request_uri;
+# }
+
+server {
+    # SSL configuration
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+
+    include /etc/nginx/ssl_params;
+
+    server_name c4c.pegasust.com;
+
+    # location / {
+    #     proxy_pass http://twitter-bot-web-1:8080;
+    #     proxy_set_header Host $host;
+    #     proxy_set_header X-Real-IP $remote_addr;
+    #     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    # }
+
+    location / {
+        proxy_pass http://c4c-secret-manager-vault-1:8200;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+    # netsh interface portproxy add v4tov4 listenaddress=0.0.0.0 listenport=16443 connectaddress=127.0.0.1 listenport=62171
+}
--- a/cloudflare-nginx/nginx/conf.d/felia.pegasust.com.conf
+++ b/cloudflare-nginx/nginx/conf.d/felia.pegasust.com.conf
@ -21,4 +21,5 @@ server {
    location / {
        try_files $uri $uri/ =404;
    }
+    # netsh interface portproxy add v4tov4 listenaddress=0.0.0.0 listenport=16443 connectaddress=127.0.0.1 listenport=62171
 }
--- a/cloudflare-nginx/nginx/conf.d/pdp-c4c.pegasust.com.conf
+++ b/cloudflare-nginx/nginx/conf.d/pdp-c4c.pegasust.com.conf
@ -0,0 +1,25 @@
+# NOTE: Felia is under Cox ISP, which blocks port 80 anyways.
+# we're just going to leave it like this for now
+# server {
+#     listen 80;
+#     listen [::]:80;
+#     server_name localhost;
+#     return 302 https://$server_name$request_uri;
+# }
+
+server {
+    # SSL configuration
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+
+    include /etc/nginx/ssl_params;
+
+    server_name pdp-c4c.pegasust.com;
+
+    # location / {
+    #     proxy_pass http://twitter-bot-prisma-data-proxy-1:3000;
+    #     proxy_set_header Host $host;
+    #     proxy_set_header X-Real-IP $remote_addr;
+    #     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    # }
+}
--- a/cloudflare-nginx/nginx/conf.d/pegasust.com.conf
+++ b/cloudflare-nginx/nginx/conf.d/pegasust.com.conf
@ -27,4 +27,10 @@ server {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
+    location /felia {
+        rewrite ^/felia(.*)$ https://felia.pegasust.com/$1 redirect;
+    }
+    location /c4c {
+        rewrite ^/c4c(.*)$ https://c4c.pegasust.com/$1 redirect;
+    }
 }
--- a/cloudflare-nginx/scripts/reload_nginx.sh
+++ b/cloudflare-nginx/scripts/reload_nginx.sh
@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+docker exec -it $(docker ps -aqf "name=cloudflare-nginx-nginx-1") nginx -s reload