# Static upstream configurations for non-container backends # These hosts forward to IP addresses instead of Docker containers # ------------------------------------------------------------------------------ # portainer.kolpacksoftware.com -> 172.17.0.1:9443 (HTTPS backend via Docker bridge) # ------------------------------------------------------------------------------ upstream portainer-backend { server 172.17.0.1:9443; } server { listen 80; server_name portainer.kolpacksoftware.com; location /.well-known/acme-challenge/ { root /usr/share/nginx/html; } location / { return 301 https://$host$request_uri; } } server { listen 443 ssl; server_name portainer.kolpacksoftware.com; ssl_certificate /etc/nginx/certs/portainer.kolpacksoftware.com.crt; ssl_certificate_key /etc/nginx/certs/portainer.kolpacksoftware.com.key; include /etc/nginx/vhost.d/default; include /etc/nginx/vhost.d/private; location / { proxy_pass https://portainer-backend; proxy_ssl_verify off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } } # ------------------------------------------------------------------------------ # btt-cb1.kolpacksoftware.com -> 192.168.1.173:80 # ------------------------------------------------------------------------------ upstream btt-cb1-backend { server 192.168.1.173:80; } server { listen 80; server_name btt-cb1.kolpacksoftware.com; location /.well-known/acme-challenge/ { root /usr/share/nginx/html; } location / { return 301 https://$host$request_uri; } } server { listen 443 ssl; server_name btt-cb1.kolpacksoftware.com; ssl_certificate /etc/nginx/certs/btt-cb1.kolpacksoftware.com.crt; ssl_certificate_key /etc/nginx/certs/btt-cb1.kolpacksoftware.com.key; include /etc/nginx/vhost.d/default; include /etc/nginx/vhost.d/private; location / { proxy_pass http://btt-cb1-backend; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } } # ------------------------------------------------------------------------------ # hats.kolpacksoftware.com -> 192.168.1.66:9999 # ------------------------------------------------------------------------------ upstream hats-backend { server 192.168.1.66:9999; } server { listen 80; server_name hats.kolpacksoftware.com; location /.well-known/acme-challenge/ { root /usr/share/nginx/html; } location / { return 301 https://$host$request_uri; } } server { listen 443 ssl; server_name hats.kolpacksoftware.com; ssl_certificate /etc/nginx/certs/hats.kolpacksoftware.com.crt; ssl_certificate_key /etc/nginx/certs/hats.kolpacksoftware.com.key; include /etc/nginx/vhost.d/default; include /etc/nginx/vhost.d/private; location / { proxy_pass http://hats-backend; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } } # ------------------------------------------------------------------------------ # pve-nas.kolpacksoftware.com -> 192.168.1.245:8006 (HTTPS backend - Proxmox) # ------------------------------------------------------------------------------ upstream pve-nas-backend { server 192.168.1.245:8006; } server { listen 80; server_name pve-nas.kolpacksoftware.com; location /.well-known/acme-challenge/ { root /usr/share/nginx/html; } location / { return 301 https://$host$request_uri; } } server { listen 443 ssl; server_name pve-nas.kolpacksoftware.com; ssl_certificate /etc/nginx/certs/pve-nas.kolpacksoftware.com.crt; ssl_certificate_key /etc/nginx/certs/pve-nas.kolpacksoftware.com.key; include /etc/nginx/vhost.d/default; include /etc/nginx/vhost.d/private; # Proxmox needs larger buffers proxy_buffer_size 128k; proxy_buffers 4 256k; proxy_busy_buffers_size 256k; location / { proxy_pass https://pve-nas-backend; proxy_ssl_verify off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } } # ------------------------------------------------------------------------------ # unraid.kolpacksoftware.com -> 192.168.1.192:80 # ------------------------------------------------------------------------------ upstream unraid-backend { server 192.168.1.192:80; } server { listen 80; server_name unraid.kolpacksoftware.com; location /.well-known/acme-challenge/ { root /usr/share/nginx/html; } location / { return 301 https://$host$request_uri; } } server { listen 443 ssl; server_name unraid.kolpacksoftware.com; ssl_certificate /etc/nginx/certs/unraid.kolpacksoftware.com.crt; ssl_certificate_key /etc/nginx/certs/unraid.kolpacksoftware.com.key; include /etc/nginx/vhost.d/default; include /etc/nginx/vhost.d/private; location / { proxy_pass http://unraid-backend; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }