homelab/docker-infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
docker-infrastructure/nginx-proxy-acme/conf/conf.d/static-upstreams.conf
T
poprhythm 73d80ea2b2 uptime-kuma config
2026-01-25 14:43:24 +00:00

220 lines
6.3 KiB
Plaintext
Raw Permalink Blame History

# Static upstream configurations for non-container backends
# These hosts forward to IP addresses instead of Docker containers
# ------------------------------------------------------------------------------
# portainer.kolpacksoftware.com -> 172.17.0.1:9443 (HTTPS backend via Docker bridge)
# ------------------------------------------------------------------------------
upstream portainer-backend {
server 172.17.0.1:9443;
}
server {
listen 80;
server_name portainer.kolpacksoftware.com;
location /.well-known/acme-challenge/ {
root /usr/share/nginx/html;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name portainer.kolpacksoftware.com;
ssl_certificate /etc/nginx/certs/portainer.kolpacksoftware.com.crt;
ssl_certificate_key /etc/nginx/certs/portainer.kolpacksoftware.com.key;
include /etc/nginx/vhost.d/default;
include /etc/nginx/vhost.d/private;
location / {
proxy_pass https://portainer-backend;
proxy_ssl_verify off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# ------------------------------------------------------------------------------
# btt-cb1.kolpacksoftware.com -> 192.168.1.173:80
# ------------------------------------------------------------------------------
upstream btt-cb1-backend {
server 192.168.1.173:80;
}
server {
listen 80;
server_name btt-cb1.kolpacksoftware.com;
location /.well-known/acme-challenge/ {
root /usr/share/nginx/html;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name btt-cb1.kolpacksoftware.com;
ssl_certificate /etc/nginx/certs/btt-cb1.kolpacksoftware.com.crt;
ssl_certificate_key /etc/nginx/certs/btt-cb1.kolpacksoftware.com.key;
include /etc/nginx/vhost.d/default;
include /etc/nginx/vhost.d/private;
location / {
proxy_pass http://btt-cb1-backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# ------------------------------------------------------------------------------
# hats.kolpacksoftware.com -> 192.168.1.66:9999
# ------------------------------------------------------------------------------
upstream hats-backend {
server 192.168.1.66:9999;
}
server {
listen 80;
server_name hats.kolpacksoftware.com;
location /.well-known/acme-challenge/ {
root /usr/share/nginx/html;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name hats.kolpacksoftware.com;
ssl_certificate /etc/nginx/certs/hats.kolpacksoftware.com.crt;
ssl_certificate_key /etc/nginx/certs/hats.kolpacksoftware.com.key;
include /etc/nginx/vhost.d/default;
include /etc/nginx/vhost.d/private;
location / {
proxy_pass http://hats-backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# ------------------------------------------------------------------------------
# pve-nas.kolpacksoftware.com -> 192.168.1.245:8006 (HTTPS backend - Proxmox)
# ------------------------------------------------------------------------------
upstream pve-nas-backend {
server 192.168.1.245:8006;
}
server {
listen 80;
server_name pve-nas.kolpacksoftware.com;
location /.well-known/acme-challenge/ {
root /usr/share/nginx/html;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name pve-nas.kolpacksoftware.com;
ssl_certificate /etc/nginx/certs/pve-nas.kolpacksoftware.com.crt;
ssl_certificate_key /etc/nginx/certs/pve-nas.kolpacksoftware.com.key;
include /etc/nginx/vhost.d/default;
include /etc/nginx/vhost.d/private;
# Proxmox needs larger buffers
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
location / {
proxy_pass https://pve-nas-backend;
proxy_ssl_verify off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# ------------------------------------------------------------------------------
# unraid.kolpacksoftware.com -> 192.168.1.192:80
# ------------------------------------------------------------------------------
upstream unraid-backend {
server 192.168.1.192:80;
}
server {
listen 80;
server_name unraid.kolpacksoftware.com;
location /.well-known/acme-challenge/ {
root /usr/share/nginx/html;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name unraid.kolpacksoftware.com;
ssl_certificate /etc/nginx/certs/unraid.kolpacksoftware.com.crt;
ssl_certificate_key /etc/nginx/certs/unraid.kolpacksoftware.com.key;
include /etc/nginx/vhost.d/default;
include /etc/nginx/vhost.d/private;
location / {
proxy_pass http://unraid-backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Reference in New Issue View Git Blame Copy Permalink