From d6ae138795c978ccbad7496526f059fea917eae8 Mon Sep 17 00:00:00 2001 From: laurentbarontini Date: Sun, 28 Dec 2025 17:38:17 +0100 Subject: [PATCH] Add nginx --- nginx/default.conf | 197 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 197 insertions(+) create mode 100644 nginx/default.conf diff --git a/nginx/default.conf b/nginx/default.conf new file mode 100644 index 0000000..a48195a --- /dev/null +++ b/nginx/default.conf @@ -0,0 +1,197 @@ +server { + listen 80; + server_name srv413259.hstgr.cloud; + return 301 https://$host$request_uri; +} + +server { + listen 8445 ssl; + server_name srv413259.hstgr.cloud; + + ssl_certificate /etc/letsencrypt/live/srv413259.hstgr.cloud/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/srv413259.hstgr.cloud/privkey.pem; + + client_max_body_size 10M; + + location / { + proxy_pass http://vaultwarden:80; + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; + + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } +} + +server { + listen 8444 ssl; + server_name srv413259.hstgr.cloud; + + ssl_certificate /etc/letsencrypt/live/srv413259.hstgr.cloud/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/srv413259.hstgr.cloud/privkey.pem; + + client_max_body_size 100M; + + location / { + proxy_pass http://gitea:3000; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } +} + +server { + listen 8008 ssl; + server_name srv413259.hstgr.cloud; + + ssl_certificate /etc/letsencrypt/live/srv413259.hstgr.cloud/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/srv413259.hstgr.cloud/privkey.pem; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + + client_max_body_size 100M; + + location / { + proxy_pass http://tryton-dev:8008; + proxy_http_version 1.1; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Port 8008; + + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + + proxy_connect_timeout 60s; + proxy_send_timeout 60s; + proxy_read_timeout 60s; + } +} + +server { + listen 443 ssl; + server_name srv413259.hstgr.cloud; + + ssl_certificate /etc/letsencrypt/live/srv413259.hstgr.cloud/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/srv413259.hstgr.cloud/privkey.pem; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + + # Configuration spécifique pour Tryton + client_max_body_size 100M; + + # Dashboard React (build Vite) + root /var/www/dashboard; # ✅ Mets ici le chemin où tu as copié le contenu de `dist/` + index index.html; + + location /dashboard { + alias /var/www/dashboard/; + index index.html; + try_files $uri $uri/ /dashboard/index.html; + } + + + location /assets { + alias /var/www/dashboard/assets/; # ✅ pour les fichiers JS/CSS + } + + + # favicon fix + location = /favicon.ico { + alias /var/www/dashboard; + } + + # Metabase : reverse proxy vers port 3000 + location /metabase/ { + proxy_pass http://metabase:3000/; + proxy_http_version 1.1; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + # Websocket support (Metabase websocket pour activity) + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + + # Important : corrige les chemins (ex: /app/assets) + proxy_redirect off; + } + + # Metabase : reverse proxy vers port 3000 + location /tradon-metabase/ { + proxy_pass http://tradon-metabase:3000/; + proxy_http_version 1.1; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + # Websocket support (Metabase websocket pour activity) + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + + # Important : corrige les chemins (ex: /app/assets) + proxy_redirect off; + } + + # JSON-RPC Tryton + location /jsonrpc { + client_max_body_size 100M; + proxy_pass http://tryton:8000; + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Port $server_port; + + # Timeouts + proxy_connect_timeout 60s; + proxy_send_timeout 60s; + proxy_read_timeout 60s; + + # CORS + if ($request_method = OPTIONS) { + add_header Access-Control-Allow-Origin "*"; + add_header Access-Control-Allow-Methods "GET, POST, OPTIONS"; + add_header Access-Control-Allow-Headers "Authorization, Content-Type, X-Requested-With"; + add_header Access-Control-Max-Age 86400; + add_header Content-Length 0; + add_header Content-Type text/plain; + return 204; + } + } + + # Interface web Tryton + location / { + client_max_body_size 100M; + proxy_pass http://tryton:8000; + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Port $server_port; + + # Timeouts + proxy_connect_timeout 60s; + proxy_send_timeout 60s; + proxy_read_timeout 60s; + + # Gestion des WebSockets pour Tryton + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } +}