diff options
| author | Elizabeth Hunt <me@liz.coffee> | 2025-05-04 00:10:22 -0700 |
|---|---|---|
| committer | Elizabeth Hunt <me@liz.coffee> | 2025-05-04 00:35:51 -0700 |
| commit | c3e9305bce9fd1aaf165779fb46570c683750e6f (patch) | |
| tree | dcc01e3d35abd0647f7a053a00d9e3f1f91072d1 /playbooks/roles/nginx_proxy/templates | |
| parent | 7106b304324b3a7c4dc5fa25432f08041cbc41cb (diff) | |
| download | infra-c3e9305bce9fd1aaf165779fb46570c683750e6f.tar.gz infra-c3e9305bce9fd1aaf165779fb46570c683750e6f.zip | |
Tried to use docker ingress to solve x-real-ip on mail daemon but it didn't work for other ports
Diffstat (limited to 'playbooks/roles/nginx_proxy/templates')
| -rw-r--r-- | playbooks/roles/nginx_proxy/templates/docker-compose.yml | 58 | ||||
| -rw-r--r-- | playbooks/roles/nginx_proxy/templates/toplevel.conf.d/stream.conf | 55 |
2 files changed, 113 insertions, 0 deletions
diff --git a/playbooks/roles/nginx_proxy/templates/docker-compose.yml b/playbooks/roles/nginx_proxy/templates/docker-compose.yml new file mode 100644 index 0000000..33b3243 --- /dev/null +++ b/playbooks/roles/nginx_proxy/templates/docker-compose.yml @@ -0,0 +1,58 @@ +--- + +services: + nginx-proxy: + image: nginxproxy/nginx-proxy + container_name: nginx-proxy + ports: + # http + - "80:80" + - "443:443" + # smtp + - "25:25" + - "465:465" + - "587:587" + # imap + - "993:993" + # sieve + - "4190:4190" + # src + - "2222:2222" + volumes: + - /var/run/docker.sock:/tmp/docker.sock:ro + - {{ nginx_proxy_base }}/certs:/etc/nginx/certs + - {{ nginx_proxy_base }}/toplevel.conf.d:/etc/nginx/toplevel.conf.d + environment: + - TZ={{ timezone }} + - DEPLOYMENT_TIME={{ deployment_time }} + - NO_COLOR=1 + - LOG_JSON=true + - TRUST_DOWNSTREAM_PROXY=false + networks: + - proxy + labels: + - com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy + + nginx-acme-companion: + image: nginxproxy/acme-companion + depends_on: + - nginx-proxy + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + - acme:/etc/acme.sh + - {{ nginx_proxy_base }}/certs:/etc/nginx/certs + environment: + - TZ={{ timezone }} + - DEPLOYMENT_TIME={{ deployment_time }} + - DEFAULT_EMAIL={{ certs_email }} + - ACME_CHALLENGE=DNS-01 + - "ACMESH_DNS_API_CONFIG={'DNS_API': 'dns_cf', 'CF_Key': '{{ cloudflare_token }}', 'CF_Email': '{{ cloudflare_email }}'}" + networks: + - proxy + +volumes: + acme: + +networks: + proxy: + name: proxy diff --git a/playbooks/roles/nginx_proxy/templates/toplevel.conf.d/stream.conf b/playbooks/roles/nginx_proxy/templates/toplevel.conf.d/stream.conf new file mode 100644 index 0000000..3e7c125 --- /dev/null +++ b/playbooks/roles/nginx_proxy/templates/toplevel.conf.d/stream.conf @@ -0,0 +1,55 @@ +{% if not homelab_build %} + +stream { + upstream imaps { + server {{ vpn_proxy_filter_container_name }}:993; + } + upstream smtps { + server {{ vpn_proxy_filter_container_name }}:465; + } + upstream smtptls { + server {{ vpn_proxy_filter_container_name }}:587; + } + upstream smtp { + server {{ vpn_proxy_filter_container_name }}:25; + } + upstream managesieve { + server {{ vpn_proxy_filter_container_name }}:4190; + } + + upstream src { + server {{ vpn_proxy_filter_container_name }}:2222; + } + + server { + listen 993; + proxy_pass imaps; + proxy_protocol on; + } + server { + listen 25; + proxy_pass smtp; + proxy_protocol on; + } + server { + listen 587; + proxy_pass smtptls; + proxy_protocol on; + } + server { + listen 465; + proxy_pass smtps; + proxy_protocol on; + } + server { + listen 4190; + proxy_pass managesieve; + proxy_protocol on; + } + server { + listen 2222; + proxy_pass src; + } +} + +{% endif %} |