From dbf7bc82eace9742583db7e23a745046cf3e7a1d Mon Sep 17 00:00:00 2001 From: hael Date: Wed, 22 Feb 2023 11:44:05 +0000 Subject: [PATCH] sample files for testing --- scripts/awk | 1 + scripts/domain.example.conf | 87 +++++++++++++++++++++++++++++ scripts/domains/app.domain.example | 23 ++++++++ scripts/domains/app2.domain.example | 24 ++++++++ scripts/domains/app3.domain.example | 23 ++++++++ scripts/domains/domain.sample | 13 +++++ 6 files changed, 171 insertions(+) create mode 100644 scripts/awk create mode 100644 scripts/domain.example.conf create mode 100644 scripts/domains/app.domain.example create mode 100644 scripts/domains/app2.domain.example create mode 100644 scripts/domains/app3.domain.example create mode 100644 scripts/domains/domain.sample diff --git a/scripts/awk b/scripts/awk new file mode 100644 index 0000000..c01bde1 --- /dev/null +++ b/scripts/awk @@ -0,0 +1 @@ +awk '/-----BEGIN CERTIFICATE-----/ {show=1} /-----END CERTIFICATE-----/ {show=1} show {print}' keys/$ovpn.crt >> result diff --git a/scripts/domain.example.conf b/scripts/domain.example.conf new file mode 100644 index 0000000..ccabe8c --- /dev/null +++ b/scripts/domain.example.conf @@ -0,0 +1,87 @@ +server { +listen 80 proxy_protocol; +server_name domain.example; +set_real_ip_from 0.0.0.0/0; +real_ip_header proxy_protocol; +rewrite_log on; +return 301 https://domain.example; +} +server { +listen 443 ssl proxy_protocol; +set_real_ip_from 0.0.0.0/0; +real_ip_header proxy_protocol; +server_name domain.example; +client_max_body_size 0; +rewrite_log on; +proxy_ssl_server_name on; + ssl_dhparam /etc/ssl/keys/domain.example/dhparam.pem; +ssl_certificate /etc/ssl/keys/fullchain.pem; + ssl_certificate_key /etc/ssl/keys/key.pem; +ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4 !kDHE"; +ssl_session_cache shared:SSL:50m; +ssl_session_timeout 5m; +ssl_stapling on; +location / { + limit_except GET HEAD { + allow 192.168.109.1; + allow 192.168.109.2; + deny all; + } + proxy_pass http://domain-app:80; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Upgrade $http_upgrade; + proxy_cookie_path / /; + proxy_set_header Connection $http_connection; + proxy_connect_timeout 300; + proxy_send_timeout 300; + proxy_read_timeout 300; + proxy_next_upstream off; + proxy_redirect off; + proxy_buffering off; +} +location example2 { + proxy_pass http://example-app2-modified:80; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Upgrade $http_upgrade; + proxy_cookie_path example2 example2; + proxy_set_header Connection $http_connection; + proxy_connect_timeout 300; + proxy_send_timeout 300; + proxy_read_timeout 300; + proxy_next_upstream off; + proxy_redirect off; + proxy_buffering off; +} +# location end +location example { + limit_except GET HEAD { + allow 192.168.105.1 + allow 192.168.106.1 + allow 192.168.107.1 + deny all; + } + proxy_pass http://example-app:80; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Upgrade $http_upgrade; + proxy_cookie_path example example; + proxy_set_header Connection $http_connection; + proxy_connect_timeout 300; + proxy_send_timeout 300; + proxy_read_timeout 300; + proxy_next_upstream off; + proxy_redirect off; + proxy_buffering off; +} +# location end +} diff --git a/scripts/domains/app.domain.example b/scripts/domains/app.domain.example new file mode 100644 index 0000000..045f523 --- /dev/null +++ b/scripts/domains/app.domain.example @@ -0,0 +1,23 @@ +{ +"DEBUG": "true", +"DOMAIN": "domain.example", +"ALIASES_HTTP": [ ], +"ALIASES_HTTPS": [ ], +"LOCAL_NAME": "domain-app", +"HTTP_PORT": "", +"HTTPS_PORT": "80", +"ERROR_PAGE": "", +"REDIRECT_HTTP": "", +"REDIRECT_HTTPS": "", +"MAX_BODY_SIZE": "", +"ALLOWED_NETWORK": [ "192.168.109.1", "192.168.109.2", "192.168.110.2" ], +"OPERATION": "CREATE", +"ALTERNATE_LOCATION_PATH": [ + { + "LOCAL_PATH": "example", + "LOCAL_NAME": "example-app", + "LOCAL_PORT": "", + "LOCAL_ALLOWED_NETWORK": [ "192.168.105.1", "192.168.106.1", "192.168.107.1" ] + } +] +} diff --git a/scripts/domains/app2.domain.example b/scripts/domains/app2.domain.example new file mode 100644 index 0000000..11d89e6 --- /dev/null +++ b/scripts/domains/app2.domain.example @@ -0,0 +1,24 @@ +{ +"DEBUG": "true", +"DOMAIN": "domain.example", +"ALIASES_HTTP": [ ], +"ALIASES_HTTPS": [ ], +"LOCAL_NAME": "domain-app2", +"HTTP_PORT": "", +"HTTPS_PORT": "80", +"ERROR_PAGE": "", +"REDIRECT_HTTP": "", +"REDIRECT_HTTPS": "", +"MAX_BODY_SIZE": "", +"ALLOWED_NETWORK": [ ], +"OPERATION": "MODIFY", +"ALTERNATE_LOCATION_PATH": [ + { + "LOCAL_PATH": "example2", + "LOCAL_NAME": "example-app2-modified", + "LOCAL_PORT": "", + "LOCAL_ALLOWED_NETWORK": [ ] + } + ] + +} diff --git a/scripts/domains/app3.domain.example b/scripts/domains/app3.domain.example new file mode 100644 index 0000000..cc71d1b --- /dev/null +++ b/scripts/domains/app3.domain.example @@ -0,0 +1,23 @@ +{ +"DEBUG": "true", +"DOMAIN": "domain.example", +"ALIASES_HTTP": [ ], +"ALIASES_HTTPS": [ ], +"LOCAL_NAME": "domain-app", +"HTTP_PORT": "", +"HTTPS_PORT": "80", +"ERROR_PAGE": "", +"REDIRECT_HTTP": "", +"REDIRECT_HTTPS": "", +"MAX_BODY_SIZE": "", +"ALLOWED_NETWORK": [ ], +"ALTERNATE_LOCATION_PATH": [ + { + "LOCAL_PATH": "example3", + "LOCAL_NAME": "example-app3", + "LOCAL_PORT": "", + "LOCAL_ALLOWED_NETWORK": [ ] + } + ] + +} diff --git a/scripts/domains/domain.sample b/scripts/domains/domain.sample new file mode 100644 index 0000000..9620641 --- /dev/null +++ b/scripts/domains/domain.sample @@ -0,0 +1,13 @@ +{ +"DEBUG": "true", +"DOMAIN": "domain.example", +"ALIASES_HTTP": [ ], +"ALIASES_HTTPS": [ ], +"LOCAL_NAME": "domain-app", +"HTTP_PORT": "", +"HTTPS_PORT": "80", +"ERROR_PAGE": "", +"REDIRECT_HTTP": "", +"REDIRECT_HTTPS": "", +"MAX_BODY_SIZE": "" +}