From f775f4c76691fc61b2993d81d9f1b4690e76b141 Mon Sep 17 00:00:00 2001
From: crupest <crupest@outlook.com>
Date: Sat, 19 Nov 2022 13:00:13 +0800
Subject: No caddy, only nginx and certbot.

---
 template/nginx/reverse-proxy.conf.template | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 template/nginx/reverse-proxy.conf.template

(limited to 'template/nginx/reverse-proxy.conf.template')

diff --git a/template/nginx/reverse-proxy.conf.template b/template/nginx/reverse-proxy.conf.template
new file mode 100644
index 0000000..e98c066
--- /dev/null
+++ b/template/nginx/reverse-proxy.conf.template
@@ -0,0 +1,23 @@
+upstream ${CRUPEST_NGINX_UPSTREAM_NAME} {
+    server ${CRUPEST_NGINX_UPSTREAM_SERVER};
+}
+
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name ${CRUPEST_NGINX_SUBDOMAIN}.${CRUPEST_DOMAIN};
+
+    ssl_certificate /etc/letsencrypt/live/${CRUPEST_NGINX_SUBDOMAIN}.${CRUPEST_DOMAIN}/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/${CRUPEST_NGINX_SUBDOMAIN}.${CRUPEST_DOMAIN}/privkey.pem;
+
+    location / {
+        proxy_pass http://${CRUPEST_NGINX_UPSTREAM_NAME};
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection $http_connection;
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Real-IP $remote_addr;
+    }
+}
-- 
cgit v1.2.3