corentinth it-tools

From KlavoWiki
Jump to navigationJump to search

docker

  corentinth:
    image: ghcr.io/corentinth/it-tools:latest
    container_name: it-tools
    hostname: it-tools
    restart: unless-stopped
    ports:
      - 8090:80

nginx

vi /etc/nginx/sites-available/pwpush
server {
    listen 192.168.1.1:80;
    listen [fe80::4c9a:23d2:1f45:6a12]:80;

    server_name pwpush.klaverstyn.com.au;

    return 301 https://pwpush.klaverstyn.com.au;

    access_log /var/log/nginx/access_pwpush.log;
    error_log /var/log/nginx/error_pwpush.log;

}


server {
    listen 192.168.1.1:443 ssl;
    listen [fe80::4c9a:23d2:1f45:6a12]:443 ssl;
    http2 on;

    server_name pwpush.klaverstyn.com.au;

    access_log /var/log/nginx/access_pwpush.log;
    error_log /var/log/nginx/error_pwpush.log;

    ssl_certificate         /etc/letsencrypt/live/pwpush.klaverstyn.com.au/fullchain.pem;
    ssl_certificate_key     /etc/letsencrypt/live/pwpush.klaverstyn.com.au/privkey.pem;

    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; connect-src 'self' blob:; img-src 'self' data: https://tile.openstreetmap.org; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-ancestors 'self'; form-action 'self'; worker-src 'self' blob:;";
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header Referrer-Policy "strict-origin-when-cross-origin" always;

    if ($request_method !~ ^(GET|POST|HEAD)$ ) {
        return 444;
    }

    location / {
        proxy_pass             http://localhost:5100;
        proxy_http_version     1.1;
        proxy_set_header       Host             $host;
        proxy_set_header       X-Real-IP        $remote_addr;
        proxy_set_header       X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_set_header       X-Forwarded-Proto $scheme;

        # Dynamic Upgrade Handling
        proxy_set_header       Upgrade          $http_upgrade;
        proxy_set_header       Connection       $connection_upgrade;

        client_max_body_size   100M;

        # Timeouts and Buffering for File Uploads
        proxy_read_timeout     300s;
        proxy_send_timeout     300s;
        client_body_buffer_size 128k;
        proxy_max_temp_file_size 0;
        proxy_connect_timeout  300s;
        proxy_buffering        off;
        proxy_request_buffering off;
    }

}
Retrieved from "https://klaverstyn.com.au/david/wiki/index.php?title=corentinth_it-tools&oldid=2703"