Начало Каталог Помощ
Регистрация Вход
lcy
/
truenas
1
0
Разклонения 0
Файлове Задачи 0 Заявки за сливане 0 Уики
ИН на ревизия: 53a7e536aa
Клонове Маркери
truenas
/
library
/
ix-dev
/
charts
/
nextcloud
/
templates
/
nginx-configmap.yaml

nginx-configmap.yaml 2.4 KB
История Директен файл

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273 
  1. apiVersion: v1
    2. 

  2. kind: ConfigMap
    3. 

  3. metadata:
    4. 

  4.   name: "nginx-configuration"
    5. 

  5. data:
    6. 

  6.   protocol: {{ include "nginx.scheme" . }}
    7. 

  7.   {{ $timeout := 60 }}
    8. 

  8.   {{ $size := .Values.nextcloud.max_upload_size | default 3 }}
    9. 

  9.   {{/* Safely access key as it is conditionaly shown */}}
    10. 

  10.   {{ if hasKey .Values "nginxConfig" }}
    11. 

  11.     {{ $timeout = .Values.nginxConfig.proxy_timeouts | default 60 }}
    12. 

  12.   {{ end }}
    13. 

  13.   nginx.conf: |-
    14. 

  14.     events {}
    15. 

  15.     http {
    16. 

  16.       # redirects all http requests to https requests
    17. 

  17.       server {
    18. 

  18.         listen 8000 default_server;
    19. 

  19.         listen [::]:8000 default_server;
    20. 

  20.         return 301 https://$host$request_uri;
    21. 

  21.       }
    22. 

  22. 

  23.       server {
    24. 

  24.         server_name localhost;
    25. 

  25. 

  26.         listen {{ .Values.service.nodePort }} ssl http2;
    27. 

  27.         listen [::]:{{ .Values.service.nodePort }} ssl http2;
    28. 

  28. 

  29.         ssl_certificate '/etc/nginx-certs/public.crt';
    30. 

  30.         ssl_certificate_key '/etc/nginx-certs/private.key';
    31. 

  31. 

  32.         # maximum 3GB Upload File; change to fit your needs
    33. 

  33.         client_max_body_size {{ $size }}G;
    34. 

  34. 

  35.         add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload" always;
    36. 

  36. 

  37.         location = /robots.txt {
    38. 

  38.           allow all;
    39. 

  39.           log_not_found off;
    40. 

  40.           access_log off;
    41. 

  41.         }
    42. 

  42. 

  43.         location = /.well-known/carddav {
    44. 

  44.           return 301 $scheme://$host:$server_port/remote.php/dav;
    45. 

  45.         }
    46. 

  46. 

  47.         location = /.well-known/caldav {
    48. 

  48.           return 301 $scheme://$host:$server_port/remote.php/dav;
    49. 

  49.         }
    50. 

  50. 

  51.         location / {
    52. 

  52.           proxy_pass http://localhost;
    53. 

  53.           proxy_http_version                 1.1;
    54. 

  54.           proxy_cache_bypass                 $http_upgrade;
    55. 

  55.           proxy_request_buffering            off;
    56. 

  56. 

  57.           # Proxy headers
    58. 

  58.           proxy_set_header Upgrade           $http_upgrade;
    59. 

  59.           proxy_set_header Connection        "upgrade";
    60. 

  60.           proxy_set_header Host              $http_host;
    61. 

  61.           proxy_set_header X-Real-IP         $remote_addr;
    62. 

  62.           proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
    63. 

  63.           proxy_set_header X-Forwarded-Proto https;
    64. 

  64.           proxy_set_header X-Forwarded-Host  $host;
    65. 

  65.           proxy_set_header X-Forwarded-Port  $server_port;
    66. 

  66. 

  67.           # Proxy timeouts
    68. 

  68.           proxy_connect_timeout              {{ $timeout }}s;
    69. 

  69.           proxy_send_timeout                 {{ $timeout }}s;
    70. 

  70.           proxy_read_timeout                 {{ $timeout }}s;
    71. 

  71.         }
    72. 

  72.       }
    73. 

  73.     }
    74.