From 6f9a2fba335cb3f486a042761b0bf3d296810426 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C3=ABl=20Minelli?= <michael@minelli.me>
Date: Wed, 17 May 2023 22:26:58 +0200
Subject: [PATCH] Add proxy configuration
---
Proxy/certs/server.crt | 32 ++++++++++++++++++++
Proxy/certs/server.key | 52 ++++++++++++++++++++++++++++++++
Proxy/default.conf | 68 ++++++++++++++++++++++++++++++++++++++++++
3 files changed, 152 insertions(+)
create mode 100644 Proxy/certs/server.crt
create mode 100644 Proxy/certs/server.key
create mode 100644 Proxy/default.conf
diff --git a/Proxy/certs/server.crt b/Proxy/certs/server.crt
new file mode 100644
index 0000000..4eb75ff
--- /dev/null
+++ b/Proxy/certs/server.crt
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFbjCCA1YCCQCFQNthRRiB8DANBgkqhkiG9w0BAQsFADB5MQswCQYDVQQGEwJD
+SDEPMA0GA1UECAwGR2VuZXZhMQ4wDAYDVQQKDAVIRVBJQTEMMAoGA1UECwwDSVND
+MQ0wCwYDVQQDDAREb2pvMSwwKgYJKoZIhvcNAQkBFh1taWNoYWVsLWplYW4ubWlu
+ZWxsaUBoZXNnZS5jaDAeFw0yMzA1MTcxODQ4NDBaFw0zMzA1MTQxODQ4NDBaMHkx
+CzAJBgNVBAYTAkNIMQ8wDQYDVQQIDAZHZW5ldmExDjAMBgNVBAoMBUhFUElBMQww
+CgYDVQQLDANJU0MxDTALBgNVBAMMBERvam8xLDAqBgkqhkiG9w0BCQEWHW1pY2hh
+ZWwtamVhbi5taW5lbGxpQGhlc2dlLmNoMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
+MIICCgKCAgEAs0uXO52xhsXX+3+4OHkYEOTM6UysNteoYJ67fd9I+s65Jjh5tHee
+Ed002U8u8PzlpPr2w5bJtIsLTDq3DJBH4wZEw4ROTPzIJ6JuWH7bF4gAHAPH5CYK
+ayvnK9k70dG0ICWuPELbosqDQY7p/fxeHPcBxWeMisPE1ud//JZtCUgoYZ7b++8S
+YvBJOYj4aMBlMlX2hFxWdh27XJ2ABddCudHL0fQ0DmOyldgBirIRa6ZdfAMk0VnZ
+hfOdfZ2z5Wmq0glLdSav1+CuuNsx/fMrFvW12cWcCjRD3BbyfMI2ja/tX3Ti4Y3h
+krptGcdgV1vUTNcPQR2LOI794S0jArAaBJrg2oKgw0yQeqQlllgUGM5uvC1/1Yo0
+/07bk2Sb/k6OncoaY2Lh7KsgIuufemrLlscH56oig/mLQpEzKJEKgukeHUES961S
+Q1gwllqqHkaAe2LaSn34bHTGF7jvi2H6oNX8EvU32QALuXs8/yFVcNWBsKsLVlYM
+e/9vXqoiZ1dRybp9zDV5w3u8hGLUVblRQSC6FWhLIgAKp0c/TdT/2Qm87nXMxV22
+y3wdYqxy2OtfyhhUl1PkKQRGS8p/yoCwMFKzltCPLu1Jli4epy2PkEYw9hlqgBX2
+xEznZR+6xE6EqnsxjCJZyYQwKK5fnw3DjEo1B1h2b3E/B6Kpv4+5RKcCAwEAATAN
+BgkqhkiG9w0BAQsFAAOCAgEAieF5HUzxY0tiyBeCOMgAIyc8kSeX91rmJjzKCR5Z
+JRecLMAip3u8y9L48p9+ndOdT1kNsEXYwWH6MF3mm465QipMOCkP/Zh0gMSm/FEd
+xnGmhA7axyWi5qRbdk609wf4hIz9t7Sy3oaTS41+WDdLRJj5kn2BgtxPbqysqVQn
+Tv7xBY3LNPKXz97v/VK1uUlZgGfA/Mh8so+3mnbqIdzsS9rP1z7ZB5WYqSZAiu69
+O3LySYpH0VhNbGs5F52f3rJHYGPwuwZidQtxKyzCIuAYDqry+RJNqhoVqOtNr6Bk
+IQQ9LNOfY8ZBq5kedVa6wdMyCVrnk2xydsoGnvYnooMCp00zHKY0Usf0W0Nsqled
+txW+bFEUGCOqaG0+guwClUDOiSLIcy55SMdrkODLC8npq/jrNOCo0sQ5qjJ3oQkX
+McfW2jBx5/xPNXsYxYE/ti7YneUFyVj+y2LtNYz5P29AIQb+5zDRtmVzy9BJBcDe
+igD3IlLp5WwSS+7mYU/Cf36vlXAcwbDLFJB9A/llzuNuqL/sbXgLIqiLQxJFucYk
+6AvDR+mlddO1cF3W3t1gPwPTgxOTHgNsHQnfZHJjExqzlsT6KPK1drEaauLo230H
+9OpLpvj1qNY3F2TbP5S47yQirCPxeK5NLeUe+iiy7SOJBs6TD811iVkB19IX1OVL
+3TY=
+-----END CERTIFICATE-----
diff --git a/Proxy/certs/server.key b/Proxy/certs/server.key
new file mode 100644
index 0000000..e77cebc
--- /dev/null
+++ b/Proxy/certs/server.key
@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQCzS5c7nbGGxdf7
+f7g4eRgQ5MzpTKw216hgnrt930j6zrkmOHm0d54R3TTZTy7w/OWk+vbDlsm0iwtM
+OrcMkEfjBkTDhE5M/Mgnom5YftsXiAAcA8fkJgprK+cr2TvR0bQgJa48QtuiyoNB
+jun9/F4c9wHFZ4yKw8TW53/8lm0JSChhntv77xJi8Ek5iPhowGUyVfaEXFZ2Hbtc
+nYAF10K50cvR9DQOY7KV2AGKshFrpl18AyTRWdmF8519nbPlaarSCUt1Jq/X4K64
+2zH98ysW9bXZxZwKNEPcFvJ8wjaNr+1fdOLhjeGSum0Zx2BXW9RM1w9BHYs4jv3h
+LSMCsBoEmuDagqDDTJB6pCWWWBQYzm68LX/VijT/TtuTZJv+To6dyhpjYuHsqyAi
+6596asuWxwfnqiKD+YtCkTMokQqC6R4dQRL3rVJDWDCWWqoeRoB7YtpKffhsdMYX
+uO+LYfqg1fwS9TfZAAu5ezz/IVVw1YGwqwtWVgx7/29eqiJnV1HJun3MNXnDe7yE
+YtRVuVFBILoVaEsiAAqnRz9N1P/ZCbzudczFXbbLfB1irHLY61/KGFSXU+QpBEZL
+yn/KgLAwUrOW0I8u7UmWLh6nLY+QRjD2GWqAFfbETOdlH7rEToSqezGMIlnJhDAo
+rl+fDcOMSjUHWHZvcT8Hoqm/j7lEpwIDAQABAoICAQCYti2drXbjn+eSYvp5v0ps
+OTT/ETstiwnzIb/4OhJi7Wht0XR37dpIxOyamwMUZ5MBrnA3r1sl17hLuUboAIv6
+JgCztyEqGbQxbfwmjAX4SPIu6ll7TZtaJQ7FHkYBNGgDaZS55whD49FgKWXL2wQe
+D5UGmmfuWUhy8sLkVQuR+E/Mtg4Qy1QRyS/VPYC3WAfZk7ZgjnVmLXTEMbI1R1+h
+/btonGMqTmhxkIXfqEOGOTEuy060sZ7ApPrjX0s2f4XrV9dZdRYY/VpUQP6XmmJ9
+L9MwJUv+tP2HnFP1R0ZH8CxyPZBxJPOYkgkTB+pa/fAZcqOfhpZqGgDLpjJHu86r
+5+6+98DfBvlx26t1hn5TP70vNBZQTF+YrljMWlRJ7ivTvLtJ/QbpCLlMYIjbVGSV
+8btDPzy4QkqY7jcK5iIN/7+hUNEoVJXbn+zwhviFDxnYL1t87gMKPkwTYzstUXde
+p6pcX4y4LPp+mqHSceE3EAX/ndf63sAbcfAElG+e+bJ4oMEVRQr27KtNcX13Ihmd
+nMzPlHv3sRhK/6BOjLNk+/gygqRFXBI58n8f5LOq2WNl73d3F8wrQ7lJxPAActVU
+wmPbQZy2R1eq19+5S+JodBkIDIq8oGO8z/MAzYwfzU30PmhgSbB323AkWefLBpb3
+wCcY9YTn9bYcdZB+YIwgQQKCAQEA4jsP+sXffyaGYW5OwZtmx1YjQ0tK9/qnQfZV
+W041P5Ch4WUlC4xnhA9gzkAglkVgmwZdkHW7JJyyZQZY+ZNeO4T+/77yj964XFTC
+boDIuK97N/CygfJz3TPZniLzbQS1AG3d/jOnz+T9gmCMwN2rDbTjwKziHqsnE0ld
+es0hm5cA5QiCj9EheDwbY9HxQ/fGEJCbm1kFfNhOIbFpxzptZ3U9P1njmjbWwKoa
+0u7ZOCPmTQJvuiETuwxrWqsVIlLQb7CGN+PQ12QwjC/5sy6XqrnN9Kwef4yngHRD
+7QKkOoxZICf5NEQEF1+lfNJMpc3W/owF346bwL16yEVO44zh6QKCAQEAyuNvLloi
+VxH4IFBJgUi3UeKmhVIl2LocHAE0oSh9TVZu7Xa2XnKa91JoqF1MAso5E/y/O728
+v0WmIJ42bTHkOZjkpp298rK9RtliypFLGWf2WQOfm+W4TmI6EnDLVl4jBPjKD8uG
+1OSDCxy0CKdH7idjXGa+E+y0XEYKjpPnYW40AcoV+o6MAHI4UvWoiZk/hginyOTG
+JA+tJbj49kymUkq1LjMBdjJ+2JOl51TIHGTIgKbSbf65201eyOePeU4PAaBc50t6
++mgl2abVoudOwsDBRxcqAdbar5N3yFDbXuGxE5T/3p30esZZuaaKo9PjYaRzf/8U
+yGGe2chYc+rIDwKCAQEAmY9nsFwB8efvjVD3ynk2kZYJh5MjByIvyBlyJPD4OfZt
+u3YRaD5cwYpCtp1WwUnEYlY2ymjvp9FpUiO132rFqvcCtAwjz75pO9sYwzNNi/cp
+V3ZdZNFzDjI0xB+LRnPMfMcWyYa8oOQZpBbvU7bjdgFUGyP+tLyOYIwLFOEKr/cW
+12AoZ4CYDGoYWXBXKUCVRAc0aIVLsUuN9VbcqywguPoeodLdKH+S0+JjJMyVy4Kq
+v5kox5nOL8glUr0QMmUuMLIM2QEdcCcEwROLlbHJp0xJ3Yu7g+6wgAPrW4TQfyFn
+GemoQW7trAPza7+/4UfQaKYZEn9Vf8XeAvTwsIqfiQKCAQEAk4n0jfaJxluQ3p7D
+9ToV5Xw2r/jfAM3GJy9RQGibRiQ2ooSTdfdNbdEFvnmqDtVT0I8Z2a3OliFl/45N
+8fY4CxJ+JBPNz7HfJqhqyPgDbsRFRtH1vX6+GnIf3M0dcP8f5DuvZPESabqK+Qe0
+fB55llwaS1WDoCWfuwJMJwazWgyz0SFN/liuwpxNDTcLipRgt22P5e1HkW288hOj
+KCjxQiKFwsTgqT1rNL+aA7GJm+xGShgGKmr0aN/Ir7yEfygejYY6SRCAq5wU+kPy
+U3Z1tfZKFxJnP9MoUEmi746tGEBzbtQJha/D24xmLzVG2H/7eEQIoemzCUzEIYcp
+m5H+TQKCAQAVd9UKjjXC+7oeTv/LkB2NiGZkEymaPiUS38aPStvk2L1aydqr8mKR
+/vvn/WcWijMLP6yVaKkSIihr+Cmvl0mbvsUjRmv0Ly18ETrlpCoB83cvIe6IYFG0
+mqnlpBRxli63aLaAAbEmG4bY4TPZEbFl9oDhzsLsOvUOBUhFDwg8hSV7xNJ7Npu/
+DHIm+K4/SoFuXGZFoqztHkzijeL7wUaOsx053L+SqkUPyW76NowwcAsShw44zFug
+tIZEQt6ShnXNpveBZEQ+SKBc4fBMaEeTvAZo/O8LUzqty1GFt2U4U0YYrgGBu5ci
+u8XF+YCGWq4INXLWb883D2ITJdUwYztG
+-----END PRIVATE KEY-----
diff --git a/Proxy/default.conf b/Proxy/default.conf
new file mode 100644
index 0000000..667f333
--- /dev/null
+++ b/Proxy/default.conf
@@ -0,0 +1,68 @@
+server {
+ listen 80 default_server;
+ listen [::]:80 default_server;
+ server_name _;
+ return 301 https://$host$request_uri;
+}
+
+server {
+ listen 443 ssl;
+ server_name _;
+
+ ssl_certificate /dojo/certs/server.crt;
+ ssl_certificate_key /dojo/certs/server.key;
+
+ sendfile on;
+
+ default_type application/octet-stream;
+
+ gzip on;
+ gzip_http_version 1.1;
+ gzip_disable "MSIE [1-6]\.";
+ gzip_min_length 1100;
+ gzip_vary on;
+ gzip_proxied expired no-cache no-store private auth;
+ gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
+ gzip_comp_level 9;
+
+ large_client_header_buffers 4 1024k;
+ client_max_body_size 100M;
+
+ location / {
+ proxy_pass http://dojo-frontend/;
+ proxy_intercept_errors on;
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection 'upgrade';
+ proxy_set_header Host $host;
+ proxy_cache_bypass $http_upgrade;
+ proxy_buffering off;
+ proxy_read_timeout 999999;
+ }
+
+ location /api/ {
+ proxy_pass http://dojo-api/;
+ proxy_intercept_errors on;
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection 'upgrade';
+ proxy_set_header Host $host;
+ proxy_cache_bypass $http_upgrade;
+ proxy_buffering off;
+ proxy_read_timeout 999999;
+ }
+
+ location /adminer/ {
+ proxy_pass http://adminer:8080/;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $remote_addr;
+ proxy_intercept_errors on;
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection 'upgrade';
+ proxy_set_header Host $host;
+ proxy_cache_bypass $http_upgrade;
+ proxy_buffering off;
+ proxy_read_timeout 999999;
+ }
+}
--
GitLab