Différences
Ci-dessous, les différences entre deux révisions de la page.
Dernière révisionLes deux révisions suivantes | |||
tech:proxy-01 [03/03/2021 12:04] – créée LibertAdmin | tech:proxy-01 [03/03/2021 12:09] – [Adressage IP] LibertAdmin | ||
---|---|---|---|
Ligne 18: | Ligne 18: | ||
</ | </ | ||
+ | ==== Configuration Nginx ==== | ||
+ | |||
+ | < | ||
+ | # Blocage des pays douteux : | ||
+ | geoip_country / | ||
+ | map $geoip_country_code $allow_country { | ||
+ | default yes; | ||
+ | PH no; | ||
+ | MYS no; | ||
+ | IN no; | ||
+ | BY no; | ||
+ | UA no; | ||
+ | CN no; | ||
+ | RU no; | ||
+ | KR no; | ||
+ | KP no; | ||
+ | } | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | # Configuration globale : | ||
+ | server { | ||
+ | # Frontaux Web HTTP : | ||
+ | server_name _; | ||
+ | listen 80; | ||
+ | |||
+ | location / { | ||
+ | proxy_pass https:// | ||
+ | proxy_http_version | ||
+ | proxy_cache_bypass | ||
+ | proxy_set_header Upgrade | ||
+ | proxy_set_header Connection | ||
+ | proxy_set_header Host $host; | ||
+ | proxy_set_header X-Real-IP | ||
+ | proxy_set_header X-Forwarded-For | ||
+ | proxy_set_header X-Forwarded-Proto $scheme; | ||
+ | proxy_set_header X-Forwarded-Host | ||
+ | proxy_set_header X-Forwarded-Port | ||
+ | } | ||
+ | |||
+ | # Bloquer les pays douteux : | ||
+ | if ($allow_country = no) { | ||
+ | return 403; | ||
+ | } | ||
+ | } | ||
+ | server { | ||
+ | # Frontal Web HTTPS Liberta Vidéo (Peertube) : | ||
+ | server_name video.liberta.vip; | ||
+ | listen 443 ssl http2; | ||
+ | ssl_certificate / | ||
+ | ssl_certificate_key / | ||
+ | |||
+ | location / { | ||
+ | proxy_pass https:// | ||
+ | proxy_http_version | ||
+ | proxy_cache_bypass | ||
+ | proxy_set_header Upgrade | ||
+ | proxy_set_header Connection | ||
+ | proxy_set_header Host $host; | ||
+ | proxy_set_header X-Real-IP | ||
+ | proxy_set_header X-Forwarded-For | ||
+ | proxy_set_header X-Forwarded-Proto $scheme; | ||
+ | proxy_set_header X-Forwarded-Host | ||
+ | proxy_set_header X-Forwarded-Port | ||
+ | } | ||
+ | |||
+ | # Bloquer les pays douteux : | ||
+ | if ($allow_country = no) { | ||
+ | return 403; | ||
+ | } | ||
+ | } | ||
+ | server { | ||
+ | # Frontaux Web HTTPS Liberta : | ||
+ | server_name liberta.vip *.liberta.vip; | ||
+ | listen 443 ssl http2; | ||
+ | ssl_certificate / | ||
+ | ssl_certificate_key / | ||
+ | |||
+ | location / { | ||
+ | proxy_pass https:// | ||
+ | proxy_http_version | ||
+ | proxy_cache_bypass | ||
+ | proxy_set_header Upgrade | ||
+ | proxy_set_header Connection | ||
+ | proxy_set_header Host $host; | ||
+ | proxy_set_header X-Real-IP | ||
+ | proxy_set_header X-Forwarded-For | ||
+ | proxy_set_header X-Forwarded-Proto $scheme; | ||
+ | proxy_set_header X-Forwarded-Host | ||
+ | proxy_set_header X-Forwarded-Port | ||
+ | } | ||
+ | |||
+ | # Bloquer les pays douteux : | ||
+ | if ($allow_country = no) { | ||
+ | return 403; | ||
+ | } | ||
+ | } | ||
+ | server { | ||
+ | # Frontaux Web SILICS : | ||
+ | server_name silics.fr *.silics.fr; | ||
+ | listen 443 ssl http2; | ||
+ | ssl_certificate / | ||
+ | ssl_certificate_key / | ||
+ | |||
+ | location / { | ||
+ | proxy_pass https:// | ||
+ | proxy_http_version | ||
+ | proxy_cache_bypass | ||
+ | proxy_set_header Upgrade | ||
+ | proxy_set_header Connection | ||
+ | proxy_set_header Host $host; | ||
+ | proxy_set_header X-Real-IP | ||
+ | proxy_set_header X-Forwarded-For | ||
+ | proxy_set_header X-Forwarded-Proto $scheme; | ||
+ | proxy_set_header X-Forwarded-Host | ||
+ | proxy_set_header X-Forwarded-Port | ||
+ | } | ||
+ | } | ||
+ | server { | ||
+ | # Frontaux Web TarnMarket : | ||
+ | server_name tarnmarket.fr *.tarnmarket.fr; | ||
+ | listen 443 ssl http2; | ||
+ | ssl_certificate / | ||
+ | ssl_certificate_key / | ||
+ | |||
+ | location / { | ||
+ | proxy_pass https:// | ||
+ | proxy_http_version | ||
+ | proxy_cache_bypass | ||
+ | proxy_set_header Upgrade | ||
+ | proxy_set_header Connection | ||
+ | proxy_set_header Host $host; | ||
+ | proxy_set_header X-Real-IP | ||
+ | proxy_set_header X-Forwarded-For | ||
+ | proxy_set_header X-Forwarded-Proto $scheme; | ||
+ | proxy_set_header X-Forwarded-Host | ||
+ | proxy_set_header X-Forwarded-Port | ||
+ | } | ||
+ | } | ||
+ | |||
+ | </ | ||
==== Liste des paquets ==== | ==== Liste des paquets ==== | ||