dihwang/vault-keeper
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
master
vault-keeper/gitea
T
dihwang 78518645aa 일단 이제 잘 됨
2026-04-13 17:29:56 +09:00

126 lines
3.9 KiB
Plaintext
Raw Permalink Blame History

o# [1] HTTP (80) -> HTTPS (443) 자동 리다이렉트 (통합 관리)
server {
if ($host = white-smith.duckdns.org) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = git-white-smith.duckdns.org) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = kui-white-smith.duckdns.org) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = git.white-smith.shop) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = white-smith.shop) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
# 서비스되는 모든 도메인을 한곳에 적습니다.
server_name white-smith.shop kui-white-smith.duckdns.org white-smith.duckdns.org
git.white-smith.shop git-white-smith.duckdns.org 34.19.79.94;
# 모든 HTTP 접속을 각 호스트의 HTTPS 주소로 보냅니다.
location / {
return 301 https://$host$request_uri;
}
}
# [2] Quartz 블로그 설정 (HTTPS)
server {
listen 443 ssl;
server_name kui-white-smith.duckdns.org white-smith.shop white-smith.duckdns.org;
# Certbot 인증서 경로 (가장 최근에 발급받은 대표 경로 확인 필요)
ssl_certificate /etc/letsencrypt/live/git-white-smith.duckdns.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/git-white-smith.duckdns.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
root /var/www/white-smith-blog/public;
index index.html;
charset utf-8;
auth_basic "Please Login New Account";
auth_basic_user_file /etc/nginx/.htpasswd;
# 인증 관련 정보가 캐시되지 않도록 강제
add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0";
add_header Pragma "no-cache";
expires off;
location / {
# 정적 파일 서빙을 위한 최적화 설정
# try_files $uri $uri.html $uri/ =404;
try_files $uri $uri/ $uri.html =404;
}
# --- 추가된 부분 ---
# [A] VaultKeeper 프론트엔드 페이지 접속 경로
location /auth/ {
# Nginx 인증 팝업을 띄우지 않음
auth_basic off;
# 뒤에 /를 붙이면 Go 서버의 "/" 경로로 전달됩니다.
proxy_pass http://127.0.0.1:8486/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
}
# [B] VaultKeeper API 통신 경로
location /api/ {
# 이 부분이 누락되어 Nginx 인증창이 계속 떴던 것입니다.
auth_basic off;
proxy_pass http://localhost:8486;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# ------------------
}
# [3] Gitea 설정 (HTTPS)
server {
listen 443 ssl;
server_name git.white-smith.shop git-white-smith.duckdns.org;
client_max_body_size 50M;
# Gitea 전용 인증서 경로
ssl_certificate /etc/letsencrypt/live/git-white-smith.duckdns.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/git-white-smith.duckdns.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Reference in New Issue View Git Blame Copy Permalink