From b746c457cebfb9da340557cc79cadce7d994ebb7 Mon Sep 17 00:00:00 2001 From: Naomi Carrigan Date: Thu, 3 Jul 2025 20:29:28 -0700 Subject: [PATCH] feat: time for another sync got some cool stuff in here --- configs/gitea.conf | 3 +- configs/prod.conf | 102 +++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 94 insertions(+), 11 deletions(-) diff --git a/configs/gitea.conf b/configs/gitea.conf index e9409c6..b6d10b0 100644 --- a/configs/gitea.conf +++ b/configs/gitea.conf @@ -4,9 +4,8 @@ server { ssl_certificate /etc/letsencrypt/live/git.nhcarrigan.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/git.nhcarrigan.com/privkey.pem; - client_max_body_size 100M; - location / { + client_max_body_size 1000M; proxy_set_header Host $host; proxy_pass http://127.0.0.1:3000; proxy_redirect off; diff --git a/configs/prod.conf b/configs/prod.conf index 8441ff4..f0f1cab 100644 --- a/configs/prod.conf +++ b/configs/prod.conf @@ -183,7 +183,7 @@ server { ssl_certificate_key /etc/letsencrypt/live/chat.nhcarrigan.com/privkey.pem; location / { - return 301 https://forum.nhcarrigan.com; + return 301 https://discord.gg/KKe7BaEnQB; } } @@ -255,15 +255,26 @@ server { ssl_certificate /etc/letsencrypt/live/forms.nhcarrigan.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/forms.nhcarrigan.com/privkey.pem; - root /home/nhcarrigan/forms/client/dist/client/browser; + # Upgrade websocket requests and route the api backend + location ~ ^/(api|ws)/ { + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_pass http://127.0.0.1:11111; + } - location / { - index index.html; - try_files $uri $uri/ /index.html; - } - - location ~* \.(js|css)$ { - try_files $uri $uri/ @rewrite; + location / { + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $http_host; + proxy_http_version 1.1; + proxy_pass http://127.0.0.1:11111; + proxy_redirect off; } } @@ -306,6 +317,31 @@ server { } } +server { + listen 443 ssl; + server_name hikari.nhcarrigan.com; + ssl_certificate /etc/letsencrypt/live/hikari.nhcarrigan.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/hikari.nhcarrigan.com/privkey.pem; + + root /home/nhcarrigan/hikari/client/dist/client/browser; + index index.html; + + location /api/ { + proxy_pass http://127.0.0.1:20000/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + # This removes /api from the forwarded URL + rewrite ^/api/(.*)$ /$1 break; + } + + location / { + try_files $uri $uri/ /index.html; + } +} + server { listen 443 ssl; server_name hooks.nhcarrigan.com; @@ -469,6 +505,11 @@ server { index index.html; } + location /ads.txt { + add_header Content-Type text/plain; + return 200 "google.com, pub-3569924701890974, DIRECT, f08c47fec0942fa0"; + } + location /games { try_files /games.html =404; } @@ -489,6 +530,11 @@ server { location / { index index.html; } + + location /ads.txt { + add_header Content-Type text/plain; + return 200 "google.com, pub-3569924701890974, DIRECT, f08c47fec0942fa0"; + } } server { @@ -499,6 +545,11 @@ server { root /home/nhcarrigan/portfolio/site; + location /ads.txt { + add_header Content-Type text/plain; + return 200 "google.com, pub-3569924701890974, DIRECT, f08c47fec0942fa0"; + } + location / { index index.html; } @@ -523,6 +574,11 @@ server { location / { index index.html; } + + location /ads.txt { + add_header Content-Type text/plain; + return 200 "google.com, pub-3569924701890974, DIRECT, f08c47fec0942fa0"; + } } server { @@ -537,6 +593,20 @@ server { } } +server { + listen 443 ssl; + server_name products.nhcarrigan.com; + ssl_certificate /etc/letsencrypt/live/products.nhcarrigan.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/products.nhcarrigan.com/privkey.pem; + + root /home/nhcarrigan/products; + + location / { + index index.html; + try_files $uri $uri/ /index.html; + } +} + server { listen 443 ssl; server_name quality.nhcarrigan.com; @@ -742,3 +812,17 @@ server { try_files /koikatsu.html =404; } } + +# This MUST be at the bottom so that dedicated subdomains are parsed first! + +server { + listen 443 ssl; + server_name ~^(?.+)\.naomi\.lgbt$; + + ssl_certificate /etc/letsencrypt/live/naomi.lgbt-0001/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/naomi.lgbt-0001/privkey.pem; + + location / { + return 301 https://$subdomain.nhcarrigan.com$request_uri; + } +}