From 830d3bca28f077b02fc5aaa51c90cc4812680b42 Mon Sep 17 00:00:00 2001 From: Viyurz <128215328+Viyurz@users.noreply.github.com> Date: Wed, 13 Dec 2023 14:41:24 +0100 Subject: [PATCH] nginx-rp: remove http2 from HTTP server, remove service file + add kavita --- kavita/docker-compose.yaml | 14 ++++++++++++++ nginx-rp/reverse-proxy.conf | 18 ++++++++++++++++-- nginx-rp/service.conf | 20 -------------------- nginx-rp/setup.sh | 20 +------------------- 4 files changed, 31 insertions(+), 41 deletions(-) create mode 100644 kavita/docker-compose.yaml delete mode 100644 nginx-rp/service.conf diff --git a/kavita/docker-compose.yaml b/kavita/docker-compose.yaml new file mode 100644 index 0000000..799f08b --- /dev/null +++ b/kavita/docker-compose.yaml @@ -0,0 +1,14 @@ +services: + kavita: + image: lscr.io/linuxserver/kavita:latest + container_name: kavita + restart: always + environment: + - PUID=1003 + - GUID=1003 + - TZ=Europe/Paris + ports: + - "[::1]:5000:5000" + volumes: + - /mnt/kavita/data:/data + - /mnt/kavita/config:/kavita/config diff --git a/nginx-rp/reverse-proxy.conf b/nginx-rp/reverse-proxy.conf index 5a6655f..fbb4c34 100644 --- a/nginx-rp/reverse-proxy.conf +++ b/nginx-rp/reverse-proxy.conf @@ -1,7 +1,7 @@ # Redirect HTTP to HTTPS server { - listen 80 http2 default_server; - listen [::]:80 http2 default_server; + listen 80 default_server; + listen [::]:80 default_server; server_name _; @@ -173,6 +173,20 @@ server { +# Kavita +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name kavita.viyurz.fr; + + location / { + proxy_pass http://localhost:5000; + } +} + + + # Homepage server { listen 443 ssl http2; diff --git a/nginx-rp/service.conf b/nginx-rp/service.conf deleted file mode 100644 index 7f8f73b..0000000 --- a/nginx-rp/service.conf +++ /dev/null @@ -1,20 +0,0 @@ -[Service] -User=www-data -Group=www-data -NoNewPrivileges=yes -CapabilityBoundingSet= -CapabilityBoundingSet=CAP_NET_BIND_SERVICE -AmbientCapabilities= -AmbientCapabilities=CAP_NET_BIND_SERVICE -RuntimeDirectory=nginx -StateDirectory=nginx -LogsDirectory=nginx -PIDFile=/run/nginx/nginx.pid -ExecStartPre= -ExecStartPre=/usr/sbin/nginx -t -q -g 'daemon on; master_process on; pid /run/nginx/nginx.pid;' -ExecStart= -ExecStart=/usr/sbin/nginx -g 'daemon on; master_process on; pid /run/nginx/nginx.pid;' -ExecReload= -ExecReload=/usr/sbin/nginx -g 'daemon on; master_process on; pid /run/nginx/nginx.pid;' -s reload -ExecStop= -ExecStop=-/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx/nginx.pid diff --git a/nginx-rp/setup.sh b/nginx-rp/setup.sh index 1a1a2fe..2df7389 100755 --- a/nginx-rp/setup.sh +++ b/nginx-rp/setup.sh @@ -12,7 +12,7 @@ fi rel_path="$(dirname "$0")" # Fichiers requis pour le script -files=('dhparam.txt' 'nginx.conf' 'reverse-proxy.conf' 'service.conf') +files=('dhparam.txt' 'nginx.conf' 'reverse-proxy.conf') for file in "${files[@]}"; do if ! [[ -f "$rel_path/$file" ]]; then echo "Required file $file is missing, exiting." @@ -26,16 +26,6 @@ if [[ ! -x /usr/sbin/nginx ]]; then fi -# mkdir /etc/systemd/system/nginx.service.d 2> /dev/null - - -# if ! diff "$rel_path/service.conf" /etc/systemd/system/nginx.service.d/service.conf &> /dev/null; then -# cp "$rel_path/service.conf" "/etc/systemd/system/nginx.service.d/service.conf" -# systemctl daemon-reload -# systemctl restart nginx -# fi - - cp "$rel_path/nginx.conf" /etc/nginx/ cp "$rel_path/reverse-proxy.conf" /etc/nginx/sites-available/ cp "$rel_path/dhparam.txt" /etc/nginx/ @@ -45,13 +35,5 @@ rm /etc/nginx/sites-enabled/* ln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf -chown root:www-data /etc/letsencrypt/archive/ /etc/letsencrypt/live/ -chmod 750 /etc/letsencrypt/archive/ /etc/letsencrypt/live/ - - -chown -L root:www-data /etc/letsencrypt/live/viyurz.fr/privkey.pem -chmod 640 /etc/letsencrypt/live/viyurz.fr/privkey.pem - - systemctl start nginx systemctl reload nginx