nginx-rp: remove http2 from HTTP server, remove service file + add kavita

This commit is contained in:
Viyurz 2023-12-13 14:41:24 +01:00
parent 64e5638b75
commit 830d3bca28
4 changed files with 31 additions and 41 deletions

View file

@ -0,0 +1,14 @@
services:
kavita:
image: lscr.io/linuxserver/kavita:latest
container_name: kavita
restart: always
environment:
- PUID=1003
- GUID=1003
- TZ=Europe/Paris
ports:
- "[::1]:5000:5000"
volumes:
- /mnt/kavita/data:/data
- /mnt/kavita/config:/kavita/config

View file

@ -1,7 +1,7 @@
# Redirect HTTP to HTTPS # Redirect HTTP to HTTPS
server { server {
listen 80 http2 default_server; listen 80 default_server;
listen [::]:80 http2 default_server; listen [::]:80 default_server;
server_name _; server_name _;
@ -173,6 +173,20 @@ server {
# Kavita
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name kavita.viyurz.fr;
location / {
proxy_pass http://localhost:5000;
}
}
# Homepage # Homepage
server { server {
listen 443 ssl http2; listen 443 ssl http2;

View file

@ -1,20 +0,0 @@
[Service]
User=www-data
Group=www-data
NoNewPrivileges=yes
CapabilityBoundingSet=
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=
AmbientCapabilities=CAP_NET_BIND_SERVICE
RuntimeDirectory=nginx
StateDirectory=nginx
LogsDirectory=nginx
PIDFile=/run/nginx/nginx.pid
ExecStartPre=
ExecStartPre=/usr/sbin/nginx -t -q -g 'daemon on; master_process on; pid /run/nginx/nginx.pid;'
ExecStart=
ExecStart=/usr/sbin/nginx -g 'daemon on; master_process on; pid /run/nginx/nginx.pid;'
ExecReload=
ExecReload=/usr/sbin/nginx -g 'daemon on; master_process on; pid /run/nginx/nginx.pid;' -s reload
ExecStop=
ExecStop=-/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx/nginx.pid

View file

@ -12,7 +12,7 @@ fi
rel_path="$(dirname "$0")" rel_path="$(dirname "$0")"
# Fichiers requis pour le script # Fichiers requis pour le script
files=('dhparam.txt' 'nginx.conf' 'reverse-proxy.conf' 'service.conf') files=('dhparam.txt' 'nginx.conf' 'reverse-proxy.conf')
for file in "${files[@]}"; do for file in "${files[@]}"; do
if ! [[ -f "$rel_path/$file" ]]; then if ! [[ -f "$rel_path/$file" ]]; then
echo "Required file $file is missing, exiting." echo "Required file $file is missing, exiting."
@ -26,16 +26,6 @@ if [[ ! -x /usr/sbin/nginx ]]; then
fi fi
# mkdir /etc/systemd/system/nginx.service.d 2> /dev/null
# if ! diff "$rel_path/service.conf" /etc/systemd/system/nginx.service.d/service.conf &> /dev/null; then
# cp "$rel_path/service.conf" "/etc/systemd/system/nginx.service.d/service.conf"
# systemctl daemon-reload
# systemctl restart nginx
# fi
cp "$rel_path/nginx.conf" /etc/nginx/ cp "$rel_path/nginx.conf" /etc/nginx/
cp "$rel_path/reverse-proxy.conf" /etc/nginx/sites-available/ cp "$rel_path/reverse-proxy.conf" /etc/nginx/sites-available/
cp "$rel_path/dhparam.txt" /etc/nginx/ cp "$rel_path/dhparam.txt" /etc/nginx/
@ -45,13 +35,5 @@ rm /etc/nginx/sites-enabled/*
ln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf ln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf
chown root:www-data /etc/letsencrypt/archive/ /etc/letsencrypt/live/
chmod 750 /etc/letsencrypt/archive/ /etc/letsencrypt/live/
chown -L root:www-data /etc/letsencrypt/live/viyurz.fr/privkey.pem
chmod 640 /etc/letsencrypt/live/viyurz.fr/privkey.pem
systemctl start nginx systemctl start nginx
systemctl reload nginx systemctl reload nginx