diff --git a/content/posts/cloud/20200624T220819+0900_retry/index.rst b/content/posts/cloud/20200624T220819+0900_retry/index.rst new file mode 100644 index 0000000..78f95a7 --- /dev/null +++ b/content/posts/cloud/20200624T220819+0900_retry/index.rst @@ -0,0 +1,138 @@ +gateway server == yunohost == nosignal.hopto.org (192.168.1.120) +proxy server == nextcloudpi (odroid-hc2_4T_HDD) == nopost.hopto.org (192.168.1.110) + +public ip == 211.108.178.33 +ddns to this ip == nosignal.hopto.org, nopost.hopto.org, nomatter.hopto.org + + +gateway server configurations +----------------------------- + +cat /etc/hosts + +---- + +127.0.0.1 localhost +127.0.1.1 yunohost.yunohost.org yunohost + +# The following lines are desirable for IPv6 capable hosts +::1 localhost ip6-localhost ip6-loopback +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters +192.168.1.150 nextcloud.local nextcloud +192.168.1.110 nextcloudpi.local nextcloudpi + + +cat /etc/nginx/conf.d/nopost.hopto.org.d/proxy.conf + +---- + +location / { + proxy_pass https://192.168.1.110; + proxy_set_header Host $host; + + if ($scheme = http) + { + rewrite ^ https://$server_name$request_uri? permanent; + } + + proxy_buffering off; + tcp_nodelay on; +} + + +*nopost.hopto.org is dedicated only for this proxy server. no other app is using it.* + + +cat /etc/ssowat/conf.json + +---- + +{ + "additional_headers": { + "Auth-User": "uid", + "Email": "mail", + "Name": "cn", + "Remote-User": "uid" + }, + "domains": [ + "nopost.hopto.org", + "nomatter.hopto.org", + "nosignal.hopto.org" + ], + "portal_domain": "nosignal.hopto.org", + "portal_path": "/yunohost/sso/", + "protected_regex": [], + "protected_urls": [], + "redirected_regex": { + "nosignal.hopto.org/yunohost[\\/]?$": "https://nosignal.hopto.org/yunohost/sso/" + }, + "redirected_urls": {}, + "skipped_regex": [ + "nopost%.hopto%.org/%.well%-known/.*", + "^[^/]*/%.well%-known/acme%-challenge/.*$", + "^[^/]*/%.well%-known/autoconfig/mail/config%-v1%.1%.xml.*$" + ], + "skipped_urls": [ + "nosignal.hopto.org/pad", + "nopost.hopto.org/yunohost/admin", + "nopost.hopto.org/yunohost/api", + "nomatter.hopto.org/yunohost/admin", + "nomatter.hopto.org/yunohost/api", + "nosignal.hopto.org/yunohost/admin", + "nosignal.hopto.org/yunohost/api", + ], + "unprotected_regex": [], + "unprotected_urls": [ + "nosignal.hopto.org/flarum", + "nosignal.hopto.org/gitlab", + "nosignal.hopto.org/grav", + "nosignal.hopto.org/jupyterlab", + "nosignal.hopto.org/kanboard/jsonrpc.php", + "nomatter.hopto.org", + "nosignal.hopto.org/nextcloud", + "nosignal.hopto.org/SOGo", + "nopost.hopto.org" + ], + "users": { + "doohoyi": { + "nomatter.hopto.org/": "Mattermost", + "nosignal.hopto.org/SOGo": "SOGo", + "nosignal.hopto.org/airsonic": "Airsonic", + "nosignal.hopto.org/distbin": "Distbin", + "nosignal.hopto.org/flarum": "Flarum", + "nosignal.hopto.org/gitlab": "Gitlab", + "nosignal.hopto.org/grav": "Grav", + "nosignal.hopto.org/jupyterlab": "JupyterLab", + "nosignal.hopto.org/kanboard": "Kanboard", + "nosignal.hopto.org/nextcloud": "Nextcloud", + "nosignal.hopto.org/pad": "Etherpad Mypads", + "nosignal.hopto.org/phpmyadmin": "phpMyAdmin", + "nosignal.hopto.org/rainloop": "Rainloop", + "nosignal.hopto.org/riot": "Riot", + "nosignal.hopto.org/site": "Multi custom webapp", + "nosignal.hopto.org/strut": "Strut", + "nosignal.hopto.org/torrent": "Transmission" + }, + "wonjung": { + "nomatter.hopto.org/": "Mattermost", + "nosignal.hopto.org/SOGo": "SOGo", + "nosignal.hopto.org/airsonic": "Airsonic", + "nosignal.hopto.org/distbin": "Distbin", + "nosignal.hopto.org/flarum": "Flarum", + "nosignal.hopto.org/gitlab": "Gitlab", + "nosignal.hopto.org/grav": "Grav", + "nosignal.hopto.org/jupyterlab": "JupyterLab", + "nosignal.hopto.org/kanboard": "Kanboard", + "nosignal.hopto.org/nextcloud": "Nextcloud", + "nosignal.hopto.org/pad": "Etherpad Mypads", + "nosignal.hopto.org/rainloop": "Rainloop", + "nosignal.hopto.org/riot": "Riot", + "nosignal.hopto.org/site": "Multi custom webapp", + "nosignal.hopto.org/strut": "Strut", + "nosignal.hopto.org/torrent": "Transmission" + } + } +} + +*only "nopost.hopto.org" is added to "unprotected_urls"*