blobl.io/nginx_default at main · io-eric/blobl.io · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
# Configuration for fra1.blobl.io
server {
    server_name fra1.blobl.io;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/fra1.blobl.io/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/fra1.blobl.io/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    # Handle /ping
    location /ping {
        if ($http_origin != "https://blobl.io") {
             return 403;
        }

        return 200 "pong";
        add_header Content-Type text/plain;

        # CORS headers
        add_header 'Access-Control-Allow-Origin' 'https://blobl.io';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization';

        # Handle preflight requests
        if ($request_method = OPTIONS) {
            return 204;
        }
    }

    # Redirect /ffa to port 8000
    location /ffa {
        if ($http_origin != "https://blobl.io") {
            return 403;
        }

        proxy_pass http://localhost:8000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    # Redirect /servers to port 3002
    location /get-server {
        if ($http_origin != "https://blobl.io") {
             return 403;
        }

        proxy_pass http://localhost:3002;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    # Redirect /ffa1 to port 8080
    location /ffa1 {
        if ($http_origin != "https://blobl.io") {
            return 403;
        }

        proxy_pass http://localhost:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    # Redirect /ffa2 to port 8081
    location /ffa2 {
        if ($http_origin != "https://blobl.io") {
            return 403;
        }

        proxy_pass http://localhost:8081;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

      # Redirect /ffa2 to port 8081
    location /ffa99 {
        if ($http_origin != "https://blobl.io") {
            return 403;
        }

        proxy_pass http://localhost:9090;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

# Configuration for auth.blobl.io
server {
    server_name auth.blobl.io;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/auth.blobl.io/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/auth.blobl.io/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    client_max_body_size 1K;  # Set to 1 Kilobyte

    # Redirect incoming requests to port 3000
    location / {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

# HTTP configuration for fra1.blobl.io
server {
    listen 80;
    server_name fra1.blobl.io;

    # Redirect all HTTP traffic to HTTPS
    return 301 https://$host$request_uri;
}

# HTTP configuration for leaderboard.blobl.io
server {
    listen 80;
    server_name leaderboard.blobl.io;

    # Redirect all HTTP traffic to HTTPS
    return 301 https://$host$request_uri;


}

# HTTP configuration for auth.blobl.io
server {
    listen 80;
    server_name auth.blobl.io;

    # Redirect all HTTP traffic to HTTPS
    return 301 https://$host$request_uri;
}