From fa04e757e65eed372f2630497cf086768e3ce44e Mon Sep 17 00:00:00 2001
From: Paul Walko <paulsw.pw@gmail.com>
Date: Sun, 8 Nov 2020 09:42:29 -0500
Subject: [PATCH] Revert "remove extra domains"

This reverts commit a8d64cf4cd5d8aa1c1e40255ff16050a48da7f38.
---
 madone/docker/nginx/README.md                 |  1 +
 madone/docker/nginx/launch.sh                 | 24 +++++++
 madone/docker/nginx/nginx.conf                | 63 +++++++++++++++++++
 madone/docker/nginx/site-confs/default        | 29 +++++++++
 .../site-confs/madone.seaturtle.pw.enabled    | 39 ++++++++++++
 .../nginx/site-confs/paul.walko.org.enabled   | 23 +++++++
 .../docker/nginx/site-confs/walko.org.enabled | 34 ++++++++++
 7 files changed, 213 insertions(+)
 create mode 100644 madone/docker/nginx/README.md
 create mode 100755 madone/docker/nginx/launch.sh
 create mode 100644 madone/docker/nginx/nginx.conf
 create mode 100644 madone/docker/nginx/site-confs/default
 create mode 100644 madone/docker/nginx/site-confs/madone.seaturtle.pw.enabled
 create mode 100644 madone/docker/nginx/site-confs/paul.walko.org.enabled
 create mode 100644 madone/docker/nginx/site-confs/walko.org.enabled

diff --git a/madone/docker/nginx/README.md b/madone/docker/nginx/README.md
new file mode 100644
index 0000000..1a08bd2
--- /dev/null
+++ b/madone/docker/nginx/README.md
@@ -0,0 +1 @@
+Mostly stolen from https://github.com/vtluug/docker-manifests/tree/master/sczi/nginx
diff --git a/madone/docker/nginx/launch.sh b/madone/docker/nginx/launch.sh
new file mode 100755
index 0000000..7a6bc94
--- /dev/null
+++ b/madone/docker/nginx/launch.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+docker run \
+    --name nginx \
+    --detach \
+    --restart unless-stopped \
+    --env PUID=1000 \
+    --env PGID=1000 \
+    --env EMAIL=sysadmin@seaturtle.pw \
+    --env URL=seaturtle.pw \
+    --env ONLY_SUBDOMAINS=true \
+    --env SUBDOMAINS=madone \
+    --env EXTRA_DOMAINS=paul.walko.org,paul.walko.org,walko.org,www.walko.org \
+    --env VALIDATION=html \
+    --env TZ=US/Eastern \
+    --volume $PWD/nginx-config:/config:rw \
+    --volume $PWD/nginx.conf:/config/nginx/nginx.conf:ro \
+    --volume $PWD/site-confs:/config/nginx/site-confs:ro \
+    --volume $HOME/files:/files-docker:ro \
+    --publish 51.159.29.122:80:80 \
+    --publish 51.159.29.122:443:443 \
+    --publish [2001:bc8:6005:19:208:a2ff:fe0c:917c]:80:80 \
+    --publish [2001:bc8:6005:19:208:a2ff:fe0c:917c]:443:443 \
+    linuxserver/letsencrypt:1.3.0-ls110
diff --git a/madone/docker/nginx/nginx.conf b/madone/docker/nginx/nginx.conf
new file mode 100644
index 0000000..4c3f0ca
--- /dev/null
+++ b/madone/docker/nginx/nginx.conf
@@ -0,0 +1,63 @@
+## Version 2018/04/07 - Changelog: https://github.com/linuxserver/docker-letsencrypt/commits/master/root/defaults/nginx.conf
+
+user abc;
+worker_processes 4;
+pid /run/nginx.pid;
+include /etc/nginx/modules/*.conf;
+
+events {
+    worker_connections 768;
+    # multi_accept on;
+}
+
+http {
+
+    ##
+    # Basic Settings
+    ##
+
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+    types_hash_max_size 2048;
+    # server_tokens off;
+
+    # server_names_hash_bucket_size 64;
+    # server_name_in_redirect off;
+
+    client_max_body_size 0;
+
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    ##
+    # Logging Settings
+    ##
+
+    access_log /config/log/nginx/access.log;
+    error_log /config/log/nginx/error.log;
+
+    ##
+    # Gzip Settings
+    ##
+
+    gzip on;
+    gzip_disable "msie6";
+
+    # gzip_vary on;
+    # gzip_proxied any;
+    # gzip_comp_level 6;
+    # gzip_buffers 16 8k;
+    # gzip_http_version 1.1;
+    # gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
+
+    ##
+    # Virtual Host Configs
+    ##
+    include /etc/nginx/conf.d/*.conf;
+    include /config/nginx/site-confs/default;
+    include /config/nginx/site-confs/*.enabled;
+}
+
+daemon off;
diff --git a/madone/docker/nginx/site-confs/default b/madone/docker/nginx/site-confs/default
new file mode 100644
index 0000000..f63f895
--- /dev/null
+++ b/madone/docker/nginx/site-confs/default
@@ -0,0 +1,29 @@
+## Based on version below; but heavily modified for LUUG
+## Version 2018/09/12 - Changelog: https://github.com/linuxserver/docker-letsencrypt/commits/master/root/defaults/default
+
+# This is the main file that will be pe present no matter what
+# Individual sites are specified in /config/nginx/sites/*.enabled
+
+# Redirect unknown HTTP traffic to https://seaturtle.pw
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+    server_name _;
+    
+    return 301 https://seaturtle.pw;
+}
+
+# Redirect unknown HTTPS traffic to https://seaturtle.pw
+# If we don't have a cert for the site the client get an error but that's fine
+server {
+    listen 443 default_server;
+    listen [::]:443 default_server;
+    server_name _;
+
+    # ssl conf
+    include /config/nginx/ssl.conf;
+    
+    return 301 https://seaturtle.pw;
+}
+
+# Enabled sites are included in /config/nginx/nginx.conf
diff --git a/madone/docker/nginx/site-confs/madone.seaturtle.pw.enabled b/madone/docker/nginx/site-confs/madone.seaturtle.pw.enabled
new file mode 100644
index 0000000..65e2d83
--- /dev/null
+++ b/madone/docker/nginx/site-confs/madone.seaturtle.pw.enabled
@@ -0,0 +1,39 @@
+server {
+    listen 80;
+    listen [::]:80;
+    server_name madone.seaturtle.pw;
+
+    return 301 https://madone.seaturtle.pw$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    server_name madone.seaturtle.pw;
+
+    # ssl conf
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 1M;
+
+    # Purposefully do not proxy main site because there's no reason somone
+    #  should be using this domain name
+    location / {
+        return 301 https://example.com;
+    }
+
+    # Proxy weechat
+    location /weechat {
+        proxy_pass http://172.17.0.1:9001;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_read_timeout 8h;
+    }
+    
+    # Serve misc files
+    location /files {
+        alias /files-docker;
+        autoindex on;
+    }
+}
diff --git a/madone/docker/nginx/site-confs/paul.walko.org.enabled b/madone/docker/nginx/site-confs/paul.walko.org.enabled
new file mode 100644
index 0000000..aa0db58
--- /dev/null
+++ b/madone/docker/nginx/site-confs/paul.walko.org.enabled
@@ -0,0 +1,23 @@
+server {
+    listen 80;
+    listen [::]:80;
+    server_name paul.walko.org;
+
+    return 301 https://paul.walko.org$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    server_name paul.walko.org;
+
+    # ssl conf
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 1M;
+
+    # Proxy main site
+    location / {
+        proxy_pass https://paulwalko.github.io;
+    }
+}
diff --git a/madone/docker/nginx/site-confs/walko.org.enabled b/madone/docker/nginx/site-confs/walko.org.enabled
new file mode 100644
index 0000000..97fc6c8
--- /dev/null
+++ b/madone/docker/nginx/site-confs/walko.org.enabled
@@ -0,0 +1,34 @@
+server {
+    listen 80;
+    listen [::]:80;
+    server_name walko.org www.walko.org;
+
+    return 301 https://walko.org$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    server_name www.walko.org;
+
+    # ssl conf
+    include /config/nginx/ssl.conf;
+
+    return 301 https://walko.org$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    server_name walko.org;
+
+    # ssl conf
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 1M;
+
+    # Proxy main site
+    location / {
+        proxy_pass https://paulwalko.github.io;
+    }
+}