Initial commit

2025-04-26 15:03:06 +02:00 · 2025-04-26 15:03:06 +02:00 · 3b84ec9de7
commit 3b84ec9de7
3 changed files with 85 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,2 @@
+.idea
+.env
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -0,0 +1,32 @@
+services:
+  tailscale:
+    image: tailscale/tailscale:latest
+    container_name: tailscale-vps
+    env_file:
+      - .env
+    environment:
+      - TS_STATE_DIR=/var/lib/tailscale
+      - TS_USERSPACE=false
+    volumes:
+      - tailscale-vps:/var/lib/tailscale
+      - /dev/net/tun:/dev/net/tun
+    cap_add:
+      - net_admin
+      - sys_module
+    network_mode: "service:nginx"
+    restart: unless-stopped
+
+  nginx:
+    image: nginx
+    container_name: nginx
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - /etc/letsencrypt:/etc/letsencrypt:ro
+      - ./nginx.conf:/etc/nginx/nginx.conf:ro
+    restart: unless-stopped
+
+volumes:
+  tailscale-vps:
+    driver: local
--- a/nginx.conf
+++ b/nginx.conf
@ -0,0 +1,51 @@
+events {}
+
+http {
+    server {
+        listen 80;
+        server_name vps.gerardgascon.com;
+
+        return 301 https://$host$request_uri;
+    }
+
+    server {
+        listen 443 ssl;
+        server_name vps.gerardgascon.com;
+
+        ssl_certificate /etc/letsencrypt/live/vps.gerardgascon.com/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/vps.gerardgascon.com/privkey.pem;
+
+        ssl_protocols TLSv1.2 TLSv1.3;
+        ssl_ciphers HIGH:!aNULL:!MD5;
+
+        root /usr/share/nginx/html
+        index index.html
+
+        location / {
+
+        }
+    }
+
+    server {
+        listen 80;
+        server_name git.gerardgascon.com;
+
+        return 301 https://$host$request_uri;
+    }
+
+    server {
+        listen 443 ssl;
+        server_name git.gerardgascon.com;
+
+        ssl_certificate /etc/letsencrypt/live/git.gerardgascon.com/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/git.gerardgascon.com/privkey.pem;
+
+        location / {
+            proxy_pass http://100.86.144.2:3002/;
+            proxy_set_header X-Forwarded-Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
+}