Add custom error pages and Nginx configuration for proxy module

- Introduced custom HTML error pages for various HTTP status codes (400, 401, 403, 404, 408, 429, 500, 502, 503, 504) in the proxy module.
- Created a .gitignore file to exclude non-HTML files in the error resources directory.
- Updated Nginx configuration to serve custom error pages for upstream errors.
- Added new Nginx configuration templates for handling HTTP and stream protocols.
- Implemented Wireguard configuration templates and associated variables for secure connections.
- Established Kubernetes resources for Stunnel and Wireguard, including deployment, service accounts, and config maps.
- Defined variables for the Stunnel and Wireguard modules to facilitate configuration.
- Created a new Wol Proxy module with Kubernetes resources for deployment and service management.
This commit is contained in:
2025-10-02 00:19:01 +02:00
parent 4d00986273
commit e6a3f3affd
62 changed files with 1517 additions and 99 deletions
@@ -0,0 +1,54 @@
server {
listen ${http_port};
%{ if tls ~}
listen ${https_port} ssl;
ssl_certificate /etc/ssl/certs/private/tls.crt;
ssl_certificate_key /etc/ssl/certs/private/tls.key;
ssl_protocols TLSv1.2 TLSv1.3;
%{ endif ~}
server_name ${fqdn};
# Custom error page for upstream errors
%{ for e in errors ~}
error_page ${e} /errors/${e}.html;
location = /errors/${e}.html {
root /usr/share/nginx/html;
internal;
}
%{ endfor ~}
%{ if custom_snippet != "" ~}
${custom_snippet}
%{ endif ~}
%{ if auth ~}
location = /auth {
internal;
proxy_pass http://localhost:5000/;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header Authorization $http_authorization;
}
%{ endif }
%{ for l in locations ~}
location ${l.path} {
%{ if l.resolver == "" ~}
%{ if resolver != "" ~}
resolver ${resolver};
%{ endif ~}
%{ else ~}
resolver ${l.resolver};
%{ endif ~}
%{ if l.private ~}
auth_request /auth<;
%{ endif ~}
set $upstream "%{ if l.upstream != "" ~}${l.upstream}%{ else ~}${upstream}%{ endif ~}";
%{ if l.rewrite != "" ~}
rewrite ${l.rewrite};
%{ endif ~}
proxy_pass $upstream;
proxy_http_version 1.1;
%{ for k,v in l.headers ~}
proxy_set_header ${k} ${v};
%{ endfor ~}
proxy_intercept_errors on;
}
%{ endfor ~}
}
@@ -0,0 +1,48 @@
worker_processes auto;
error_log /dev/stderr warn;
pid /tmp/nginx.pid;
events {
worker_connections 1024;
}
http {
proxy_temp_path /tmp/proxy_temp;
client_body_temp_path /tmp/client_temp;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
client_max_body_size 10M;
proxy_buffering off;
proxy_request_buffering off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /dev/stdout main;
sendfile on;
keepalive_timeout 65;
server {
listen 8888;
server_name _;
location /health {
access_log off;
return 200 "OK";
}
}
include /etc/nginx/conf.d/*.conf;
}
stream {
include /etc/nginx/streams.d/*.conf;
}
@@ -0,0 +1,13 @@
upstream ${name} {
%{ if resolver != "" ~}
resolver ${resolver};
%{ endif ~}
server ${upstream}:${upstream_port};
}
server {
listen %{ if protocol == "UDP" ~}${port} udp;%{ else ~}${port};%{ endif }
%{ if custom_snippet != "" ~}
${custom_snippet}
%{ endif ~}
proxy_pass ${name};
}