Add custom error pages and Nginx configuration for proxy module
- Introduced custom HTML error pages for various HTTP status codes (400, 401, 403, 404, 408, 429, 500, 502, 503, 504) in the proxy module. - Created a .gitignore file to exclude non-HTML files in the error resources directory. - Updated Nginx configuration to serve custom error pages for upstream errors. - Added new Nginx configuration templates for handling HTTP and stream protocols. - Implemented Wireguard configuration templates and associated variables for secure connections. - Established Kubernetes resources for Stunnel and Wireguard, including deployment, service accounts, and config maps. - Defined variables for the Stunnel and Wireguard modules to facilitate configuration. - Created a new Wol Proxy module with Kubernetes resources for deployment and service management.
This commit is contained in:
@@ -0,0 +1,54 @@
|
||||
server {
|
||||
listen ${http_port};
|
||||
%{ if tls ~}
|
||||
listen ${https_port} ssl;
|
||||
ssl_certificate /etc/ssl/certs/private/tls.crt;
|
||||
ssl_certificate_key /etc/ssl/certs/private/tls.key;
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
%{ endif ~}
|
||||
server_name ${fqdn};
|
||||
# Custom error page for upstream errors
|
||||
%{ for e in errors ~}
|
||||
error_page ${e} /errors/${e}.html;
|
||||
location = /errors/${e}.html {
|
||||
root /usr/share/nginx/html;
|
||||
internal;
|
||||
}
|
||||
%{ endfor ~}
|
||||
%{ if custom_snippet != "" ~}
|
||||
${custom_snippet}
|
||||
%{ endif ~}
|
||||
%{ if auth ~}
|
||||
location = /auth {
|
||||
internal;
|
||||
proxy_pass http://localhost:5000/;
|
||||
proxy_pass_request_body off;
|
||||
proxy_set_header Content-Length "";
|
||||
proxy_set_header Authorization $http_authorization;
|
||||
}
|
||||
%{ endif }
|
||||
%{ for l in locations ~}
|
||||
location ${l.path} {
|
||||
%{ if l.resolver == "" ~}
|
||||
%{ if resolver != "" ~}
|
||||
resolver ${resolver};
|
||||
%{ endif ~}
|
||||
%{ else ~}
|
||||
resolver ${l.resolver};
|
||||
%{ endif ~}
|
||||
%{ if l.private ~}
|
||||
auth_request /auth<;
|
||||
%{ endif ~}
|
||||
set $upstream "%{ if l.upstream != "" ~}${l.upstream}%{ else ~}${upstream}%{ endif ~}";
|
||||
%{ if l.rewrite != "" ~}
|
||||
rewrite ${l.rewrite};
|
||||
%{ endif ~}
|
||||
proxy_pass $upstream;
|
||||
proxy_http_version 1.1;
|
||||
%{ for k,v in l.headers ~}
|
||||
proxy_set_header ${k} ${v};
|
||||
%{ endfor ~}
|
||||
proxy_intercept_errors on;
|
||||
}
|
||||
%{ endfor ~}
|
||||
}
|
||||
@@ -0,0 +1,48 @@
|
||||
worker_processes auto;
|
||||
|
||||
error_log /dev/stderr warn;
|
||||
pid /tmp/nginx.pid;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
proxy_temp_path /tmp/proxy_temp;
|
||||
client_body_temp_path /tmp/client_temp;
|
||||
fastcgi_temp_path /tmp/fastcgi_temp;
|
||||
uwsgi_temp_path /tmp/uwsgi_temp;
|
||||
scgi_temp_path /tmp/scgi_temp;
|
||||
|
||||
client_max_body_size 10M;
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /dev/stdout main;
|
||||
|
||||
sendfile on;
|
||||
|
||||
keepalive_timeout 65;
|
||||
|
||||
server {
|
||||
listen 8888;
|
||||
server_name _;
|
||||
location /health {
|
||||
access_log off;
|
||||
return 200 "OK";
|
||||
}
|
||||
}
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
}
|
||||
|
||||
stream {
|
||||
include /etc/nginx/streams.d/*.conf;
|
||||
}
|
||||
@@ -0,0 +1,13 @@
|
||||
upstream ${name} {
|
||||
%{ if resolver != "" ~}
|
||||
resolver ${resolver};
|
||||
%{ endif ~}
|
||||
server ${upstream}:${upstream_port};
|
||||
}
|
||||
server {
|
||||
listen %{ if protocol == "UDP" ~}${port} udp;%{ else ~}${port};%{ endif }
|
||||
%{ if custom_snippet != "" ~}
|
||||
${custom_snippet}
|
||||
%{ endif ~}
|
||||
proxy_pass ${name};
|
||||
}
|
||||
Reference in New Issue
Block a user