M-Labs/it-infra
M-Labs
/
it-infra
8
0
Fork 4
Code Issues 12 Pull Requests 2 Releases Wiki Activity

Update mirror configuration 

Signed-off-by: Egor Savkin <es@m-labs.hk>
This commit is contained in:
Egor Savkin 2024-06-13 15:01:06 +08:00
parent 6f99f652a0
commit f9a065ea27
6 changed files with 86 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
m-labs-intl/m-labs-intl.com
View File

@ -1,3 +1,7 @@
upstream rfq_server {
server 127.0.0.1:5000;
}
server {
root /var/www/m-labs-intl.com/html;
@ -5,12 +9,15 @@ server {
server_name m-labs-intl.com www.m-labs-intl.com;
location /api/rfq {
proxy_pass http://127.0.0.1:5000/rfq;
location /rfq {
proxy_pass http://rfq_server/rfq;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 30;
proxy_connect_timeout 30;
proxy_send_timeout 30;
}
location / {

87
m-labs-intl/nginx.conf
View File

@ -62,22 +62,81 @@ http {
stream {
log_format basic '$remote_addr [$time_local] $protocol $status $bytes_sent $bytes_received $session_time';
resolver 1.1.1.1 valid=3600s;
resolver_timeout 5s;
access_log /var/log/nginx/access.log basic;
# SMTP over TLS (SMTPS) Proxy
server {
listen 587; # Standard port for SMTPS
proxy_pass mail.m-labs.hk:587;
# Upstream mail servers
upstream smtp_backend {
server mail.m-labs.hk:25;
}
# IMAP over TLS (IMAPS) Proxy
upstream pop3_backend {
server mail.m-labs.hk:110;
}
upstream imap_backend {
server mail.m-labs.hk:143;
}
upstream smtps_backend {
server mail.m-labs.hk:465;
}
upstream submission_backend {
server mail.m-labs.hk:587;
}
upstream imaps_backend {
server mail.m-labs.hk:993;
}
upstream pop3s_backend {
server mail.m-labs.hk:995;
}
# SMTP
server {
listen 143; # Standard port for IMAPS
proxy_pass mail.m-labs.hk:993;
listen 25;
proxy_pass smtp_backend;
proxy_protocol on;
}
# POP3
server {
listen 110;
proxy_pass pop3_backend;
proxy_protocol on;
}
# IMAP
server {
listen 143;
proxy_pass imap_backend;
proxy_protocol on;
}
# SMTPS (Secure SMTP)
server {
listen 465;
proxy_pass smtps_backend;
proxy_protocol on;
}
# Submission (Authenticated SMTP)
server {
listen 587;
proxy_pass submission_backend;
proxy_protocol on;
}
# IMAPS (Secure IMAP)
server {
listen 993;
proxy_pass imaps_backend;
proxy_protocol on;
}
# POP3S (Secure POP3)
server {
listen 995;
proxy_pass pop3s_backend;
proxy_protocol on;
}
}

7
m-labs-intl/redeploy.sh
View File

@ -1,7 +0,0 @@
#!/usr/bin/env bash
cd /home/zolaupd/web2019
git fetch origin
git reset --hard origin/master
DOMAINNAME=m-labs-intl.com ./zola build -o /var/www/m-labs-intl.com/html/ --force

2
m-labs-intl/runrfq.sh
View File

@ -11,4 +11,4 @@ export FLASK_MAIL_SENDER=sysop-intl@m-labs-intl.com
cd /home/rfqserver/web2019/server
source venv/bin/activate
python3 -m flask --app rfq run
python3 -m flask --app rfq run --port=5000

15
m-labs-intl/setup.sh
View File

@ -1,7 +1,5 @@
#!/usr/bin/env bash
apt install git nginx-full python3 python3.12-venv python3-pip
snap install --classic certbot
ln -s /snap/bin/certbot /usr/bin/certbot
@ -28,12 +26,9 @@ chown rfqserver /home/rfqserver/mail.secret
sudo -u zolaupd sh -c '
cd /home/zolaupd;
git clone https://git.m-labs.hk/M-Labs/web2019.git;
cd web2019;
wget https://github.com/getzola/zola/releases/download/v0.18.0/zola-v0.18.0-x86_64-unknown-linux-gnu.tar.gz;
tar -xvf zola-v0.18.0-x86_64-unknown-linux-gnu.tar.gz;
chmod +x zola;
./../redeploy.sh;
mkdir /home/zolaupd/.ssh;
echo -n "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP1OJJM8g/1ffxDjN31XKEfGmrYaW03lwpyTa1UGWqVx
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF6R6XK0IiuAKxVKvSABm4m9bfOlvfJcMvTpjenuXUPv" > /home/zolaupd/.ssh/authorized_keys
'
sudo -u rfqserver sh -c '
@ -46,10 +41,6 @@ sudo -u rfqserver sh -c '
'
cp rfq.service /etc/systemd/system/
cp zolaupd /etc/cron.d/
systemctl enable cron
service cron reload
systemctl daemon-reload
systemctl enable rfq.service

5
m-labs-intl/zolaupd
View File

@ -1,5 +0,0 @@
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
0 */6 * * * zolaupd /home/zolaupd/redeploy.sh >> /home/zolaupd/redeploy.log 2>&1