diff --git a/nginx.conf b/nginx.conf index 8d09571..9daf15f 100644 --- a/nginx.conf +++ b/nginx.conf @@ -3,12 +3,14 @@ events {} http { include /etc/nginx/mime.types; default_type application/octet-stream; + resolver 127.0.0.11 ipv6=off; # ───────────── upstreams to Docker services ───────────── upstream backend5000 { server server1:5000; } # auth & free upstream backend5001 { server server2:5001; } # onet, distance, etc. upstream backend5002 { server server3:5002; } # premium upstream gitea_backend { server gitea:3000; } # gitea service (shared network) + upstream woodpecker_backend { server woodpecker-server:8000; } ######################################################################## # 1. HTTP → HTTPS redirect for the main site @@ -100,4 +102,37 @@ http { server_name gitea.dev1.aptivaai.com; return 301 https://$host$request_uri; } + ######################################################################## +# 5. Woodpecker CI (HTTPS) ci.dev1.aptivaai.com +######################################################################## + +server { + listen 443 ssl; + http2 on; + server_name ci.dev1.aptivaai.com; + + ssl_certificate /etc/letsencrypt/live/ci.dev1.aptivaai.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/ci.dev1.aptivaai.com/privkey.pem; + ssl_protocols TLSv1.2 TLSv1.3; + + location / { + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_pass http://woodpecker_backend; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + } +} + +######################################################################## +# 6. Woodpecker HTTP → HTTPS redirect +######################################################################## +server { + listen 80; + server_name ci.dev1.aptivaai.com; + return 301 https://$host$request_uri; +} + }