Emitter: Make Rupert TLS upstream IPv6-only
This commit is contained in:
parent
8685c9ddc9
commit
e04e623dea
1 changed files with 10 additions and 13 deletions
|
|
@ -3,31 +3,28 @@
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
streamConfig = ''
|
streamConfig = ''
|
||||||
map $ssl_preread_server_name $target_backend {
|
map $ssl_preread_server_name $target_backend {
|
||||||
|
default rupert;
|
||||||
md.gvfr.de rupert;
|
md.gvfr.de rupert;
|
||||||
rupert.gvfr.de rupert;
|
rupert.gvfr.de rupert;
|
||||||
default localserv;
|
git.25120.org localserv;
|
||||||
}
|
}
|
||||||
|
|
||||||
upstream rupert {
|
upstream rupert {
|
||||||
server rupert.gvfr.de:4431;
|
zone upstream_rupert 64k;
|
||||||
|
|
||||||
|
server rupert.gvfr.de:4431 resolve;
|
||||||
|
resolver 9.9.9.9 ipv4=off ipv6=on;
|
||||||
}
|
}
|
||||||
|
|
||||||
upstream localserv {
|
upstream localserv {
|
||||||
server localhost:4431;
|
server 127.0.0.1:4431;
|
||||||
}
|
}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
listen 443;
|
listen 443;
|
||||||
ssl_preread on;
|
ssl_preread on;
|
||||||
|
|
||||||
# proxy_connect_timeout 1s;
|
|
||||||
# proxy_timeout 3s;
|
|
||||||
# resolver 1.1.1.1;
|
|
||||||
|
|
||||||
proxy_pass $target_backend;
|
|
||||||
proxy_next_upstream off;
|
|
||||||
|
|
||||||
proxy_protocol on;
|
proxy_protocol on;
|
||||||
|
proxy_pass $target_backend;
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue