firefrost-gaming/firefrost-services
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b8f9926e9b2f03e76440f035edd63705f87d6e32
firefrost-services/services/_archived/arbiter/nginx.conf
Claude 483d12c34d Archive obsolete services (arbiter v2.0, whitelist-manager) 
Moved to services/_archived/:
- arbiter/ (v2.0.0) - superseded by arbiter-3.0/
- whitelist-manager/ - merged into Trinity Console

Added README explaining what's archived and why.

DO NOT DEPLOY archived services - kept for historical reference only.

Chronicler #76
2026-04-11 08:00:17 +00:00

65 lines
2.0 KiB
Nginx Configuration File
Raw Blame History

# Firefrost Arbiter - Nginx Configuration
# Location: /etc/nginx/sites-available/arbiter
# Enable with: sudo ln -s /etc/nginx/sites-available/arbiter /etc/nginx/sites-enabled/
# Then: sudo nginx -t && sudo systemctl reload nginx
# HTTP -> HTTPS Redirect
server {
listen 80;
server_name discord-bot.firefrostgaming.com;
return 301 https://$host$request_uri;
}
# HTTPS Server Block
server {
listen 443 ssl http2;
server_name discord-bot.firefrostgaming.com;
# SSL Configuration (Let's Encrypt)
ssl_certificate /etc/letsencrypt/live/discord-bot.firefrostgaming.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/discord-bot.firefrostgaming.com/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Security Headers
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
# Access Logs
access_log /var/log/nginx/arbiter-access.log;
error_log /var/log/nginx/arbiter-error.log;
# Proxy Configuration
location / {
proxy_pass http://127.0.0.1:3500;
proxy_http_version 1.1;
# WebSocket Support (for Discord.js if needed)
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
# Proxy Headers
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Timeouts
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
# Cache Control
proxy_cache_bypass $http_upgrade;
}
# Health Check Endpoint (optional monitoring)
location /health {
proxy_pass http://127.0.0.1:3500/health;
access_log off;
}
}
Reference in New Issue View Git Blame Copy Permalink