JeDaYoshi/cryb.app

## cryb.app
# example config for reverse proxy in nginx for Cryb
# change cryb.app for your domain
# also make a SSL certificate that applies either to all of your subdomains or cryb.app and *.cryb.app
# also setup your server to forward HTTP requests to HTTPS, if you want to keep that.
# - jeda.im

# default config - use this if you're dedicating your web
# server for Cryb, or edit as your convenience
server {
	listen 80 default_server;
	listen 443 ssl http2 default_server;
	listen [::]:80 default_server;
	listen [::]:443 ssl http2 default_server;
	ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
	ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;

	server_name www.cryb.app;

	return 301 https://cryb.app$request_uri;
}

# @cryb/web
server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
	ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
	add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

	server_name cryb.app;

	location / {
		proxy_pass http://localhost:3000;
		proxy_set_header Host $http_host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
	}
}

# @cryb/api
server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
	ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
	add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

	server_name api.cryb.app;

	location / {
		proxy_pass http://localhost:4000;
		proxy_set_header Host $http_host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "Upgrade";
		proxy_cache_bypass $http_upgrade;
		proxy_connect_timeout 7d;
		proxy_send_timeout 7d;
		proxy_read_timeout 7d;
	}
}

# @cryb/portals
server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
	ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
	add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

	server_name portals.cryb.app;

	location / {
		proxy_pass http://localhost:5000;
		proxy_set_header Host $http_host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "Upgrade";
		proxy_connect_timeout 7d;
		proxy_send_timeout 7d;
		proxy_read_timeout 7d;
	}
}

# @cryb/aperture
server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
	ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
	add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

	server_name aperture.cryb.app;

	location / {
		proxy_pass http://localhost:9001;
		proxy_set_header Host $http_host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_connect_timeout 7d;
		proxy_send_timeout 7d;
		proxy_read_timeout 7d;
	}
}

# @cryb/aperture (streaming) - people seem to be having issue with this one
server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
	ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
	add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

	server_name streaming.cryb.app;

	location / {
		proxy_pass http://localhost:9000;
		proxy_set_header Host $http_host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_connect_timeout 7d;
		proxy_send_timeout 7d;
		proxy_read_timeout 7d;
	}
}

## nossl.cryb.app
# example config for reverse proxy in nginx for Cryb without SSL
# change cryb.app for your domain
# this isn't recommended, but provided for completeness
# - jeda.im

# default config - use this if you're dedicating your web
# server for Cryb, or edit as your convenience
server {
	listen 80 default_server;
	listen [::]:80 default_server;

	server_name www.cryb.app;

	return 301 http://cryb.app$request_uri;
}

# @cryb/web
server {
	listen 80;
	listen [::]:80;

	server_name cryb.app;

	location / {
		proxy_pass http://localhost:3000;
		proxy_set_header Host $http_host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
	}
}

# @cryb/api
server {
	listen 80;
	listen [::]:80;

	server_name api.cryb.app;

	location / {
		proxy_pass http://localhost:4000;
		proxy_set_header Host $http_host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "Upgrade";
		proxy_cache_bypass $http_upgrade;
		proxy_connect_timeout 7d;
		proxy_send_timeout 7d;
		proxy_read_timeout 7d;
	}
}

# @cryb/portals
server {
	listen 80;
	listen [::]:80;

	server_name portals.cryb.app;

	location / {
		proxy_pass http://localhost:5000;
		proxy_set_header Host $http_host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "Upgrade";
		proxy_connect_timeout 7d;
		proxy_send_timeout 7d;
		proxy_read_timeout 7d;
	}
}

# @cryb/aperture
server {
	listen 80;
	listen [::]:80;

	server_name aperture.cryb.app;

	location / {
		proxy_pass http://localhost:9001;
		proxy_set_header Host $http_host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_connect_timeout 7d;
		proxy_send_timeout 7d;
		proxy_read_timeout 7d;
	}
}

# @cryb/aperture (streaming) - people seem to be having issue with this one
server {
	listen 80;
	listen [::]:80;

	server_name streaming.cryb.app;

	location / {
		proxy_pass http://localhost:9000;
		proxy_set_header Host $http_host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_connect_timeout 7d;
		proxy_send_timeout 7d;
		proxy_read_timeout 7d;
	}
}
	# example config for reverse proxy in nginx for Cryb
	# change cryb.app for your domain
	# also make a SSL certificate that applies either to all of your subdomains or cryb.app and *.cryb.app
	# also setup your server to forward HTTP requests to HTTPS, if you want to keep that.
	# - jeda.im

	# default config - use this if you're dedicating your web
	# server for Cryb, or edit as your convenience
	server {
	listen 80 default_server;
	listen 443 ssl http2 default_server;
	listen [::]:80 default_server;
	listen [::]:443 ssl http2 default_server;
	ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
	ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;

	server_name www.cryb.app;

	return 301 https://cryb.app$request_uri;
	}

	# @cryb/web
	server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
	ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
	add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

	server_name cryb.app;

	location / {
	proxy_pass http://localhost:3000;
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	}
	}

	# @cryb/api
	server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
	ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
	add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

	server_name api.cryb.app;

	location / {
	proxy_pass http://localhost:4000;
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "Upgrade";
	proxy_cache_bypass $http_upgrade;
	proxy_connect_timeout 7d;
	proxy_send_timeout 7d;
	proxy_read_timeout 7d;
	}
	}

	# @cryb/portals
	server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
	ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
	add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

	server_name portals.cryb.app;

	location / {
	proxy_pass http://localhost:5000;
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "Upgrade";
	proxy_connect_timeout 7d;
	proxy_send_timeout 7d;
	proxy_read_timeout 7d;
	}
	}

	# @cryb/aperture
	server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
	ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
	add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

	server_name aperture.cryb.app;

	location / {
	proxy_pass http://localhost:9001;
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_connect_timeout 7d;
	proxy_send_timeout 7d;
	proxy_read_timeout 7d;
	}
	}

	# @cryb/aperture (streaming) - people seem to be having issue with this one
	server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/ssl/acme.sh/cryb.app.crt;
	ssl_certificate_key /etc/ssl/acme.sh/cryb.app.key;
	add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

	server_name streaming.cryb.app;

	location / {
	proxy_pass http://localhost:9000;
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_connect_timeout 7d;
	proxy_send_timeout 7d;
	proxy_read_timeout 7d;
	}
	}
	# example config for reverse proxy in nginx for Cryb without SSL
	# change cryb.app for your domain
	# this isn't recommended, but provided for completeness
	# - jeda.im

	# default config - use this if you're dedicating your web
	# server for Cryb, or edit as your convenience
	server {
	listen 80 default_server;
	listen [::]:80 default_server;

	server_name www.cryb.app;

	return 301 http://cryb.app$request_uri;
	}

	# @cryb/web
	server {
	listen 80;
	listen [::]:80;

	server_name cryb.app;

	location / {
	proxy_pass http://localhost:3000;
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	}
	}

	# @cryb/api
	server {
	listen 80;
	listen [::]:80;

	server_name api.cryb.app;

	location / {
	proxy_pass http://localhost:4000;
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "Upgrade";
	proxy_cache_bypass $http_upgrade;
	proxy_connect_timeout 7d;
	proxy_send_timeout 7d;
	proxy_read_timeout 7d;
	}
	}

	# @cryb/portals
	server {
	listen 80;
	listen [::]:80;

	server_name portals.cryb.app;

	location / {
	proxy_pass http://localhost:5000;
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "Upgrade";
	proxy_connect_timeout 7d;
	proxy_send_timeout 7d;
	proxy_read_timeout 7d;
	}
	}

	# @cryb/aperture
	server {
	listen 80;
	listen [::]:80;

	server_name aperture.cryb.app;

	location / {
	proxy_pass http://localhost:9001;
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_connect_timeout 7d;
	proxy_send_timeout 7d;
	proxy_read_timeout 7d;
	}
	}

	# @cryb/aperture (streaming) - people seem to be having issue with this one
	server {
	listen 80;
	listen [::]:80;

	server_name streaming.cryb.app;

	location / {
	proxy_pass http://localhost:9000;
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_connect_timeout 7d;
	proxy_send_timeout 7d;
	proxy_read_timeout 7d;
	}
	}