From 85df14c5529a3fe25a0a9139c3917695f3d8a5f4 Mon Sep 17 00:00:00 2001 From: Benjamin Admin Date: Wed, 4 Mar 2026 12:23:57 +0100 Subject: [PATCH] feat: HTTPS-Proxy fuer Compliance MkDocs auf Port 8011 Co-Authored-By: Claude Opus 4.6 --- docker-compose.yml | 1 + nginx/conf.d/default.conf | 25 +++++++++++++++++++++++++ 2 files changed, 26 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 3cf8269..f76e227 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -72,6 +72,7 @@ services: - "8443:8443" # Jitsi Meet - "3008:3008" # Admin Core - "3010:3010" # Portal Dashboard + - "8011:8011" # Compliance Docs (MkDocs) volumes: - ./nginx/conf.d:/etc/nginx/conf.d:ro - vault_certs:/etc/nginx/certs:ro diff --git a/nginx/conf.d/default.conf b/nginx/conf.d/default.conf index 4487746..3afb427 100644 --- a/nginx/conf.d/default.conf +++ b/nginx/conf.d/default.conf @@ -630,6 +630,31 @@ server { } } +# ========================================================= +# COMPLIANCE: Docs (MkDocs) on port 8011 +# ========================================================= +server { + listen 8011 ssl; + http2 on; + server_name macmini localhost; + + ssl_certificate /etc/nginx/certs/macmini.crt; + ssl_certificate_key /etc/nginx/certs/macmini.key; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256; + ssl_prefer_server_ciphers off; + + location / { + set $upstream_docs bp-compliance-docs:80; + proxy_pass http://$upstream_docs; + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + } +} + # ========================================================= # CORE: Jitsi Meet on port 8443 # =========================================================