Refactored docker compose for forgejo. Added static IPs to allow containers to run without host networking. Improved healthchecks and depends_on. Improved reverse_proxy config.

config/nginx/forgejo.conf

@@ -21,8 +21,9 @@ http
         include /etc/nginx/mime.types;
         default_type application/octet-stream;
 
-        log_format main '$remote_addr - $remote_user [$time_local] "$request" '
-        '$status $body_bytes_sent "$http_referer" '
+#        log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+	log_format main '$proxy_protocol_addr - $remote_user [$time_local] "$request" '
+	'$status $body_bytes_sent "$http_referer" '
         '"$http_user_agent" "$http_x_forwarded_for"';
 
         access_log /var/log/nginx/access.log main;
@@ -37,20 +38,33 @@ http
         include /etc/nginx/conf.d/*.conf;
 
 
+        server {
+                listen       8080;
+                listen   [::]:8080;
+                server_name homelab0ne.xyz forgejoever.homelab0ne.xyz;
+
+                return 301 https://$host$request_uri;
+        }
+
+
         server
         {
-                listen 8443 ssl;
-                listen [::]:8443 ssl;
+		listen 8444 ssl proxy_protocol;
+                listen [::]:8444 ssl proxy_protocol;
+		listen 8443 ssl;
+		listen [::]:8443 ssl;
                 ssl_certificate /etc/nginx/ssl/cert.pem;
                 ssl_certificate_key /etc/nginx/ssl/key.pem;
                 server_name forgejoever.homelab0ne.xyz;
-                location / 
+	
+
+		location / 
                 {
-                       proxy_pass http://forgejoever:3000;
+                       proxy_pass http://172.20.0.5:3000;
                        proxy_set_header X-Forwarded-For $remote_addr;
                        proxy_set_header X-Forwarded-Proto $scheme;
                        proxy_set_header Host $host;
-
+		      
         # Nginx by default only allows file uploads up to 1M in size
         # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
                        client_max_body_size 50M;
@@ -59,6 +73,41 @@ http
 
 
         }
+        server
+        {
+                listen 8444 ssl proxy_protocol;
+                listen [::]:8444 ssl proxy_protocol;
+		port_in_redirect off;
+                ssl_certificate /etc/nginx/ssl/cert.pem;
+                ssl_certificate_key /etc/nginx/ssl/key.pem;
+                server_name homelab0ne.xyz;
+                location / 
+                {
+                       root /usr/share/nginx/html;
+		       index index.html index.htm;
+                }
+
+
+        }
+	
+	server {
+		listen 8080;
+		listen [::]:8080;
+		server_name www.homelab0ne.xyz;
+		return 301 https://$host$request_uri;
+	}
 
 
 }
+
+stream {
+server 
+	{
+                listen 30022;
+                proxy_connect_timeout 1s;
+                proxy_timeout 3s;
+                proxy_pass 172.20.0.5:30022;
+        #        proxy_protocol on;
+                ssl_preread on;
+       }
+}