From e245c8e11b9bc8a37ed3560acaf36ce94f5d36e0 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Sat, 11 Feb 2023 18:31:05 +0200
Subject: [PATCH] Web proxy: Add ns4.
---
.gitlab-ci.yml | 36 ++++++++++---
Compose/web-proxy/ns4/.dockerignore | 4 ++
Compose/web-proxy/ns4/.env | 1 +
Compose/web-proxy/ns4/Dockerfile | 6 +++
.../ns4/conf.d/autoconfig.shore.co.il.conf | 22 ++++++++
.../ns4/conf.d/elasticsearch.shore.co.il.conf | 29 +++++++++++
.../ns4/conf.d/kibana.shore.co.il.conf | 30 +++++++++++
.../ns4/conf.d/myip.shore.co.il.conf | 27 ++++++++++
Compose/web-proxy/ns4/conf.d/nehe.sr.conf | 24 +++++++++
Compose/web-proxy/ns4/conf.d/nehes.co.conf | 24 +++++++++
.../ns4/conf.d/registry.shore.co.il.conf | 38 ++++++++++++++
Compose/web-proxy/ns4/conf.d/shore.co.il.conf | 31 +++++++++++
Compose/web-proxy/ns4/conf.d/www.nehe.sr.conf | 23 +++++++++
.../web-proxy/ns4/conf.d/www.nehes.co.conf | 23 +++++++++
.../web-proxy/ns4/conf.d/www.shore.co.il.conf | 45 ++++++++++++++++
Compose/web-proxy/ns4/docker-compose.yml | 51 +++++++++++++++++++
.../web-proxy/ns4/snippets/activesync.conf | 23 +++++++++
.../ns4/snippets/nextcloud-well-known.conf | 11 ++++
.../mail/config-v1.1.xml | 42 +++++++++++++++
.../google88c23a5c89fa3cb3.html | 1 +
20 files changed, 484 insertions(+), 7 deletions(-)
create mode 100644 Compose/web-proxy/ns4/.dockerignore
create mode 100644 Compose/web-proxy/ns4/.env
create mode 100644 Compose/web-proxy/ns4/Dockerfile
create mode 100644 Compose/web-proxy/ns4/conf.d/autoconfig.shore.co.il.conf
create mode 100644 Compose/web-proxy/ns4/conf.d/elasticsearch.shore.co.il.conf
create mode 100644 Compose/web-proxy/ns4/conf.d/kibana.shore.co.il.conf
create mode 100644 Compose/web-proxy/ns4/conf.d/myip.shore.co.il.conf
create mode 100644 Compose/web-proxy/ns4/conf.d/nehe.sr.conf
create mode 100644 Compose/web-proxy/ns4/conf.d/nehes.co.conf
create mode 100644 Compose/web-proxy/ns4/conf.d/registry.shore.co.il.conf
create mode 100644 Compose/web-proxy/ns4/conf.d/shore.co.il.conf
create mode 100644 Compose/web-proxy/ns4/conf.d/www.nehe.sr.conf
create mode 100644 Compose/web-proxy/ns4/conf.d/www.nehes.co.conf
create mode 100644 Compose/web-proxy/ns4/conf.d/www.shore.co.il.conf
create mode 100644 Compose/web-proxy/ns4/docker-compose.yml
create mode 100644 Compose/web-proxy/ns4/snippets/activesync.conf
create mode 100644 Compose/web-proxy/ns4/snippets/nextcloud-well-known.conf
create mode 100644 Compose/web-proxy/ns4/www/autoconfig.shore.co.il/mail/config-v1.1.xml
create mode 100644 Compose/web-proxy/ns4/www/www.shore.co.il/google88c23a5c89fa3cb3.html
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 3637cee..f9f2d53 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -36,19 +36,19 @@ web-proxy kodi build:
tags: ["kodi.shore.co.il"]
variables:
WORKDIR: Compose/web-proxy/kodi
- # rules: &compose-rules
- # - if: $CI_PIPELINE_SOURCE == "schedule"
- # - if: $CI_PIPELINE_SOURCE == "push"
- # changes:
- # - $WORKDIR/*
- # - $WORKDIR/**/*
+ rules: &compose-rules
+ - if: $CI_PIPELINE_SOURCE == "schedule"
+ - if: $CI_PIPELINE_SOURCE == "push"
+ changes:
+ - $WORKDIR/*
+ - $WORKDIR/**/*
web-proxy kodi pull:
extends: .compose-pull
tags: ["kodi.shore.co.il"]
variables:
WORKDIR: Compose/web-proxy/kodi
- # rules: *compose-rules
+ rules: *compose-rules
web-proxy kodi run:
extends: .compose-run
@@ -56,4 +56,26 @@ web-proxy kodi run:
variables:
WORKDIR: Compose/web-proxy/kodi
when: manual
+ rules: *compose-rules
+
+web-proxy ns4 build:
+ extends: .compose-build
+ tags: ["ns4.shore.co.il"]
+ variables:
+ WORKDIR: Compose/web-proxy/ns4
+ # rules: *compose-rules
+
+web-proxy ns4 pull:
+ extends: .compose-pull
+ tags: ["ns4.shore.co.il"]
+ variables:
+ WORKDIR: Compose/web-proxy/ns4
+ # rules: *compose-rules
+
+web-proxy ns4 run:
+ extends: .compose-run
+ tags: ["ns4.shore.co.il"]
+ variables:
+ WORKDIR: Compose/web-proxy/ns4
+ when: manual
# rules: *compose-rules
diff --git a/Compose/web-proxy/ns4/.dockerignore b/Compose/web-proxy/ns4/.dockerignore
new file mode 100644
index 0000000..380e2e6
--- /dev/null
+++ b/Compose/web-proxy/ns4/.dockerignore
@@ -0,0 +1,4 @@
+*
+!conf.d/
+!www/
+!snippets/
diff --git a/Compose/web-proxy/ns4/.env b/Compose/web-proxy/ns4/.env
new file mode 100644
index 0000000..2f5dd33
--- /dev/null
+++ b/Compose/web-proxy/ns4/.env
@@ -0,0 +1 @@
+COMPOSE_PROJECT_NAME=web-proxy
diff --git a/Compose/web-proxy/ns4/Dockerfile b/Compose/web-proxy/ns4/Dockerfile
new file mode 100644
index 0000000..96123c4
--- /dev/null
+++ b/Compose/web-proxy/ns4/Dockerfile
@@ -0,0 +1,6 @@
+# hadolint ignore=DL3006
+FROM registry.shore.co.il/nginx
+COPY --chown=root:root www/ /var/www/
+COPY --chown=root:root conf.d/ /etc/nginx/conf.d/
+COPY --chown=root:root snippets/ /etc/nginx/snippets/
+RUN nginx -t
diff --git a/Compose/web-proxy/ns4/conf.d/autoconfig.shore.co.il.conf b/Compose/web-proxy/ns4/conf.d/autoconfig.shore.co.il.conf
new file mode 100644
index 0000000..9fb1103
--- /dev/null
+++ b/Compose/web-proxy/ns4/conf.d/autoconfig.shore.co.il.conf
@@ -0,0 +1,22 @@
+# vim: ft=nginx
+server {
+ listen 80;
+ listen [::]:80;
+ server_name autoconfig.shore.co.il autoconfig.nehe.sr;
+ root /var/www/autoconfig.shore.co.il/;
+ include snippets/www-acme-challenge.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/robots-allow-all.conf;
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name autoconfig.shore.co.il autoconfig.nehe.sr;
+ root /var/www/autoconfig.shore.co.il/;
+ include snippets/robots-allow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/ssl-legacy.conf;
+}
diff --git a/Compose/web-proxy/ns4/conf.d/elasticsearch.shore.co.il.conf b/Compose/web-proxy/ns4/conf.d/elasticsearch.shore.co.il.conf
new file mode 100644
index 0000000..6a60200
--- /dev/null
+++ b/Compose/web-proxy/ns4/conf.d/elasticsearch.shore.co.il.conf
@@ -0,0 +1,29 @@
+# vim: ft=nginx
+map $host $es { default elasticsearch; }
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name elasticsearch.shore.co.il;
+ include snippets/robots-disallow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/www-acme-challenge.conf;
+ include snippets/redirect-https.conf;
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name elasticsearch.shore.co.il;
+ include snippets/robots-disallow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/ssl-modern.conf;
+
+ location / {
+ proxy_pass http://$es:9200$request_uri;
+ proxy_http_version 1.1;
+ include snippets/allow-shore-ips.conf;
+ }
+}
diff --git a/Compose/web-proxy/ns4/conf.d/kibana.shore.co.il.conf b/Compose/web-proxy/ns4/conf.d/kibana.shore.co.il.conf
new file mode 100644
index 0000000..46edfee
--- /dev/null
+++ b/Compose/web-proxy/ns4/conf.d/kibana.shore.co.il.conf
@@ -0,0 +1,30 @@
+# vim: ft=nginx
+map $host $kibana { default kibana; }
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name kibana.shore.co.il;
+ include snippets/robots-disallow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/www-acme-challenge.conf;
+ include snippets/redirect-https.conf;
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name kibana.shore.co.il;
+ include snippets/robots-disallow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/ssl-modern.conf;
+ include snippets/vouch.conf;
+
+ location / {
+ proxy_pass http://$kibana:5601$request_uri;
+ proxy_http_version 1.1;
+ include snippets/proxy-headers.conf;
+ }
+}
diff --git a/Compose/web-proxy/ns4/conf.d/myip.shore.co.il.conf b/Compose/web-proxy/ns4/conf.d/myip.shore.co.il.conf
new file mode 100644
index 0000000..222d2d4
--- /dev/null
+++ b/Compose/web-proxy/ns4/conf.d/myip.shore.co.il.conf
@@ -0,0 +1,27 @@
+# vim: ft=nginx
+server {
+ listen 80;
+ listen [::]:80;
+ server_name myip.shore.co.il;
+ include snippets/robots-disallow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/www-acme-challenge.conf;
+ error_page 404 /;
+ location = / { return 200 "$remote_addr"; }
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name myip.shore.co.il;
+ include snippets/robots-disallow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/ssl-legacy.conf;
+ error_page 404 /;
+ location = / {
+ add_header Content-Type "text/plain; charset=utf-8";
+ return 200 "$remote_addr";
+ }
+}
diff --git a/Compose/web-proxy/ns4/conf.d/nehe.sr.conf b/Compose/web-proxy/ns4/conf.d/nehe.sr.conf
new file mode 100644
index 0000000..289bb2a
--- /dev/null
+++ b/Compose/web-proxy/ns4/conf.d/nehe.sr.conf
@@ -0,0 +1,24 @@
+# vim: ft=nginx
+server {
+ listen 80;
+ listen [::]:80;
+ server_name nehe.sr;
+ include snippets/robots-allow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/www-acme-challenge.conf;
+ include snippets/redirect-www.conf;
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name nehe.sr;
+ include snippets/robots-allow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/ssl-legacy.conf;
+ include snippets/nextcloud-well-known.conf;
+ include snippets/activesync.conf;
+ include snippets/redirect-www.conf;
+}
diff --git a/Compose/web-proxy/ns4/conf.d/nehes.co.conf b/Compose/web-proxy/ns4/conf.d/nehes.co.conf
new file mode 100644
index 0000000..db751dd
--- /dev/null
+++ b/Compose/web-proxy/ns4/conf.d/nehes.co.conf
@@ -0,0 +1,24 @@
+# vim: ft=nginx
+server {
+ listen 80;
+ listen [::]:80;
+ server_name nehes.co;
+ include snippets/robots-allow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/www-acme-challenge.conf;
+ include snippets/redirect-www.conf;
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name nehes.co;
+ include snippets/robots-allow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/ssl-legacy.conf;
+ include snippets/nextcloud-well-known.conf;
+ include snippets/activesync.conf;
+ include snippets/redirect-www.conf;
+}
diff --git a/Compose/web-proxy/ns4/conf.d/registry.shore.co.il.conf b/Compose/web-proxy/ns4/conf.d/registry.shore.co.il.conf
new file mode 100644
index 0000000..d269372
--- /dev/null
+++ b/Compose/web-proxy/ns4/conf.d/registry.shore.co.il.conf
@@ -0,0 +1,38 @@
+# vim: ft=nginx
+map $host $registry { default registry; }
+map $host $registry_fe { default reg; }
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name registry.shore.co.il;
+ include snippets/www-acme-challenge.conf;
+ include snippets/redirect-https.conf;
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name registry.shore.co.il;
+ include snippets/ssl-modern.conf;
+
+ location /v2/ {
+ proxy_pass http://$registry:5000$request_uri;
+ proxy_http_version 1.1;
+ include snippets/proxy-headers.conf;
+ # disable any limits to avoid HTTP 413 for large image uploads
+ client_max_body_size 0;
+ # required to avoid HTTP 411: see Issue #1486 (https://github.com/moby/moby/issues/1486)
+ chunked_transfer_encoding on;
+ limit_except GET HEAD OPTIONS {
+ include snippets/allow-ns4.conf;
+ include snippets/allow-private-ips.conf;
+ }
+ }
+
+ location / {
+ proxy_pass http://$registry_fe:8080$request_uri;
+ proxy_http_version 1.1;
+ include snippets/proxy-headers.conf;
+ }
+}
diff --git a/Compose/web-proxy/ns4/conf.d/shore.co.il.conf b/Compose/web-proxy/ns4/conf.d/shore.co.il.conf
new file mode 100644
index 0000000..24d3c4b
--- /dev/null
+++ b/Compose/web-proxy/ns4/conf.d/shore.co.il.conf
@@ -0,0 +1,31 @@
+# vim: ft=nginx
+map $host $z_push { default z-push; }
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name shore.co.il;
+ include snippets/robots-allow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/www-acme-challenge.conf;
+ include snippets/redirect-www.conf;
+
+ location = / { return 301 https://www.shore.co.il/blog/; }
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name shore.co.il;
+ include snippets/robots-allow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/ssl-legacy.conf;
+ include snippets/nextcloud-well-known.conf;
+ include snippets/activesync.conf;
+ include snippets/redirect-www.conf;
+ include snippets/matrix-well-known.conf;
+
+ location = / { return 301 https://www.shore.co.il/blog/; }
+}
diff --git a/Compose/web-proxy/ns4/conf.d/www.nehe.sr.conf b/Compose/web-proxy/ns4/conf.d/www.nehe.sr.conf
new file mode 100644
index 0000000..414cd4d
--- /dev/null
+++ b/Compose/web-proxy/ns4/conf.d/www.nehe.sr.conf
@@ -0,0 +1,23 @@
+# vim: ft=nginx
+server {
+ listen 80;
+ listen [::]:80;
+ server_name www.nehe.sr;
+ include snippets/robots-allow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/www-acme-challenge.conf;
+ include snippets/redirect-https.conf;
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name www.nehe.sr;
+ include snippets/robots-allow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/ssl-legacy.conf;
+ root /var/www/www.nehe.sr/;
+ error_page 404 /404.html;
+}
diff --git a/Compose/web-proxy/ns4/conf.d/www.nehes.co.conf b/Compose/web-proxy/ns4/conf.d/www.nehes.co.conf
new file mode 100644
index 0000000..fdd0d5b
--- /dev/null
+++ b/Compose/web-proxy/ns4/conf.d/www.nehes.co.conf
@@ -0,0 +1,23 @@
+# vim: ft=nginx
+server {
+ listen 80;
+ listen [::]:80;
+ server_name www.nehes.co;
+ include snippets/robots-allow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/www-acme-challenge.conf;
+ include snippets/redirect-https.conf;
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name www.nehes.co;
+ include snippets/robots-allow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/ssl-legacy.conf;
+ root /var/www/www.nehe.sr/;
+ error_page 404 /404.html;
+}
diff --git a/Compose/web-proxy/ns4/conf.d/www.shore.co.il.conf b/Compose/web-proxy/ns4/conf.d/www.shore.co.il.conf
new file mode 100644
index 0000000..d496c2d
--- /dev/null
+++ b/Compose/web-proxy/ns4/conf.d/www.shore.co.il.conf
@@ -0,0 +1,45 @@
+# vim: ft=nginx
+server {
+ listen 80;
+ listen [::]:80;
+ server_name www.shore.co.il;
+ include snippets/robots-allow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/www-acme-challenge.conf;
+ location = / { return 301 https://$host/blog/; }
+ location /repo/ {
+ root /var/www/www.shore.co.il/;
+ autoindex on;
+ }
+ include snippets/redirect-https.conf;
+}
+
+server {
+ listen 443 ssl http2;
+ listen [::]:443 ssl http2;
+ server_name www.shore.co.il;
+ include snippets/robots-allow-all.conf;
+ include snippets/ads-txt.conf;
+ include snippets/security-txt.conf;
+ include snippets/ssl-legacy.conf;
+ root /var/www/www.shore.co.il/;
+ error_page 404 /;
+
+ location /repo/ { autoindex on; }
+ location = /resume { try_files $uri /resume/resume.html; }
+ location = /resume/ { index resume.html; }
+
+ location = / { return 301 https://$host/blog/; }
+ location /about { return 301 https://$host/blog/pages/about-me.html; }
+ location /spam { return 301 https://$host/blog/pages/spam.html; }
+ location = /blog {
+ try_files $uri /blog/index.html;
+ charset UTF-8;
+ }
+
+ location /cgit { return 301 https://git.shore.co.il/explore; }
+ location /cgit/ { return 301 https://git.shore.co.il/explore; }
+ location /git { return 301 https://git.shore.co.il/explore; }
+ location /git/ { return 301 https://git.shore.co.il/explore; }
+}
diff --git a/Compose/web-proxy/ns4/docker-compose.yml b/Compose/web-proxy/ns4/docker-compose.yml
new file mode 100644
index 0000000..14a9b0f
--- /dev/null
+++ b/Compose/web-proxy/ns4/docker-compose.yml
@@ -0,0 +1,51 @@
+---
+version: '3.5'
+services:
+ proxy:
+ build:
+ context: ./
+ # command: ["nginx", "-g", "daemon off;"]
+ hostname: &hostname www.shore.co.il
+ networks:
+ default:
+ aliases:
+ - *hostname
+ - autoconfig.shore.co.il
+ - myip.shore.co.il
+ - nehe.sr
+ - registry.shore.co.il
+ - www.nehe.sr
+ ports:
+ - '80:80'
+ - '443:443'
+ restart: always
+ volumes:
+ - '/var/www/www.shore.co.il/.well-known/acme-challenge:/var/www/www.shore.co.il/.well-known/acme-challenge:ro'
+ - '/var/ssl/site.key:/var/ssl/site.key:ro'
+ - '/var/ssl/site.crt:/var/ssl/site.crt:ro'
+ - '/var/ssl/dhparams:/var/ssl/dhparams:ro'
+ - '/var/www/www.nehe.sr:/var/www/www.nehe.sr:ro'
+ - '/var/www/www.shore.co.il/blog:/var/www/www.shore.co.il/blog:ro'
+ - '/var/www/www.shore.co.il/resume:/var/www/www.shore.co.il/resume:ro'
+
+ vouch:
+ environment:
+ OAUTH_AUTH_URL: https://nextcloud.shore.co.il/apps/oauth2/authorize
+ OAUTH_CALLBACK_URLS: https://vouch.shore.co.il/auth
+ OAUTH_CLIENT_ID: "${VOUCH_OAUTH_CLIENT_ID}"
+ # yamllint disable-line rule:line-length
+ OAUTH_CLIENT_SECRET: "${VOUCH_OAUTH_CLIENT_SECRET}" # pragma: allowlist secret
+ OAUTH_PROVIDER: nextcloud
+ OAUTH_SCOPES: 'openid,email.profile'
+ OAUTH_TOKEN_URL: https://nextcloud.shore.co.il/apps/oauth2/api/v1/token
+ # yamllint disable-line rule:line-length
+ OAUTH_USER_INFO_URL: https://nextcloud.shore.co.il/ocs/v2.php/cloud/user?format=json
+ VOUCH_DOMAINS: shore.co.il
+ VOUCH_JWT_MAXAGE: 10080 # 1 week.
+ VOUCH_JWT_SECRET: "${VOUCH_JWT_SECRET}" # pragma: allowlist secret
+ image: quay.io/vouch/vouch-proxy:alpine-0.36.0
+ restart: always
+
+networks:
+ default:
+ name: shore
diff --git a/Compose/web-proxy/ns4/snippets/activesync.conf b/Compose/web-proxy/ns4/snippets/activesync.conf
new file mode 100644
index 0000000..d38278a
--- /dev/null
+++ b/Compose/web-proxy/ns4/snippets/activesync.conf
@@ -0,0 +1,23 @@
+location /AutoDiscover/ {
+ proxy_pass https://zpush.shore.co.il$request_uri;
+ include snippets/proxy-headers.conf;
+ include snippets/proxy-ssl.conf;
+}
+
+location /Autodiscover/ {
+ proxy_pass https://zpush.shore.co.il$request_uri;
+ include snippets/proxy-headers.conf;
+ include snippets/proxy-ssl.conf;
+}
+
+location /autodiscover/ {
+ proxy_pass https://zpush.shore.co.il$request_uri;
+ include snippets/proxy-headers.conf;
+ include snippets/proxy-ssl.conf;
+}
+
+location /Microsoft-Server-ActiveSync {
+ proxy_pass https://zpush.shore.co.il$request_uri;
+ include snippets/proxy-headers.conf;
+ include snippets/proxy-ssl.conf;
+}
diff --git a/Compose/web-proxy/ns4/snippets/nextcloud-well-known.conf b/Compose/web-proxy/ns4/snippets/nextcloud-well-known.conf
new file mode 100644
index 0000000..f615565
--- /dev/null
+++ b/Compose/web-proxy/ns4/snippets/nextcloud-well-known.conf
@@ -0,0 +1,11 @@
+location /.well-known/caldav {
+ return 301 https://nextcloud.shore.co.il/remote.php/dav;
+}
+
+location /.well-known/carddav {
+ return 301 https://nextcloud.shore.co.il/remote.php/dav;
+}
+
+location /.well-known/webfinger {
+ return 301 https://nextcloud.shore.co.il/public.php?service=webfinger;
+}
diff --git a/Compose/web-proxy/ns4/www/autoconfig.shore.co.il/mail/config-v1.1.xml b/Compose/web-proxy/ns4/www/autoconfig.shore.co.il/mail/config-v1.1.xml
new file mode 100644
index 0000000..3ae323e
--- /dev/null
+++ b/Compose/web-proxy/ns4/www/autoconfig.shore.co.il/mail/config-v1.1.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<clientConfig version="1.1">
+ <emailProvider id="shore.co.il">
+ <domain>shore.co.il</domain>
+ <displayName>Shore technologies</displayName>
+ <displayShortName>Shore</displayShortName>
+ <incomingServer type="imap">
+ <hostname>imap.shore.co.il</hostname>
+ <port>993</port>
+ <socketType>SSL</socketType>
+ <authentication>password-cleartext</authentication>
+ <username>%EMAILLOCALPART%</username>
+ </incomingServer>
+ <outgoingServer type="smtp">
+ <hostname>smtp.shore.co.il</hostname>
+ <port>587</port>
+ <socketType>STARTTLS</socketType>
+ <authentication>password-cleartext</authentication>
+ <username>%EMAILLOCALPART%</username>
+ </outgoingServer>
+ </emailProvider>
+ <emailProvider id="nehe.sr">
+ <domain>nehe.sr</domain>
+ <displayName>Nehes Realestate</displayName>
+ <displayShortName>Nehes</displayShortName>
+ <incomingServer type="imap">
+ <hostname>imap.shore.co.il</hostname>
+ <port>993</port>
+ <socketType>SSL</socketType>
+ <authentication>password-cleartext</authentication>
+ <username>%EMAILLOCALPART%</username>
+ </incomingServer>
+ <outgoingServer type="smtp">
+ <hostname>smtp.shore.co.il</hostname>
+ <port>587</port>
+ <socketType>STARTTLS</socketType>
+ <authentication>password-cleartext</authentication>
+ <username>%EMAILLOCALPART%</username>
+ </outgoingServer>
+ </emailProvider>
+</clientConfig>
diff --git a/Compose/web-proxy/ns4/www/www.shore.co.il/google88c23a5c89fa3cb3.html b/Compose/web-proxy/ns4/www/www.shore.co.il/google88c23a5c89fa3cb3.html
new file mode 100644
index 0000000..5a77d51
--- /dev/null
+++ b/Compose/web-proxy/ns4/www/www.shore.co.il/google88c23a5c89fa3cb3.html
@@ -0,0 +1 @@
+google-site-verification: google88c23a5c89fa3cb3.html
--
GitLab