Add subdomains for ente

bind9/guiotte.db

@@ -12,21 +12,29 @@ $TTL  604800
 @  IN  NS  dm.guiotte.fr.
 
 ; OVH
-guiotte.fr.        IN  A       37.59.61.141
+guiotte.fr.                     IN  A       37.59.61.141
-*.guiotte.fr.      IN  CNAME   guiotte.fr.
+*.guiotte.fr.                   IN  CNAME   guiotte.fr.
 
 ; LAN
-dm.guiotte.fr.     IN  A       192.168.1.2
+dm.guiotte.fr.                  IN  A       192.168.1.2
-money.guiotte.fr.  IN  CNAME   dm.guiotte.fr.
+money.guiotte.fr.               IN  CNAME   dm.guiotte.fr.
-photos.guiotte.fr. IN  CNAME   dm.guiotte.fr.
+dl.guiotte.fr.                  IN  CNAME   dm.guiotte.fr.
-dl.guiotte.fr.     IN  CNAME   dm.guiotte.fr.
+kdoc.guiotte.fr.                IN  CNAME   dm.guiotte.fr.
-kdoc.guiotte.fr.   IN  CNAME   dm.guiotte.fr.
+sync.guiotte.fr.                IN  CNAME   dm.guiotte.fr.
-sync.guiotte.fr.   IN  CNAME   dm.guiotte.fr.
+pad.guiotte.fr.                 IN  CNAME   dm.guiotte.fr.
-pad.guiotte.fr.    IN  CNAME   dm.guiotte.fr.
+home.guiotte.fr.                IN  CNAME   dm.guiotte.fr.
-home.guiotte.fr.   IN  CNAME   dm.guiotte.fr.
+zotero.guiotte.fr.              IN  CNAME   dm.guiotte.fr.
-zotero.guiotte.fr. IN  CNAME   dm.guiotte.fr.
+git.guiotte.fr.                 IN  CNAME   dm.guiotte.fr.
-git.guiotte.fr.    IN  CNAME   dm.guiotte.fr.
+db.guiotte.fr.                  IN  CNAME   dm.guiotte.fr.
-db.guiotte.fr.     IN  CNAME   dm.guiotte.fr.
+flix.guiotte.fr.                IN  CNAME   dm.guiotte.fr.
-flix.guiotte.fr.   IN  CNAME   dm.guiotte.fr.
+task.guiotte.fr.                IN  CNAME   dm.guiotte.fr.
-task.guiotte.fr.   IN  CNAME   dm.guiotte.fr.
+todo.guiotte.fr.                IN  CNAME   dm.guiotte.fr.
-todo.guiotte.fr.   IN  CNAME   dm.guiotte.fr.
+pics.guiotte.fr.                IN  CNAME   dm.guiotte.fr.
+photos.guiotte.fr.              IN  CNAME   dm.guiotte.fr.
+ente.guiotte.fr.                IN  CNAME   dm.guiotte.fr.
+s3.guiotte.fr.                  IN  CNAME   dm.guiotte.fr.
+comptes-photos.guiotte.fr.      IN  CNAME   dm.guiotte.fr.
+albums-photos.guiotte.fr.       IN  CNAME   dm.guiotte.fr.
+auth.guiotte.fr.                IN  CNAME   dm.guiotte.fr.
+capsule-photos.guiotte.fr.      IN  CNAME   dm.guiotte.fr.
+tele-photos.guiotte.fr.         IN  CNAME   dm.guiotte.fr.

docker-compose.yml

@@ -181,7 +181,7 @@ services:
       DB_USERNAME: lychee
       DB_DATABASE: lychee
       DB_PORT: 3306
-      APP_URL: https://photos.guiotte.fr
+      APP_URL: https://pics.guiotte.fr
       TRUSTED_PROXIES: 172.22.0.0/24
     secrets:
       - lychee-db-pw
@@ -484,8 +484,8 @@ services:
     image: ghcr.io/ente-io/server
     container_name: ente-server
     restart: unless-stopped
-    ports:
+    #ports:
-      - 8080:8080 # API
+    #  - 8080:8080 # API
     depends_on:
       ente-db:
         condition: service_healthy
@@ -494,13 +494,15 @@ services:
       ENTE_DB_HOST: ente-db
       ENTE_DB_NAME: ente_db
       ENTE_DB_USER: pguser
-      ENTE_S3_B2_EU_CEN_ENDPOINT: garage:3900
+      ENTE_S3_ARE_LOCAL_BUCKETS: false
+      ENTE_S3_USE_PATH_STYLE_URLS: true
+      ENTE_S3_B2_EU_CEN_ENDPOINT: https://s3.guiotte.fr
       ENTE_S3_B2_EU_CEN_REGION: garage
       ENTE_S3_B2_EU_CEN_BUCKET: ente
-      ENTE_APPS_PUBLIC_ALBUMS: http://dm:3002
+      ENTE_APPS_PUBLIC_ALBUMS: https://albums-photos.guiotte.fr
-      ENTE_APPS_CAST: http://dm:3004
+      ENTE_APPS_CAST: https://tele-photos.guiotte.fr
-      ENTE_APPS_EMBED_ALBUMS: http://dm:3005
+      ENTE_APPS_EMBED_ALBUMS: https://capsule-photos.guiotte.fr
-      ENTE_APPS_ACCOUNTS: http://dm:3001
+      ENTE_APPS_ACCOUNTS: https://comptes-photos.guiotte.fr
     secrets:
       - ente-db-pw
       - ente-s3-key
@@ -521,7 +523,6 @@ services:
       retries: 3
       start_period: 120s
 
-
   ente-web:
     image: ghcr.io/ente-io/web
     container_name: ente-web
@@ -538,9 +539,9 @@ services:
     # Modify these values to your custom subdomains, if using any
     environment:
       <<: *common-environment
-      ENTE_API_ORIGIN: http://localhost:8080
+      ENTE_API_ORIGIN: https://ente.guiotte.fr
-      ENTE_ALBUMS_ORIGIN: https://dm:3002
+      ENTE_ALBUMS_ORIGIN: https://albums-photos.guiotte.fr
-      ENTE_PHOTOS_ORIGIN: http://dm:3000
+      ENTE_PHOTOS_ORIGIN: https://photos.guiotte.fr/
 
 
 volumes:

swag/nginx/proxy-confs/ente-server.subdomain.conf

@@ -0,0 +1,22 @@
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name ente.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    location / {
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app ente-server;
+        set $upstream_port 8080;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}
+

swag/nginx/proxy-confs/ente-web.subdomain.conf

@@ -0,0 +1,153 @@
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name photos.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    location / {
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app ente-web;
+        set $upstream_port 3000;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name comptes-photos.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    location / {
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app ente-web;
+        set $upstream_port 3001;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name albums-photos.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    location / {
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app ente-web;
+        set $upstream_port 3002;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name auth.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    location / {
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app ente-web;
+        set $upstream_port 3003;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name tele-photos.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    location / {
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app ente-web;
+        set $upstream_port 3004;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}
+
+#server {
+#    listen 443 ssl;
+#    listen [::]:443 ssl;
+#
+#    server_name partage-photos.*; # This is Ente Locker for files, not only photos
+#
+#    include /config/nginx/ssl.conf;
+#
+#    client_max_body_size 0;
+#
+#    location / {
+#
+#        include /config/nginx/proxy.conf;
+#        include /config/nginx/resolver.conf;
+#        set $upstream_app ente-web;
+#        set $upstream_port 3005;
+#        set $upstream_proto http;
+#        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+#
+#    }
+#}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name capsule-photos.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    location / {
+
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+        set $upstream_app ente-web;
+        set $upstream_port 3006;
+        set $upstream_proto http;
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+    }
+}

swag/nginx/proxy-confs/garage.subdomain.conf

@@ -0,0 +1,49 @@
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    server_name s3.*;
+
+    include /config/nginx/ssl.conf;
+
+    client_max_body_size 0;
+
+    location / {
+        include /config/nginx/proxy.conf;
+        include /config/nginx/resolver.conf;
+
+        set $upstream_app garage;
+        set $upstream_port 3900;
+        set $upstream_proto http;
+
+        # --- Handle CORS preflight ---
+        if ($request_method = OPTIONS) {
+            add_header 'Access-Control-Allow-Origin' "*" always;
+            add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, HEAD' always;
+            add_header 'Access-Control-Allow-Headers' '*' always;
+            add_header 'Access-Control-Allow-Credentials' 'true' always;
+            add_header 'Access-Control-Max-Age' 3000;
+            add_header 'Content-Length' 0;
+            add_header 'Content-Type' 'text/plain charset=UTF-8';
+            return 204;
+        }
+
+        # --- Proxy normal requests ---
+        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
+
+        # Prevent backend from sending conflicting CORS headers (optional)
+        proxy_hide_header Access-Control-Allow-Origin;
+        proxy_hide_header Access-Control-Allow-Credentials;
+        proxy_hide_header Access-Control-Allow-Headers;
+        proxy_hide_header Access-Control-Allow-Methods;
+        proxy_hide_header Access-Control-Expose-Headers;
+
+        # --- Add CORS headers for actual responses ---
+        add_header 'Access-Control-Allow-Origin' "*" always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, HEAD' always;
+        add_header 'Access-Control-Allow-Headers' '*' always;
+        add_header 'Access-Control-Allow-Credentials' 'true' always;
+        add_header 'Access-Control-Expose-Headers' 'Etag' always;#
+    }
+}
+

swag/nginx/proxy-confs/lychee.subdomain.conf

@@ -6,7 +6,7 @@ server {
     listen 443 ssl http2;
     listen [::]:443 ssl http2;
 
-    server_name photos.*;
+    server_name pics.*;
 
     include /config/nginx/ssl.conf;