first commit

2025-11-16 21:13:17 +05:30
commit 6eb1547e52
2 changed files with 186 additions and 0 deletions
--- a/append_more_with_hot_reload_at_runtime.sh
+++ b/append_more_with_hot_reload_at_runtime.sh
@@ -0,0 +1,83 @@
+#!/usr/bin/env bash
+set -Eeuo pipefail
+
+# --- config you can tweak ---
+CONF="/etc/nginx/sites-available/lan-proxy.conf"
+PROXY_IP="192.168.1.202"          # Nginx box LAN IP
+ID_BACKEND="192.168.1.202:21118"  # id.generalinfinity.cloud target
+RELAY_BACKEND="192.168.1.202:21119" # relay.generalinfinity.cloud target
+# ----------------------------
+
+STAMP="$(date +%F-%H%M%S)"
+
+sudo install -d /etc/nginx/sites-available /etc/nginx/sites-enabled
+sudo touch "$CONF"
+
+# backup
+sudo cp -a "$CONF" "${CONF}.bak-${STAMP}"
+
+# append id.generalinfinity.cloud if missing
+if ! sudo grep -q 'server_name id.generalinfinity.cloud' "$CONF"; then
+  sudo tee -a "$CONF" >/dev/null <<EOF
+server {
+  listen 443 ssl;
+  server_name id.generalinfinity.cloud;
+  ssl_certificate /etc/nginx/local.crt;
+  ssl_certificate_key /etc/nginx/local.key;
+
+  location / {
+    proxy_pass http://$ID_BACKEND;
+    proxy_set_header Host \$host;
+    proxy_set_header X-Real-IP \$remote_addr;
+    proxy_set_header Upgrade \$http_upgrade;
+    proxy_set_header Connection "upgrade";
+  }
+}
+EOF
+fi
+
+# append relay.generalinfinity.cloud if missing
+if ! sudo grep -q 'server_name relay.generalinfinity.cloud' "$CONF"; then
+  sudo tee -a "$CONF" >/dev/null <<EOF
+server {
+  listen 443 ssl;
+  server_name relay.generalinfinity.cloud;
+  ssl_certificate /etc/nginx/local.crt;
+  ssl_certificate_key /etc/nginx/local.key;
+
+  location / {
+    proxy_pass http://$RELAY_BACKEND;
+    proxy_set_header Host \$host;
+    proxy_set_header X-Real-IP \$remote_addr;
+    proxy_set_header Upgrade \$http_upgrade;
+    proxy_set_header Connection "upgrade";
+  }
+}
+EOF
+fi
+
+# refresh self-signed cert to include ALL hostnames (SAN)
+sudo openssl req -x509 -nodes -newkey rsa:2048 \
+  -keyout /etc/nginx/local.key -out /etc/nginx/local.crt -days 365 \
+  -subj "/CN=github.generalinfinity.cloud" \
+  -addext "subjectAltName=DNS:github.generalinfinity.cloud,DNS:call.generalinfinity.cloud,DNS:id.generalinfinity.cloud,DNS:relay.generalinfinity.cloud" \
+  >/dev/null 2>&1
+
+# validate and hot-reload (zero downtime)
+if sudo nginx -t; then
+  sudo systemctl reload nginx
+else
+  echo "❌ nginx test failed; restoring backup"
+  sudo mv "${CONF}.bak-${STAMP}" "$CONF"
+  exit 1
+fi
+
+# ensure local name resolution to the proxy
+grep -q 'id.generalinfinity.cloud' /etc/hosts    || echo "$PROXY_IP id.generalinfinity.cloud"    | sudo tee -a /etc/hosts
+grep -q 'relay.generalinfinity.cloud' /etc/hosts || echo "$PROXY_IP relay.generalinfinity.cloud" | sudo tee -a /etc/hosts
+
+# quick tests (ignore trust; use -k)
+curl -kI https://id.generalinfinity.cloud    || true
+curl -kI https://relay.generalinfinity.cloud || true
+
+echo "✅ Done. Nginx reloaded without interruption."
--- a/setup_local_dns.sh
+++ b/setup_local_dns.sh
@@ -0,0 +1,103 @@
+sudo apt install -y nginx
+
+
+
+# sudo nano /etc/nginx/sites-available/lan-proxy.conf
+# {
+
+# server {
+#   listen 443 ssl;
+#   server_name github.generalinfinity.cloud;
+#   ssl_certificate /etc/nginx/local.crt;
+#   ssl_certificate_key /etc/nginx/local.key;
+#   location / {
+#     proxy_pass http://192.168.1.203:3100;
+#     proxy_set_header Host $host;
+#     proxy_set_header X-Real-IP $remote_addr;
+#     proxy_set_header Upgrade $http_upgrade;
+#     proxy_set_header Connection $connection_upgrade;
+#   }
+# }
+
+# server {
+#   listen 443 ssl;
+#   server_name call.generalinfinity.cloud;
+#   ssl_certificate /etc/nginx/local.crt;
+#   ssl_certificate_key /etc/nginx/local.key;
+#   location / {
+#     proxy_pass http://192.168.1.202:3000;
+#     proxy_set_header Host $host;
+#     proxy_set_header X-Real-IP $remote_addr;
+#     proxy_set_header Upgrade $http_upgrade;
+#     proxy_set_header Connection $connection_upgrade;
+#   }
+# }
+
+
+# }
+
+sudo tee /etc/nginx/sites-available/lan-proxy.conf > /dev/null << 'EOF'
+server {
+  listen 443 ssl;
+  server_name github.generalinfinity.cloud;
+  ssl_certificate /etc/nginx/local.crt;
+  ssl_certificate_key /etc/nginx/local.key;
+
+  location / {
+    proxy_pass http://192.168.1.203:3100;
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection $connection_upgrade;
+  }
+}
+
+server {
+  listen 443 ssl;
+  server_name call.generalinfinity.cloud;
+  ssl_certificate /etc/nginx/local.crt;
+  ssl_certificate_key /etc/nginx/local.key;
+
+  location / {
+    proxy_pass http://192.168.1.202:3000;
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection $connection_upgrade;
+  }
+}
+EOF
+
+
+
+
+
+
+
+
+
+
+
+sudo openssl req -x509 -nodes -newkey rsa:2048 \
+  -keyout /etc/nginx/local.key -out /etc/nginx/local.crt -days 365 \
+  -subj "/CN=github.generalinfinity.cloud" \
+  -addext "subjectAltName=DNS:github.generalinfinity.cloud,DNS:call.generalinfinity.cloud"
+
+
+
+sudo nginx -t && sudo systemctl restart nginx
+
+
+
+
+# optional
+sudo ufw allow "Nginx Full"
+
+
+
+# 1) Fix hosts (remove bad line, add correct one)
+sudo sed -i '/NGINX_IP/d' /etc/hosts
+echo "192.168.1.202 github.generalinfinity.cloud call.generalinfinity.cloud" | sudo tee -a /etc/hosts
+# 2) Test Nginx vhost routing
+curl -I -H 'Host: github.generalinfinity.cloud' http://192.168.1.202/
+curl -I -H 'Host: call.generalinfinity.cloud'   http://192.168.1.202/