Fork: 0
root / gnexus-book
Transfer to URL with SHA Find file
Newer
Older
gnexus-book / 40-inventory / services.yml
@Eugene Sukhodolskiy Eugene Sukhodolskiy 2 days ago 2 KB Document public VPN and internal proxy route
Raw Blame History 
# Applications, websites, infrastructure services, workers, and daemons.
---
- id: external-openvpn-server
  name: External OpenVPN Server
  type: vpn
  status: active
  host: external-vps
  domains: []
  ports: []
  criticality: high
  docs: ../10-systems/traffic-routes/public-gnexus-space-to-internal-nginx.md
  runbook: ""
  last_reviewed: 2026-05-09
  source_of_truth: owner-confirmed

- id: internal-openvpn-client
  name: Internal OpenVPN Client
  type: vpn-client
  status: active
  host: internal-proxy-vps
  domains: []
  ports: []
  criticality: high
  docs: ../10-systems/servers/internal-proxy-vps.md
  runbook: ""
  last_reviewed: 2026-05-09
  source_of_truth: owner-confirmed

- id: internal-nginx-proxy
  name: Internal nginx Reverse Proxy
  type: reverse-proxy
  status: active
  host: internal-proxy-vps
  domains:
    - gnexus-space
    - git-gnexus-space
    - jellyfin-gnexus-space
    - lytvak-gnexus-space
    - minecraft-gnexus-space
    - auth-gnexus-space
    - cloud-gnexus-space
    - files-gnexus-space
    - navi-gnexus-space
    - transmission-gnexus-space
  ports:
    - 80
    - 443
  nginx:
    version: nginx/1.18.0
    enabled_sites:
      - auth.gnexus.space
      - cloud.gnexus.space
      - files.gnexus.space
      - git.gnexus.space
      - gnexus.space
      - jellyfin.gnexus.space
      - navi.gnexus.space
      - transmission.gnexus.space
    available_sites_not_confirmed_enabled:
      - anicusi.gnexus.space
      - cats.gnexus.space
      - fdroid.gnexus.space
      - ferumina.gnexus.space
      - lytvak.gnexus.space
      - mail.gnexus.space
      - minecraft.gnexus.space
      - ollama.gnexus.space
      - sups.gnexus.space
      - topics.gnexus.space
    proxy_mappings:
      - domain: auth.gnexus.space
        upstream: http://192.168.1.167
        enabled: true
      - domain: cloud.gnexus.space
        upstream: http://192.168.1.152
        enabled: true
      - domain: files.gnexus.space
        upstream: http://192.168.1.157
        enabled: true
      - domain: git.gnexus.space
        upstream: http://192.168.1.156
        enabled: true
      - domain: gnexus.space
        upstream: http://192.168.1.151
        enabled: true
      - domain: jellyfin.gnexus.space
        upstream: http://192.168.1.153:8096
        enabled: true
      - domain: navi.gnexus.space
        upstream: http://192.168.1.168:8000
        enabled: true
      - domain: transmission.gnexus.space
        upstream: http://192.168.1.154:3000
        enabled: true
      - domain: lytvak.gnexus.space
        upstream: http://192.168.1.167
        enabled: false
      - domain: minecraft.gnexus.space
        upstream: tcp://192.168.1.218:25565
        enabled: false
  criticality: high
  docs: ../10-systems/servers/internal-proxy-vps.md
  runbook: ""
  last_reviewed: 2026-05-09
  source_of_truth: ssh-nginx-and-owner-confirmed