include /etc/nginx/modules-enabled/*.conf; events {} stream { upstream k3s_servers { {% for ip in k3s_server_ips %} server {{ ip }}:{{ k3s.loadbalancer.default_port }}; {% endfor %} } server { listen {{k3s.loadbalancer.default_port}}; proxy_pass k3s_servers; } upstream etcd_servers { {% for ip in k3s_server_ips %} server {{ ip }}:2379; {% endfor %} } server { listen 2379; proxy_pass etcd_servers; } upstream dns_servers { {% for ip in k3s_server_ips %} server {{ ip }}:53; {% endfor %} } server { listen 53 udp; proxy_pass dns_servers; } } # http { # upstream k3s_servers_http { # least_conn; # {% for ip in k3s_server_ips %} # server {{ ip }}:80; # {% endfor %} # } # # upstream k3s_servers_https { # least_conn; # {% for ip in k3s_server_ips %} # server {{ ip }}:443; # {% endfor %} # } # # server { # listen 80; # # location / { # proxy_pass http://k3s_servers_http; # proxy_set_header Host $http_host; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header X-Forwarded-Proto http; # } # } # # server { # listen 443 ssl; # # server_name staging.k3s.seyshiro.de *.staging.k3s.seyshiro.de; # # ssl_certificate /etc/nginx/ssl/staging_tls.crt; # ssl_certificate_key /etc/nginx/ssl/staging_tls.key; # # location / { # proxy_pass https://k3s_servers_https; # proxy_set_header Host $host; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header X-Forwarded-Proto https; # } # } # # server { # listen 443 ssl; # # server_name k3s.seyshiro.de *.k3s.seyshiro.de; # # ssl_certificate /etc/nginx/ssl/production_tls.crt; # ssl_certificate_key /etc/nginx/ssl/production_tls.key; # # location / { # proxy_pass https://k3s_servers_https; # proxy_set_header Host $host; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header X-Forwarded-Proto https; # } # } # }