Initial commit: welcome-bot, abuse-bot, dormant-sweep, IP signup scrutiny

This commit is contained in:
2026-07-02 16:22:30 -07:00
commit c0e5df3cc4
17 changed files with 2231 additions and 0 deletions
+37
View File
@@ -0,0 +1,37 @@
# /etc/nginx/sites-available/hooks on admin.yttrx.com
# Enable with: ln -s ../sites-available/hooks /etc/nginx/sites-enabled/hooks
server {
listen 80;
listen [::]:80;
server_name hooks.yttrx.com;
# certbot --nginx will manage the redirect / cert; left here for the
# initial standalone issuance flow described in the README.
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name hooks.yttrx.com;
ssl_certificate /etc/letsencrypt/live/hooks.yttrx.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/hooks.yttrx.com/privkey.pem;
# Only the webhook endpoint and health check are exposed.
location = /webhook {
proxy_pass http://127.0.0.1:8087;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location = /healthz {
proxy_pass http://127.0.0.1:8087;
}
location / {
return 404;
}
}