From 0b432df8afbaed75e9c7b5db0a6866a16f2f8cff Mon Sep 17 00:00:00 2001
From: Nathan Woodburn <github@nathan.woodburn.au>
Date: Fri, 15 Dec 2023 15:47:01 +1100
Subject: [PATCH] fix: Fix ssl errors and stop access logging

---
 build.sh   | 13 +++++++++++++
 nginx.conf | 38 ++++++++++++++++++++++++++++++++------
 2 files changed, 45 insertions(+), 6 deletions(-)
 create mode 100755 build.sh

diff --git a/build.sh b/build.sh
new file mode 100755
index 0000000..39efa02
--- /dev/null
+++ b/build.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+# Build the project
+echo "Building the project..."
+docker build -t hns_doh:test .
+
+# Start the container
+echo "Starting the container..."
+docker run -p 1234:80 --name hns_doh hns_doh:test
+
+# Remove the container
+echo "Removing the container..."
+docker rm -f hns_doh
\ No newline at end of file
diff --git a/nginx.conf b/nginx.conf
index c149777..2382c6c 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -1,39 +1,65 @@
 server {
   listen      8001 default_server;
   server_name _;
+  access_log off;
   location / {
-    proxy_pass       https://doh.hnshosting.au;
+    proxy_ssl_server_name on;
     proxy_set_header Host doh.hnshosting.au;
+    proxy_pass       https://doh.hnshosting.au;
+    add_header X-DoH-Server "HNSHosting.au";
   }
 }
 
 server {
   listen      8002 default_server;
   server_name _;
+  access_log off;
   location / {
-    proxy_pass       https://easyhandshake.com:8053;
+    proxy_ssl_server_name on;
     proxy_set_header Host easyhandshake.com;
+    proxy_pass       https://easyhandshake.com:8053;   
+    add_header X-DoH-Server "EasyHandshake.com";
   }
 }
 
 server {
   listen      8003 default_server;
   server_name _;
+  access_log off;
   location / {
-    proxy_pass       https://doh.hnsdns.com;
+    proxy_ssl_server_name on;
     proxy_set_header Host doh.hnsdns.com;
+    proxy_pass       https://doh.hnsdns.com;    
+
+    add_header X-DoH-Server "HNSDNS.com";
   }
 }
 
+server {
+  listen      8004 default_server;
+  server_name _;
+  access_log off;
+  location / {
+    proxy_ssl_server_name on;
+    proxy_set_header Host hnsns.net;
+    proxy_pass       https://hnsns.net;
+
+    add_header X-DoH-Server "HNSNS.net";
+  }
+}
+
+# Load balancing each node will be timed out for 10 minutes if it fails
 upstream main {
-  server 127.0.0.1:8001; 
-  server 127.0.0.1:8002;
-  server 127.0.0.1:8003;
+  server 127.0.0.1:8001 max_fails=1 fail_timeout=10m;
+  server 127.0.0.1:8002 max_fails=1 fail_timeout=10m;
+  server 127.0.0.1:8003 max_fails=1 fail_timeout=10m;
+  server 127.0.0.1:8004 max_fails=1 fail_timeout=10m;
 }
 
 server {
   listen      80;
   server_name _;
+  access_log off;
   location / {
     proxy_pass http://main;
   }