{
"name": "https_listener",
"yaml": "'@type': type.googleapis.com/envoy.config.listener.v3.Listener\naddress:\n socketAddress:\n address: 0.0.0.0\n portValue: 10001\nfilterChains:\n - filterChainMatch:\n serverNames:\n - pcb.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n name: pcb_service\n virtualHosts:\n - domains:\n - pcb.jerxie.com\n name: pcb_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _pcb_server\n timeout: 0s\n statPrefix: ingress_http\n upgradeConfigs:\n - upgradeType: websocket\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: pcb_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - monitor.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n virtualHosts:\n - domains:\n - monitor.jerxie.com\n name: monitor_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _monitor_server\n timeout: 0s\n statPrefix: ingress_http\n upgradeConfigs:\n - upgradeType: websocket\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: monitor_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - ai.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n name: ai_unified_service\n virtualHosts:\n - domains:\n - ai.jerxie.com\n name: ai_service\n routes:\n - match:\n prefix: /agent.\n route:\n cluster: _ai_agent_orchestrator\n maxStreamDuration:\n grpcTimeoutHeaderMax: 0s\n timeout: 0s\n - match:\n prefix: /\n route:\n cluster: _ai_unified_server\n timeout: 0s\n statPrefix: ingress_http\n upgradeConfigs:\n - upgradeType: websocket\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n alpnProtocols:\n - h2\n - http/1.1\n tlsCertificateSdsSecretConfigs:\n - name: ai_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - container.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n virtualHosts:\n - domains:\n - container.jerxie.com\n name: container_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _portainer_ui\n statPrefix: ingress_http\n upgradeConfigs:\n - upgradeType: websocket\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: container_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - password.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n virtualHosts:\n - domains:\n - password.jerxie.com\n name: password_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _bitwarden_service\n statPrefix: ingress_http\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: password_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - docker.jerxie.com\n - docker.local\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n virtualHosts:\n - domains:\n - docker.jerxie.com\n name: docker_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _docker_registry\n timeout: 0s\n statPrefix: ingress_http\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: docker_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - video.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n virtualHosts:\n - domains:\n - video.jerxie.com\n name: docker_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _nas_video\n timeout: 0s\n statPrefix: ingress_http\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: video_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - audio.jerxie.com\n - audio.local\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n virtualHosts:\n - domains:\n - audio.jerxie.com\n - audio.local\n name: docker_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _nas_audio\n statPrefix: ingress_http\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: audio_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - gitbucket.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n virtualHosts:\n - domains:\n - gitbucket.jerxie.com\n name: gitbucket_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _git_bucket\n statPrefix: ingress_http\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: gitbucket_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - photo.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n virtualHosts:\n - domains:\n - photo.jerxie.com\n name: photo_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _nas_photo\n timeout: 0s\n statPrefix: ingress_http\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: photo_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - note.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n virtualHosts:\n - domains:\n - note.jerxie.com\n name: note_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _nas_note\n statPrefix: ingress_http\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: note_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - home.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n mergeSlashes: true\n normalizePath: true\n requestTimeout: 300s\n routeConfig:\n virtualHosts:\n - domains:\n - home.jerxie.com\n name: home_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _homeassistant_service\n statPrefix: ingress_http\n streamIdleTimeout: 300s\n upgradeConfigs:\n - upgradeType: websocket\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: home_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - auth.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n virtualHosts:\n - domains:\n - auth.jerxie.com\n name: auth_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _auth_server\n statPrefix: ingress_http\n upgradeConfigs:\n - upgradeType: websocket\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: auth_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - nas\n - nas.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n maxRequestHeadersKb: 96\n routeConfig:\n virtualHosts:\n - domains:\n - nas.jerxie.com\n - nas:10001\n name: docker_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _nas_service\n timeout: 0s\n statPrefix: ingress_http\n upgradeConfigs:\n - upgradeType: websocket\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: nas_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - code.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - configDiscovery:\n configSource:\n ads: {}\n resourceApiVersion: V3\n typeUrls:\n - type.googleapis.com/envoy.extensions.filters.http.oauth2.v3.OAuth2\n name: oidc_oauth2_config_code-server\n - configDiscovery:\n configSource:\n ads: {}\n resourceApiVersion: V3\n typeUrls:\n - type.googleapis.com/envoy.extensions.filters.http.jwt_authn.v3.JwtAuthentication\n name: oidc_jwt_authn_config\n - configDiscovery:\n configSource:\n ads: {}\n resourceApiVersion: V3\n typeUrls:\n - type.googleapis.com/envoy.extensions.filters.http.lua.v3.Lua\n name: oidc_authz_lua\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n virtualHosts:\n - domains:\n - code.jerxie.com\n name: code_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _code_server\n statPrefix: ingress_http\n upgradeConfigs:\n - upgradeType: websocket\n name: code_server_filter_chain\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: code_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - envoy.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - configDiscovery:\n configSource:\n ads: {}\n resourceApiVersion: V3\n typeUrls:\n - type.googleapis.com/envoy.extensions.filters.http.oauth2.v3.OAuth2\n name: oidc_oauth2_config_envoy-server\n - configDiscovery:\n configSource:\n ads: {}\n resourceApiVersion: V3\n typeUrls:\n - type.googleapis.com/envoy.extensions.filters.http.jwt_authn.v3.JwtAuthentication\n name: oidc_jwt_authn_config\n - configDiscovery:\n configSource:\n ads: {}\n resourceApiVersion: V3\n typeUrls:\n - type.googleapis.com/envoy.extensions.filters.http.lua.v3.Lua\n name: oidc_authz_lua\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n virtualHosts:\n - domains:\n - envoy.jerxie.com\n name: envoy_service\n routes:\n - match:\n prefix: /\n route:\n cluster: _envoy_server\n statPrefix: ingress_http_envoy\n upgradeConfigs:\n - upgradeType: websocket\n name: envoy_server_filter_chain\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: envoy_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\n - filterChainMatch:\n serverNames:\n - openclaw.jerxie.com\n filters:\n - name: envoy.filters.network.http_connection_manager\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager\n httpFilters:\n - configDiscovery:\n configSource:\n ads: {}\n resourceApiVersion: V3\n typeUrls:\n - type.googleapis.com/envoy.extensions.filters.http.oauth2.v3.OAuth2\n name: oidc_oauth2_config_openclaw\n - configDiscovery:\n configSource:\n ads: {}\n resourceApiVersion: V3\n typeUrls:\n - type.googleapis.com/envoy.extensions.filters.http.jwt_authn.v3.JwtAuthentication\n name: oidc_jwt_authn_config\n - configDiscovery:\n configSource:\n ads: {}\n resourceApiVersion: V3\n typeUrls:\n - type.googleapis.com/envoy.extensions.filters.http.lua.v3.Lua\n name: oidc_authz_lua\n - name: envoy.filters.http.router\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router\n routeConfig:\n virtualHosts:\n - domains:\n - openclaw.jerxie.com\n name: openclaw_service\n routes:\n - match:\n prefix: /webhooks\n route:\n cluster: _openclaw_server\n typedPerFilterConfig:\n oidc_authz_lua:\n '@type': type.googleapis.com/envoy.config.route.v3.FilterConfig\n disabled: true\n oidc_jwt_authn_config:\n '@type': type.googleapis.com/envoy.config.route.v3.FilterConfig\n disabled: true\n oidc_oauth2_config_openclaw:\n '@type': type.googleapis.com/envoy.config.route.v3.FilterConfig\n disabled: true\n - match:\n prefix: /\n route:\n cluster: _openclaw_server\n statPrefix: ingress_http\n upgradeConfigs:\n - upgradeType: websocket\n name: openclaw_server_filter_chain\n transportSocket:\n name: envoy.transport_sockets.tls\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext\n commonTlsContext:\n tlsCertificateSdsSecretConfigs:\n - name: openclaw_jerxie_com\n sdsConfig:\n apiConfigSource:\n apiType: GRPC\n grpcServices:\n - envoyGrpc:\n clusterName: xds_cluster\n transportApiVersion: V3\n resourceApiVersion: V3\nlistenerFilters:\n - name: envoy.filters.listener.tls_inspector\n typedConfig:\n '@type': type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector\nname: https_listener",
"upsert": true
}
