Unify configs, enhance SSL security
This commit is contained in:
root
@@ -1,26 +1,26 @@
|
||||
# -*-nginx-*-
|
||||
server {
|
||||
listen 80;
|
||||
server_name alt.triton.fet.at www.alt.triton.fet.at glonass.htu.tuwien.ac.at alt.fet.at www.alt.fet.at 128.131.95.212;
|
||||
server {
|
||||
listen 80;
|
||||
server_name alt.triton.fet.at www.alt.triton.fet.at glonass.htu.tuwien.ac.at alt.fet.at www.alt.fet.at 128.131.95.212;
|
||||
|
||||
location /.well-known {
|
||||
root /srv/pxy/alt/;
|
||||
allow all;
|
||||
root /srv/pxy/alt/;
|
||||
}
|
||||
location / {
|
||||
return 301 https://www.alt.fet.at$request_uri;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name alt.triton.fet.at www.alt.triton.fet.at glonass.htu.tuwien.ac.at alt.fet.at;
|
||||
ssl_certificate /etc/letsencrypt/live/www.alt.fet.at/fullchain.pem;
|
||||
server_name alt.triton.fet.at www.alt.triton.fet.at glonass.htu.tuwien.ac.at alt.fet.at;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/www.alt.fet.at/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/www.alt.fet.at/privkey.pem;
|
||||
location /.well-known {
|
||||
allow all;
|
||||
root /srv/pxy/alt/;
|
||||
}
|
||||
ssl_trusted_certificate /etc/letsencrypt/live/www.alt.fet.at/chain.pem;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
|
||||
location / {
|
||||
return 302 https://www.alt.fet.at$request_uri;
|
||||
@@ -29,45 +29,39 @@ ssl_certificate /etc/letsencrypt/live/www.alt.fet.at/fullchain.pem;
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
# server_name alt.triton.fet.at www.alt.triton.fet.at glonass.htu.tuwien.ac.at alt.fet.at;
|
||||
server_name www.alt.fet.at;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/www.alt.fet.at/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/www.alt.fet.at/privkey.pem;
|
||||
ssl_trusted_certificate /etc/letsencrypt/live/www.alt.fet.at/chain.pem;
|
||||
|
||||
location /.well-known {
|
||||
allow all;
|
||||
root /srv/pxy/alt/;
|
||||
}
|
||||
include snippets/ssl.conf;
|
||||
|
||||
location = / {
|
||||
return 301 https://$host/twiki/bin/view/Homepage;
|
||||
}
|
||||
location = /twiki/ {
|
||||
return 301 https://$host/twiki/bin/view/Homepage;
|
||||
return 301 https://$host/twiki/bin/view/Homepage;
|
||||
}
|
||||
location = /alt/ {
|
||||
return 301 https://$host/twiki/bin/view/Homepage;
|
||||
return 301 https://$host/twiki/bin/view/Homepage;
|
||||
}
|
||||
location = /twiki/bin/ {
|
||||
return 301 https://$host/twiki/bin/view/Homepage;
|
||||
return 301 https://$host/twiki/bin/view/Homepage;
|
||||
}
|
||||
location = /alt/bin/ {
|
||||
return 301 https://$host/twiki/bin/view/Homepage;
|
||||
return 301 https://$host/twiki/bin/view/Homepage;
|
||||
}
|
||||
|
||||
location /alt {
|
||||
rewrite ^/alt(.*) /twiki$1 last;
|
||||
}
|
||||
|
||||
location / {
|
||||
#
|
||||
proxy_set_header Host glonass.htu.tuwien.ac.at;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_pass http://twikialt.local;
|
||||
sub_filter /alt/bin /twiki/bin;
|
||||
sub_filter glonass.htu.tuwien.ac.at www.alt.fet.at;
|
||||
proxy_pass http://twikialt.local;
|
||||
sub_filter /alt/bin /twiki/bin;
|
||||
sub_filter glonass.htu.tuwien.ac.at www.alt.fet.at;
|
||||
sub_filter http https;
|
||||
sub_filter_once off;
|
||||
|
||||
sub_filter_once off;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user