Unify configs, enhance SSL security
This commit is contained in:
root
@@ -1,12 +1,13 @@
|
||||
# -*-nginx-*-
|
||||
# Beschreibung: Dies ist ein fallback falls kein sonstiger Server gewaehlt wurde. Im geschuetzten Bereich befinden sich Infos zur Konfiguration!
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
server_name triton.fet.at www.triton.fet.at triton.local;
|
||||
root /srv/welcome;
|
||||
server {
|
||||
listen 80;
|
||||
server_name triton.fet.at www.triton.fet.at triton.local;
|
||||
|
||||
location /.well-known {
|
||||
allow all;
|
||||
root /srv/welcome;
|
||||
allow all;
|
||||
}
|
||||
location / {
|
||||
return 301 https://$host$request_uri;
|
||||
@@ -14,18 +15,17 @@ server {
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name triton.fet.at www.triton.fet.at triton.local;
|
||||
listen 443 ssl http2;
|
||||
server_name triton.fet.at www.triton.fet.at triton.local;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/triton.fet.at/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/triton.fet.at/privkey.pem;
|
||||
ssl_trusted_certificate /etc/letsencrypt/live/triton.fet.at/chain.pem;
|
||||
|
||||
auth_ldap "FET Login - TT";
|
||||
auth_ldap_servers fet;
|
||||
include snippets/ssl.conf;
|
||||
include snippets/ldap.conf;
|
||||
|
||||
root /srv/welcome;
|
||||
location /.well-known {
|
||||
allow all;
|
||||
}
|
||||
root /srv/welcome/build;
|
||||
location / {
|
||||
ssi on;
|
||||
index index.html;
|
||||
@@ -34,7 +34,6 @@ server {
|
||||
rewrite ^/conf/(.*)$ /$1 break;
|
||||
proxy_pass http://localhost:8080;
|
||||
}
|
||||
|
||||
location /doc {
|
||||
return 301 https://intern.triton.fet.at$request_uri;
|
||||
# include uwsgi_params;
|
||||
@@ -43,6 +42,4 @@ server {
|
||||
# rewrite ^/doc/(.*)$ /$1 break;
|
||||
# proxy_pass http://localhost:8081;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user