bofh/nginx_sites
9
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

multiple config changes until 09/2021

Browse Source
This commit is contained in:
root
2021-09-18 14:59:54 +02:00
parent 0c02fac0ba
commit b30bdb4fa3
13 changed files with 666 additions and 154 deletions
Download Patch File Download Diff File Expand all files Collapse all files

171
fet.at/2020.conf
View File

@@ -24,11 +24,7 @@ server {
proxy_pass http://fetsite4:9000;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# proxy_set_header Authorization "";
# proxy_set_header REMOTE_USER $remote_user;
}
}
@@ -47,11 +43,6 @@ server {
proxy_pass http://fetsitedev:8980;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# proxy_set_header Authorization "";
# proxy_set_header REMOTE_USER $remote_user;
}
}
@@ -72,17 +63,11 @@ server {
include snippets/ldap.conf;
proxy_pass http://fetsitedev:5000;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header REMOTE_USER $remote_user;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /income {
proxy_pass http://fetsitedev:5000;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
@@ -96,19 +81,14 @@ server {
ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/header.conf;
client_max_body_size 100M;
location / {
include snippets/header.conf;
#include snippets/ldap.conf;
proxy_pass http://fetsite4:8001;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# proxy_set_header Authorization "";
# proxy_set_header REMOTE_USER $remote_user;
}
location /api {
# deny all;
@@ -116,9 +96,7 @@ server {
# allow 128.130.95.200;
proxy_pass http://fetsite4:8001;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
@@ -141,20 +119,14 @@ server {
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# proxy_set_header Authorization "";
# proxy_set_header REMOTE_USER $remote_user;
}
}
server {
listen 443 ssl http2;
server_name *.2020.fet.at;
server_name dev.2020.fet.at;
ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem;
@@ -164,14 +136,55 @@ server {
client_max_body_size 1000M;
location / {
# include snippets/header.conf;
include snippets/ldap.conf;
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
}
server {
listen 443 ssl http2;
server_name design2.2020.fet.at;
ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/header.conf;
client_max_body_size 1000M;
location / {
include snippets/header.conf;
include snippets/ldap.conf;
proxy_pass http://fetsitedev:8103;
include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
}
server {
listen 443 ssl http2;
server_name *.2020.fet.at;
ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/header.conf;
client_max_body_size 1000M;
location / {
include snippets/header.conf;
include snippets/ldap.conf;
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
@@ -185,9 +198,6 @@ server {
# deny all;
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
@@ -200,9 +210,6 @@ server {
# deny all;
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
@@ -217,26 +224,29 @@ server {
ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem;
include snippets/ssl.conf;
# include snippets/header.conf;
client_max_body_size 1000M;
location / {
include snippets/header.conf;
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
location /admin {
location /dev {
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
location /admin {
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
@@ -253,16 +263,13 @@ server {
ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem;
include snippets/ssl.conf;
# include snippets/header.conf;
include snippets/header.conf;
# include snippets/ldap.conf;
client_max_body_size 1000M;
location / {
proxy_pass http://fetsite6:8001;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
@@ -276,9 +283,6 @@ server {
# deny all;
proxy_pass http://fetsite6:8001;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
@@ -286,3 +290,52 @@ server {
}
server {
listen 443 ssl http2;
server_name test.fet.at;
ssl_certificate /etc/letsencrypt/live/www.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/www.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/header.conf;
client_max_body_size 10M;
location /etherpad {
proxy_pass http://triton20:8001;
include snippets/proxy_header.conf;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'";
}
#location /api {
#return 403 "Contact bofh@fet.at if you really need to access this";
#}
location / {
proxy_pass http://triton20:8001;
include snippets/proxy_header.conf;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'";
}
location /admin {
proxy_pass http://triton20:8001;
include snippets/proxy_header.conf;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'";
}
location /api {
satisfy any;
allow 192.168.86.0/24;
include snippets/ldap.conf;
proxy_pass http://triton20:8001;
include snippets/proxy_header.conf;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'";
}
}

3
fet.at/2020.prod.conf
View File

@@ -22,9 +22,6 @@ server {
proxy_pass http://fetsite21:8001;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}

2
fet.at/corona.conf
View File

@@ -18,7 +18,7 @@ server {
include snippets/header.conf;
location / {
return 302 https://www.fet.at/rubriken/5/neuigkeiten/509;
return 302 https://fet.at/posts/covid19;
}
location /anwesenheit {
proxy_pass http://proteus;

140
fet.at/default.conf
View File

@@ -1,38 +1,14 @@
# -*-nginx-*-
server {
listen 80;
server_name fet.at 128.131.95.208;
server_name fet.at 128.131.95.208 www.fet.at;
include snippets/letsencrypt.conf;
}
server {
listen 443 ssl http2;
server_name fet.at;
ssl_certificate /etc/letsencrypt/live/fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/fet.at/chain.pem;
include snippets/ssl.conf;
location / {
return 302 https://www.fet.at$request_uri;
}
}
server {
listen 80;
server_name www.fet.at;
include snippets/letsencrypt.conf;
client_max_body_size 50M;
location /etherpad {
proxy_pass http://192.168.95.11:3333;
include snippets/proxy_header.conf;
}
}
server {
listen 443 ssl http2;
@@ -43,18 +19,120 @@ server {
ssl_trusted_certificate /etc/letsencrypt/live/www.fet.at/chain.pem;
include snippets/ssl.conf;
# include snippets/ldap.conf;
location / {
return 302 https://fet.at$request_uri;
}
}
server {
listen 80;
server_name legacy.fet.at;
include snippets/letsencrypt.conf;
client_max_body_size 50M;
location /etherpad {
proxy_pass http://192.168.95.11:3333;
include snippets/proxy_header.conf;
}
}
server {
listen 443 ssl http2;
server_name legacy.fet.at;
ssl_certificate /etc/letsencrypt/live/www.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/www.fet.at/chain.pem;
include snippets/ssl.conf;
client_max_body_size 50M;
location / {
include snippets/ldap.conf;
proxy_pass http://192.168.95.11:3333;
include snippets/proxy_header.conf;
}
location /etherpad {
proxy_pass http://192.168.95.11:3333;
include snippets/proxy_header.conf;
}
location ~ ^/(alt|twiki) {
return 302 https://www.alt.fet.at$request_uri;
}
location ~ ^/(labor) {
return 302 https://www.fet.at/themen/8;
# location ~ ^/(labor) {
# return 302 https://www.fet.at/themen/8;
# }
#}
}
server {
listen 443 ssl http2;
server_name fet.at;
ssl_certificate /etc/letsencrypt/live/www.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/www.fet.at/chain.pem;
include snippets/ssl.conf;
client_max_body_size 10M;
location /etherpad {
# return 404 "Wir machen gerade ein Update";
proxy_pass http://fetsite21:8001;
include snippets/proxy_header.conf;
# add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'";
}
#location /api {
#return 403 "Contact bofh@fet.at if you really need to access this";
#}
location / {
include snippets/header.conf;
proxy_pass http://fetsite21:8001;
include snippets/proxy_header.conf;
}
location /admin {
# return 404 "Wir machen gerade ein Update";
proxy_pass http://fetsite21:8001;
include snippets/proxy_header.conf;
}
location /api {
satisfy any;
allow 192.168.86.0/24;
include snippets/ldap.conf;
proxy_pass http://fetsite21:8001;
include snippets/proxy_header.conf;
}
}
server {
listen 443 ssl http2;
server_name portainer.2020.fet.at;
ssl_certificate /etc/letsencrypt/live/moses.2020.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/moses.2020.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/moses.2020.fet.at/chain.pem;
include snippets/ssl.conf;
# include snippets/ldap.conf;
client_max_body_size 10M;
location / {
proxy_pass http://fetsite21:9000;
include snippets/proxy_header.conf;
}
}

31
fet.at/discord.conf Normal file
View File

@@ -0,0 +1,31 @@
# -*-nginx-*-
server {
listen 80;
server_name discord.fet.at;
include snippets/letsencrypt.conf;
}
server {
listen 443 ssl http2;
server_name discord.fet.at;
ssl_certificate /etc/letsencrypt/live/discord.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/discord.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/discord.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/header.conf;
location / {
return 302 https://discord.gg/7qRuuMA;
}
#location /LVA/LVAs {
# proxy_pass http://proteus;
# include snippets/proxy_header.conf;
#
# include snippets/ldap.conf;
#}
}

31
fet.at/facebook.conf Normal file
View File

@@ -0,0 +1,31 @@
# -*-nginx-*-
server {
listen 80;
server_name facebook.fet.at;
include snippets/letsencrypt.conf;
}
server {
listen 443 ssl http2;
server_name facebook.fet.at;
ssl_certificate /etc/letsencrypt/live/facebook.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/facebook.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/facebook.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/header.conf;
location / {
return 302 https://www.facebook.com/FachschaftET/;
}
#location /LVA/LVAs {
# proxy_pass http://proteus;
# include snippets/proxy_header.conf;
#
# include snippets/ldap.conf;
#}
}

31
fet.at/infoscreen.conf Normal file
View File

@@ -0,0 +1,31 @@
# -*-nginx-*-
server {
listen 80;
server_name infoscreen.fet.at;
include snippets/letsencrypt.conf;
}
server {
listen 443 ssl http2;
server_name infoscreen.fet.at;
ssl_certificate /etc/letsencrypt/live/infoscreen.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/infoscreen.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/infoscreen.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/header.conf;
location / {
proxy_pass http://proteus;
include snippets/proxy_header.conf;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' ";
}
#location /da/daten {
# proxy_pass http://proteus;
# include snippets/proxy_header.conf;
#
# include snippets/ldap.conf;
#}
}

31
fet.at/instagram.conf Normal file
View File

@@ -0,0 +1,31 @@
# -*-nginx-*-
server {
listen 80;
server_name instagram.fet.at;
include snippets/letsencrypt.conf;
}
server {
listen 443 ssl http2;
server_name instagram.fet.at;
ssl_certificate /etc/letsencrypt/live/instagram.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/instagram.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/instagram.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/header.conf;
location / {
return 302 https://www.instagram.com/fet_tuwien/;
}
#location /LVA/LVAs {
# proxy_pass http://proteus;
# include snippets/proxy_header.conf;
#
# include snippets/ldap.conf;
#}
}

23
fet.at/t2.conf Normal file
View File

@@ -0,0 +1,23 @@
server {
listen 80;
server_name *.t2.fet.at;
include snippets/letsencrypt.conf;
# root /var/www/html
# return 301 https://$host$request_uri;
}
server {
listen 443;
server_name t2.fet.at *.t2.fet.at;
include snippets/ssl.conf;
include snippets/ldap.conf;
location / {
# include snippets/header.conf;
proxy_pass https://rancher:443;
include snippets/proxy_header.conf;
# include snippets/proxy_header.conf;
}
}

31
fet.at/telegram.conf Normal file
View File

@@ -0,0 +1,31 @@
# -*-nginx-*-
server {
listen 80;
server_name telegram.fet.at;
include snippets/letsencrypt.conf;
}
server {
listen 443 ssl http2;
server_name telegram.fet.at;
ssl_certificate /etc/letsencrypt/live/telegram.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/telegram.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/telegram.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/header.conf;
location / {
return 302 https://t.me/FETInfo;
}
#location /LVA/LVAs {
# proxy_pass http://proteus;
# include snippets/proxy_header.conf;
#
# include snippets/ldap.conf;
#}
}

84
fet.at/triton20.conf Normal file
View File

@@ -0,0 +1,84 @@
server {
listen 80;
server_name *.triton20.fet.at;
include snippets/letsencrypt.conf;
}
# server {
# listen 80;
# server_name triton20.fet.at *.triton20.fet.at;
# location / {
# proxy_pass http://triton20:80;
# # include snippets/proxy_header.conf;
# }
#}
server {
listen 443;
server_name triton20.fet.at *.triton20.fet.at;
location / {
proxy_pass https://triton20:443;
# include snippets/proxy_header.conf;
}
}
server {
listen 443;
server_name andis.triton20.fet.at;
location / {
include snippets/ldap.conf;
proxy_pass http://triton20:8101;
include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
}
server {
listen 443 ssl http2;
server_name patrick.triton20.fet.at;
# ssl_certificate /etc/letsencrypt/live/triton20.fet.at/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/triton20.fet.at/privkey.pem;
# ssl_trusted_certificate /etc/letsencrypt/live/triton20.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/ldap.conf;
client_max_body_size 1000M;
location / {
include snippets/header.conf;
proxy_pass http://triton20:8107;
include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
location /dev {
proxy_pass http://triton20:8107;
include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
location /etherpad {
proxy_pass http://triton20:8107;
include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'";
}
location /admin {
proxy_pass http://triton20:8107;
include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
}