bofh/nginx_sites
9
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

multiple config changes until 09/2021

Browse Source
This commit is contained in:
root
2021-09-18 14:59:54 +02:00
parent 0c02fac0ba
commit b30bdb4fa3
13 changed files with 666 additions and 154 deletions
Download Patch File Download Diff File Expand all files Collapse all files

171
fet.at/2020.conf
View File

@@ -24,11 +24,7 @@ server {
proxy_pass http://fetsite4:9000;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# proxy_set_header Authorization "";
# proxy_set_header REMOTE_USER $remote_user;
}
}
@@ -47,11 +43,6 @@ server {
proxy_pass http://fetsitedev:8980;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# proxy_set_header Authorization "";
# proxy_set_header REMOTE_USER $remote_user;
}
}
@@ -72,17 +63,11 @@ server {
include snippets/ldap.conf;
proxy_pass http://fetsitedev:5000;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header REMOTE_USER $remote_user;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /income {
proxy_pass http://fetsitedev:5000;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
@@ -96,19 +81,14 @@ server {
ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/header.conf;
client_max_body_size 100M;
location / {
include snippets/header.conf;
#include snippets/ldap.conf;
proxy_pass http://fetsite4:8001;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# proxy_set_header Authorization "";
# proxy_set_header REMOTE_USER $remote_user;
}
location /api {
# deny all;
@@ -116,9 +96,7 @@ server {
# allow 128.130.95.200;
proxy_pass http://fetsite4:8001;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
@@ -141,20 +119,14 @@ server {
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# proxy_set_header Authorization "";
# proxy_set_header REMOTE_USER $remote_user;
}
}
server {
listen 443 ssl http2;
server_name *.2020.fet.at;
server_name dev.2020.fet.at;
ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem;
@@ -164,14 +136,55 @@ server {
client_max_body_size 1000M;
location / {
# include snippets/header.conf;
include snippets/ldap.conf;
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
}
server {
listen 443 ssl http2;
server_name design2.2020.fet.at;
ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/header.conf;
client_max_body_size 1000M;
location / {
include snippets/header.conf;
include snippets/ldap.conf;
proxy_pass http://fetsitedev:8103;
include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
}
server {
listen 443 ssl http2;
server_name *.2020.fet.at;
ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/header.conf;
client_max_body_size 1000M;
location / {
include snippets/header.conf;
include snippets/ldap.conf;
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
@@ -185,9 +198,6 @@ server {
# deny all;
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
@@ -200,9 +210,6 @@ server {
# deny all;
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
@@ -217,26 +224,29 @@ server {
ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem;
include snippets/ssl.conf;
# include snippets/header.conf;
client_max_body_size 1000M;
location / {
include snippets/header.conf;
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
location /admin {
location /dev {
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
location /admin {
proxy_pass http://fetsitedev:80;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
@@ -253,16 +263,13 @@ server {
ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem;
include snippets/ssl.conf;
# include snippets/header.conf;
include snippets/header.conf;
# include snippets/ldap.conf;
client_max_body_size 1000M;
location / {
proxy_pass http://fetsite6:8001;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
@@ -276,9 +283,6 @@ server {
# deny all;
proxy_pass http://fetsite6:8001;
include snippets/proxy_header.conf;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Authorization "";
proxy_set_header REMOTE_USER $remote_user;
}
@@ -286,3 +290,52 @@ server {
}
server {
listen 443 ssl http2;
server_name test.fet.at;
ssl_certificate /etc/letsencrypt/live/www.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/www.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/header.conf;
client_max_body_size 10M;
location /etherpad {
proxy_pass http://triton20:8001;
include snippets/proxy_header.conf;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'";
}
#location /api {
#return 403 "Contact bofh@fet.at if you really need to access this";
#}
location / {
proxy_pass http://triton20:8001;
include snippets/proxy_header.conf;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'";
}
location /admin {
proxy_pass http://triton20:8001;
include snippets/proxy_header.conf;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'";
}
location /api {
satisfy any;
allow 192.168.86.0/24;
include snippets/ldap.conf;
proxy_pass http://triton20:8001;
include snippets/proxy_header.conf;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'";
}
}