bofh/nginx_sites
9
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Simplify letsencrypt

Browse Source
This commit is contained in:
root
2018-03-29 16:13:38 +02:00
parent 3cb8e7ad71
commit d592a40806
18 changed files with 83 additions and 188 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
fachschaften.at/crawler.conf
View File

@@ -3,13 +3,7 @@ server {
listen 80;
server_name www.crawler.fachschaften.at crawler.fachschaften.at;
location /.well-known {
root /srv/pxy/fachschaften;
allow all;
}
location / {
return 301 https://$host$request_uri;
}
include snippets/letsencrypt.conf;
}
server {
@@ -19,7 +13,6 @@ server {
ssl_certificate /etc/letsencrypt/live/www.fachschaften.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.fachschaften.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/www.fachschaften.at/chain.pem;
include snippets/ssl.conf;
location /sections {

17
fachschaften.at/default.conf
View File

@@ -3,12 +3,11 @@ server {
listen 80;
server_name www.fachschaften.at fachschaften.at;
location /.well-known {
root /srv/pxy/fachschaften;
allow all;
}
location / {
return 301 https://$host$request_uri;
include snippets/letsencrypt.conf;
location = /google07a86d8e121467dc.html {
rewrite ^/(.*) $1;
return 200 "google-site-verification: $uri";
}
}
@@ -19,16 +18,12 @@ server {
ssl_certificate /etc/letsencrypt/live/www.fachschaften.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.fachschaften.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/www.fachschaften.at/chain.pem;
include snippets/ssl.conf;
location / {
try_files $uri @pxy;
}
location = / {
return 301 https://$host/articles;
}
location @pxy {
location / {
proxy_pass http://fachschaften.local:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;

17
fet.at/alt.conf
View File

@@ -1,25 +1,27 @@
# -*-nginx-*-
server {
listen 80;
server_name alt.triton.fet.at www.alt.triton.fet.at glonass.htu.tuwien.ac.at alt.fet.at www.alt.fet.at 128.131.95.212;
server_name glonass.htu.tuwien.ac.at 128.131.95.212;
location /.well-known {
root /srv/pxy/alt/;
allow all;
}
location / {
return 301 https://www.alt.fet.at$request_uri;
}
}
server {
listen 80;
server_name alt.triton.fet.at www.alt.triton.fet.at alt.fet.at www.alt.fet.at;
include snippets/letsencrypt.conf;
}
server {
listen 443 ssl http2;
server_name alt.triton.fet.at www.alt.triton.fet.at glonass.htu.tuwien.ac.at alt.fet.at;
server_name alt.triton.fet.at www.alt.triton.fet.at alt.fet.at;
ssl_certificate /etc/letsencrypt/live/www.alt.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.alt.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/www.alt.fet.at/chain.pem;
include snippets/ssl.conf;
location / {
@@ -34,7 +36,6 @@ server {
ssl_certificate /etc/letsencrypt/live/www.alt.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.alt.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/www.alt.fet.at/chain.pem;
include snippets/ssl.conf;
location = / {

13
fet.at/cloud.conf
View File

@@ -3,13 +3,7 @@ server {
listen 80;
server_name www.cloud.fet.at cloud.fet.at;
location /.well-known {
root /srv/pxy/cloud2;
allow all;
}
location / {
return 301 https://$host$request_uri;
}
include snippets/letsencrypt.conf;
}
server {
@@ -19,8 +13,8 @@ server {
ssl_certificate /etc/letsencrypt/live/www.cloud.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.cloud.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/www.cloud.fet.at/chain.pem;
include snippets/ssl.conf;
# include snippets/ldap.conf;
client_max_body_size 4000M;
@@ -30,9 +24,6 @@ server {
index index.php;
location / {
try_files $uri @pxy;
}
location @pxy {
proxy_pass http://192.168.95.22;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;

20
fet.at/default.conf
View File

@@ -3,13 +3,7 @@ server {
listen 80;
server_name fet.at 128.131.95.208;
location /.well-known {
root /srv/pxy/fet.at;
allow all;
}
location / {
return 301 https://$host$request_uri;
}
include snippets/letsencrypt.conf;
}
server {
@@ -19,7 +13,6 @@ server {
ssl_certificate /etc/letsencrypt/live/fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/fet.at/chain.pem;
include snippets/ssl.conf;
location / {
@@ -31,20 +24,15 @@ server {
listen 80;
server_name www.fet.at;
include snippets/letsencrypt.conf;
client_max_body_size 50M;
location /.well-known {
root /srv/pxy/fet.at;
allow all;
}
location /etherpad {
proxy_pass http://192.168.95.11:3333;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
@@ -54,8 +42,8 @@ server {
ssl_certificate /etc/letsencrypt/live/www.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/www.fet.at/chain.pem;
include snippets/ssl.conf;
# include snippets/ldap.conf;
client_max_body_size 50M;

10
fet.at/git.conf
View File

@@ -3,13 +3,7 @@ server {
listen 80;
server_name git.fet.at;
location /.well-known {
root /srv/pxy/git;
allow all;
}
location / {
return 301 https://$host$request_uri;
}
include snippets/letsencrypt.conf;
}
server {
@@ -19,8 +13,8 @@ server {
ssl_certificate /etc/letsencrypt/live/git.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/git.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/git.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/header.conf;
location / {

11
fet.at/mail.conf
View File

@@ -3,13 +3,7 @@ server {
listen 80;
server_name www.mail.fet.at mail.fet.at fet.htu.tuwien.ac.at;
location /.well-known {
root /srv/pxy/mail.fet.at;
allow all;
}
location / {
return 301 https://$host$request_uri;
}
include snippets/letsencrypt.conf;
}
server {
@@ -19,8 +13,8 @@ server {
ssl_certificate /etc/letsencrypt/live/www.mail.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.mail.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/www.mail.fet.at/chain.pem;
include snippets/ssl.conf;
# include snippets/ldap.conf;
location / {
@@ -30,7 +24,6 @@ server {
# proxy_redirect https://mail.fet.at:8000/ https://mail.fet.at:443/;
# proxy_redirect https://$host:8000/ https://$host:443/;
include snippets/proxy_header.conf;
# index index.html;
}
location /http {
index index.html;

1
management.conf
View File

@@ -2,6 +2,7 @@
server {
listen 8080;
server_name default;
location / {
include uwsgi_params;
uwsgi_pass unix:/srv/run/management.sock;

12
meinetu.at.conf
View File

@@ -3,24 +3,18 @@ server {
listen 80;
server_name meinetu.at www.meinetu.at;
location /.well-known {
root /srv/welcome;
allow all;
}
location / {
return 301 https://$host$request_uri;
}
include snippets/letsencrypt.conf;
}
server {
listen 443 ssl;
listen 443 ssl http2;
server_name meinetu.at www.meinetu.at;
ssl_certificate /etc/letsencrypt/live/triton.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/triton.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/triton.fet.at/chain.pem;
include snippets/ssl.conf;
# include snippets/ldap.conf
root /srv/meinetu;

21
triton.fet.at/git.conf
View File

@@ -3,13 +3,7 @@ server {
listen 80;
server_name www.git.triton.fet.at git.triton.fet.at;
location /.well-known {
root /srv/welcome;
allow all;
}
location /{
return 301 https://$host$request_uri;
}
include snippets/letsencrypt.conf;
}
server {
@@ -19,7 +13,6 @@ server {
ssl_certificate /etc/letsencrypt/live/triton.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/triton.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/triton.fet.at/chain.pem;
include snippets/ssl.conf;
# satisfy any;
@@ -27,8 +20,7 @@ server {
# allow 127.0.0.1;
# deny all;
#
# auth_ldap "FET Login";
# auth_ldap_servers fet;
# include snippets/ldap.conf;
access_log logs/git.triton.access.log;
location = / {
@@ -68,10 +60,11 @@ server {
root /mnt/git_repo/;
}
location ~ ^.*\.git/(HEAD|info/refs|objects/info/.*|git-(upload|receive)-pack)$ {
# satisfy any;
# allow 192.168.95.0/24;
# allow 127.0.0.1;
# deny all;
satisfy any;
allow 192.168.95.0/24;
allow 127.0.0.1;
deny all;
include snippets/ldap.conf;
root /mnt/git_repo/git/;

10
triton.fet.at/intern.conf
View File

@@ -3,13 +3,7 @@ server {
listen 80;
server_name intern.triton.fet.at www.intern.triton.fet.at;
location /.well-known {
root /srv/welcome;
allow all;
}
location / {
return 301 https://$host$request_uri;
}
include snippets/letsencrypt.conf;
}
server {
@@ -19,8 +13,8 @@ server {
ssl_certificate /etc/letsencrypt/live/triton.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/triton.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/triton.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/ldap.conf;
auth_basic "Alternative Login";
auth_basic_user_file /srv/auth/.basic_user;

21
triton.fet.at/onetufree.conf
View File

@@ -3,12 +3,11 @@ server {
listen 80;
server_name onetufree.at;
location /.well-known {
root /srv/pxy/onetufree;
allow all;
}
location / {
return 302 https://www.onetufree.at$request_uri;
include snippets/letsencrypt.conf;
location = /google07a86d8e121467dc.html {
rewrite ^/(.*) $1;
return 200 "google-site-verification: $uri";
}
}
@@ -19,7 +18,6 @@ server {
ssl_certificate /etc/letsencrypt/live/www.onetufree.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.onetufree.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/www.onetufree.at/chain.pem;
include snippets/ssl.conf;
location / {
@@ -31,13 +29,7 @@ server {
listen 80;
server_name www.onetufree.at;
location /.well-known {
root /srv/pxy/onetufree;
allow all;
}
location / {
return 301 https://$host$request_uri;
}
include snippets/letsencrypt.conf;
}
upstream triamp {
@@ -51,7 +43,6 @@ server {
ssl_certificate /etc/letsencrypt/live/www.onetufree.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.onetufree.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/www.onetufree.at/chain.pem;
include snippets/ssl.conf;
# include snippets/ldap.conf;

12
triton.fet.at/sql.triton.fet.at.conf
View File

@@ -7,24 +7,18 @@ server {
listen 80;
server_name sql.triton.fet.at www.sql.triton.fet.at;
location /.well-known {
root /srv/pxy/wptriton;
allow all;
}
location / {
return 301 https://$host$request_uri;
}
include snippets/letsencrypt.conf;
}
server {
listen 443 ssl;
listen 443 ssl http2;
server_name sql.triton.fet.at www.sql.triton.fet.at;
ssl_certificate /etc/letsencrypt/live/triton.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/triton.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/triton.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/ldap.conf;
location / {

32
triton.fet.at/testrby.conf
View File

@@ -1,44 +1,41 @@
# -*-nginx-*-
server {
server_name testrby.triton.fet.at;
listen 80;
listen 443 ssl;
server_name testrby.triton.fet.at;
include snippets/letsencrypt.conf;
}
server {
listen 443 ssl http2;
server_name testrby.triton.fet.at;
ssl_certificate /etc/letsencrypt/live/testrby.triton.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/testrby.triton.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/testrby.triton.fet.at/chain.pem;
include snippets/ssl.conf;
location /.well-known {
root /srv/pxy/testrby;
allow all;
}
location / {
return 302 https://www.testrby.triton.fet.at$request_uri;
}
}
server {
server_name www.testrby.triton.fet.at;
listen 80;
location /.well-known {
root /srv/pxy/testrby;
allow all;
}
location / {
return 301 https://$host$request_uri;
}
server_name www.testrby.triton.fet.at;
include snippets/letsencrypt.conf;
}
server {
server_name www.testrby.triton.fet.at;
listen 443 ssl;
listen 443 ssl http2;
ssl_certificate /etc/letsencrypt/live/testrby.triton.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/testrby.triton.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/testrby.triton.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/ldap.conf;
location / {
@@ -59,4 +56,3 @@ server {
proxy_set_header X-Real-IP $remote_addr;
}
}

31
triton.fet.at/testrbyandi.conf
View File

@@ -1,44 +1,41 @@
# -*-nginx-*-
server {
server_name testrbyandi.triton.fet.at;
listen 80;
listen 443 ssl;
server_name testrbyandi.triton.fet.at;
include snippets/letsencrypt.conf;
}
server {
listen 443 ssl http2;
server_name testrbyandi.triton.fet.at;
ssl_certificate /etc/letsencrypt/live/testrby.triton.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/testrby.triton.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/testrby.triton.fet.at/chain.pem;
include snippets/ssl.conf;
location /.well-known {
root /srv/pxy/testrby;
allow all;
}
location / {
return 302 https://www.testrbyandi.trition.fet.at$request_uri;
}
}
server {
server_name www.testrbyandi.triton.fet.at;
listen 80;
server_name www.testrbyandi.triton.fet.at;
location /.well-known {
root /srv/pxy/testrby;
allow all;
}
location / {
return 301 https://$host$request_uri;
}
include snippets/letsencrypt.conf;
}
server {
listen 443 ssl http2;
server_name www.testrbyandi.triton.fet.at;
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/testrby.triton.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/testrby.triton.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/testrby.triton.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/ldap.conf;
location / {

10
triton.fet.at/welcome.conf
View File

@@ -5,13 +5,7 @@ server {
listen 80;
server_name triton.fet.at www.triton.fet.at triton.local;
location /.well-known {
root /srv/welcome;
allow all;
}
location / {
return 301 https://$host$request_uri;
}
include snippets/letsencrypt.conf;
}
server {
@@ -21,8 +15,8 @@ server {
ssl_certificate /etc/letsencrypt/live/triton.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/triton.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/triton.fet.at/chain.pem;
include snippets/ssl.conf;
include snippets/ldap.conf;
root /srv/welcome/build;

9
triton.fet.at/wp.conf
View File

@@ -3,13 +3,7 @@ server {
listen 80;
server_name wp.triton.fet.at;
location /.well-known {
root /srv/welcome;
allow all;
}
location / {
return 302 https://www.onetufree.at$request_uri;
}
include snippets/letsencrypt.conf;
}
server {
@@ -19,7 +13,6 @@ server {
ssl_certificate /etc/letsencrypt/live/wp.triton.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/wp.triton.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/wp.triton.fet.at/chain.pem;
include snippets/ssl.conf;
location / {

9
triton.fet.at/wp2.conf
View File

@@ -3,13 +3,7 @@ server {
listen 80;
server_name wp2.triton.fet.at www.wp2.triton.fet.at;
location /.well-known {
root /srv/welcome;
allow all;
}
location / {
return 301 https://$host$request_uri;
}
include snippets/letsencrypt.conf;
}
upstream triamp2 {
@@ -23,7 +17,6 @@ server {
ssl_certificate /etc/letsencrypt/live/wp.triton.fet.at/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/wp.triton.fet.at/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/wp.triton.fet.at/chain.pem;
include snippets/ssl.conf;
satisfy any;