# -*-nginx-*- server { listen 80; server_name *.2020.fet.at; include snippets/letsencrypt.conf; # root /var/www/html # return 301 https://$host$request_uri; } server { listen 443 ssl http2; server_name docker.2020.fet.at; ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem; include snippets/ssl.conf; include snippets/header.conf; include snippets/ldap.conf; client_max_body_size 100M; location / { proxy_pass http://fetsite4:9000; include snippets/proxy_header.conf; } } server { listen 443 ssl http2; server_name solr.2020.fet.at; ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem; include snippets/ssl.conf; include snippets/header.conf; include snippets/ldap.conf; client_max_body_size 100M; location / { proxy_pass http://fetsitedev:8980; include snippets/proxy_header.conf; } } server { listen 443 ssl http2; server_name bot.2020.fet.at; ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem; include snippets/ssl.conf; # include snippets/header.conf; client_max_body_size 100M; location / { include snippets/ldap.conf; proxy_pass http://fetsitedev:5000; include snippets/proxy_header.conf; proxy_set_header REMOTE_USER $remote_user; } location /income { proxy_pass http://fetsitedev:5000; include snippets/proxy_header.conf; } } server { listen 443 ssl http2; server_name uat1.2020.fet.at; ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem; include snippets/ssl.conf; client_max_body_size 100M; location / { include snippets/header.conf; #include snippets/ldap.conf; proxy_pass http://fetsite4:8001; include snippets/proxy_header.conf; } location /api { # deny all; # allow 192.168.86.1/24; # allow 128.130.95.200; proxy_pass http://fetsite4:8001; include snippets/proxy_header.conf; } } server { listen 443 ssl http2; server_name etherpad2.2020.fet.at; ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem; include snippets/ssl.conf; # include snippets/header.conf; # include snippets/ldap.conf; client_max_body_size 1000M; location / { proxy_pass http://fetsitedev:80; include snippets/proxy_header.conf; } } server { listen 443 ssl http2; server_name dev.2020.fet.at; ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem; include snippets/ssl.conf; # include snippets/header.conf; client_max_body_size 1000M; location / { # include snippets/header.conf; include snippets/ldap.conf; proxy_pass http://fetsitedev:80; include snippets/proxy_header.conf; proxy_set_header Authorization ""; proxy_set_header REMOTE_USER $remote_user; } } server { listen 443 ssl http2; server_name design2.2020.fet.at; ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem; include snippets/ssl.conf; include snippets/header.conf; client_max_body_size 1000M; location / { include snippets/header.conf; include snippets/ldap.conf; proxy_pass http://fetsitedev:8103; include snippets/proxy_header.conf; proxy_set_header Authorization ""; proxy_set_header REMOTE_USER $remote_user; } } server { listen 443 ssl http2; server_name *.2020.fet.at; ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem; include snippets/ssl.conf; include snippets/header.conf; client_max_body_size 1000M; location / { include snippets/header.conf; include snippets/ldap.conf; proxy_pass http://fetsitedev:80; include snippets/proxy_header.conf; proxy_set_header Authorization ""; proxy_set_header REMOTE_USER $remote_user; } location /api { satisfy any; allow 192.168.86.0/24; allow 128.130.95.206; allow 128.130.95.200; include snippets/ldap.conf; # deny all; proxy_pass http://fetsitedev:80; include snippets/proxy_header.conf; proxy_set_header Authorization ""; proxy_set_header REMOTE_USER $remote_user; } location /dev { satisfy any; allow 192.168.86.0/24; allow 128.130.95.206; allow 128.130.95.200; include snippets/ldap.conf; # deny all; proxy_pass http://fetsitedev:80; include snippets/proxy_header.conf; proxy_set_header Authorization ""; proxy_set_header REMOTE_USER $remote_user; } } server { listen 443 ssl http2; server_name patrick.2020.fet.at; ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem; include snippets/ssl.conf; client_max_body_size 1000M; location / { include snippets/header.conf; proxy_pass http://fetsitedev:80; include snippets/proxy_header.conf; proxy_set_header Authorization ""; proxy_set_header REMOTE_USER $remote_user; } location /dev { proxy_pass http://fetsitedev:80; include snippets/proxy_header.conf; proxy_set_header Authorization ""; proxy_set_header REMOTE_USER $remote_user; } location /admin { proxy_pass http://fetsitedev:80; include snippets/proxy_header.conf; proxy_set_header Authorization ""; proxy_set_header REMOTE_USER $remote_user; } } server { listen 443 ssl http2; server_name alpha.2020.fet.at; ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem; include snippets/ssl.conf; include snippets/header.conf; # include snippets/ldap.conf; client_max_body_size 1000M; location / { proxy_pass http://fetsite6:8001; include snippets/proxy_header.conf; proxy_set_header Authorization ""; proxy_set_header REMOTE_USER $remote_user; } location /api { satisfy any; allow 192.168.86.0/24; allow 128.130.95.206; allow 128.130.95.200; include snippets/ldap.conf; # deny all; proxy_pass http://fetsite6:8001; include snippets/proxy_header.conf; proxy_set_header Authorization ""; proxy_set_header REMOTE_USER $remote_user; } } server { listen 443 ssl http2; server_name test.fet.at; ssl_certificate /etc/letsencrypt/live/www.fet.at/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.fet.at/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/www.fet.at/chain.pem; include snippets/ssl.conf; include snippets/header.conf; client_max_body_size 10M; location /etherpad { proxy_pass http://triton20:8001; include snippets/proxy_header.conf; add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval'"; } #location /api { #return 403 "Contact bofh@fet.at if you really need to access this"; #} location / { proxy_pass http://triton20:8001; include snippets/proxy_header.conf; add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'"; } location /admin { proxy_pass http://triton20:8001; include snippets/proxy_header.conf; add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'"; } location /api { satisfy any; allow 192.168.86.0/24; include snippets/ldap.conf; proxy_pass http://triton20:8001; include snippets/proxy_header.conf; add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'"; } }