# -*-nginx-*-
# Beschreibung: Dies ist ein fallback falls kein sonstiger Server gewaehlt wurde. Im geschuetzten Bereich befinden sich Infos zur Konfiguration!

server {
    listen 80;
    server_name triton.fet.at www.triton.fet.at triton.local;

    include snippets/letsencrypt.conf;
}
server {
    listen 80;

    server_name confrancher.triton.fet.at;
#    deny all;
#    satisfy any;
    allow 192.168.86.0/24;
#        allow 128.130.95.206;
#        allow 128.130.95.200;

    root /var/www/rancher;
        index index.html;

}




server {
    listen 80;
    server_name www.rancher.fet.at rancher.fet.at *.rancher.fet.at;

    client_max_body_size 1000M;


    location / {

        include snippets/ldap.conf;
        proxy_pass http://rancher:80;
        include snippets/proxy_header.conf;
    }

location /.well-known/ {
    default_type "text/plain";
    root /var/www/html;
}
location = /.well-known/acme-challenge/ {
    return 404;
}

 #   include snippets/letsencrypt.conf;

}

server {
    listen 443 ssl http2;
    server_name www.rancher.fet.at rancher.fet.at *.rancher.fet.at;

    ssl_certificate /etc/letsencrypt/live/triton2.fet.at/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/triton2.fet.at/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/triton2.fet.at/chain.pem;
    include snippets/ssl.conf;
    include snippets/header.conf;

    client_max_body_size 1000M;

    location / {

        #include snippets/ldap.conf;
        proxy_pass https://rancher:443;
        include snippets/proxy_header.conf;
    }
}

server {
    listen 443 ssl http2;
    server_name proxy.rancher.fet.at;

    ssl_certificate /etc/letsencrypt/live/2020.fet.at/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/2020.fet.at/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/2020.fet.at/chain.pem;
    include snippets/ssl.conf;
    include snippets/header.conf;

    client_max_body_size 1000M;
    location / {

       #include snippets/ldap.conf;
        proxy_pass http://rancher:81;
        include snippets/proxy_header.conf;

#        proxy_set_header Authorization "";
#        proxy_set_header REMOTE_USER $remote_user;
    }
}



server {
    listen 443 ssl http2;
    server_name triton.fet.at www.triton.fet.at triton.local;

    ssl_certificate /etc/letsencrypt/live/triton.fet.at/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/triton.fet.at/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/triton.fet.at/chain.pem;
    include snippets/ssl.conf;

    include snippets/ldap.conf;

    root /srv/welcome/build;
    location / {
        ssi on;
        index index.html;
    }
    location /conf {
        rewrite ^/conf/(.*)$ /$1 break;
        proxy_pass http://localhost:8080;
    }
    location /doc {
        return 301 https://intern.triton.fet.at$request_uri;
        # include uwsgi_params;
        # uwsgi_pass unix:/srv/run/intern.sock;
        # sub_filter triton.fet.at/ triton.fet.at/doc/;
        # rewrite ^/doc/(.*)$ /$1 break;
        # proxy_pass http://localhost:8081;
    }
}