# -*-nginx-*-

server	{
    listen		80;
    server_name intern.triton.fet.at www.intern.triton.fet.at;

    location /.well-known {
        root	/srv/welcome;  
	allow all;
    }
    location / {
        return 301 https://$host$request_uri;
    }
}

server {
    listen 443 ssl;
    #listen 8081;
    server_name intern.triton.fet.at www.intern.triton.fet.at;
    ssl_certificate /etc/letsencrypt/live/triton.fet.at/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/triton.fet.at/privkey.pem;
    satisfy any;
    auth_ldap "FET Login";
    auth_ldap_servers fet;
    auth_basic "Alternative Login";
    auth_basic_user_file /srv/auth/.basic_user;
    location / {
        include uwsgi_params;
        uwsgi_pass unix:/srv/run/intern.sock;
    }
    location = / {
        return 301 https://$host/index;
        }
    location /.well-known {
    root /srv/welcome;
	allow all;
    }

}