Improve config
This commit is contained in:
root
55
nginx.conf
55
nginx.conf
@@ -1,19 +1,17 @@
|
||||
# -*-nginx-*-
|
||||
user www-data;
|
||||
worker_processes 1;
|
||||
worker_processes auto;
|
||||
|
||||
#error_log logs/error.log;
|
||||
error_log logs/error.log;
|
||||
#error_log logs/error.log notice;
|
||||
#error_log logs/error.log info;
|
||||
|
||||
#pid logs/nginx.pid;
|
||||
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
|
||||
http {
|
||||
include mime.types;
|
||||
default_type application/octet-stream;
|
||||
@@ -27,44 +25,12 @@ http {
|
||||
sendfile on;
|
||||
#tcp_nopush on;
|
||||
|
||||
#keepalive_timeout 0;
|
||||
keepalive_timeout 65;
|
||||
|
||||
#gzip on;
|
||||
|
||||
# another virtual host using mix of IP-, name-, and port-based configuration
|
||||
#
|
||||
#server {
|
||||
# listen 8000;
|
||||
# listen somename:8080;
|
||||
# server_name somename alias another.alias;
|
||||
# location / {
|
||||
# root html;
|
||||
# index index.html index.htm;
|
||||
# }
|
||||
#}
|
||||
|
||||
|
||||
# HTTPS server
|
||||
#
|
||||
#server {
|
||||
# listen 443 ssl;
|
||||
# server_name localhost;
|
||||
|
||||
# ssl_certificate cert.pem;
|
||||
# ssl_certificate_key cert.key;
|
||||
|
||||
# ssl_session_cache shared:SSL:1m;
|
||||
# ssl_session_timeout 5m;
|
||||
|
||||
# ssl_ciphers HIGH:!aNULL:!MD5;
|
||||
# ssl_prefer_server_ciphers on;
|
||||
|
||||
# location / {
|
||||
# root html;
|
||||
# index index.html index.htm;
|
||||
# }
|
||||
#}
|
||||
server_tokens off;
|
||||
more_clear_headers Server;
|
||||
|
||||
include /usr/local/nginx/conf/nginx_ldap.conf;
|
||||
include /usr/local/nginx/conf/sites-enabled/*.conf;
|
||||
@@ -75,14 +41,19 @@ http {
|
||||
server {
|
||||
listen 80 default_server;
|
||||
server_name "";# 128.131.95.208;
|
||||
return 503;
|
||||
return 302 https://triton.fet.at;
|
||||
}
|
||||
server {
|
||||
listen 443 default_server;
|
||||
listen 443 ssl http2 default_server;
|
||||
server_name "";# 128.131.95.208;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/triton.fet.at/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/triton.fet.at/privkey.pem;
|
||||
return 503;# http://$host$request_uri; #444
|
||||
}
|
||||
ssl_trusted_certificate /etc/letsencrypt/live/triton.fet.at/chain.pem;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
|
||||
# return 503;# http://$host$request_uri; #444
|
||||
return 302 https://triton.fet.at;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,8 +2,6 @@
|
||||
auth_ldap_cache_enabled on;
|
||||
|
||||
ldap_server fet {
|
||||
url ldap://192.168.86.18:389/ou=user,dc=fet,dc=htu,dc=tuwien,dc=ac,dc=at?uid?sub?(objectClass=person); # gagarin
|
||||
binddn 'uid=pschlechter,ou=user,dc=fet,dc=htu,dc=tuwien,dc=ac,dc=at';
|
||||
binddn_passwd '4vDB_JcaE7kR';
|
||||
url ldap://gagarin:389/ou=user,dc=fet,dc=htu,dc=tuwien,dc=ac,dc=at?uid?sub?(objectClass=person);
|
||||
require valid_user;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user