mirror of https://git.envs.net/envs/ops.git
update some outdated configs
Signed-off-by: creme <creme@envs.net>
This commit is contained in:
parent
0c83234050
commit
93625b57a8
|
@ -0,0 +1,38 @@
|
|||
server {
|
||||
include snippets/listen.conf;
|
||||
server_name fed.envs.net federationtester.envs.net;
|
||||
|
||||
location / {
|
||||
return 302 https://$host$request_uri;
|
||||
}
|
||||
|
||||
location /.well-known/acme-challenge/ {
|
||||
alias /var/lib/letsencrypt/.well-known/acme-challenge/;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
server_name fed.envs.net federationtester.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
|
||||
root /var/www/fed.envs.net/;
|
||||
index index.html;
|
||||
|
||||
location / {
|
||||
rewrite ^ /index.html break;
|
||||
}
|
||||
|
||||
location /api {
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_pass http://localhost:8089;
|
||||
}
|
||||
|
||||
location ~ ^/([^/]+?)(.json)?$ {
|
||||
return 302 https://$host/api/report?server_name=$1;
|
||||
}
|
||||
}
|
|
@ -0,0 +1 @@
|
|||
/etc/nginx/sites-available/fed.envs.net.conf
|
|
@ -8,3 +8,6 @@ if (!-f $request_filename) {
|
|||
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
|
||||
fastcgi_connect_timeout 3600;
|
||||
fastcgi_send_timeout 3600;
|
||||
fastcgi_read_timeout 3600;
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_ecdh_curve X25519:secp521r1:secp384r1:prime256v1;
|
||||
ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384';
|
||||
ssl_prefer_server_ciphers off;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
/etc/nginx/user-sites-available/cosmicice.cat.conf
|
|
@ -6,16 +6,18 @@ After=network-online.target
|
|||
Type=simple
|
||||
Restart=always
|
||||
RestartSec=5
|
||||
User=jetforce
|
||||
Group=jetforce
|
||||
Environment="PYTHONUNBUFFERED=1"
|
||||
ExecStart=/usr/local/bin/jetforce \
|
||||
--host 89.163.145.170 \
|
||||
--port 1965 \
|
||||
--hostname envs.net \
|
||||
--dir /var/gemini \
|
||||
--tls-certfile /etc/letsencrypt/live/envs.net/fullchain.pem \
|
||||
--tls-keyfile /etc/letsencrypt/live/envs.net/privkey.pem \
|
||||
--tls-cafile /etc/letsencrypt/live/envs.net/chain.pem \
|
||||
--tls-capath /etc/letsencrypt/archive/envs.net/
|
||||
--tls-certfile /srv/jetforce/ssl/fullchain.pem \
|
||||
--tls-keyfile /srv/jetforce/ssl/privkey.pem \
|
||||
--tls-cafile /srv/jetforce/ssl/chain.pem \
|
||||
--tls-capath /srv/jetforce/ssl/
|
||||
|
||||
[Install]
|
||||
WantedBy=default.target
|
||||
|
|
Loading…
Reference in New Issue