summaryrefslogtreecommitdiff
path: root/etc
diff options
context:
space:
mode:
Diffstat (limited to 'etc')
-rw-r--r--etc/nginx/sites-enabled/api-ssl.site2
-rw-r--r--etc/nginx/sites-enabled/api.site2
-rw-r--r--etc/nginx/sites-enabled/buildbot-ssl.site4
-rw-r--r--etc/nginx/sites-enabled/buildbot.site6
-rw-r--r--etc/nginx/sites-enabled/decentralise-ssl.site2
-rw-r--r--etc/nginx/sites-enabled/decentralise.site2
-rw-r--r--etc/nginx/sites-enabled/default.site4
-rw-r--r--etc/nginx/sites-enabled/demo.site14
-rw-r--r--etc/nginx/sites-enabled/gauger-ssl.site2
-rw-r--r--etc/nginx/sites-enabled/gauger.site2
-rw-r--r--etc/nginx/sites-enabled/git-ssl.site2
-rw-r--r--etc/nginx/sites-enabled/git.site2
-rw-r--r--etc/nginx/sites-enabled/lcov-ssl.site2
-rw-r--r--etc/nginx/sites-enabled/lcov.site2
-rw-r--r--etc/nginx/sites-enabled/sandbox.site4
-rw-r--r--etc/nginx/sites-enabled/test.site14
-rw-r--r--etc/nginx/sites-enabled/trollslayer.site2
-rw-r--r--etc/nginx/sites-enabled/www-ssl.site4
-rw-r--r--etc/nginx/sites-enabled/www.git-ssl.site6
-rw-r--r--etc/nginx/sites-enabled/www.git.site6
-rw-r--r--etc/nginx/sites-enabled/www.site2
21 files changed, 43 insertions, 43 deletions
diff --git a/etc/nginx/sites-enabled/api-ssl.site b/etc/nginx/sites-enabled/api-ssl.site
index 733d4f9..a69a49a 100644
--- a/etc/nginx/sites-enabled/api-ssl.site
+++ b/etc/nginx/sites-enabled/api-ssl.site
@@ -1,5 +1,5 @@
server {
- listen [::]:443 ssl; ## listen for ipv4; this line is default and implied
+ listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/www/api.taler.net/_build/html;
diff --git a/etc/nginx/sites-enabled/api.site b/etc/nginx/sites-enabled/api.site
index 80e3d38..e44b933 100644
--- a/etc/nginx/sites-enabled/api.site
+++ b/etc/nginx/sites-enabled/api.site
@@ -1,5 +1,5 @@
server {
- listen [::]:80; ## listen for ipv4; this line is default and implied
+ listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/www/api.taler.net/_build/html;
diff --git a/etc/nginx/sites-enabled/buildbot-ssl.site b/etc/nginx/sites-enabled/buildbot-ssl.site
index 0b408a5..8a4e278 100644
--- a/etc/nginx/sites-enabled/buildbot-ssl.site
+++ b/etc/nginx/sites-enabled/buildbot-ssl.site
@@ -1,5 +1,5 @@
server {
- listen [::]:443 ssl; ## listen for ipv4; this line is default and implied
+ listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/www/buildbot/;
@@ -25,7 +25,7 @@ server {
error_page 502 /502.html;
location = /502.html {
- root /home/fournier/buildbot;
+ root /home/fournier/buildbot;
}
include conf.d/favicon_robots;
diff --git a/etc/nginx/sites-enabled/buildbot.site b/etc/nginx/sites-enabled/buildbot.site
index fe27d67..5b35564 100644
--- a/etc/nginx/sites-enabled/buildbot.site
+++ b/etc/nginx/sites-enabled/buildbot.site
@@ -1,5 +1,5 @@
server {
- listen [::]:80; ## listen for ipv4; this line is default and implied
+ listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/www/buildbot/;
@@ -16,8 +16,8 @@ server {
error_page 502 /502.html;
location = /502.html {
- root /home/fournier/buildbot;
+ root /home/fournier/buildbot;
}
-
+
include conf.d/favicon_robots;
}
diff --git a/etc/nginx/sites-enabled/decentralise-ssl.site b/etc/nginx/sites-enabled/decentralise-ssl.site
index e30b5fd..fdec3f2 100644
--- a/etc/nginx/sites-enabled/decentralise-ssl.site
+++ b/etc/nginx/sites-enabled/decentralise-ssl.site
@@ -1,5 +1,5 @@
server {
- listen [::]:443 ssl; ## listen for ipv4; this line is default and implied
+ listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/www/decentralise;
diff --git a/etc/nginx/sites-enabled/decentralise.site b/etc/nginx/sites-enabled/decentralise.site
index 055274e..38e60b9 100644
--- a/etc/nginx/sites-enabled/decentralise.site
+++ b/etc/nginx/sites-enabled/decentralise.site
@@ -1,5 +1,5 @@
server {
- listen [::]:80; ## listen for ipv4; this line is default and implied
+ listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/www/decentralise;
diff --git a/etc/nginx/sites-enabled/default.site b/etc/nginx/sites-enabled/default.site
index 0e13406..e636ad0 100644
--- a/etc/nginx/sites-enabled/default.site
+++ b/etc/nginx/sites-enabled/default.site
@@ -1,13 +1,13 @@
# matched when no other server name matches
server {
- listen [::]:80 default_server;
+ listen [::]:80 default_server ipv6only=off;
# server name must simply something invalid ...
server_name _;
# drop connection, special nginx status code
return 444;
}
server {
- listen [::]:443 ssl default_server;
+ listen [::]:443 ssl default_server ipv6only=off;
include conf.d/talerssl;
# server name must simply something invalid ...
server_name _;
diff --git a/etc/nginx/sites-enabled/demo.site b/etc/nginx/sites-enabled/demo.site
index e8e55b7..b673b7e 100644
--- a/etc/nginx/sites-enabled/demo.site
+++ b/etc/nginx/sites-enabled/demo.site
@@ -1,12 +1,12 @@
server {
- listen [::]:80;
+ listen [::]:80 ipv6only=off;
server_name demo.taler.net *.demo.taler.net;
rewrite ^ https://$host$request_uri? permanent;
}
server {
- listen [::]:443 ssl;
+ listen [::]:443 ssl ipv6only=off;
server_name demo.taler.net www.demo.taler.net;
include conf.d/demo.redirects;
include conf.d/talerssl;
@@ -21,7 +21,7 @@ server {
server {
- listen [::]:443 ssl;
+ listen [::]:443 ssl ipv6only=off;
server_name exchange.demo.taler.net;
root /dev/null;
include conf.d/talerssl;
@@ -35,7 +35,7 @@ server {
server {
- listen [::]:443 ssl;
+ listen [::]:443 ssl ipv6only=off;
server_name blog.demo.taler.net;
root /dev/null;
include conf.d/demo.redirects;
@@ -59,7 +59,7 @@ server {
server {
- listen [::]:443 ssl;
+ listen [::]:443 ssl ipv6only=off;
server_name shop.demo.taler.net;
ssi on;
include conf.d/demo.redirects;
@@ -83,7 +83,7 @@ server {
server {
- listen [::]:443 ssl;
+ listen [::]:443 ssl ipv6only=off;
server_name bank.demo.taler.net;
ssi on;
include conf.d/demo.redirects;
@@ -95,7 +95,7 @@ server {
}
location /admin/add/incoming {
- allow 127.0.0.1;
+ allow 127.0.0.1;
allow ::1;
deny all;
}
diff --git a/etc/nginx/sites-enabled/gauger-ssl.site b/etc/nginx/sites-enabled/gauger-ssl.site
index 0e1dcd8..ded6dd2 100644
--- a/etc/nginx/sites-enabled/gauger-ssl.site
+++ b/etc/nginx/sites-enabled/gauger-ssl.site
@@ -1,5 +1,5 @@
server {
- listen [::]:443 ssl; ## listen for ipv4; this line is default and implied
+ listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/www/gauger/;
diff --git a/etc/nginx/sites-enabled/gauger.site b/etc/nginx/sites-enabled/gauger.site
index 2b2782b..d7ddff0 100644
--- a/etc/nginx/sites-enabled/gauger.site
+++ b/etc/nginx/sites-enabled/gauger.site
@@ -1,5 +1,5 @@
server {
- listen [::]:80; ## listen for ipv4; this line is default and implied
+ listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/www/gauger/;
diff --git a/etc/nginx/sites-enabled/git-ssl.site b/etc/nginx/sites-enabled/git-ssl.site
index bbbad09..d7d6ac1 100644
--- a/etc/nginx/sites-enabled/git-ssl.site
+++ b/etc/nginx/sites-enabled/git-ssl.site
@@ -1,5 +1,5 @@
server {
- listen [::]:443 ssl; ## listen for ipv4; this line is default and implied
+ listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/git;
diff --git a/etc/nginx/sites-enabled/git.site b/etc/nginx/sites-enabled/git.site
index 655d317..03c8661 100644
--- a/etc/nginx/sites-enabled/git.site
+++ b/etc/nginx/sites-enabled/git.site
@@ -1,5 +1,5 @@
server {
- listen [::]:80; ## listen for ipv4; this line is default and implied
+ listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/git;
diff --git a/etc/nginx/sites-enabled/lcov-ssl.site b/etc/nginx/sites-enabled/lcov-ssl.site
index b3532a9..819aca8 100644
--- a/etc/nginx/sites-enabled/lcov-ssl.site
+++ b/etc/nginx/sites-enabled/lcov-ssl.site
@@ -1,5 +1,5 @@
server {
- listen [::]:443 ssl; ## listen for ipv4; this line is default and implied
+ listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/www/lcov.taler.net/;
diff --git a/etc/nginx/sites-enabled/lcov.site b/etc/nginx/sites-enabled/lcov.site
index 44437d0..2e21750 100644
--- a/etc/nginx/sites-enabled/lcov.site
+++ b/etc/nginx/sites-enabled/lcov.site
@@ -1,5 +1,5 @@
server {
- listen [::]:80; ## listen for ipv4; this line is default and implied
+ listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/www/lcov.taler.net/;
diff --git a/etc/nginx/sites-enabled/sandbox.site b/etc/nginx/sites-enabled/sandbox.site
index 3a89301..997d443 100644
--- a/etc/nginx/sites-enabled/sandbox.site
+++ b/etc/nginx/sites-enabled/sandbox.site
@@ -1,11 +1,11 @@
server {
- listen [::]:80;
+ listen [::]:80 ipv6only=off;
server_name sandbox.taler.net *.sandbox.taler.net;
rewrite ^ https://$host$request_uri? permanent;
}
server {
- listen [::]:443 ssl;
+ listen [::]:443 ssl ipv6only=off;
server_name sandbox.taler.net;
include conf.d/talerssl;
diff --git a/etc/nginx/sites-enabled/test.site b/etc/nginx/sites-enabled/test.site
index ded6abb..f84a3c6 100644
--- a/etc/nginx/sites-enabled/test.site
+++ b/etc/nginx/sites-enabled/test.site
@@ -1,12 +1,12 @@
server {
- listen [::]:80;
+ listen [::]:80 ipv6only=off;
server_name test.taler.net *.test.taler.net;
rewrite ^ https://$host$request_uri? permanent;
}
server {
- listen [::]:443 ssl;
+ listen [::]:443 ssl ipv6only=off;
server_name test.taler.net www.test.taler.net;
root /dev/null;
include conf.d/test.redirects;
@@ -21,7 +21,7 @@ server {
server {
- listen [::]:443 ssl;
+ listen [::]:443 ssl ipv6only=off;
server_name exchange.test.taler.net;
root /dev/null;
include conf.d/talerssl;
@@ -41,7 +41,7 @@ server {
server {
- listen [::]:443 ssl;
+ listen [::]:443 ssl ipv6only=off;
server_name blog.test.taler.net;
root /dev/null;
include conf.d/test.redirects;
@@ -64,7 +64,7 @@ server {
server {
- listen [::]:443 ssl;
+ listen [::]:443 ssl ipv6only=off;
server_name shop.test.taler.net;
ssi on;
include conf.d/test.redirects;
@@ -87,14 +87,14 @@ server {
server {
- listen [::]:443 ssl;
+ listen [::]:443 ssl ipv6only=off;
server_name bank.test.taler.net;
ssi on;
include conf.d/test.redirects;
include conf.d/talerssl;
location /admin/add/incoming {
- allow 127.0.0.1;
+ allow 127.0.0.1;
allow 131.254.145.3;
deny all;
uwsgi_pass unix:/home/test/sockets/bank.uwsgi;
diff --git a/etc/nginx/sites-enabled/trollslayer.site b/etc/nginx/sites-enabled/trollslayer.site
index 5003e78..9a129ef 100644
--- a/etc/nginx/sites-enabled/trollslayer.site
+++ b/etc/nginx/sites-enabled/trollslayer.site
@@ -1,5 +1,5 @@
server {
- listen [::]:80; ## listen for ipv4; this line is default and implied
+ listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/www/trollslayer/;
diff --git a/etc/nginx/sites-enabled/www-ssl.site b/etc/nginx/sites-enabled/www-ssl.site
index 1ccdda8..5fd5f16 100644
--- a/etc/nginx/sites-enabled/www-ssl.site
+++ b/etc/nginx/sites-enabled/www-ssl.site
@@ -1,5 +1,5 @@
server {
- listen [::]:443 ssl; ## listen for ipv4; this line is default and implied
+ listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
@@ -15,7 +15,7 @@ server {
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
add_header Strict-Transport-Security "max-age=63072000; preload";
-
+
location / {
root /var/www/taler.net;
autoindex off;
diff --git a/etc/nginx/sites-enabled/www.git-ssl.site b/etc/nginx/sites-enabled/www.git-ssl.site
index 81b2c41..8ba45d1 100644
--- a/etc/nginx/sites-enabled/www.git-ssl.site
+++ b/etc/nginx/sites-enabled/www.git-ssl.site
@@ -1,10 +1,10 @@
server {
- listen [::]:443 ssl; ## listen for ipv4; this line is default and implied
+ listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
# Make site accessible from http://localhost/
server_name www.git.taler.net;
-
+
ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem;
ssl_prefer_server_ciphers on;
@@ -24,7 +24,7 @@ server {
fastcgi_param GITWEB_CONFIG /etc/gitweb.conf;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
}
-
+
location / {
root /usr/share/gitweb/;
index index.cgi;
diff --git a/etc/nginx/sites-enabled/www.git.site b/etc/nginx/sites-enabled/www.git.site
index 4b3fc3d..8c198f5 100644
--- a/etc/nginx/sites-enabled/www.git.site
+++ b/etc/nginx/sites-enabled/www.git.site
@@ -1,10 +1,10 @@
server {
- listen [::]:80; ## listen for ipv4; this line is default and implied
+ listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
# Make site accessible from http://localhost/
server_name www.git.taler.net;
-
+
location /index.cgi {
root /usr/share/gitweb/;
@@ -15,7 +15,7 @@ server {
fastcgi_param GITWEB_CONFIG /etc/gitweb.conf;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
}
-
+
location / {
root /usr/share/gitweb/;
index index.cgi;
diff --git a/etc/nginx/sites-enabled/www.site b/etc/nginx/sites-enabled/www.site
index 19871af..db3407a 100644
--- a/etc/nginx/sites-enabled/www.site
+++ b/etc/nginx/sites-enabled/www.site
@@ -1,5 +1,5 @@
server {
- listen [::]:80; ## listen for ipv4; this line is default and implied
+ listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied
# listen [::]:80 default_server ipv6only=on; ## listen for ipv6
root /var/www/taler.net;
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-01 22:31:51 +0000