diff options
Diffstat (limited to 'etc')
21 files changed, 43 insertions, 43 deletions
diff --git a/etc/nginx/sites-enabled/api-ssl.site b/etc/nginx/sites-enabled/api-ssl.site index 733d4f9..a69a49a 100644 --- a/etc/nginx/sites-enabled/api-ssl.site +++ b/etc/nginx/sites-enabled/api-ssl.site @@ -1,5 +1,5 @@ server { - listen [::]:443 ssl; ## listen for ipv4; this line is default and implied + listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 root /var/www/api.taler.net/_build/html; diff --git a/etc/nginx/sites-enabled/api.site b/etc/nginx/sites-enabled/api.site index 80e3d38..e44b933 100644 --- a/etc/nginx/sites-enabled/api.site +++ b/etc/nginx/sites-enabled/api.site @@ -1,5 +1,5 @@ server { - listen [::]:80; ## listen for ipv4; this line is default and implied + listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 root /var/www/api.taler.net/_build/html; diff --git a/etc/nginx/sites-enabled/buildbot-ssl.site b/etc/nginx/sites-enabled/buildbot-ssl.site index 0b408a5..8a4e278 100644 --- a/etc/nginx/sites-enabled/buildbot-ssl.site +++ b/etc/nginx/sites-enabled/buildbot-ssl.site @@ -1,5 +1,5 @@ server { - listen [::]:443 ssl; ## listen for ipv4; this line is default and implied + listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 root /var/www/buildbot/; @@ -25,7 +25,7 @@ server { error_page 502 /502.html; location = /502.html { - root /home/fournier/buildbot; + root /home/fournier/buildbot; } include conf.d/favicon_robots; diff --git a/etc/nginx/sites-enabled/buildbot.site b/etc/nginx/sites-enabled/buildbot.site index fe27d67..5b35564 100644 --- a/etc/nginx/sites-enabled/buildbot.site +++ b/etc/nginx/sites-enabled/buildbot.site @@ -1,5 +1,5 @@ server { - listen [::]:80; ## listen for ipv4; this line is default and implied + listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 root /var/www/buildbot/; @@ -16,8 +16,8 @@ server { error_page 502 /502.html; location = /502.html { - root /home/fournier/buildbot; + root /home/fournier/buildbot; } - + include conf.d/favicon_robots; } diff --git a/etc/nginx/sites-enabled/decentralise-ssl.site b/etc/nginx/sites-enabled/decentralise-ssl.site index e30b5fd..fdec3f2 100644 --- a/etc/nginx/sites-enabled/decentralise-ssl.site +++ b/etc/nginx/sites-enabled/decentralise-ssl.site @@ -1,5 +1,5 @@ server { - listen [::]:443 ssl; ## listen for ipv4; this line is default and implied + listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 root /var/www/decentralise; diff --git a/etc/nginx/sites-enabled/decentralise.site b/etc/nginx/sites-enabled/decentralise.site index 055274e..38e60b9 100644 --- a/etc/nginx/sites-enabled/decentralise.site +++ b/etc/nginx/sites-enabled/decentralise.site @@ -1,5 +1,5 @@ server { - listen [::]:80; ## listen for ipv4; this line is default and implied + listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 root /var/www/decentralise; diff --git a/etc/nginx/sites-enabled/default.site b/etc/nginx/sites-enabled/default.site index 0e13406..e636ad0 100644 --- a/etc/nginx/sites-enabled/default.site +++ b/etc/nginx/sites-enabled/default.site @@ -1,13 +1,13 @@ # matched when no other server name matches server { - listen [::]:80 default_server; + listen [::]:80 default_server ipv6only=off; # server name must simply something invalid ... server_name _; # drop connection, special nginx status code return 444; } server { - listen [::]:443 ssl default_server; + listen [::]:443 ssl default_server ipv6only=off; include conf.d/talerssl; # server name must simply something invalid ... server_name _; diff --git a/etc/nginx/sites-enabled/demo.site b/etc/nginx/sites-enabled/demo.site index e8e55b7..b673b7e 100644 --- a/etc/nginx/sites-enabled/demo.site +++ b/etc/nginx/sites-enabled/demo.site @@ -1,12 +1,12 @@ server { - listen [::]:80; + listen [::]:80 ipv6only=off; server_name demo.taler.net *.demo.taler.net; rewrite ^ https://$host$request_uri? permanent; } server { - listen [::]:443 ssl; + listen [::]:443 ssl ipv6only=off; server_name demo.taler.net www.demo.taler.net; include conf.d/demo.redirects; include conf.d/talerssl; @@ -21,7 +21,7 @@ server { server { - listen [::]:443 ssl; + listen [::]:443 ssl ipv6only=off; server_name exchange.demo.taler.net; root /dev/null; include conf.d/talerssl; @@ -35,7 +35,7 @@ server { server { - listen [::]:443 ssl; + listen [::]:443 ssl ipv6only=off; server_name blog.demo.taler.net; root /dev/null; include conf.d/demo.redirects; @@ -59,7 +59,7 @@ server { server { - listen [::]:443 ssl; + listen [::]:443 ssl ipv6only=off; server_name shop.demo.taler.net; ssi on; include conf.d/demo.redirects; @@ -83,7 +83,7 @@ server { server { - listen [::]:443 ssl; + listen [::]:443 ssl ipv6only=off; server_name bank.demo.taler.net; ssi on; include conf.d/demo.redirects; @@ -95,7 +95,7 @@ server { } location /admin/add/incoming { - allow 127.0.0.1; + allow 127.0.0.1; allow ::1; deny all; } diff --git a/etc/nginx/sites-enabled/gauger-ssl.site b/etc/nginx/sites-enabled/gauger-ssl.site index 0e1dcd8..ded6dd2 100644 --- a/etc/nginx/sites-enabled/gauger-ssl.site +++ b/etc/nginx/sites-enabled/gauger-ssl.site @@ -1,5 +1,5 @@ server { - listen [::]:443 ssl; ## listen for ipv4; this line is default and implied + listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 root /var/www/gauger/; diff --git a/etc/nginx/sites-enabled/gauger.site b/etc/nginx/sites-enabled/gauger.site index 2b2782b..d7ddff0 100644 --- a/etc/nginx/sites-enabled/gauger.site +++ b/etc/nginx/sites-enabled/gauger.site @@ -1,5 +1,5 @@ server { - listen [::]:80; ## listen for ipv4; this line is default and implied + listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 root /var/www/gauger/; diff --git a/etc/nginx/sites-enabled/git-ssl.site b/etc/nginx/sites-enabled/git-ssl.site index bbbad09..d7d6ac1 100644 --- a/etc/nginx/sites-enabled/git-ssl.site +++ b/etc/nginx/sites-enabled/git-ssl.site @@ -1,5 +1,5 @@ server { - listen [::]:443 ssl; ## listen for ipv4; this line is default and implied + listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 root /var/git; diff --git a/etc/nginx/sites-enabled/git.site b/etc/nginx/sites-enabled/git.site index 655d317..03c8661 100644 --- a/etc/nginx/sites-enabled/git.site +++ b/etc/nginx/sites-enabled/git.site @@ -1,5 +1,5 @@ server { - listen [::]:80; ## listen for ipv4; this line is default and implied + listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 root /var/git; diff --git a/etc/nginx/sites-enabled/lcov-ssl.site b/etc/nginx/sites-enabled/lcov-ssl.site index b3532a9..819aca8 100644 --- a/etc/nginx/sites-enabled/lcov-ssl.site +++ b/etc/nginx/sites-enabled/lcov-ssl.site @@ -1,5 +1,5 @@ server { - listen [::]:443 ssl; ## listen for ipv4; this line is default and implied + listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 root /var/www/lcov.taler.net/; diff --git a/etc/nginx/sites-enabled/lcov.site b/etc/nginx/sites-enabled/lcov.site index 44437d0..2e21750 100644 --- a/etc/nginx/sites-enabled/lcov.site +++ b/etc/nginx/sites-enabled/lcov.site @@ -1,5 +1,5 @@ server { - listen [::]:80; ## listen for ipv4; this line is default and implied + listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 root /var/www/lcov.taler.net/; diff --git a/etc/nginx/sites-enabled/sandbox.site b/etc/nginx/sites-enabled/sandbox.site index 3a89301..997d443 100644 --- a/etc/nginx/sites-enabled/sandbox.site +++ b/etc/nginx/sites-enabled/sandbox.site @@ -1,11 +1,11 @@ server { - listen [::]:80; + listen [::]:80 ipv6only=off; server_name sandbox.taler.net *.sandbox.taler.net; rewrite ^ https://$host$request_uri? permanent; } server { - listen [::]:443 ssl; + listen [::]:443 ssl ipv6only=off; server_name sandbox.taler.net; include conf.d/talerssl; diff --git a/etc/nginx/sites-enabled/test.site b/etc/nginx/sites-enabled/test.site index ded6abb..f84a3c6 100644 --- a/etc/nginx/sites-enabled/test.site +++ b/etc/nginx/sites-enabled/test.site @@ -1,12 +1,12 @@ server { - listen [::]:80; + listen [::]:80 ipv6only=off; server_name test.taler.net *.test.taler.net; rewrite ^ https://$host$request_uri? permanent; } server { - listen [::]:443 ssl; + listen [::]:443 ssl ipv6only=off; server_name test.taler.net www.test.taler.net; root /dev/null; include conf.d/test.redirects; @@ -21,7 +21,7 @@ server { server { - listen [::]:443 ssl; + listen [::]:443 ssl ipv6only=off; server_name exchange.test.taler.net; root /dev/null; include conf.d/talerssl; @@ -41,7 +41,7 @@ server { server { - listen [::]:443 ssl; + listen [::]:443 ssl ipv6only=off; server_name blog.test.taler.net; root /dev/null; include conf.d/test.redirects; @@ -64,7 +64,7 @@ server { server { - listen [::]:443 ssl; + listen [::]:443 ssl ipv6only=off; server_name shop.test.taler.net; ssi on; include conf.d/test.redirects; @@ -87,14 +87,14 @@ server { server { - listen [::]:443 ssl; + listen [::]:443 ssl ipv6only=off; server_name bank.test.taler.net; ssi on; include conf.d/test.redirects; include conf.d/talerssl; location /admin/add/incoming { - allow 127.0.0.1; + allow 127.0.0.1; allow 131.254.145.3; deny all; uwsgi_pass unix:/home/test/sockets/bank.uwsgi; diff --git a/etc/nginx/sites-enabled/trollslayer.site b/etc/nginx/sites-enabled/trollslayer.site index 5003e78..9a129ef 100644 --- a/etc/nginx/sites-enabled/trollslayer.site +++ b/etc/nginx/sites-enabled/trollslayer.site @@ -1,5 +1,5 @@ server { - listen [::]:80; ## listen for ipv4; this line is default and implied + listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 root /var/www/trollslayer/; diff --git a/etc/nginx/sites-enabled/www-ssl.site b/etc/nginx/sites-enabled/www-ssl.site index 1ccdda8..5fd5f16 100644 --- a/etc/nginx/sites-enabled/www-ssl.site +++ b/etc/nginx/sites-enabled/www-ssl.site @@ -1,5 +1,5 @@ server { - listen [::]:443 ssl; ## listen for ipv4; this line is default and implied + listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 @@ -15,7 +15,7 @@ server { ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; add_header Strict-Transport-Security "max-age=63072000; preload"; - + location / { root /var/www/taler.net; autoindex off; diff --git a/etc/nginx/sites-enabled/www.git-ssl.site b/etc/nginx/sites-enabled/www.git-ssl.site index 81b2c41..8ba45d1 100644 --- a/etc/nginx/sites-enabled/www.git-ssl.site +++ b/etc/nginx/sites-enabled/www.git-ssl.site @@ -1,10 +1,10 @@ server { - listen [::]:443 ssl; ## listen for ipv4; this line is default and implied + listen [::]:443 ssl ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 # Make site accessible from http://localhost/ server_name www.git.taler.net; - + ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; ssl_prefer_server_ciphers on; @@ -24,7 +24,7 @@ server { fastcgi_param GITWEB_CONFIG /etc/gitweb.conf; fastcgi_pass unix:/var/run/fcgiwrap.socket; } - + location / { root /usr/share/gitweb/; index index.cgi; diff --git a/etc/nginx/sites-enabled/www.git.site b/etc/nginx/sites-enabled/www.git.site index 4b3fc3d..8c198f5 100644 --- a/etc/nginx/sites-enabled/www.git.site +++ b/etc/nginx/sites-enabled/www.git.site @@ -1,10 +1,10 @@ server { - listen [::]:80; ## listen for ipv4; this line is default and implied + listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 # Make site accessible from http://localhost/ server_name www.git.taler.net; - + location /index.cgi { root /usr/share/gitweb/; @@ -15,7 +15,7 @@ server { fastcgi_param GITWEB_CONFIG /etc/gitweb.conf; fastcgi_pass unix:/var/run/fcgiwrap.socket; } - + location / { root /usr/share/gitweb/; index index.cgi; diff --git a/etc/nginx/sites-enabled/www.site b/etc/nginx/sites-enabled/www.site index 19871af..db3407a 100644 --- a/etc/nginx/sites-enabled/www.site +++ b/etc/nginx/sites-enabled/www.site @@ -1,5 +1,5 @@ server { - listen [::]:80; ## listen for ipv4; this line is default and implied + listen [::]:80 ipv6only=off; ## listen for ipv4; this line is default and implied # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 root /var/www/taler.net; |