From 34dd2a1d412b77fa0bc8cde77fe579aef63455aa Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Tue, 1 Mar 2016 23:26:14 +0100 Subject: add whole nginx config --- etc/nginx-sites-enabled/api-ssl.site | 26 ------------- etc/nginx-sites-enabled/api.site | 16 -------- etc/nginx-sites-enabled/bank-demo-ssl.site | 28 ------------- etc/nginx-sites-enabled/bank-demo.site | 31 --------------- etc/nginx-sites-enabled/bank-test-ssl.site | 28 ------------- etc/nginx-sites-enabled/bank-test.site | 37 ------------------ etc/nginx-sites-enabled/blog-demo-ssl.site | 50 ------------------------ etc/nginx-sites-enabled/blog-demo.site | 43 -------------------- etc/nginx-sites-enabled/blog-test-ssl.site | 49 ----------------------- etc/nginx-sites-enabled/blog-test.site | 43 -------------------- etc/nginx-sites-enabled/buildbot-ssl.site | 25 ------------ etc/nginx-sites-enabled/buildbot.site | 16 -------- etc/nginx-sites-enabled/decentralise-ssl.site | 21 ---------- etc/nginx-sites-enabled/decentralise.site | 12 ------ etc/nginx-sites-enabled/demo-ssl.site | 34 ---------------- etc/nginx-sites-enabled/demo.site | 20 ---------- etc/nginx-sites-enabled/drupal-demo-ssl.site | 49 ----------------------- etc/nginx-sites-enabled/drupal-demo.site | 40 ------------------- etc/nginx-sites-enabled/exchange-demo-ssl.site | 25 ------------ etc/nginx-sites-enabled/exchange-demo.site | 15 ------- etc/nginx-sites-enabled/exchange-test-ssl.site | 24 ------------ etc/nginx-sites-enabled/exchange-test.site | 15 ------- etc/nginx-sites-enabled/gauger-ssl.site | 25 ------------ etc/nginx-sites-enabled/gauger.site | 16 -------- etc/nginx-sites-enabled/git-ssl.site | 21 ---------- etc/nginx-sites-enabled/git.site | 12 ------ etc/nginx-sites-enabled/lcov-ssl.site | 25 ------------ etc/nginx-sites-enabled/lcov.site | 16 -------- etc/nginx-sites-enabled/mint-demo-ssl.site | 24 ------------ etc/nginx-sites-enabled/mint-demo.site | 15 ------- etc/nginx-sites-enabled/mint-test-ssl.site | 24 ------------ etc/nginx-sites-enabled/mint-test.site | 15 ------- etc/nginx-sites-enabled/shop-demo-ssl.site | 54 -------------------------- etc/nginx-sites-enabled/shop-demo.site | 47 ---------------------- etc/nginx-sites-enabled/shop-test-ssl.site | 54 -------------------------- etc/nginx-sites-enabled/shop-test.site | 48 ----------------------- etc/nginx-sites-enabled/test | 15 ------- etc/nginx-sites-enabled/test.site | 9 ----- etc/nginx-sites-enabled/trollslayer.site | 15 ------- etc/nginx-sites-enabled/www-ssl.site | 36 ----------------- etc/nginx-sites-enabled/www.git-ssl.site | 32 --------------- etc/nginx-sites-enabled/www.git.site | 23 ----------- etc/nginx-sites-enabled/www.site | 25 ------------ etc/talerssl | 9 ----- 44 files changed, 1207 deletions(-) delete mode 100644 etc/nginx-sites-enabled/api-ssl.site delete mode 100644 etc/nginx-sites-enabled/api.site delete mode 100644 etc/nginx-sites-enabled/bank-demo-ssl.site delete mode 100644 etc/nginx-sites-enabled/bank-demo.site delete mode 100644 etc/nginx-sites-enabled/bank-test-ssl.site delete mode 100644 etc/nginx-sites-enabled/bank-test.site delete mode 100644 etc/nginx-sites-enabled/blog-demo-ssl.site delete mode 100644 etc/nginx-sites-enabled/blog-demo.site delete mode 100644 etc/nginx-sites-enabled/blog-test-ssl.site delete mode 100644 etc/nginx-sites-enabled/blog-test.site delete mode 100644 etc/nginx-sites-enabled/buildbot-ssl.site delete mode 100644 etc/nginx-sites-enabled/buildbot.site delete mode 100644 etc/nginx-sites-enabled/decentralise-ssl.site delete mode 100644 etc/nginx-sites-enabled/decentralise.site delete mode 100644 etc/nginx-sites-enabled/demo-ssl.site delete mode 100644 etc/nginx-sites-enabled/demo.site delete mode 100644 etc/nginx-sites-enabled/drupal-demo-ssl.site delete mode 100644 etc/nginx-sites-enabled/drupal-demo.site delete mode 100644 etc/nginx-sites-enabled/exchange-demo-ssl.site delete mode 100644 etc/nginx-sites-enabled/exchange-demo.site delete mode 100644 etc/nginx-sites-enabled/exchange-test-ssl.site delete mode 100644 etc/nginx-sites-enabled/exchange-test.site delete mode 100644 etc/nginx-sites-enabled/gauger-ssl.site delete mode 100644 etc/nginx-sites-enabled/gauger.site delete mode 100644 etc/nginx-sites-enabled/git-ssl.site delete mode 100644 etc/nginx-sites-enabled/git.site delete mode 100644 etc/nginx-sites-enabled/lcov-ssl.site delete mode 100644 etc/nginx-sites-enabled/lcov.site delete mode 100644 etc/nginx-sites-enabled/mint-demo-ssl.site delete mode 100644 etc/nginx-sites-enabled/mint-demo.site delete mode 100644 etc/nginx-sites-enabled/mint-test-ssl.site delete mode 100644 etc/nginx-sites-enabled/mint-test.site delete mode 100644 etc/nginx-sites-enabled/shop-demo-ssl.site delete mode 100644 etc/nginx-sites-enabled/shop-demo.site delete mode 100644 etc/nginx-sites-enabled/shop-test-ssl.site delete mode 100644 etc/nginx-sites-enabled/shop-test.site delete mode 100644 etc/nginx-sites-enabled/test delete mode 100644 etc/nginx-sites-enabled/test.site delete mode 100644 etc/nginx-sites-enabled/trollslayer.site delete mode 100644 etc/nginx-sites-enabled/www-ssl.site delete mode 100644 etc/nginx-sites-enabled/www.git-ssl.site delete mode 100644 etc/nginx-sites-enabled/www.git.site delete mode 100644 etc/nginx-sites-enabled/www.site delete mode 100644 etc/talerssl (limited to 'etc') diff --git a/etc/nginx-sites-enabled/api-ssl.site b/etc/nginx-sites-enabled/api-ssl.site deleted file mode 100644 index 853a108..0000000 --- a/etc/nginx-sites-enabled/api-ssl.site +++ /dev/null @@ -1,26 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /var/www/api.taler.net/_build/html; - - # Make site accessible from http://localhost/ - server_name api.taler.net; - server_name www.api.taler.net; - - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - location / { - autoindex off; - ssi on; -# ssi_last_modified on; - } -} diff --git a/etc/nginx-sites-enabled/api.site b/etc/nginx-sites-enabled/api.site deleted file mode 100644 index 1ca56bd..0000000 --- a/etc/nginx-sites-enabled/api.site +++ /dev/null @@ -1,16 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /var/www/api.taler.net/_build/html; - - # Make site accessible from http://localhost/ - server_name api.taler.net; - server_name www.api.taler.net; - - location / { - autoindex off; - ssi on; -# ssi_last_modified on; - } -} diff --git a/etc/nginx-sites-enabled/bank-demo-ssl.site b/etc/nginx-sites-enabled/bank-demo-ssl.site deleted file mode 100644 index e682d08..0000000 --- a/etc/nginx-sites-enabled/bank-demo-ssl.site +++ /dev/null @@ -1,28 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /home/demo/bank/website; - index index.php; - - # Make site accessible from http://localhost/ - server_name bank.demo.taler.net; - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - location ~ \.php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - - rewrite ^/shop $scheme://shop.demo.taler.net/ redirect; - -} diff --git a/etc/nginx-sites-enabled/bank-demo.site b/etc/nginx-sites-enabled/bank-demo.site deleted file mode 100644 index 12781ab..0000000 --- a/etc/nginx-sites-enabled/bank-demo.site +++ /dev/null @@ -1,31 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /home/demo/bank/website; - index index.php; - - # Make site accessible from http://localhost/ - server_name bank.demo.taler.net; - - location ~ \.php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - -# To be uncommented when testing Django bank -# location ~ ^/auth/static { -# root /home/demo/bank/TalerBank/Bank/templates; -# rewrite /auth/static/(.*) /$1 break; -# } -# -# # Reach Django -# location ~ ^/(auth|admin) { -# uwsgi_pass django; -# include /home/demo/bank/TalerBank/uwsgi_params; -# } - - rewrite ^/shop $scheme://shop.demo.taler.net/ redirect; - -} diff --git a/etc/nginx-sites-enabled/bank-test-ssl.site b/etc/nginx-sites-enabled/bank-test-ssl.site deleted file mode 100644 index 5975adc..0000000 --- a/etc/nginx-sites-enabled/bank-test-ssl.site +++ /dev/null @@ -1,28 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /home/test/bank/website; - index index.php; - - # Make site accessible from http://localhost/ - server_name bank.test.taler.net; - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - location ~ \.php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - - rewrite ^/shop $scheme://shop.test.taler.net/ redirect; - rewrite ^/mint $scheme://mint.demo.taler.net/ redirect; -} diff --git a/etc/nginx-sites-enabled/bank-test.site b/etc/nginx-sites-enabled/bank-test.site deleted file mode 100644 index 2664780..0000000 --- a/etc/nginx-sites-enabled/bank-test.site +++ /dev/null @@ -1,37 +0,0 @@ -upstream django { - server 127.0.0.1:8000; -} - -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /home/test/bank/website; - index index.php; - - # Make site accessible from http://localhost/ - server_name bank.test.taler.net; - - location ~ \.php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - - location ~ ^/auth/static { - rewrite /auth/static/(.*) /static/$1 break; - uwsgi_pass django; - include /home/test/bank/TalerBank/uwsgi_params; - - } - - # Reach Django - location ~ ^/(auth|admin|static) { - uwsgi_pass django; - include /home/test/bank/TalerBank/uwsgi_params; - } - - rewrite ^/shop$ $scheme://shop.test.taler.net/ redirect; - rewrite ^/mint$ $scheme://mint.demo.taler.net/ redirect; - rewrite ^/mint/(.*)$ $scheme://mint.demo.taler.net/$1 redirect; -} diff --git a/etc/nginx-sites-enabled/blog-demo-ssl.site b/etc/nginx-sites-enabled/blog-demo-ssl.site deleted file mode 100644 index 447b295..0000000 --- a/etc/nginx-sites-enabled/blog-demo-ssl.site +++ /dev/null @@ -1,50 +0,0 @@ -server { - #listen 80; - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - server_name blog.demo.taler.net; - - root /home/demo/merchant/examples/blog/; - index index.html; - - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - # Make site accessible from http://localhost/ - - location / { - try_files $uri $uri/ =404; - rewrite /taler/pay /pay.php; - rewrite /taler/contract /generate_taler_contract.php; - } - - location /fullfillment { - rewrite /(.*) /$1.php; - } - - location /articles { - - internal; - } - - location ~ \.php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - - location /backend { - rewrite /backend/(.*) /$1 break; - proxy_pass http://127.0.0.1:19966; - proxy_redirect off; - proxy_set_header Host $host; - } -} diff --git a/etc/nginx-sites-enabled/blog-demo.site b/etc/nginx-sites-enabled/blog-demo.site deleted file mode 100644 index e28303a..0000000 --- a/etc/nginx-sites-enabled/blog-demo.site +++ /dev/null @@ -1,43 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - server_name blog.demo.taler.net; - - root /home/demo/merchant/examples/blog; - index index.html; - - # Make site accessible from http://localhost/ - - location / { - try_files $uri $uri/ =404; - rewrite /taler/pay /pay.php; - rewrite /taler/contract /generate_taler_contract.php; - - } - - location /fullfillment { - rewrite /(.*) /$1.php; - - } - - location /articles { - - internal; - } - - location ~ \.php$ { - - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - - } - - location /backend { - rewrite /backend/(.*) /$1 break; - proxy_pass http://127.0.0.1:9966; - proxy_redirect off; - proxy_set_header Host $host; - } -} diff --git a/etc/nginx-sites-enabled/blog-test-ssl.site b/etc/nginx-sites-enabled/blog-test-ssl.site deleted file mode 100644 index c3d84f2..0000000 --- a/etc/nginx-sites-enabled/blog-test-ssl.site +++ /dev/null @@ -1,49 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - server_name blog.test.taler.net; - - root /home/test/merchant/examples/blog/; - index index.html; - - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - # Make site accessible from http://localhost/ - - location / { - try_files $uri $uri/ =404; - rewrite /taler/pay /pay.php; - rewrite /taler/contract /generate_taler_contract.php; - } - - location /fullfillment { - rewrite /(.*) /$1.php; - } - - location /articles { - - internal; - } - - location ~ \.php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - - location /backend { - rewrite /backend/(.*) /$1 break; - proxy_pass http://127.0.0.1:19966; - proxy_redirect off; - proxy_set_header Host $host; - } -} diff --git a/etc/nginx-sites-enabled/blog-test.site b/etc/nginx-sites-enabled/blog-test.site deleted file mode 100644 index 2937763..0000000 --- a/etc/nginx-sites-enabled/blog-test.site +++ /dev/null @@ -1,43 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - server_name blog.test.taler.net; - - root /home/test/merchant/examples/blog; - index index.html; - - # Make site accessible from http://localhost/ - - location / { - try_files $uri $uri/ =404; - rewrite /taler/pay /pay.php; - rewrite /taler/contract /generate_taler_contract.php; - - } - - location /fullfillment { - rewrite /(.*) /$1.php; - - } - - location /articles { - - internal; - } - - location ~ \.php$ { - - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - - } - - location /backend { - rewrite /backend/(.*) /$1 break; - proxy_pass http://127.0.0.1:19966; - proxy_redirect off; - proxy_set_header Host $host; - } -} diff --git a/etc/nginx-sites-enabled/buildbot-ssl.site b/etc/nginx-sites-enabled/buildbot-ssl.site deleted file mode 100644 index cbbef7b..0000000 --- a/etc/nginx-sites-enabled/buildbot-ssl.site +++ /dev/null @@ -1,25 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /var/www/buildbot/; - - # Make site accessible from http://localhost/ - server_name buildbot.taler.net; - server_name www.buildbot.taler.net; - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - location / { - proxy_pass http://localhost:1802; - proxy_redirect off; - proxy_set_header Host $host; - } -} diff --git a/etc/nginx-sites-enabled/buildbot.site b/etc/nginx-sites-enabled/buildbot.site deleted file mode 100644 index bec2149..0000000 --- a/etc/nginx-sites-enabled/buildbot.site +++ /dev/null @@ -1,16 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /var/www/buildbot/; - - # Make site accessible from http://localhost/ - server_name buildbot.taler.net; - server_name www.buildbot.taler.net; - - location / { - proxy_pass http://localhost:1802; - proxy_redirect off; - proxy_set_header Host $host; - } -} diff --git a/etc/nginx-sites-enabled/decentralise-ssl.site b/etc/nginx-sites-enabled/decentralise-ssl.site deleted file mode 100644 index 952986f..0000000 --- a/etc/nginx-sites-enabled/decentralise-ssl.site +++ /dev/null @@ -1,21 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /var/www/decentralise; - - # Make site accessible from http://localhost/ - server_name www.decentralise.rennes.inria.fr; - server_name decentralise.rennes.inria.fr; - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - rewrite / http://www.inria.fr/en/teams/decentralise redirect; -} diff --git a/etc/nginx-sites-enabled/decentralise.site b/etc/nginx-sites-enabled/decentralise.site deleted file mode 100644 index 61c1976..0000000 --- a/etc/nginx-sites-enabled/decentralise.site +++ /dev/null @@ -1,12 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /var/www/decentralise; - - # Make site accessible from http://localhost/ - server_name www.decentralise.rennes.inria.fr; - server_name decentralise.rennes.inria.fr; - - rewrite / http://www.inria.fr/en/teams/decentralise redirect; -} diff --git a/etc/nginx-sites-enabled/demo-ssl.site b/etc/nginx-sites-enabled/demo-ssl.site deleted file mode 100644 index 0b2b8da..0000000 --- a/etc/nginx-sites-enabled/demo-ssl.site +++ /dev/null @@ -1,34 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /home/test/landing/; - index index.html; - - # Make site accessible from http://localhost/ - server_name demo.taler.net; - server_name www.demo.taler.net; - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - location ~ \.php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - - location /extension { - root /home/demo/wallet/wallet_button/firefox_src/xpi/; - rewrite /extension /taler-wallet.xpi break; - } - - rewrite ^/bank $scheme://bank.demo.taler.net/ redirect; - rewrite ^/shop $scheme://shop.demo.taler.net/ redirect; -} diff --git a/etc/nginx-sites-enabled/demo.site b/etc/nginx-sites-enabled/demo.site deleted file mode 100644 index f08f8cd..0000000 --- a/etc/nginx-sites-enabled/demo.site +++ /dev/null @@ -1,20 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /home/demo/landing/; - index index.html; - - # Make site accessible from http://localhost/ - server_name demo.taler.net; - server_name www.demo.taler.net; - - rewrite ^/bank $scheme://bank.demo.taler.net/ redirect; - rewrite ^/shop $scheme://shop.demo.taler.net/ redirect; - - location ~ \.php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } -} diff --git a/etc/nginx-sites-enabled/drupal-demo-ssl.site b/etc/nginx-sites-enabled/drupal-demo-ssl.site deleted file mode 100644 index 400020e..0000000 --- a/etc/nginx-sites-enabled/drupal-demo-ssl.site +++ /dev/null @@ -1,49 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - server_name drupal.demo.taler.net; - - root /home/demo/drupal-demo; - - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - # Make site accessible from http://localhost/ - -# location / { -# try_files $uri $uri/ =404; -# rewrite /taler/pay /pay.php; -# rewrite /taler/contract /generate_taler_contract.php; -# } - -# location /fullfillment { -# rewrite /(.*) /$1.php; -# } - - location ~ \.php$ { - fastcgi_index index.php; - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - -# location /backend { -# rewrite /backend/(.*) /$1 break; -# proxy_pass http://127.0.0.1:19966; -# proxy_redirect off; -# proxy_set_header Host $host; -# } - - client_max_body_size 10M; - client_body_buffer_size 128k; - - include apps/drupal/drupal.conf; -} diff --git a/etc/nginx-sites-enabled/drupal-demo.site b/etc/nginx-sites-enabled/drupal-demo.site deleted file mode 100644 index d91c3f7..0000000 --- a/etc/nginx-sites-enabled/drupal-demo.site +++ /dev/null @@ -1,40 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - server_name drupal.demo.taler.net; - - root /home/demo/drupal-demo; - - # Make site accessible from http://localhost/ - -# location / { -# try_files $uri $uri/ =404; -# rewrite /taler/pay /pay.php; -# rewrite /taler/contract /generate_taler_contract.php; -# } - -# location /fullfillment { -# rewrite /(.*) /$1.php; -# } - - - location ~ \.php$ { - fastcgi_index index.php; - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - -# location /backend { -# rewrite /backend/(.*) /$1 break; -# proxy_pass http://127.0.0.1:19966; -# proxy_redirect off; -# proxy_set_header Host $host; -# } - - client_max_body_size 10M; - client_body_buffer_size 128k; - - include apps/drupal/drupal.conf; -} diff --git a/etc/nginx-sites-enabled/exchange-demo-ssl.site b/etc/nginx-sites-enabled/exchange-demo-ssl.site deleted file mode 100644 index 5761d4f..0000000 --- a/etc/nginx-sites-enabled/exchange-demo-ssl.site +++ /dev/null @@ -1,25 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /dev/null; - - server_name exchange.demo.taler.net; - - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - location / { - proxy_pass http://localhost:4241; - proxy_redirect off; - proxy_set_header Host $host; - } - -} diff --git a/etc/nginx-sites-enabled/exchange-demo.site b/etc/nginx-sites-enabled/exchange-demo.site deleted file mode 100644 index 5e8f1b0..0000000 --- a/etc/nginx-sites-enabled/exchange-demo.site +++ /dev/null @@ -1,15 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /dev/null; - - server_name exchange.demo.taler.net; - - location / { - proxy_pass http://localhost:4241; - proxy_redirect off; - proxy_set_header Host $host; - } - -} diff --git a/etc/nginx-sites-enabled/exchange-test-ssl.site b/etc/nginx-sites-enabled/exchange-test-ssl.site deleted file mode 100644 index 029bce0..0000000 --- a/etc/nginx-sites-enabled/exchange-test-ssl.site +++ /dev/null @@ -1,24 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /dev/null; - - server_name exchange.test.taler.net; - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - location / { - proxy_pass http://localhost:14241; - proxy_redirect off; - proxy_set_header Host $host; - } - -} diff --git a/etc/nginx-sites-enabled/exchange-test.site b/etc/nginx-sites-enabled/exchange-test.site deleted file mode 100644 index 2841980..0000000 --- a/etc/nginx-sites-enabled/exchange-test.site +++ /dev/null @@ -1,15 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /dev/null; - - server_name exchange.test.taler.net; - - location / { - proxy_pass http://localhost:14241; - proxy_redirect off; - proxy_set_header Host $host; - } - -} diff --git a/etc/nginx-sites-enabled/gauger-ssl.site b/etc/nginx-sites-enabled/gauger-ssl.site deleted file mode 100644 index 42c40ef..0000000 --- a/etc/nginx-sites-enabled/gauger-ssl.site +++ /dev/null @@ -1,25 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /var/www/gauger/; - - # Make site accessible from http://localhost/ - server_name gauger.taler.net; - server_name www.gauger.taler.net; - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - location / { - proxy_pass http://localhost:1801; - proxy_redirect off; - proxy_set_header Host $host; - } -} diff --git a/etc/nginx-sites-enabled/gauger.site b/etc/nginx-sites-enabled/gauger.site deleted file mode 100644 index 63e0cdb..0000000 --- a/etc/nginx-sites-enabled/gauger.site +++ /dev/null @@ -1,16 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /var/www/gauger/; - - # Make site accessible from http://localhost/ - server_name gauger.taler.net; - server_name www.gauger.taler.net; - - location / { - proxy_pass http://localhost:1801; - proxy_redirect off; - proxy_set_header Host $host; - } -} diff --git a/etc/nginx-sites-enabled/git-ssl.site b/etc/nginx-sites-enabled/git-ssl.site deleted file mode 100644 index 3ea1af2..0000000 --- a/etc/nginx-sites-enabled/git-ssl.site +++ /dev/null @@ -1,21 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /var/git; - # Make site accessible from http://localhost/ - server_name git.taler.net; - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - location / { - autoindex off; - } -} diff --git a/etc/nginx-sites-enabled/git.site b/etc/nginx-sites-enabled/git.site deleted file mode 100644 index c194202..0000000 --- a/etc/nginx-sites-enabled/git.site +++ /dev/null @@ -1,12 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /var/git; - # Make site accessible from http://localhost/ - server_name git.taler.net; - - location / { - autoindex off; - } -} diff --git a/etc/nginx-sites-enabled/lcov-ssl.site b/etc/nginx-sites-enabled/lcov-ssl.site deleted file mode 100644 index d85486e..0000000 --- a/etc/nginx-sites-enabled/lcov-ssl.site +++ /dev/null @@ -1,25 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /var/www/lcov.taler.net/; - - # Make site accessible from http://localhost/ - server_name lcov.taler.net; - server_name www.lcov.taler.net; - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - location / { - autoindex off; - ssi off; -# ssi_last_modified on; - } -} diff --git a/etc/nginx-sites-enabled/lcov.site b/etc/nginx-sites-enabled/lcov.site deleted file mode 100644 index 1ddfd83..0000000 --- a/etc/nginx-sites-enabled/lcov.site +++ /dev/null @@ -1,16 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /var/www/lcov.taler.net/; - - # Make site accessible from http://localhost/ - server_name lcov.taler.net; - server_name www.lcov.taler.net; - - location / { - autoindex off; - ssi off; -# ssi_last_modified on; - } -} diff --git a/etc/nginx-sites-enabled/mint-demo-ssl.site b/etc/nginx-sites-enabled/mint-demo-ssl.site deleted file mode 100644 index 8eeb3c5..0000000 --- a/etc/nginx-sites-enabled/mint-demo-ssl.site +++ /dev/null @@ -1,24 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /dev/null; - - server_name mint.demo.taler.net; - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - location / { - proxy_pass http://localhost:4241; - proxy_redirect off; - proxy_set_header Host $host; - } - -} diff --git a/etc/nginx-sites-enabled/mint-demo.site b/etc/nginx-sites-enabled/mint-demo.site deleted file mode 100644 index 070d0c9..0000000 --- a/etc/nginx-sites-enabled/mint-demo.site +++ /dev/null @@ -1,15 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /dev/null; - - server_name mint.demo.taler.net; - - location / { - proxy_pass http://localhost:4241; - proxy_redirect off; - proxy_set_header Host $host; - } - -} diff --git a/etc/nginx-sites-enabled/mint-test-ssl.site b/etc/nginx-sites-enabled/mint-test-ssl.site deleted file mode 100644 index 2eeea19..0000000 --- a/etc/nginx-sites-enabled/mint-test-ssl.site +++ /dev/null @@ -1,24 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /dev/null; - - server_name mint.test.taler.net; - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - location / { - proxy_pass http://localhost:14241; - proxy_redirect off; - proxy_set_header Host $host; - } - -} diff --git a/etc/nginx-sites-enabled/mint-test.site b/etc/nginx-sites-enabled/mint-test.site deleted file mode 100644 index 332d72c..0000000 --- a/etc/nginx-sites-enabled/mint-test.site +++ /dev/null @@ -1,15 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /dev/null; - - server_name mint.test.taler.net; - - location / { - proxy_pass http://localhost:14241; - proxy_redirect off; - proxy_set_header Host $host; - } - -} diff --git a/etc/nginx-sites-enabled/shop-demo-ssl.site b/etc/nginx-sites-enabled/shop-demo-ssl.site deleted file mode 100644 index 8d34446..0000000 --- a/etc/nginx-sites-enabled/shop-demo-ssl.site +++ /dev/null @@ -1,54 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - server_name shop.demo.taler.net; - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - root /home/demo/merchant/examples/shop/; - index index.php; - - # Make site accessible from http://localhost/ - - location / { - try_files $uri $uri/ =404; - rewrite /taler/pay /pay.php; - rewrite /taler/contract /generate_taler_contract.php; - - } - - location /fullfillment { - rewrite /(.*) /$1.php; - } - - location /test/contract { - rewrite (.*) /generate_taler_contract.php?cli_debug=yes; - } - - location /test/contract/frontend { - rewrite (.*) /generate_taler_contract.php?backend_test=no; - } - - location ~ \.php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - - location /backend { - rewrite /backend/(.*) /$1 break; - proxy_pass http://127.0.0.1:9966; - proxy_redirect off; - proxy_set_header Host $host; - } - - rewrite ^/shop $scheme://shop.demo.taler.net/ redirect; -} diff --git a/etc/nginx-sites-enabled/shop-demo.site b/etc/nginx-sites-enabled/shop-demo.site deleted file mode 100644 index 818c13f..0000000 --- a/etc/nginx-sites-enabled/shop-demo.site +++ /dev/null @@ -1,47 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - server_name shop.demo.taler.net; - - root /home/demo/merchant/examples/shop; - index index.php; - - # Make site accessible from http://localhost/ - - location / { - try_files $uri $uri/ =404; - rewrite /taler/pay /pay.php; - rewrite /taler/contract /generate_taler_contract.php; - - } - - location /fullfillment { - rewrite /(.*) /$1.php; - - } - - location /test/contract { - rewrite (.*) /generate_taler_contract.php?cli_debug=yes; - } - - location /test/contract/frontend { - rewrite (.*) /generate_taler_contract.php?backend_test=no; - } - - location ~ \.php$ { - - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - - location /backend { - rewrite /backend/(.*) /$1 break; - proxy_pass http://127.0.0.1:9966; - proxy_redirect off; - proxy_set_header Host $host; - } - - rewrite ^/shop $scheme://shop.demo.taler.net/ redirect; -} diff --git a/etc/nginx-sites-enabled/shop-test-ssl.site b/etc/nginx-sites-enabled/shop-test-ssl.site deleted file mode 100644 index 5889f02..0000000 --- a/etc/nginx-sites-enabled/shop-test-ssl.site +++ /dev/null @@ -1,54 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - server_name shop.test.taler.net; - - root /home/test/merchant/examples/shop/; - index index.php; - - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - # Make site accessible from http://localhost/ - - location / { - try_files $uri $uri/ =404; - rewrite /taler/pay /pay.php; - rewrite /taler/contract /generate_taler_contract.php; - } - - location /fullfillment { - rewrite /(.*) /$1.php; - } - - location /test/contract { - rewrite (.*) /generate_taler_contract.php?cli_debug=yes; - } - - location /test/contract/frontend { - rewrite (.*) /generate_taler_contract.php?backend_test=no; - } - - location ~ \.php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } - - location /backend { - rewrite /backend/(.*) /$1 break; - proxy_pass http://127.0.0.1:19966; - proxy_redirect off; - proxy_set_header Host $host; - } - - rewrite ^/shop $scheme://shop.test.taler.net/ redirect; -} diff --git a/etc/nginx-sites-enabled/shop-test.site b/etc/nginx-sites-enabled/shop-test.site deleted file mode 100644 index 58fe8c1..0000000 --- a/etc/nginx-sites-enabled/shop-test.site +++ /dev/null @@ -1,48 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - server_name shop.test.taler.net; - - root /home/test/merchant/examples/shop; - index index.php; - - # Make site accessible from http://localhost/ - - location / { - try_files $uri $uri/ =404; - rewrite /taler/pay /pay.php; - rewrite /taler/contract /generate_taler_contract.php; - - } - - location /fullfillment { - rewrite /(.*) /$1.php; - - } - - location /test/contract { - rewrite (.*) /generate_taler_contract.php?cli_debug=yes; - } - - location /test/contract/frontend { - rewrite (.*) /generate_taler_contract.php?backend_test=no; - } - - location ~ \.php$ { - - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - - } - - location /backend { - rewrite /backend/(.*) /$1 break; - proxy_pass http://127.0.0.1:19966; - proxy_redirect off; - proxy_set_header Host $host; - } - - rewrite ^/shop $scheme://shop.test.taler.net/ redirect; -} diff --git a/etc/nginx-sites-enabled/test b/etc/nginx-sites-enabled/test deleted file mode 100644 index 629b69d..0000000 --- a/etc/nginx-sites-enabled/test +++ /dev/null @@ -1,15 +0,0 @@ -root /home/test/landing/; -index index.html; - -# Make site accessible from http://localhost/ -server_name test.taler.net; -server_name www.test.taler.net; - -rewrite ^/bank $scheme://bank.test.taler.net/ redirect; -rewrite ^/shop $scheme://shop.test.taler.net/ redirect; - -location ~ \.php$ { - fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; -} diff --git a/etc/nginx-sites-enabled/test.site b/etc/nginx-sites-enabled/test.site deleted file mode 100644 index 1a277c6..0000000 --- a/etc/nginx-sites-enabled/test.site +++ /dev/null @@ -1,9 +0,0 @@ -server { - listen 80; - include sites-enabled/test; -} -server { - listen 443 ssl; - include sites-enabled/test; - include talerssl; -} diff --git a/etc/nginx-sites-enabled/trollslayer.site b/etc/nginx-sites-enabled/trollslayer.site deleted file mode 100644 index c7d5de9..0000000 --- a/etc/nginx-sites-enabled/trollslayer.site +++ /dev/null @@ -1,15 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /var/www/trollslayer/; - - # Make site accessible from http://localhost/ - server_name trollslayer.decentralise.rennes.inria.fr; - - location / { - proxy_pass http://gnunet.org:20070/shell/; - proxy_redirect off; - proxy_set_header Host $host; - } -} diff --git a/etc/nginx-sites-enabled/www-ssl.site b/etc/nginx-sites-enabled/www-ssl.site deleted file mode 100644 index e86cafd..0000000 --- a/etc/nginx-sites-enabled/www-ssl.site +++ /dev/null @@ -1,36 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - - # Make site accessible from http://localhost/ - server_name taler.net; - server_name www.taler.net; - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - location / { - root /var/www/taler.net; - autoindex off; - ssi on; -# ssi_last_modified on; - rewrite /citizens /citizens.html break; - rewrite /developers /developers.html break; - rewrite /merchants /merchants.html break; - rewrite /governments /governments.html break; - rewrite /investors /investors.html break; - rewrite /about /about.html break; - rewrite /news /news.html break; - } -# Note: this will go to /var/www/videos, which we took out of Git - location /videos/ { - root /var/www; - } -} diff --git a/etc/nginx-sites-enabled/www.git-ssl.site b/etc/nginx-sites-enabled/www.git-ssl.site deleted file mode 100644 index 78c4091..0000000 --- a/etc/nginx-sites-enabled/www.git-ssl.site +++ /dev/null @@ -1,32 +0,0 @@ -server { - listen 443 ssl; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - # Make site accessible from http://localhost/ - server_name www.git.taler.net; - - ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_dhparam /etc/ssl/certs/dhparam.pem; - ssl_protocols TLSv1.2 TLSv1.1 TLSv1; - ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - - add_header Strict-Transport-Security "max-age=63072000; preload"; - - location /index.cgi { - root /usr/share/gitweb/; - - include fastcgi_params; - gzip off; - fastcgi_param SCRIPT_NAME $uri; - fastcgi_param GITWEB_CONFIG /etc/gitweb.conf; - fastcgi_pass unix:/var/run/fcgiwrap.socket; - } - - location / { - root /usr/share/gitweb/; - index index.cgi; - } -} diff --git a/etc/nginx-sites-enabled/www.git.site b/etc/nginx-sites-enabled/www.git.site deleted file mode 100644 index 54f932f..0000000 --- a/etc/nginx-sites-enabled/www.git.site +++ /dev/null @@ -1,23 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - # Make site accessible from http://localhost/ - server_name www.git.taler.net; - - - location /index.cgi { - root /usr/share/gitweb/; - - include fastcgi_params; - gzip off; - fastcgi_param SCRIPT_NAME $uri; - fastcgi_param GITWEB_CONFIG /etc/gitweb.conf; - fastcgi_pass unix:/var/run/fcgiwrap.socket; - } - - location / { - root /usr/share/gitweb/; - index index.cgi; - } -} diff --git a/etc/nginx-sites-enabled/www.site b/etc/nginx-sites-enabled/www.site deleted file mode 100644 index c438e7f..0000000 --- a/etc/nginx-sites-enabled/www.site +++ /dev/null @@ -1,25 +0,0 @@ -server { - listen 80; ## listen for ipv4; this line is default and implied - # listen [::]:80 default_server ipv6only=on; ## listen for ipv6 - - root /var/www/taler.net; - - # Make site accessible from http://localhost/ - server_name taler.net; - server_name www.taler.net; - - rewrite ^ https://$server_name$request_uri? permanent; - -# location / { -# autoindex off; -# ssi on; -## ssi_last_modified on; -# rewrite /citizens /citizens.html break; -# rewrite /developers /developers.html break; -# rewrite /merchants /merchants.html break; -# rewrite /governments /governments.html break; -# rewrite /investors /investors.html break; -# rewrite /about /about.html break; -# rewrite /news /news.html break; -# } -} diff --git a/etc/talerssl b/etc/talerssl deleted file mode 100644 index 3deae2c..0000000 --- a/etc/talerssl +++ /dev/null @@ -1,9 +0,0 @@ -ssl_certificate /etc/letsencrypt/live/taler.net/fullchain.pem; -ssl_certificate_key /etc/letsencrypt/live/taler.net/privkey.pem; -ssl_prefer_server_ciphers on; -ssl_session_cache shared:SSL:10m; -ssl_dhparam /etc/ssl/certs/dhparam.pem; -ssl_protocols TLSv1.2 TLSv1.1 TLSv1; -ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; - -add_header Strict-Transport-Security "max-age=63072000; preload"; -- cgit v1.2.3