server { listen 80; listen [::]:80; server_name test.taler.net bank.test.taler.net shop.test.taler.net donations.test.taler.net survey.test.taler.net auditor.test.taler.net exchange.test.taler.net backoffice.test.taler.net; # 301-based ridirects allows the user agent to *change* the # method used in the second request. This breaks all the API # using POST, as some user agents do the second request using # GET. 307 is meant to tell the user agent to not change the # method in the second request. if ($request_method = POST) { return 307 https://$host$request_uri; } return 301 https://$host$request_uri; } server { server_name test.taler.net www.test.taler.net; listen 443 ssl; listen [::]:443 ssl; rewrite /javascript /javascript.html break; include conf.d/talerssl; location @green { add_header X-Taler-Deployment-Color green; root /home/test-green/landing/demo; } location @blue { add_header X-Taler-Deployment-Color blue; root /home/test-blue/landing/demo; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; rewrite ^/$ /en/ redirect; rewrite ^/(..)/$ /$1/index.html break; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } root /home/test/landing/demo; } include conf.d/favicon_robots; } server { server_name auditor.test.taler.net; listen 443 ssl; listen [::]:443 ssl; root /dev/null; include conf.d/talerssl; location @green { add_header X-Taler-Deployment-Color green; root /home/test-green/auditor; } location @blue { add_header X-Taler-Deployment-Color blue; root /home/test-blue/auditor; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; rewrite ^/$ /en/ redirect; rewrite ^/(..)/$ /$1/index.html break; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } root /home/test/auditor; } include conf.d/favicon_robots; } server { server_name exchange.test.taler.net; listen 443 ssl; listen [::]:443 ssl; root /dev/null; include conf.d/talerssl; location @blue-admin { add_header X-Taler-Deployment-Color blue; proxy_pass http://unix:/home/test-blue/sockets/exchange-admin.http; proxy_redirect off; proxy_set_header Host $host; } location @green-admin { add_header X-Taler-Deployment-Color green; proxy_pass http://unix:/home/test-green/sockets/exchange-admin.http; proxy_redirect off; proxy_set_header Host $host; } location @blue { add_header X-Taler-Deployment-Color blue; proxy_pass http://unix:/home/test-blue/sockets/exchange.http; proxy_redirect off; proxy_set_header Host $host; } location @green { add_header X-Taler-Deployment-Color green; proxy_pass http://unix:/home/test-green/sockets/exchange.http; proxy_redirect off; proxy_set_header Host $host; } location /admin { error_page 418 = @blue-admin; error_page 419 = @green-admin; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } proxy_pass http://unix:/home/test/sockets/exchange-admin.http; proxy_redirect off; proxy_set_header Host $host; } location / { error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } proxy_pass http://unix:/home/test/sockets/exchange.http:/; proxy_redirect off; proxy_set_header Host $host; } } server { server_name shop.test.taler.net; listen 443 ssl; listen [::]:443 ssl; root /dev/null; include conf.d/talerssl; location @blue { add_header X-Taler-Deployment-Color blue; uwsgi_pass unix:/home/test-blue/sockets/shop.uwsgi; include /etc/nginx/uwsgi_params; } location @green { add_header X-Taler-Deployment-Color green; uwsgi_pass unix:/home/test-green/sockets/shop.uwsgi; include /etc/nginx/uwsgi_params; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } uwsgi_pass unix:/home/test/sockets/shop.uwsgi; include /etc/nginx/uwsgi_params; } include conf.d/favicon_robots; } server { server_name playground.test.taler.net; listen 443 ssl; listen [::]:443 ssl; root /dev/null; include conf.d/talerssl; location @blue { add_header X-Taler-Deployment-Color blue; uwsgi_pass unix:/home/test-blue/sockets/playground.uwsgi; include /etc/nginx/uwsgi_params; } location @green { add_header X-Taler-Deployment-Color green; uwsgi_pass unix:/home/test-green/sockets/playground.uwsgi; include /etc/nginx/uwsgi_params; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } uwsgi_pass unix:/home/test/sockets/playground.uwsgi; include /etc/nginx/uwsgi_params; } include conf.d/favicon_robots; } server { server_name backend.test.taler.net; listen 443 ssl; listen 80; listen [::]:443 ssl; listen [::]:80; include conf.d/talerssl; location @blue { add_header X-Taler-Deployment-Color blue; proxy_pass http://unix:/home/test-blue/sockets/merchant.http; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host "backend.test.taler.net"; proxy_set_header X-Forwarded-Proto "https"; } location @green { add_header X-Taler-Deployment-Color green; proxy_pass http://unix:/home/test-green/sockets/merchant.http; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host "backend.test.taler.net"; proxy_set_header X-Forwarded-Proto "https"; } location /public { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } proxy_set_header X-Forwarded-Host "backend.test.taler.net"; proxy_set_header X-Forwarded-Proto "https"; proxy_pass http://unix:/home/test/sockets/merchant.http:/public; proxy_redirect off; proxy_set_header Host $host; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; # match the ApiKey part ignoring case, and the actual key # with case-sensitivity on. if ($http_authorization !~ "(?i)ApiKey (?-i)sandbox") { return 401; } if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } proxy_set_header X-Forwarded-Host "backend.test.taler.net"; proxy_set_header X-Forwarded-Proto "https"; proxy_pass http://unix:/home/test/sockets/merchant.http:/; proxy_redirect off; proxy_set_header Host $host; } } server { server_name survey.test.taler.net; listen 443 ssl; listen [::]:443 ssl; include conf.d/talerssl; location / { uwsgi_pass unix:/home/test/sockets/survey.uwsgi; include /etc/nginx/uwsgi_params; } } server { server_name donations.test.taler.net; listen 443 ssl; listen [::]:443 ssl; include conf.d/talerssl; location @blue { add_header X-Taler-Deployment-Color blue; uwsgi_pass unix:/home/test-blue/sockets/donations.uwsgi; include /etc/nginx/uwsgi_params; } location @green { add_header X-Taler-Deployment-Color green; uwsgi_pass unix:/home/test-green/sockets/donations.uwsgi; include /etc/nginx/uwsgi_params; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } uwsgi_pass unix:/home/test/sockets/donations.uwsgi; include /etc/nginx/uwsgi_params; } include conf.d/favicon_robots; } server { server_name bank.test.taler.net; listen 443 ssl; listen [::]:443 ssl; include conf.d/talerssl; location @blue { add_header X-Taler-Deployment-Color blue; uwsgi_pass unix:/home/test-blue/sockets/bank.uwsgi; include /etc/nginx/uwsgi_params; } location @green { add_header X-Taler-Deployment-Color green; uwsgi_pass unix:/home/test-green/sockets/bank.uwsgi; include /etc/nginx/uwsgi_params; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } uwsgi_pass unix:/home/test/sockets/bank.uwsgi; include /etc/nginx/uwsgi_params; } include conf.d/favicon_robots; } server { server_name backoffice.test.taler.net; listen 443 ssl; listen [::]:443 ssl; include conf.d/talerssl; location @blue { add_header X-Taler-Deployment-Color blue; uwsgi_pass unix:/home/test-blue/sockets/backoffice.uwsgi; include /etc/nginx/uwsgi_params; } location @green { add_header X-Taler-Deployment-Color green; uwsgi_pass unix:/home/test-green/sockets/backoffice.uwsgi; include /etc/nginx/uwsgi_params; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } uwsgi_pass unix:/home/test/sockets/backoffice.uwsgi; include /etc/nginx/uwsgi_params; } include conf.d/favicon_robots; }