diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2016-06-18 14:21:18 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2016-06-18 14:21:18 -0300 |
commit | 48f24914d39228fa68f5c540c80f285f61de1e17 (patch) | |
tree | e801695d7e760d3b2c6250ea2bcd7b4751c85d44 /templates/etc/nginx | |
parent | 319bdcb9e0135f3cbac8a3d8fab29e26c6d1b8c3 (diff) | |
download | puppet-bootstrap-48f24914d39228fa68f5c540c80f285f61de1e17.tar.gz puppet-bootstrap-48f24914d39228fa68f5c540c80f285f61de1e17.tar.bz2 |
Removes templates
Diffstat (limited to 'templates/etc/nginx')
-rw-r--r-- | templates/etc/nginx/domain.erb | 166 |
1 files changed, 0 insertions, 166 deletions
diff --git a/templates/etc/nginx/domain.erb b/templates/etc/nginx/domain.erb deleted file mode 100644 index 06cb0ee..0000000 --- a/templates/etc/nginx/domain.erb +++ /dev/null @@ -1,166 +0,0 @@ -# <%= domain %> proxy config - -# Set the max size for file uploads -client_max_body_size 100M; - -# SNI Configuration -server { - listen 443 default; - server_name _; - ssl on; - ssl_certificate /etc/ssl/certs/blank.crt; - ssl_certificate_key /etc/ssl/private/blank.pem; - return 403; -} - -server { - # see config tips at - # http://blog.taragana.com/index.php/archive/nginx-hacking-tips/ - - # Don't log anything - access_log /dev/null; - error_log /dev/null; - - # simple reverse-proxy - listen 80; - server_name *.<%= domain %> <%= domain %> - - # enable HSTS header - add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload"; - - # https redirection by default - rewrite ^(.*) https://$host$1 redirect; - - # rewrite rules for backups.<%= domain %> - #if ($host ~* ^backups\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for admin.<%= domain %> - #if ($host ~* ^admin\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for munin.<%= domain %> - #if ($host ~* ^munin\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for trac.<%= domain %> - #if ($host ~* ^trac\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for nagios.<%= domain %> - #if ($host ~* ^nagios\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for htpasswd.<%= domain %> - #if ($host ~* ^htpasswd\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for postfixadmin.<%= domain %> - #if ($host ~* ^postfixadmin\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for mail.<%= domain %> - #if ($host ~* ^mail\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # rewrite rules for lists.<%= domain %> - #if ($host ~* ^lists\.<%= domain %>$) { - # rewrite ^(.*) https://$host$1 redirect; - # break; - #} - - # pass requests for dynamic content - location / { - proxy_set_header Host $http_host; - proxy_pass http://weblocal:80; - } - -} - -server { - # https reverse proxy - listen 443; - server_name *.<%= domain %> <%= domain %>; - - # Don't log anything - access_log /dev/null; - error_log /dev/null; - - ssl on; - ssl_certificate /etc/ssl/certs/cert.crt; - ssl_certificate_key /etc/ssl/private/cert.pem; - - # Set the max size for file uploads - client_max_body_size 100M; - - location / { - # preserve http header and set forwarded proto - proxy_set_header Host $http_host; - proxy_set_header X-Forwarded-Proto https; - - proxy_read_timeout 120; - proxy_connect_timeout 120; - - # rewrite rules for admin.<%= domain %> - if ($host ~* ^admin\.<%= domain %>$) { - proxy_pass http://admin:80; - break; - } - - # rewrite rules for munin.<%= domain %> - if ($host ~* ^munin\.<%= domain %>$) { - proxy_pass http://admin:80; - break; - } - - # rewrite rules for trac.<%= domain %> - if ($host ~* ^trac\.<%= domain %>$) { - proxy_pass http://admin:80; - break; - } - - # rewrite rules for nagios.<%= domain %> - if ($host ~* ^nagios\.<%= domain %>$) { - proxy_pass http://admin:80; - break; - } - - # rewrite rules for postfixadmin.<%= domain %> - if ($host ~* ^postfixadmin\.<%= domain %>$) { - proxy_pass http://mail:80; - break; - } - - # rewrite rules for mail.<%= domain %> - if ($host ~* ^mail\.<%= domain %>$) { - proxy_pass http://mail:80; - break; - } - - # rewrite rules for lists.<%= domain %> - if ($host ~* ^lists\.<%= domain %>$) { - proxy_pass http://mail:80; - break; - } - - # default proxy pass - proxy_pass http://weblocal:80; - } - -} |