Browse Source

initial commit

master
Jared Dunbar 3 years ago
commit
3de0ec104e
Signed by: jared GPG Key ID: CF202CC859BAC692
  1. 203
      nginx.conf

203
nginx.conf

@ -0,0 +1,203 @@
worker_processes 2;
events {
worker_connections 1024;
}
http {
# Some SSL stuff
# when move to nginx 1.13, add TLSv1.3 below
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
# specifically, not RC4.
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
# Some global configurations
client_max_body_size 10M;
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
gzip on;
# http://ja13.org and https://ja13.org
server {
server_name ja13.org;
listen 80;
listen 443 http2 ssl;
root /srv/http/http;
ssl_certificate /etc/letsencrypt/live/ja13.org-0001/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ja13.org-0001/privkey.pem;
location / {
index index.html;
autoindex on;
}
location /robots.txt {
root /srv/http/common;
index robots.txt;
}
location /favicon.ico {
root /srv/http/common;
index favicon.ico;
}
location /resume.pdf {
root /srv/http/resume;
index resume.pdf;
}
}
# http://john.ja13.org and https://john.ja13.org
server {
server_name john.ja13.org;
listen 80;
listen 443 http2 ssl;
root /srv/http/john;
ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
location / {
proxy_pass http://10.0.0.4;
}
}
# http://ns1.ja13.org and https://ns1.ja13.org
server {
server_name ns1.ja13.org;
listen 80;
listen 443 http2 ssl;
root /srv/http/ns1;
ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
location / {
index index.html;
autoindex on;
}
location /robots.txt {
root /srv/http/common;
index robots.txt;
}
location /favicon.ico {
root /srv/http/common;
index favicon.ico;
}
}
# http://wifi.ja13.org and https://wifi.ja13.org
server {
server_name wifi.ja13.org;
listen 80;
listen 443 http2 ssl;
root /srv/http;
allow 10.0.0.0/24;
deny all;
ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
location / {
proxy_set_header Referer "";
proxy_ssl_verify off;
proxy_pass https://127.0.0.1:8443;
}
}
# http://source.ja13.org and https://source.ja13.org
server {
server_name source.ja13.org;
listen 80;
listen 443 http2 ssl;
ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
location / {
# this will probably be changed later
proxy_pass http://10.0.0.10:80;
}
location /robots.txt {
root /srv/http/common;
index robots.txt;
}
location /favicon.ico {
root /srv/http/common;
index favicon.ico;
}
}
server {
server_name nx.ja13.org;
listen 80;
location / {
return 301 https://docs.plm.automation.siemens.com/tdoc/nx/12.0.1/nx_help/;
}
}
# http://resume.ja13.org and https://resume.ja13.org
server {
server_name resume.ja13.org;
listen 80;
listen 443 http2 ssl;
root /srv/http/resume;
ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
location / {
index index.html;
autoindex on;
}
location /robots.txt {
root /srv/http/common;
index robots.txt;
}
location /favicon.ico {
root /srv/http/common;
index favicon.ico;
}
}
# http://*.ja13.org and https://*.ja13.org (a catch all domain)
server {
server_name _;
listen 80 default_server;
listen 443 http2 default_server ssl;
root /srv/http/lost;
ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
location / {
index index.html;
autoindex on;
}
location /robots.txt {
root /srv/http/common;
index robots.txt;
}
location /favicon.ico {
root /srv/http/common;
index favicon.ico;
}
location /resume.pdf {
root /srv/http/resume;
index resume.pdf;
}
}
}
Loading…
Cancel
Save