No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

nginx.conf 4.4KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203
  1. worker_processes 2;
  2. events {
  3. worker_connections 1024;
  4. }
  5. http {
  6. # Some SSL stuff
  7. # when move to nginx 1.13, add TLSv1.3 below
  8. ssl_protocols TLSv1.2;
  9. ssl_prefer_server_ciphers on;
  10. # specifically, not RC4.
  11. ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
  12. # Some global configurations
  13. client_max_body_size 10M;
  14. include mime.types;
  15. default_type application/octet-stream;
  16. sendfile on;
  17. keepalive_timeout 65;
  18. gzip on;
  19. # http://ja13.org and https://ja13.org
  20. server {
  21. server_name ja13.org;
  22. listen 80;
  23. listen 443 http2 ssl;
  24. root /srv/http/http;
  25. ssl_certificate /etc/letsencrypt/live/ja13.org-0001/fullchain.pem;
  26. ssl_certificate_key /etc/letsencrypt/live/ja13.org-0001/privkey.pem;
  27. location / {
  28. index index.html;
  29. autoindex on;
  30. }
  31. location /robots.txt {
  32. root /srv/http/common;
  33. index robots.txt;
  34. }
  35. location /favicon.ico {
  36. root /srv/http/common;
  37. index favicon.ico;
  38. }
  39. location /resume.pdf {
  40. root /srv/http/resume;
  41. index resume.pdf;
  42. }
  43. }
  44. # http://john.ja13.org and https://john.ja13.org
  45. server {
  46. server_name john.ja13.org;
  47. listen 80;
  48. listen 443 http2 ssl;
  49. root /srv/http/john;
  50. ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
  51. ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
  52. location / {
  53. proxy_pass http://10.0.0.4;
  54. }
  55. }
  56. # http://ns1.ja13.org and https://ns1.ja13.org
  57. server {
  58. server_name ns1.ja13.org;
  59. listen 80;
  60. listen 443 http2 ssl;
  61. root /srv/http/ns1;
  62. ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
  63. ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
  64. location / {
  65. index index.html;
  66. autoindex on;
  67. }
  68. location /robots.txt {
  69. root /srv/http/common;
  70. index robots.txt;
  71. }
  72. location /favicon.ico {
  73. root /srv/http/common;
  74. index favicon.ico;
  75. }
  76. }
  77. # http://wifi.ja13.org and https://wifi.ja13.org
  78. server {
  79. server_name wifi.ja13.org;
  80. listen 80;
  81. listen 443 http2 ssl;
  82. root /srv/http;
  83. allow 10.0.0.0/24;
  84. deny all;
  85. ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
  86. ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
  87. location / {
  88. proxy_set_header Referer "";
  89. proxy_ssl_verify off;
  90. proxy_pass https://127.0.0.1:8443;
  91. }
  92. }
  93. # http://source.ja13.org and https://source.ja13.org
  94. server {
  95. server_name source.ja13.org;
  96. listen 80;
  97. listen 443 http2 ssl;
  98. ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
  99. ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
  100. location / {
  101. # this will probably be changed later
  102. proxy_pass http://10.0.0.10:80;
  103. }
  104. location /robots.txt {
  105. root /srv/http/common;
  106. index robots.txt;
  107. }
  108. location /favicon.ico {
  109. root /srv/http/common;
  110. index favicon.ico;
  111. }
  112. }
  113. server {
  114. server_name nx.ja13.org;
  115. listen 80;
  116. location / {
  117. return 301 https://docs.plm.automation.siemens.com/tdoc/nx/12.0.1/nx_help/;
  118. }
  119. }
  120. # http://resume.ja13.org and https://resume.ja13.org
  121. server {
  122. server_name resume.ja13.org;
  123. listen 80;
  124. listen 443 http2 ssl;
  125. root /srv/http/resume;
  126. ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
  127. ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
  128. location / {
  129. index index.html;
  130. autoindex on;
  131. }
  132. location /robots.txt {
  133. root /srv/http/common;
  134. index robots.txt;
  135. }
  136. location /favicon.ico {
  137. root /srv/http/common;
  138. index favicon.ico;
  139. }
  140. }
  141. # http://*.ja13.org and https://*.ja13.org (a catch all domain)
  142. server {
  143. server_name _;
  144. listen 80 default_server;
  145. listen 443 http2 default_server ssl;
  146. root /srv/http/lost;
  147. ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
  148. ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
  149. location / {
  150. index index.html;
  151. autoindex on;
  152. }
  153. location /robots.txt {
  154. root /srv/http/common;
  155. index robots.txt;
  156. }
  157. location /favicon.ico {
  158. root /srv/http/common;
  159. index favicon.ico;
  160. }
  161. location /resume.pdf {
  162. root /srv/http/resume;
  163. index resume.pdf;
  164. }
  165. }
  166. }