From df000f44733a9880584e67007fe701facb2f69eb Mon Sep 17 00:00:00 2001 From: Disassembler Date: Mon, 8 Jan 2018 15:27:29 +0100 Subject: [PATCH] Consolidate nginx configs --- basic/etc/nginx/conf.d/default.conf | 6 ++---- ckan-datapusher.sh | 1 - .../etc/nginx/apps/ckan-datapusher | 9 --------- .../etc/nginx/conf.d/ckan-datapusher.conf | 14 +++++++++++--- ckan.sh | 1 - ckan/etc/nginx/apps/ckan | 9 --------- ckan/etc/nginx/conf.d/ckan.conf | 19 +++++++++++-------- crisiscleanup.sh | 1 - crisiscleanup/etc/nginx/apps/crisiscleanup | 9 --------- .../etc/nginx/conf.d/crisiscleanup.conf | 19 +++++++++++-------- cts.sh | 1 - cts/etc/nginx/apps/cts | 9 --------- cts/etc/nginx/conf.d/cts.conf | 19 +++++++++++-------- gnuhealth.sh | 1 - gnuhealth/etc/nginx/apps/gnuhealth | 9 --------- gnuhealth/etc/nginx/conf.d/gnuhealth.conf | 19 +++++++++++-------- kanboard.sh | 1 - kanboard/etc/nginx/apps/kanboard | 9 --------- kanboard/etc/nginx/conf.d/kanboard.conf | 19 +++++++++++-------- openmapkit.sh | 1 - openmapkit/etc/nginx/apps/openmapkit | 9 --------- openmapkit/etc/nginx/conf.d/openmapkit.conf | 19 +++++++++++-------- seeddms.sh | 1 - seeddms/etc/nginx/apps/seeddms | 9 --------- seeddms/etc/nginx/conf.d/seeddms.conf | 19 +++++++++++-------- 25 files changed, 90 insertions(+), 143 deletions(-) delete mode 100644 ckan-datapusher/etc/nginx/apps/ckan-datapusher delete mode 100644 ckan/etc/nginx/apps/ckan delete mode 100644 crisiscleanup/etc/nginx/apps/crisiscleanup delete mode 100644 cts/etc/nginx/apps/cts delete mode 100644 gnuhealth/etc/nginx/apps/gnuhealth delete mode 100644 kanboard/etc/nginx/apps/kanboard delete mode 100644 openmapkit/etc/nginx/apps/openmapkit delete mode 100644 seeddms/etc/nginx/apps/seeddms diff --git a/basic/etc/nginx/conf.d/default.conf b/basic/etc/nginx/conf.d/default.conf index 1455d0b..177878c 100644 --- a/basic/etc/nginx/conf.d/default.conf +++ b/basic/etc/nginx/conf.d/default.conf @@ -1,12 +1,10 @@ server { - listen 80 default_server; - listen [::]:80 default_server; + listen [::]:80 default_server ipv6only=off; return 301 https://$host$request_uri; } server { - listen 443 ssl http2 default_server; - listen [::]:443 ssl http2 default_server; + listen [::]:443 ssl http2 default_server ipv6only=off; add_header Strict-Transport-Security "max-age=31536000;"; diff --git a/ckan-datapusher.sh b/ckan-datapusher.sh index d8afdb9..4437c39 100755 --- a/ckan-datapusher.sh +++ b/ckan-datapusher.sh @@ -18,6 +18,5 @@ rc-update add ckan-datapusher boot service ckan-datapusher start # Create nginx app definition -cp ${SOURCE_DIR}/etc/nginx/apps/ckan-datapusher /etc/nginx/apps/ckan-datapusher cp ${SOURCE_DIR}/etc/nginx/conf.d/ckan-datapusher.conf /etc/nginx/conf.d/ckan-datapusher.conf service nginx reload diff --git a/ckan-datapusher/etc/nginx/apps/ckan-datapusher b/ckan-datapusher/etc/nginx/apps/ckan-datapusher deleted file mode 100644 index 2375dfe..0000000 --- a/ckan-datapusher/etc/nginx/apps/ckan-datapusher +++ /dev/null @@ -1,9 +0,0 @@ -access_log /var/log/nginx/ckan-datapusher.access.log; -error_log /var/log/nginx/ckan-datapusher.error.log; - -location / { - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Host $host:$server_port; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass http://127.0.0.1:9004; -} diff --git a/ckan-datapusher/etc/nginx/conf.d/ckan-datapusher.conf b/ckan-datapusher/etc/nginx/conf.d/ckan-datapusher.conf index 44b2257..3825d9f 100644 --- a/ckan-datapusher/etc/nginx/conf.d/ckan-datapusher.conf +++ b/ckan-datapusher/etc/nginx/conf.d/ckan-datapusher.conf @@ -1,5 +1,13 @@ server { - listen 127.0.0.1:8004; - listen [::1]:8004; - include apps/ckan-datapusher; + listen [::1]:8004 ipv6only=off; + + access_log /var/log/nginx/ckan-datapusher.access.log; + error_log /var/log/nginx/ckan-datapusher.error.log; + + location / { + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $host:$server_port; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://127.0.0.1:9004; + } } diff --git a/ckan.sh b/ckan.sh index b471f1d..790a5c2 100755 --- a/ckan.sh +++ b/ckan.sh @@ -48,7 +48,6 @@ rc-update add ckan boot service ckan start # Create nginx app definition -cp ${SOURCE_DIR}/etc/nginx/apps/ckan /etc/nginx/apps/ckan cp ${SOURCE_DIR}/etc/nginx/conf.d/ckan.conf /etc/nginx/conf.d/ckan.conf service nginx reload diff --git a/ckan/etc/nginx/apps/ckan b/ckan/etc/nginx/apps/ckan deleted file mode 100644 index 020ee92..0000000 --- a/ckan/etc/nginx/apps/ckan +++ /dev/null @@ -1,9 +0,0 @@ -access_log /var/log/nginx/ckan.access.log; -error_log /var/log/nginx/ckan.error.log; - -location / { - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Host $host:$server_port; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass http://127.0.0.1:9003; -} diff --git a/ckan/etc/nginx/conf.d/ckan.conf b/ckan/etc/nginx/conf.d/ckan.conf index 2aaf6dc..d251dd6 100644 --- a/ckan/etc/nginx/conf.d/ckan.conf +++ b/ckan/etc/nginx/conf.d/ckan.conf @@ -1,11 +1,14 @@ server { - listen 8003; - listen [::]:8003; - include apps/ckan; -} + listen [::]:8003 ipv6only=off; + listen [::]:8403 ssl http2 ipv6only=off; -server { - listen 8403 ssl http2; - listen [::]:8403 ssl http2; - include apps/ckan; + access_log /var/log/nginx/ckan.access.log; + error_log /var/log/nginx/ckan.error.log; + + location / { + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $host:$server_port; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://127.0.0.1:9003; + } } diff --git a/crisiscleanup.sh b/crisiscleanup.sh index cfc1379..4083ec3 100755 --- a/crisiscleanup.sh +++ b/crisiscleanup.sh @@ -36,7 +36,6 @@ rc-update add crisiscleanup boot service crisiscleanup start # Create nginx app definition -cp ${SOURCE_DIR}/etc/nginx/apps/crisiscleanup /etc/nginx/apps/crisiscleanup cp ${SOURCE_DIR}/etc/nginx/conf.d/crisiscleanup.conf /etc/nginx/conf.d/crisiscleanup.conf service nginx reload diff --git a/crisiscleanup/etc/nginx/apps/crisiscleanup b/crisiscleanup/etc/nginx/apps/crisiscleanup deleted file mode 100644 index be98cf4..0000000 --- a/crisiscleanup/etc/nginx/apps/crisiscleanup +++ /dev/null @@ -1,9 +0,0 @@ -access_log /var/log/nginx/crisiscleanup.access.log; -error_log /var/log/nginx/crisiscleanup.error.log; - -location / { - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Host $host:$server_port; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass http://127.0.0.1:9005; -} diff --git a/crisiscleanup/etc/nginx/conf.d/crisiscleanup.conf b/crisiscleanup/etc/nginx/conf.d/crisiscleanup.conf index 8c9c034..df09e61 100644 --- a/crisiscleanup/etc/nginx/conf.d/crisiscleanup.conf +++ b/crisiscleanup/etc/nginx/conf.d/crisiscleanup.conf @@ -1,11 +1,14 @@ server { - listen 8005; - listen [::]:8005; - include apps/crisiscleanup; -} + listen [::]:8005 ipv6only=off; + listen [::]:8405 ssl http2 ipv6only=off; + + access_log /var/log/nginx/crisiscleanup.access.log; + error_log /var/log/nginx/crisiscleanup.error.log; -server { - listen 8405 ssl http2; - listen [::]:8405 ssl http2; - include apps/crisiscleanup; + location / { + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $host:$server_port; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://127.0.0.1:9005; + } } diff --git a/cts.sh b/cts.sh index d53cf2e..381756b 100755 --- a/cts.sh +++ b/cts.sh @@ -40,7 +40,6 @@ rc-update add cts boot service cts start # Create nginx app definition -cp ${SOURCE_DIR}/etc/nginx/apps/cts /etc/nginx/apps/cts cp ${SOURCE_DIR}/etc/nginx/conf.d/cts.conf /etc/nginx/conf.d/cts.conf service nginx reload diff --git a/cts/etc/nginx/apps/cts b/cts/etc/nginx/apps/cts deleted file mode 100644 index 211fd9f..0000000 --- a/cts/etc/nginx/apps/cts +++ /dev/null @@ -1,9 +0,0 @@ -access_log /var/log/nginx/cts.access.log; -error_log /var/log/nginx/cts.error.log; - -location / { - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Host $host:$server_port; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass http://127.0.0.1:9006; -} diff --git a/cts/etc/nginx/conf.d/cts.conf b/cts/etc/nginx/conf.d/cts.conf index 590f57c..891b4d5 100644 --- a/cts/etc/nginx/conf.d/cts.conf +++ b/cts/etc/nginx/conf.d/cts.conf @@ -1,11 +1,14 @@ server { - listen 8006; - listen [::]:8006; - include apps/cts; -} + listen [::]:8006 ipv6only=off; + listen [::]:8406 ssl http2 ipv6only=off; -server { - listen 8406 ssl http2; - listen [::]:8406 ssl http2; - include apps/cts; + access_log /var/log/nginx/cts.access.log; + error_log /var/log/nginx/cts.error.log; + + location / { + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $host:$server_port; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://127.0.0.1:9006; + } } diff --git a/gnuhealth.sh b/gnuhealth.sh index e7723d3..a540f07 100755 --- a/gnuhealth.sh +++ b/gnuhealth.sh @@ -30,7 +30,6 @@ rc-update add gnuhealth boot service gnuhealth start # Create nginx app definition -cp ${SOURCE_DIR}/etc/nginx/apps/gnuhealth /etc/nginx/apps/gnuhealth cp ${SOURCE_DIR}/etc/nginx/conf.d/gnuhealth.conf /etc/nginx/conf.d/gnuhealth.conf service nginx reload diff --git a/gnuhealth/etc/nginx/apps/gnuhealth b/gnuhealth/etc/nginx/apps/gnuhealth deleted file mode 100644 index c6aa86b..0000000 --- a/gnuhealth/etc/nginx/apps/gnuhealth +++ /dev/null @@ -1,9 +0,0 @@ -access_log /var/log/nginx/gnuhealth.access.log; -error_log /var/log/nginx/gnuhealth.error.log; - -location / { - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Host $host:$server_port; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass http://127.0.0.1:9008; -} diff --git a/gnuhealth/etc/nginx/conf.d/gnuhealth.conf b/gnuhealth/etc/nginx/conf.d/gnuhealth.conf index f3c292f..891c239 100644 --- a/gnuhealth/etc/nginx/conf.d/gnuhealth.conf +++ b/gnuhealth/etc/nginx/conf.d/gnuhealth.conf @@ -1,11 +1,14 @@ server { - listen 8008; - listen [::]:8008; - include apps/gnuhealth; -} + listen [::]:8008 ipv6only=off; + listen [::]:8408 ssl http2 ipv6only=off; -server { - listen 8408 ssl http2; - listen [::]:8408 ssl http2; - include apps/gnuhealth; + access_log /var/log/nginx/gnuhealth.access.log; + error_log /var/log/nginx/gnuhealth.error.log; + + location / { + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $host:$server_port; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://127.0.0.1:9008; + } } diff --git a/kanboard.sh b/kanboard.sh index 5a48e2c..7d6405f 100755 --- a/kanboard.sh +++ b/kanboard.sh @@ -26,7 +26,6 @@ rc-update add kanboard boot service kanboard start # Create nginx app definition -cp ${SOURCE_DIR}/etc/nginx/apps/kanboard /etc/nginx/apps/kanboard cp ${SOURCE_DIR}/etc/nginx/conf.d/kanboard.conf /etc/nginx/conf.d/kanboard.conf service nginx reload diff --git a/kanboard/etc/nginx/apps/kanboard b/kanboard/etc/nginx/apps/kanboard deleted file mode 100644 index 61f87b2..0000000 --- a/kanboard/etc/nginx/apps/kanboard +++ /dev/null @@ -1,9 +0,0 @@ -access_log /var/log/nginx/kanboard.access.log; -error_log /var/log/nginx/kanboard.error.log; - -location / { - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Host $host:$server_port; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass http://127.0.0.1:9009; -} diff --git a/kanboard/etc/nginx/conf.d/kanboard.conf b/kanboard/etc/nginx/conf.d/kanboard.conf index cb4d094..fb71252 100644 --- a/kanboard/etc/nginx/conf.d/kanboard.conf +++ b/kanboard/etc/nginx/conf.d/kanboard.conf @@ -1,11 +1,14 @@ server { - listen 8009; - listen [::]:8009; - include apps/kanboard; -} + listen [::]:8009 ipv6only=off; + listen [::]:8409 ssl http2 ipv6only=off; -server { - listen 8409 ssl http2; - listen [::]:8409 ssl http2; - include apps/kanboard; + access_log /var/log/nginx/kanboard.access.log; + error_log /var/log/nginx/kanboard.error.log; + + location / { + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $host:$server_port; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://127.0.0.1:9009; + } } diff --git a/openmapkit.sh b/openmapkit.sh index 3c6c73e..457a015 100755 --- a/openmapkit.sh +++ b/openmapkit.sh @@ -19,7 +19,6 @@ rc-update add openmapkit boot service openmapkit start # Create nginx app definition -cp ${SOURCE_DIR}/etc/nginx/apps/openmapkit /etc/nginx/apps/openmapkit cp ${SOURCE_DIR}/etc/nginx/conf.d/openmapkit.conf /etc/nginx/conf.d/openmapkit.conf service nginx reload diff --git a/openmapkit/etc/nginx/apps/openmapkit b/openmapkit/etc/nginx/apps/openmapkit deleted file mode 100644 index 64d4e75..0000000 --- a/openmapkit/etc/nginx/apps/openmapkit +++ /dev/null @@ -1,9 +0,0 @@ -access_log /var/log/nginx/openmapkit.access.log; -error_log /var/log/nginx/openmapkit.error.log; - -location / { - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Host $host:$server_port; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass http://127.0.0.1:9007; -} diff --git a/openmapkit/etc/nginx/conf.d/openmapkit.conf b/openmapkit/etc/nginx/conf.d/openmapkit.conf index 968ef8e..aa14156 100644 --- a/openmapkit/etc/nginx/conf.d/openmapkit.conf +++ b/openmapkit/etc/nginx/conf.d/openmapkit.conf @@ -1,11 +1,14 @@ server { - listen 8007; - listen [::]:8007; - include apps/openmapkit; -} + listen [::]:8007 ipv6only=off; + listen [::]:8407 ssl http2 ipv6only=off; -server { - listen 8407 ssl http2; - listen [::]:8407 ssl http2; - include apps/openmapkit; + access_log /var/log/nginx/openmapkit.access.log; + error_log /var/log/nginx/openmapkit.error.log; + + location / { + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $host:$server_port; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://127.0.0.1:9007; + } } diff --git a/seeddms.sh b/seeddms.sh index f5a10f6..a0af46d 100755 --- a/seeddms.sh +++ b/seeddms.sh @@ -30,7 +30,6 @@ rc-update add seeddms boot service seeddms start # Create nginx app definition -cp ${SOURCE_DIR}/etc/nginx/apps/seeddms /etc/nginx/apps/seeddms cp ${SOURCE_DIR}/etc/nginx/conf.d/seeddms.conf /etc/nginx/conf.d/seeddms.conf service nginx reload diff --git a/seeddms/etc/nginx/apps/seeddms b/seeddms/etc/nginx/apps/seeddms deleted file mode 100644 index 8515fe1..0000000 --- a/seeddms/etc/nginx/apps/seeddms +++ /dev/null @@ -1,9 +0,0 @@ -access_log /var/log/nginx/seeddms.access.log; -error_log /var/log/nginx/seeddms.error.log; - -location / { - proxy_set_header X-Forwarded-For $remote_addr; - proxy_set_header X-Forwarded-Host $host:$server_port; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass http://127.0.0.1:9010; -} diff --git a/seeddms/etc/nginx/conf.d/seeddms.conf b/seeddms/etc/nginx/conf.d/seeddms.conf index 44c015e..1acb88c 100644 --- a/seeddms/etc/nginx/conf.d/seeddms.conf +++ b/seeddms/etc/nginx/conf.d/seeddms.conf @@ -1,11 +1,14 @@ server { - listen 8010; - listen [::]:8010; - include apps/seeddms; -} + listen [::]:8010 ipv6only=off; + listen [::]:8410 ssl http2 ipv6only=off; -server { - listen 8410 ssl http2; - listen [::]:8410 ssl http2; - include apps/seeddms; + access_log /var/log/nginx/seeddms.access.log; + error_log /var/log/nginx/seeddms.error.log; + + location / { + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $host:$server_port; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://127.0.0.1:9010; + } }