autonomic-cooperative/ojuso-map
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove unused nginx config files

Browse Source
This commit is contained in:
Anna Sidwell 2018-11-24 13:34:26 +00:00
parent bb7eff7648
commit b12b92b90d
3 changed files with 0 additions and 208 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
support/nginx/directives/gzip.directive
View File

@ -1,56 +0,0 @@
# Enable gzip compression.
# Default: off
gzip on;
# Compression level (1-9).
# 5 is a perfect compromise between size and CPU usage, offering about
# 75% reduction for most ASCII files (almost identical to level 9).
# Default: 1
gzip_comp_level 5;
# Don't compress anything that's already small and unlikely to shrink much
# if at all (the default is 20 bytes, which is bad as that usually leads to
# larger files after gzipping).
# Default: 20
gzip_min_length 256;
# Compress data even for clients that are connecting to us via proxies,
# identified by the "Via" header (required for CloudFront).
# Default: off
gzip_proxied any;
# Tell proxies to cache both the gzipped and regular version of a resource
# whenever the client's Accept-Encoding capabilities header varies;
# Avoids the issue where a non-gzip capable client (which is extremely rare
# today) would display gibberish if their proxy gave them the gzipped version.
# Default: off
gzip_vary on;
# Compress all output labeled with one of the following MIME-types.
# text/html is always compressed by gzip module.
# Default: text/html
gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;

18
support/nginx/directives/tls.directive
View File

@ -1,18 +0,0 @@
# TLS Directive
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
## Protocols and ciphers
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
ssl_prefer_server_ciphers on;
## HSTS
add_header Strict-Transport-Security max-age=15768000;
## Stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8;

134
support/nginx/nginx.template
View File

@ -1,134 +0,0 @@
server {
listen 80; listen [::]:80;
server_name _;
location /.well-known/acme-challenge {
alias /web/acme;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name map.ojuso.org;
ssl_certificate /web/certs/map.ojuso.org/fullchain.pem;
ssl_certificate_key /web/certs/map.ojuso.org/privkey.pem;
ssl_dhparam /web/certs/dhparam.pem;
ssl_trusted_certificate /web/certs/map.ojuso.org/chain.pem;
include directives/*;
location /static/ {
alias /web/static/;
expires 30d;
}
location / {
proxy_pass http://map:8000;
proxy_set_header Host $http_host;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
client_max_body_size 20M;
}
#server {
# listen 443 ssl http2;
# listen [::]:443 ssl http2;
# server_name forum.ojuso.org;
#
# ssl_certificate /web/certs/forum.ojuso.org/fullchain.pem;
# ssl_certificate_key /web/certs/forum.ojuso.org/privkey.pem;
# ssl_dhparam /web/certs/dhparam.pem;
# ssl_trusted_certificate /web/certs/map.ojuso.org/chain.pem;
#
# include directives/*;
#
# http2_idle_timeout 5m;
#
# location / {
# proxy_pass http://unix:/web/run/discourse.sock:;
# proxy_set_header Host $http_host;
# proxy_http_version 1.1;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto https;
# }
#
#}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name i18n.ojuso.org;
ssl_certificate /web/certs/i18n.ojuso.org/fullchain.pem;
ssl_certificate_key /web/certs/i18n.ojuso.org/privkey.pem;
ssl_dhparam /web/certs/dhparam.pem;
ssl_trusted_certificate /web/certs/i18n.ojuso.org/chain.pem;
include directives/*;
http2_idle_timeout 5m;
location / {
return 301 https://translate.ojuso.org$request_uri;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name translate.ojuso.org;
ssl_certificate /web/certs/translate.ojuso.org/fullchain.pem;
ssl_certificate_key /web/certs/translate.ojuso.org/privkey.pem;
ssl_dhparam /web/certs/dhparam.pem;
ssl_trusted_certificate /web/certs/translate.ojuso.org/chain.pem;
include directives/*;
http2_idle_timeout 5m;
root /web/weblate/data/static;
location /favicon.ico {
alias /web/weblate/data/static/favicon.ico;
expires 30d;
add_header Cache-Control "public";
}
location /robots.txt {
alias /web/weblate/data/static/robots.txt;
expires 30d;
add_header Cache-Control "public";
}
location /static {
alias /web/weblate/data/static/;
expires 30d;
add_header Cache-Control "public";
}
location /media {
alias /web/weblate/data/media/;
expires 30d;
add_header Cache-Control "public";
}
location / {
proxy_pass http://weblate:8000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Cache-Control "no-cache";
}
}