From b12b92b90dcacada44ebe2f08ed689ea82239280 Mon Sep 17 00:00:00 2001
From: Anna Sidwell <anna@takkaria.org>
Date: Sat, 24 Nov 2018 13:34:26 +0000
Subject: [PATCH] Remove unused nginx config files

---
 support/nginx/directives/gzip.directive |  56 ----------
 support/nginx/directives/tls.directive  |  18 ----
 support/nginx/nginx.template            | 134 ------------------------
 3 files changed, 208 deletions(-)
 delete mode 100644 support/nginx/directives/gzip.directive
 delete mode 100644 support/nginx/directives/tls.directive
 delete mode 100644 support/nginx/nginx.template

diff --git a/support/nginx/directives/gzip.directive b/support/nginx/directives/gzip.directive
deleted file mode 100644
index e5bd46e..0000000
--- a/support/nginx/directives/gzip.directive
+++ /dev/null
@@ -1,56 +0,0 @@
-  # Enable gzip compression.
-  # Default: off
-  gzip on;
-
-  # Compression level (1-9).
-  # 5 is a perfect compromise between size and CPU usage, offering about
-  # 75% reduction for most ASCII files (almost identical to level 9).
-  # Default: 1
-  gzip_comp_level    5;
-
-  # Don't compress anything that's already small and unlikely to shrink much
-  # if at all (the default is 20 bytes, which is bad as that usually leads to
-  # larger files after gzipping).
-  # Default: 20
-  gzip_min_length    256;
-
-  # Compress data even for clients that are connecting to us via proxies,
-  # identified by the "Via" header (required for CloudFront).
-  # Default: off
-  gzip_proxied       any;
-
-  # Tell proxies to cache both the gzipped and regular version of a resource
-  # whenever the client's Accept-Encoding capabilities header varies;
-  # Avoids the issue where a non-gzip capable client (which is extremely rare
-  # today) would display gibberish if their proxy gave them the gzipped version.
-  # Default: off
-  gzip_vary          on;
-
-  # Compress all output labeled with one of the following MIME-types.
-  # text/html is always compressed by gzip module.
-  # Default: text/html
-  gzip_types
-    application/atom+xml
-    application/javascript
-    application/json
-    application/ld+json
-    application/manifest+json
-    application/rss+xml
-    application/vnd.geo+json
-    application/vnd.ms-fontobject
-    application/x-font-ttf
-    application/x-web-app-manifest+json
-    application/xhtml+xml
-    application/xml
-    font/opentype
-    image/bmp
-    image/svg+xml
-    image/x-icon
-    text/cache-manifest
-    text/css
-    text/plain
-    text/vcard
-    text/vnd.rim.location.xloc
-    text/vtt
-    text/x-component
-    text/x-cross-domain-policy;
diff --git a/support/nginx/directives/tls.directive b/support/nginx/directives/tls.directive
deleted file mode 100644
index b35dadd..0000000
--- a/support/nginx/directives/tls.directive
+++ /dev/null
@@ -1,18 +0,0 @@
-# TLS Directive
-ssl_session_timeout 1d;
-ssl_session_cache shared:SSL:50m;
-ssl_session_tickets off;
-
-## Protocols and ciphers
-ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
-ssl_prefer_server_ciphers on;
-
-## HSTS
-add_header Strict-Transport-Security max-age=15768000;
-
-## Stapling
-ssl_stapling on;
-ssl_stapling_verify on;
-resolver 8.8.8.8;
-
diff --git a/support/nginx/nginx.template b/support/nginx/nginx.template
deleted file mode 100644
index c0947b9..0000000
--- a/support/nginx/nginx.template
+++ /dev/null
@@ -1,134 +0,0 @@
-server {
-    listen 80; listen [::]:80;
-    server_name _;
-    
-    location /.well-known/acme-challenge {
-        alias /web/acme;
-    }
-
-    location / {
-        return 301 https://$host$request_uri;
-    }
-}
-
-server {
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
-    server_name map.ojuso.org;
-
-    ssl_certificate         /web/certs/map.ojuso.org/fullchain.pem;
-    ssl_certificate_key     /web/certs/map.ojuso.org/privkey.pem;
-    ssl_dhparam             /web/certs/dhparam.pem;
-    ssl_trusted_certificate /web/certs/map.ojuso.org/chain.pem;
-   
-    include directives/*;
-    
-    location /static/  {
-        alias /web/static/;
-        expires 30d;
-    }
-
-    location / {
-        proxy_pass http://map:8000;
-        proxy_set_header Host $http_host;
-        proxy_http_version 1.1;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto https;
-    }
-
-    client_max_body_size 20M;
-
-}
-
-#server {
-#    listen 443 ssl http2;
-#    listen [::]:443 ssl http2;
-#    server_name forum.ojuso.org;
-#
-#    ssl_certificate         /web/certs/forum.ojuso.org/fullchain.pem;
-#    ssl_certificate_key     /web/certs/forum.ojuso.org/privkey.pem;
-#    ssl_dhparam             /web/certs/dhparam.pem;
-#    ssl_trusted_certificate /web/certs/map.ojuso.org/chain.pem;
-# 
-#    include directives/*;
-#
-#    http2_idle_timeout 5m;
-#
-#    location / {
-#        proxy_pass http://unix:/web/run/discourse.sock:;
-#        proxy_set_header Host $http_host;
-#        proxy_http_version 1.1;
-#        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-#        proxy_set_header X-Forwarded-Proto https;
-#    }
-#
-#}
-
-server {
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
-    server_name i18n.ojuso.org;
-
-    ssl_certificate         /web/certs/i18n.ojuso.org/fullchain.pem;
-    ssl_certificate_key     /web/certs/i18n.ojuso.org/privkey.pem;
-    ssl_dhparam             /web/certs/dhparam.pem;
-    ssl_trusted_certificate /web/certs/i18n.ojuso.org/chain.pem;
-
-    include directives/*;
-
-    http2_idle_timeout 5m;
-
-    location / {
-        return 301 https://translate.ojuso.org$request_uri;
-    }
-}
-
-
-server {
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
-    server_name translate.ojuso.org;
-
-    ssl_certificate         /web/certs/translate.ojuso.org/fullchain.pem;
-    ssl_certificate_key     /web/certs/translate.ojuso.org/privkey.pem;
-    ssl_dhparam             /web/certs/dhparam.pem;
-    ssl_trusted_certificate /web/certs/translate.ojuso.org/chain.pem;
-
-    include directives/*;
-
-    http2_idle_timeout 5m;
-
-    root /web/weblate/data/static;
-
-    location /favicon.ico {
-        alias /web/weblate/data/static/favicon.ico;
-        expires 30d;
-        add_header Cache-Control "public";
-    }
-
-    location /robots.txt {
-        alias /web/weblate/data/static/robots.txt;
-        expires 30d;
-        add_header Cache-Control "public";
-    }
-
-    location /static {
-        alias /web/weblate/data/static/;
-        expires 30d;
-        add_header Cache-Control "public";
-    }
-
-    location /media {
-        alias /web/weblate/data/media/;
-        expires 30d;
-        add_header Cache-Control "public";
-    }
-
-    location / {
-        proxy_pass http://weblate:8000;
-        proxy_set_header Host            $host;
-        proxy_set_header X-Forwarded-For $remote_addr;
-        proxy_set_header        X-Forwarded-Proto $scheme;
-        add_header Cache-Control "no-cache";
-    }
-}