irinotes: deploy/templates/nginx.static.ssl.conf.j2@62bffc051e1c (annotated)

180 62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	1	upstream {{backend_upstream_name}} {
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	2	server {{backend_host}}:{{backend_port}};
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	3	server 127.0.0.1 backup;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	4	}
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	5
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	6	server {
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	7	listen 80;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	8	listen [::]:80;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	9
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	10	server_name {{static_server_name}};
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	11	return 301 https://$host$request_uri;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	12	}
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	13
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	14	server {
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	15	listen 443 ssl http2;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	16	listen [::]:443 ssl http2;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	17
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	18	server_name {{static_server_name}};
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	19
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	20	access_log /var/log/nginx/{{static_server_name}}-access.log;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	21	error_log /var/log/nginx/{{static_server_name}}-error.log;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	22
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	23	ssl_certificate /etc/letsencrypt/live/{{static_server_name}}/fullchain.pem;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	24	ssl_certificate_key /etc/letsencrypt/live/{{static_server_name}}/privkey.pem;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	25
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	26	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	27	ssl_prefer_server_ciphers on;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	28	ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	29
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	30	root {{remote_static_path}}/;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	31	index index.html index.htm;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	32
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	33	location /.well-known/acme-challenge {
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	34	alias /var/lib/letsencrypt/.well-known/acme-challenge;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	35	default_type "text/plain";
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	36	try_files $uri =404;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	37	}
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	38
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	39	location {{backend_url}}/api {
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	40	uwsgi_pass {{backend_upstream_name}};
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	41	include /etc/nginx/uwsgi_params;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	42	}
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	43
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	44	location {{backend_url}}/admin {
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	45	uwsgi_pass {{backend_upstream_name}};
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	46	include /etc/nginx/uwsgi_params;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	47	}
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	48
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	49	location {{backend_url}}/auth {
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	50	uwsgi_pass {{backend_upstream_name}};
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	51	include /etc/nginx/uwsgi_params;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	52	}
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	53
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	54	location /backend/static {
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	55	alias {{backend_nginx_static_root}}; # backend static files
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	56	}
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	57
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	58	location /backend/media {
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	59	alias {{backend_nginx_media_root}}; # backend media files
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	60	}
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	61
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	62	location / {
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	63	# First attempt to serve request as file, then
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	64	# as directory, then fall back to displaying a 404.
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	65	try_files $uri $uri/ /index.html;
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	66	}
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	67
62bffc051e1c Add first version of deploy scripts ymh <ymh.work@gmail.com> parents: diff changeset	68	}

author	ymh <ymh.work@gmail.com>
	Wed, 28 Nov 2018 15:45:37 +0100
changeset 180	62bffc051e1c
permissions	-rw-r--r--