Modification for two servers
This commit is contained in:
parent
49554c01c8
commit
c7d0f7d1e1
43
nginx-server-common.conf
Normal file
43
nginx-server-common.conf
Normal file
|
|
@ -0,0 +1,43 @@
|
|||
access_log /var/log/nginx/fic.access_log;
|
||||
error_log /var/log/nginx/fic.error_log;
|
||||
|
||||
root /var/www/fic2014-server/htdocs;
|
||||
index index.php;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=2592000; includeSubdomains";
|
||||
|
||||
location / {
|
||||
if (-f $request_filename) {
|
||||
break;
|
||||
}
|
||||
if (-d $request_filename) {
|
||||
break;
|
||||
}
|
||||
|
||||
rewrite ^/(.*)$ /index.php?p=$1 last;
|
||||
}
|
||||
|
||||
location ~* \favicon.ico$ {
|
||||
access_log off;
|
||||
expires 1d;
|
||||
add_header Cache-Control public;
|
||||
}
|
||||
|
||||
location ~ ^/(img|js|css)/ {
|
||||
access_log off;
|
||||
expires 7d;
|
||||
add_header Cache-Control public;
|
||||
}
|
||||
|
||||
location ~ /(\.ht|\.git|\.svn|\.onyx) {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location ~ .*.php$
|
||||
{
|
||||
if (!-e $document_root$document_uri) { return 404; }
|
||||
include /etc/nginx/fastcgi.conf;
|
||||
fastcgi_pass unix:/var/run/fastcgi/php-fpm.sock;
|
||||
fastcgi_index index.php;
|
||||
break;
|
||||
}
|
||||
18
nginx-server.conf
Normal file
18
nginx-server.conf
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ipv6only=on ssl;
|
||||
|
||||
ssl_certificate /var/www/fic2014-server/misc/server.crt;
|
||||
ssl_certificate_key /var/www/fic2014-server/misc/server.key;
|
||||
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
# ssl_prefer_server_ciphers on;
|
||||
# ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!ADH:!AECDH:!MD5:!DSS;
|
||||
|
||||
include /var/www/fic2014-server/nginx-server-common.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
listen [::1]:80 ipv6only=on;
|
||||
|
||||
include /var/www/fic2014-server/nginx-server-common.conf;
|
||||
}
|
||||
66
nginx.conf
66
nginx.conf
|
|
@ -1,60 +1,58 @@
|
|||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ipv6only=on;
|
||||
listen [::]:443 ipv6only=on ssl;
|
||||
|
||||
root /var/www/fic2014-server/htdocs/;
|
||||
|
||||
access_log /var/log/nginx/fic.access_log;
|
||||
error_log /var/log/nginx/fic.error_log;
|
||||
|
||||
root /srv/fic2014-server/htdocs;
|
||||
index index.php;
|
||||
|
||||
ssl_certificate /srv/fic2014-server/misc/server.crt;
|
||||
ssl_certificate_key /srv/fic2014-server/misc/server.key;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!ADH:!AECDH:!MD5:!DSS;
|
||||
ssl_client_certificate /srv/fic2014-server/misc/pki/cacert.crt;
|
||||
ssl_verify_client on;
|
||||
ssl_certificate /var/www/fic2014-server/misc/server.crt;
|
||||
ssl_certificate_key /var/www/fic2014-server/misc/server.key;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!ADH:!AECDH:!MD5:!DSS;
|
||||
ssl_client_certificate /var/www/fic2014-server/misc/pki/cacert.crt;
|
||||
ssl_verify_client on;
|
||||
add_header Strict-Transport-Security "max-age=2592000; includeSubdomains";
|
||||
|
||||
if ($ssl_client_s_dn !~ "/C=FR/ST=France/O=Epita/OU=SRS/")
|
||||
location /
|
||||
{
|
||||
return 401;
|
||||
}
|
||||
default_type text/html;
|
||||
if ($ssl_client_s_dn !~ "/C=FR/ST=France/O=Epita/OU=SRS/")
|
||||
{
|
||||
return 401;
|
||||
}
|
||||
|
||||
location / {
|
||||
if (-f $request_filename) {
|
||||
break;
|
||||
}
|
||||
if (-d $request_filename) {
|
||||
break;
|
||||
}
|
||||
if ($ssl_client_s_dn ~ "/C=FR/ST=France/O=Epita/OU=SRS/CN=Team1/") {
|
||||
root /var/www/fic2014-server/htdocs/connected/166$1;
|
||||
|
||||
rewrite ^/(.*)$ /index.php?p=$1 last;
|
||||
rewrite ^/submission-([0-9]+)-([0-9]+).html$ /submission.php?team=166&theme=$1&exercice=$2 last;
|
||||
}
|
||||
}
|
||||
|
||||
location ~* \favicon.ico$ {
|
||||
access_log off;
|
||||
expires 1d;
|
||||
add_header Cache-Control public;
|
||||
access_log off;
|
||||
expires 1d;
|
||||
add_header Cache-Control public;
|
||||
}
|
||||
|
||||
location ~ ^/(img|js|css)/ {
|
||||
access_log off;
|
||||
expires 7d;
|
||||
add_header Cache-Control public;
|
||||
access_log off;
|
||||
expires 7d;
|
||||
add_header Cache-Control public;
|
||||
}
|
||||
|
||||
location ~ /(\.ht|\.git|\.svn|\.onyx) {
|
||||
deny all;
|
||||
return 403;
|
||||
}
|
||||
|
||||
location ~ .*.php$
|
||||
location /submission.php
|
||||
{
|
||||
if (!-e $document_root$document_uri) { return 404; }
|
||||
include /etc/nginx/fastcgi.conf;
|
||||
fastcgi_pass unix:/var/run/php5-fpm.sock;
|
||||
fastcgi_index index.php;
|
||||
root /var/www/fic2014-server/;
|
||||
include /etc/nginx/fastcgi.conf;
|
||||
fastcgi_pass unix:/var/run/fastcgi/php-fpm.sock;
|
||||
break;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<configs active="1" root="/srv/fic2014-server/htdocs/" cache="1">
|
||||
<configs active="1" root="/var/www/fic2014-server/htdocs/" cache="1">
|
||||
<config match="index.php">
|
||||
<var name="end_challenge">1381441316</var>
|
||||
<var name="misc_dir">/srv/fic2014-server/misc/</var>
|
||||
<var name="submission_dir">/srv/fic2014-server/submission/</var>
|
||||
<var name="chrono"><![CDATA[<!--Page générée en: $ secondes.-->]]></var>
|
||||
<var name="end_challenge">1386827772</var>
|
||||
<var name="misc_dir">/var/www/fic2014-server/misc/</var>
|
||||
<var name="submission_dir">/var/www/fic2014-server/submission/</var>
|
||||
<var name="prefix_public">challenge-public</var>
|
||||
<var name="prefix_teams">challenge</var>
|
||||
<var name="prefix_admin">challenge-admin</var>
|
||||
<var name="chrono"><![CDATA[<!--Page générée en: $ secondes.-->]]></var>
|
||||
</config>
|
||||
<config match="*">
|
||||
<env option="auth">0</env>
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user