teach
/
adlin
Archived
0
0
Fork 0
Code Issues 1 Pull Requests 4 Releases Activity

server.yml: add CA to avoid warning when doing https on IP

This commit is contained in:
nemunaire 2020-02-24 10:20:02 +01:00
parent 1c908cac6f
commit 56ea6b42fc
1 changed files with 66 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
server.yml
View File

@ -417,6 +417,12 @@ files:
- path: etc/nginx/ssl/privkey.pem
source: ssl/privkey.pem
mode: "0644"
- path: etc/nginx/ssl/ec_cert.pem
source: pkg/challenge/ssl/ec_cert.pem
mode: "0644"
- path: etc/nginx/ssl/ec_key.pem
source: pkg/challenge/ssl/ec_key.pem
mode: "0644"
- path: etc/nginx/nginx-gw.conf
contents: |
user nginx;
@ -568,8 +574,68 @@ files:
listen [::]:443 default ssl;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_certificate /etc/nginx/ssl/ec_cert.pem;
ssl_certificate_key /etc/nginx/ssl/ec_key.pem;
location = /{
return https://adlin.nemunai.re/;
}
location /challenge {
proxy_pass https://82.64.31.248/challenge;
proxy_set_header Host adlin.nemunai.re;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-By 172.23.200.1;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location /toctoc {
proxy_pass https://82.64.31.248/toctoc;
proxy_set_header Host adlin.nemunai.re;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-By 172.23.200.1;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location /echorequest {
proxy_pass https://82.64.31.248/echorequest;
proxy_set_header Host adlin.nemunai.re;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-By 172.23.200.1;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location /testdisk {
proxy_pass https://82.64.31.248/testdisk;
proxy_set_header Host adlin.nemunai.re;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-By 172.23.200.1;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location /sshkeys {
proxy_pass https://82.64.31.248/sshkeys;
proxy_set_header Host adlin.nemunai.re;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-By 172.23.200.1;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location /api/students {
proxy_pass https://82.64.31.248;
proxy_set_header Host adlin.nemunai.re;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-By 172.23.200.1;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
server_name adlin.nemunai.re;
location = /{
return https://adlin.nemunai.re/;
}