server.yml: add CA to avoid warning when doing https on IP
This commit is contained in:
parent
1c908cac6f
commit
56ea6b42fc
66
server.yml
66
server.yml
@ -417,6 +417,12 @@ files:
|
||||
- path: etc/nginx/ssl/privkey.pem
|
||||
source: ssl/privkey.pem
|
||||
mode: "0644"
|
||||
- path: etc/nginx/ssl/ec_cert.pem
|
||||
source: pkg/challenge/ssl/ec_cert.pem
|
||||
mode: "0644"
|
||||
- path: etc/nginx/ssl/ec_key.pem
|
||||
source: pkg/challenge/ssl/ec_key.pem
|
||||
mode: "0644"
|
||||
- path: etc/nginx/nginx-gw.conf
|
||||
contents: |
|
||||
user nginx;
|
||||
@ -568,8 +574,68 @@ files:
|
||||
listen [::]:443 default ssl;
|
||||
ssl_protocols TLSv1.2;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_certificate /etc/nginx/ssl/ec_cert.pem;
|
||||
ssl_certificate_key /etc/nginx/ssl/ec_key.pem;
|
||||
location = /{
|
||||
return https://adlin.nemunai.re/;
|
||||
}
|
||||
location /challenge {
|
||||
proxy_pass https://82.64.31.248/challenge;
|
||||
proxy_set_header Host adlin.nemunai.re;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header X-Forwarded-By 172.23.200.1;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_redirect off;
|
||||
}
|
||||
location /toctoc {
|
||||
proxy_pass https://82.64.31.248/toctoc;
|
||||
proxy_set_header Host adlin.nemunai.re;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header X-Forwarded-By 172.23.200.1;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_redirect off;
|
||||
}
|
||||
location /echorequest {
|
||||
proxy_pass https://82.64.31.248/echorequest;
|
||||
proxy_set_header Host adlin.nemunai.re;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header X-Forwarded-By 172.23.200.1;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_redirect off;
|
||||
}
|
||||
location /testdisk {
|
||||
proxy_pass https://82.64.31.248/testdisk;
|
||||
proxy_set_header Host adlin.nemunai.re;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header X-Forwarded-By 172.23.200.1;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_redirect off;
|
||||
}
|
||||
location /sshkeys {
|
||||
proxy_pass https://82.64.31.248/sshkeys;
|
||||
proxy_set_header Host adlin.nemunai.re;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header X-Forwarded-By 172.23.200.1;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_redirect off;
|
||||
}
|
||||
location /api/students {
|
||||
proxy_pass https://82.64.31.248;
|
||||
proxy_set_header Host adlin.nemunai.re;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header X-Forwarded-By 172.23.200.1;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_redirect off;
|
||||
}
|
||||
}
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
ssl_protocols TLSv1.2;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_certificate /etc/nginx/ssl/fullchain.pem;
|
||||
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
|
||||
server_name adlin.nemunai.re;
|
||||
location = /{
|
||||
return https://adlin.nemunai.re/;
|
||||
}
|
||||
|
Reference in New Issue
Block a user