Commit 5823624c authored by Ludovic Courtès's avatar Ludovic Courtès

Remove unused nginx config files.

* nginx.conf, nginx-locations.conf: Remove.
parent 0231466f
location / {
root /home/ludo/src/guix-hpc-web/site;
}
# For the package browsing interface.
location @gnupackages {
return 307 https://www.gnu.org/software/guix/packages/;
}
location /browse {
proxy_pass http://localhost:5000;
rewrite .* / break;
proxy_connect_timeout 3s;
proxy_read_timeout 2s;
error_page 500 502 503 504 = @gnupackages;
}
location /package {
proxy_pass http://localhost:5000;
proxy_connect_timeout 3s;
proxy_read_timeout 2s;
error_page 500 502 503 504 = @gnupackages;
}
location ~ /static/.*\.js {
# JS for hpcguix-web.
proxy_pass http://localhost:5000;
}
location ~ /static/images/sort_.*\.png {
proxy_pass http://localhost:5000;
}
# For use by Certbot.
location /.well-known {
root /var/www;
}
# Redirects for old URLs.
location = /guix-hpc-debut.html {
return 301 /blog/2017/09/guix-hpc-debut;
}
location = /about.html {
return 301 /about;
}
location = /feed.xml {
return 301 /blog/feed.xml;
}
# This is the nginx config file for guix-hpc.bordeaux.inria.fr.
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log error;
pid /var/run/nginx.pid;
pcre_jit on;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
# We need to specify all these or nginx picks its own directory to
# store them, which doesn't work because the store is read-only.
client_body_temp_path /var/run/nginx/body;
proxy_temp_path /var/run/nginx/proxy;
fastcgi_temp_path /var/run/nginx/fastcgi;
uwsgi_temp_path /var/run/nginx/uwsgi;
scgi_temp_path /var/run/nginx/scgi;
access_log /var/log/nginx/access.log;
sendfile on;
# Maximum chunk size to send. Partly this is a workaround
# for <http://bugs.gnu.org/19939>, but also the nginx docs
# mention that "Without the limit, one fast connection may
# seize the worker process entirely."
# <http://nginx.org/en/docs/http/ngx_http_core_module#sendfile_max_chunk>
sendfile_max_chunk 1m;
keepalive_timeout 65;
server {
listen 80;
server_name guix-hpc.bordeaux.inria.fr;
access_log /var/log/nginx/http.access.log;
include nginx-locations.conf;
}
# Make sure SSL is disabled.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# Disable weak cipher suites.
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Use our own DH parameters created with:
# openssl dhparam -out dhparams.pem 2048
# as suggested at <https://weakdh.org/sysadmin.html>.
ssl_dhparam /etc/dhparams.pem;
access_log /var/log/nginx/http.access.log;
server {
listen 443 ssl;
server_name guix-hpc.bordeaux.inria.fr;
ssl_certificate /etc/letsencrypt/live/guix-hpc.bordeaux.inria.fr/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/guix-hpc.bordeaux.inria.fr/privkey.pem;
include nginx-locations.conf;
}
server {
listen 443 ssl;
server_name hpc.guixsd.org;
ssl_certificate /etc/letsencrypt/live/hpc.guixsd.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/hpc.guixsd.org/privkey.pem;
# For use by Certbot.
location /.well-known {
root /var/www;
}
location ~ /(.*) {
# For now make a temporary redirect to inria.fr. However,
# perhaps we should reverse things?
return 307 https://guix-hpc.bordeaux.inria.fr/$1;
}
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment