commit de7b2be4b38b22aa925dc64cf1072e425ffce578 Author: root Date: Wed Jun 29 11:48:51 2016 +0100 init diff --git a/api.silvrtree.co.uk b/api.silvrtree.co.uk new file mode 100644 index 0000000..93ee707 --- /dev/null +++ b/api.silvrtree.co.uk @@ -0,0 +1,20 @@ +server { + listen 80; + server_name api.silvrtree.co.uk; + + #Configures the publicly served root directory + #Configures the index file to be served + root /; + index index.html index.htm; + + #These lines create a bypass for certain pathnames + #www.example.com/test.js is now routed to port 3000 + #instead of port 80 + location / { + proxy_pass http://localhost:8030; + proxy_set_header Host $host; + } + +} + + diff --git a/books.silvrtree.co.uk b/books.silvrtree.co.uk new file mode 100644 index 0000000..c2fdad4 --- /dev/null +++ b/books.silvrtree.co.uk @@ -0,0 +1,18 @@ +server { + listen 80; + server_name books.silvrtree.co.uk; + + #Configures the publicly served root directory + #Configures the index file to be served + root /; + index index.html index.htm; + + #These lines create a bypass for certain pathnames + #www.example.com/test.js is now routed to port 3000 + #instead of port 80 + location / { + proxy_pass http://localhost:9001; + proxy_set_header Host $host; + } + +} diff --git a/cloud.silvrtree.co.uk b/cloud.silvrtree.co.uk new file mode 100644 index 0000000..b2d9b6d --- /dev/null +++ b/cloud.silvrtree.co.uk @@ -0,0 +1,27 @@ +server { + listen 80; + server_name .cloud.silvrtree.co.uk; + +client_body_in_file_only clean; +client_body_buffer_size 32K; + +client_max_body_size 10M; + +sendfile on; +send_timeout 300; + + + #Configures the publicly served root directory + #Configures the index file to be served + + #These lines create a bypass for certain pathnames + #www.example.com/test.js is now routed to port 3000 + #instead of port 80 + location / { + proxy_pass http://localhost:8081; + proxy_set_header Host $host; +# auth_basic "Restricted"; +# auth_basic_user_file /etc/nginx/.htpasswd; + + } +} diff --git a/couch.silvrtree.co.uk b/couch.silvrtree.co.uk new file mode 100644 index 0000000..d3352fc --- /dev/null +++ b/couch.silvrtree.co.uk @@ -0,0 +1,41 @@ +server { + listen [::]:80; + listen 80; + + # listen on both hosts + server_name couch.silvrtree.co.uk; + + # and redirect to the https host (declared below) + # avoiding http://www -> https://www -> https:// chain. + return 301 https://couch.silvrtree.co.uk$request_uri; +} + +server { + listen [::]:443 ssl spdy; + listen 443 ssl spdy; + + server_name couch.silvrtree.co.uk; + + + include secure/ssl.conf; + + +location / { + + proxy_pass https://127.0.0.1:6984; + proxy_pass_header Accept; + proxy_pass_header Server; + keepalive_requests 1000; + add_header 'Access-Control-Allow-Origin' '*'; + proxy_redirect off; + proxy_buffering off; + proxy_set_header Host $host; + proxy_set_header Authorization ""; # or according to server.ini + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; +} + + +} + + diff --git a/cozy.silvrtree.co.uk b/cozy.silvrtree.co.uk new file mode 100644 index 0000000..29df83d --- /dev/null +++ b/cozy.silvrtree.co.uk @@ -0,0 +1,31 @@ +server { + listen [::]:80; + listen 80; + + # listen on both hosts + server_name cozy.silvrtree.co.uk; + + # and redirect to the https host (declared below) + # avoiding http://www -> https://www -> https:// chain. + return 301 https://$server_name$request_uri; +} + +server { + listen [::]:443 default ssl; + listen 443 default ssl; + + server_name cozy.silvrtree.co.uk; + +add_header Strict-Transport-Security "max-age=31536000"; + include secure/ssl.conf; + + location / { + proxy_pass http://localhost:11443; + proxy_set_header Host $host; + proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Protocol $scheme; + } + +} + diff --git a/default b/default new file mode 100644 index 0000000..b4c49af --- /dev/null +++ b/default @@ -0,0 +1,80 @@ +## +# You should look at the following URL's in order to grasp a solid understanding +# of Nginx configuration files in order to fully unleash the power of Nginx. +# http://wiki.nginx.org/Pitfalls +# http://wiki.nginx.org/QuickStart +# http://wiki.nginx.org/Configuration +# +# Generally, you will want to move this file somewhere, and start with a clean +# file but keep this around for reference. Or just disable in sites-enabled. +# +# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. +## + +# Default server configuration +# +server { + listen 80 default_server; + listen [::]:80 default_server; + + # SSL configuration + # + # listen 443 ssl default_server; + # listen [::]:443 ssl default_server; + # + # Self signed certs generated by the ssl-cert package + # Don't use them in a production server! + # + # include snippets/snakeoil.conf; + + root /var/www/html; + + # Add index.php to the list if you are using PHP + index index.html index.htm index.nginx-debian.html; + + server_name _; + + location / { + # First attempt to serve request as file, then + # as directory, then fall back to displaying a 404. + try_files $uri $uri/ =404; + } + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # include snippets/fastcgi-php.conf; + # + # # With php5-cgi alone: + # fastcgi_pass 127.0.0.1:9000; + # # With php5-fpm: + # fastcgi_pass unix:/var/run/php5-fpm.sock; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} +} + + +# Virtual Host configuration for example.com +# +# You can move that to a different file under sites-available/ and symlink that +# to sites-enabled/ to enable it. +# +#server { +# listen 80; +# listen [::]:80; +# +# server_name example.com; +# +# root /var/www/example.com; +# index index.html; +# +# location / { +# try_files $uri $uri/ =404; +# } +#} diff --git a/edit.silvrtree.co.uk b/edit.silvrtree.co.uk new file mode 100644 index 0000000..f4ed072 --- /dev/null +++ b/edit.silvrtree.co.uk @@ -0,0 +1,47 @@ +server { + listen [::]:80; + listen 80; + + # listen on both hosts + server_name edit.silvrtree.co.uk; + + # and redirect to the https host (declared below) + # avoiding http://www -> https://www -> https:// chain. + return 301 https://edit.silvrtree.co.uk$request_uri; +} + +server { + listen [::]:443 ssl spdy; + listen 443 ssl spdy; + + server_name edit.silvrtree.co.uk; + + include secure/ssl.conf; + + + location / { + proxy_pass http://localhost:8200; + proxy_set_header Host $host; + } + + + +location /couchdb/(.*)$ { + rewrite /couchdb/(.*) /$1 break; + proxy_pass http://127.0.0.1:5984; + proxy_pass_header Accept; + proxy_pass_header Server; + keepalive_requests 1000; + add_header 'Access-Control-Allow-Origin' '*'; + proxy_redirect off; + proxy_buffering off; + proxy_set_header Host $host; + proxy_set_header Authorization ""; # or according to server.ini + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; +} + + +} + + diff --git a/gitlab.silvrtree.co.uk b/gitlab.silvrtree.co.uk new file mode 100644 index 0000000..f76ec35 --- /dev/null +++ b/gitlab.silvrtree.co.uk @@ -0,0 +1,22 @@ +server { + listen 80; + server_name gitlab.silvrtree.co.uk; + +client_max_body_size 50m; + #Configures the publicly served root directory + #Configures the index file to be served + root /; + index index.html index.htm; +# include snippets/cache.conf; + + #These lines create a bypass for certain pathnames + #www.example.com/test.js is now routed to port 3000 + #instead of port 80 + location / { + proxy_pass http://localhost:10080; + proxy_set_header Host $host; + client_max_body_size 50m; + } + +} + diff --git a/image.silvrtree.co.uk b/image.silvrtree.co.uk new file mode 100644 index 0000000..659aa24 --- /dev/null +++ b/image.silvrtree.co.uk @@ -0,0 +1,29 @@ +server { + listen [::]:80; + listen 80; + + # listen on both hosts + server_name image.silvrtree.co.uk; + + # and redirect to the https host (declared below) + # avoiding http://www -> https://www -> https:// chain. + return 301 https://image.silvrtree.co.uk$request_uri; +} + +server { + listen [::]:443 ssl spdy; + listen 443 ssl spdy; + + server_name image.silvrtree.co.uk; + + include secure/ssl.conf; + + location / { + proxy_pass http://localhost:8080; + proxy_set_header Host $host; + } + + +} + + diff --git a/keeper.silvrtree.co.uk b/keeper.silvrtree.co.uk new file mode 100644 index 0000000..46a3ca4 --- /dev/null +++ b/keeper.silvrtree.co.uk @@ -0,0 +1,20 @@ +server { + listen 80; + server_name keeper.silvrtree.co.uk; + + #Configures the publicly served root directory + #Configures the index file to be served + root /; + index index.html index.htm; +# include snippets/cache.conf; + + #These lines create a bypass for certain pathnames + #www.example.com/test.js is now routed to port 3000 + #instead of port 80 + location / { + proxy_pass http://localhost:8026; + proxy_set_header Host $host; + } + +} + diff --git a/logger.silvrtree.co.uk b/logger.silvrtree.co.uk new file mode 100644 index 0000000..523b6ff --- /dev/null +++ b/logger.silvrtree.co.uk @@ -0,0 +1,19 @@ +server { + listen 80; + server_name logger.silvrtree.co.uk; + + #Configures the publicly served root directory + #Configures the index file to be served + root /; + index index.html index.htm; + + #These lines create a bypass for certain pathnames + #www.example.com/test.js is now routed to port 3000 + #instead of port 80 + location / { + proxy_pass http://localhost:8027; + proxy_set_header Host $host; + } + +} + diff --git a/minecraft.nginx b/minecraft.nginx new file mode 100644 index 0000000..51e06a4 --- /dev/null +++ b/minecraft.nginx @@ -0,0 +1,14 @@ +upstream mine { + server 127.0.0.1:25560; +} + +server { + listen 25565; + server_name silvrtree.com; + access_log /var/log/nginx/mine.access; + error_log /var/log/nginx/mine.error; + + location / { + proxy_pass http://mine; + } +} diff --git a/nci.silvrtree.co.uk b/nci.silvrtree.co.uk new file mode 100644 index 0000000..ffcaf47 --- /dev/null +++ b/nci.silvrtree.co.uk @@ -0,0 +1,20 @@ +server { + listen 80; + server_name nci.silvrtree.co.uk; + + #Configures the publicly served root directory + #Configures the index file to be served + root /; + index index.html index.htm; +# include snippets/cache.conf; + + #These lines create a bypass for certain pathnames + #www.example.com/test.js is now routed to port 3000 + #instead of port 80 + location / { + proxy_pass http://localhost:3200; + proxy_set_header Host $host; + } + +} + diff --git a/old.silvrtree.co.uk b/old.silvrtree.co.uk new file mode 100644 index 0000000..ffe3511 --- /dev/null +++ b/old.silvrtree.co.uk @@ -0,0 +1,23 @@ +server { + listen 443 ssl; + + server_name silvrtree.co.uk www.silvrtree.co.uk; + + ssl_certificate /etc/ssl/bundle.crt; + ssl_certificate_key /etc/ssl/server.key; + + ssl_prefer_server_ciphers On; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS; + ssl_dhparam /etc/ssl/private/dhparams.pem; + + root /var/www/silvrtree; + index index.html index.htm; + + location / { + proxy_pass http://localhost:9000; + proxy_set_header Host $host; +} +} + + diff --git a/pipes.silvrtree.co.uk b/pipes.silvrtree.co.uk new file mode 100644 index 0000000..ed901e2 --- /dev/null +++ b/pipes.silvrtree.co.uk @@ -0,0 +1,45 @@ +server { + listen [::]:80; + listen 80; + + # listen on both hosts + server_name pipes.silvrtree.co.uk; + + # and redirect to the https host (declared below) + # avoiding http://www -> https://www -> https:// chain. + return 301 https://pipes.silvrtree.co.uk$request_uri; +} + +server { + listen [::]:443 ssl spdy; + listen 443 ssl spdy; + + server_name .pipes.silvrtree.co.uk; + + include secure/ssl.conf; + +client_body_in_file_only clean; +client_body_buffer_size 32K; + +client_max_body_size 10M; + +sendfile on; +send_timeout 300; + + + #Configures the publicly served root directory + #Configures the index file to be served + + #These lines create a bypass for certain pathnames + #www.example.com/test.js is now routed to port 3000 + #instead of port 80 + location / { +gzip_static on; + proxy_pass http://localhost:9002; + proxy_set_header Host $host; + +# auth_basic "Restricted"; +# auth_basic_user_file /etc/nginx/.htpasswd; + + } +} diff --git a/pipes.silvrtree.co.uk.new b/pipes.silvrtree.co.uk.new new file mode 100644 index 0000000..2539a96 --- /dev/null +++ b/pipes.silvrtree.co.uk.new @@ -0,0 +1,29 @@ +server { + listen [::]:80; + listen 80; + + # listen on both hosts + server_name pipes.silvrtree.co.uk; + + # and redirect to the https host (declared below) + # avoiding http://www -> https://www -> https:// chain. + return 301 https://pipes.silvrtree.co.uk$request_uri; +} + +server { + listen [::]:443 ssl spdy; + listen 443 ssl spdy; + + server_name pipes.silvrtree.co.uk; + + include secure/ssl.conf; + + location / { + proxy_pass http://localhost:9002; + proxy_set_header Host $host; + } + + +} + + diff --git a/pipes.silvrtree.co.uk.old b/pipes.silvrtree.co.uk.old new file mode 100644 index 0000000..018e6f6 --- /dev/null +++ b/pipes.silvrtree.co.uk.old @@ -0,0 +1,27 @@ +server { + listen 80; + server_name .pipes.silvrtree.co.uk; + +client_body_in_file_only clean; +client_body_buffer_size 32K; + +client_max_body_size 10M; + +sendfile on; +send_timeout 300; + + + #Configures the publicly served root directory + #Configures the index file to be served + + #These lines create a bypass for certain pathnames + #www.example.com/test.js is now routed to port 3000 + #instead of port 80 + location / { + proxy_pass http://localhost:9002; + proxy_set_header Host $host; +# auth_basic "Restricted"; +# auth_basic_user_file /etc/nginx/.htpasswd; + + } +} diff --git a/pipes.silvrtree.co.uk.pre b/pipes.silvrtree.co.uk.pre new file mode 100644 index 0000000..f186b59 --- /dev/null +++ b/pipes.silvrtree.co.uk.pre @@ -0,0 +1,30 @@ +server { +gzip on; + listen 80; + server_name .pipes.silvrtree.co.uk; + +client_body_in_file_only clean; +client_body_buffer_size 32K; + +client_max_body_size 10M; + +sendfile on; +send_timeout 300; + + + #Configures the publicly served root directory + #Configures the index file to be served + + #These lines create a bypass for certain pathnames + #www.example.com/test.js is now routed to port 3000 + #instead of port 80 + location / { +gzip_static on; + proxy_pass http://localhost:9002; + proxy_set_header Host $host; + +# auth_basic "Restricted"; +# auth_basic_user_file /etc/nginx/.htpasswd; + + } +} diff --git a/recipes.silvrtree.co.uk b/recipes.silvrtree.co.uk new file mode 100644 index 0000000..9249324 --- /dev/null +++ b/recipes.silvrtree.co.uk @@ -0,0 +1,19 @@ +server { + listen 80; + server_name recipes.silvrtree.co.uk; + + #Configures the publicly served root directory + #Configures the index file to be served + root /; + index index.html index.htm; + + #These lines create a bypass for certain pathnames + #www.example.com/test.js is now routed to port 3000 + #instead of port 80 + location / { + proxy_pass http://localhost:8025; + proxy_set_header Host $host; + } + +} + diff --git a/silvrtree.co.uk b/silvrtree.co.uk new file mode 100644 index 0000000..4e152db --- /dev/null +++ b/silvrtree.co.uk @@ -0,0 +1,49 @@ +server { + listen [::]:80; + listen 80; + + # listen on both hosts + server_name silvrtree.co.uk www.silvrtree.co.uk; + + # and redirect to the https host (declared below) + # avoiding http://www -> https://www -> https:// chain. + return 301 https://silvrtree.co.uk$request_uri; +} + +server { + listen [::]:443 ssl spdy; + listen 443 ssl spdy; + + server_name silvrtree.co.uk www.silvrtree.co.uk; + + include secure/ssl.conf; + + root /var/www/silvrtree; + index index.html index.htm; + + location / { + proxy_pass http://localhost:9000; + proxy_set_header Host $host; + } + + + +location /couchdb/(.*)$ { + rewrite /couchdb/(.*) /$1 break; + proxy_pass http://127.0.0.1:5984; + proxy_pass_header Accept; + proxy_pass_header Server; + keepalive_requests 1000; + add_header 'Access-Control-Allow-Origin' '*'; + proxy_redirect off; + proxy_buffering off; + proxy_set_header Host $host; + proxy_set_header Authorization ""; # or according to server.ini + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; +} + + +} + + diff --git a/smartoffice.silvrtree.co.uk b/smartoffice.silvrtree.co.uk new file mode 100644 index 0000000..d78fbb1 --- /dev/null +++ b/smartoffice.silvrtree.co.uk @@ -0,0 +1,27 @@ +server { + listen 80; + server_name .smartoffice.silvrtree.co.uk; + +client_body_in_file_only clean; +client_body_buffer_size 32K; + +client_max_body_size 10M; + +sendfile on; +send_timeout 300; + + + #Configures the publicly served root directory + #Configures the index file to be served + + #These lines create a bypass for certain pathnames + #www.example.com/test.js is now routed to port 3000 + #instead of port 80 + location / { + proxy_pass http://localhost:3000; + proxy_set_header Host $host; +# auth_basic "Restricted"; +# auth_basic_user_file /etc/nginx/.htpasswd; + + } +} diff --git a/sonar.silvrtree.co.uk b/sonar.silvrtree.co.uk new file mode 100644 index 0000000..c850f55 --- /dev/null +++ b/sonar.silvrtree.co.uk @@ -0,0 +1,20 @@ +server { + listen 80; + server_name sonar.silvrtree.co.uk; + + #Configures the publicly served root directory + #Configures the index file to be served + root /; + index index.html index.htm; +# include snippets/cache.conf; + + #These lines create a bypass for certain pathnames + #www.example.com/test.js is now routed to port 3000 + #instead of port 80 + location / { + proxy_pass http://localhost:9900; + proxy_set_header Host $host; + } + +} + diff --git a/websockets b/websockets new file mode 100644 index 0000000..fcca43c --- /dev/null +++ b/websockets @@ -0,0 +1,30 @@ +upstream backend { + server 127.0.0.1:8031; +} + +map $http_upgrade $connection_upgrade { + default upgrade; + '' close; +} + +server { + listen 8039; + server_name ws.silvrtree.co.uk; + location / { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header X-NginX-Proxy true; + + proxy_pass http://localhost:8031/; + proxy_redirect off; + proxy_buffering off; + + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + + access_log off; + error_log /var/log/nginx/websockets.error.log; + } +} diff --git a/wiki.silvrtree.co.uk b/wiki.silvrtree.co.uk new file mode 100644 index 0000000..2113bc3 --- /dev/null +++ b/wiki.silvrtree.co.uk @@ -0,0 +1,27 @@ +server { + listen 80; + server_name .wiki.silvrtree.co.uk; + +client_body_in_file_only clean; +client_body_buffer_size 32K; + +client_max_body_size 10M; + +sendfile on; +send_timeout 300; + + + #Configures the publicly served root directory + #Configures the index file to be served + + #These lines create a bypass for certain pathnames + #www.example.com/test.js is now routed to port 3000 + #instead of port 80 + location / { + proxy_pass http://localhost:3000; + proxy_set_header Host $host; + auth_basic "Restricted"; + auth_basic_user_file /etc/nginx/.htpasswd; + + } +}