diff options
| author | Horus3 | 2016-11-30 23:58:40 +0100 |
|---|---|---|
| committer | Horus3 | 2016-11-30 23:58:40 +0100 |
| commit | 4d760db429d98fe2e3fadd91004963cf25546609 (patch) | |
| tree | cc2af1da0506f7c566d97037b75c48ee11e64942 | |
| parent | a794859b1feae700a57d0994c4a5580cf84da451 (diff) | |
| parent | 08bb218ded738ec887092bbd2ad6d2051effab6b (diff) | |
| download | gospeladlershof.de-4d760db429d98fe2e3fadd91004963cf25546609.tar.gz | |
Merged
| -rw-r--r-- | .gitignore | 2 | ||||
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | gospeladlershof.de/layouts/index.html | 4 | ||||
| -rw-r--r-- | intern.gospeladlershof.de/code/login.php | 2 | ||||
| -rw-r--r-- | resources/gospeladlershof.conf | 12 | ||||
| -rw-r--r-- | resources/intern.gospeladlershof.conf | 130 | ||||
| -rw-r--r-- | resources/root_crontab | 2 | ||||
| -rw-r--r-- | resources/www.gospeladlershof.conf | 31 |
8 files changed, 170 insertions, 15 deletions
@@ -7,6 +7,6 @@ *.json secrets.php -chor_list_member.txt +chor_list_members.txt public/ _/ @@ -3,7 +3,7 @@ all: build deploy build: cd gospeladlershof.de && make build -deploy: +deploy: build if [ -d /var/www/gospeladlershof.de ]; then\ ( rsync -avz intern/ /var/www/gospeladlershof.de/intern/ 1>/dev/null 2>/dev/null && \ cd gospeladlershof.de && rsync --delete -avz public/ /var/www/gospeladlershof.de/gospeladlershof.de/ 1>/dev/null 2>/dev/null && \ diff --git a/gospeladlershof.de/layouts/index.html b/gospeladlershof.de/layouts/index.html index f0df949..7a1cdf6 100644 --- a/gospeladlershof.de/layouts/index.html +++ b/gospeladlershof.de/layouts/index.html @@ -39,6 +39,10 @@ <hr class="light"> <p class="text-faded"> Fröhlich beschwingte Gospelmusik, regelmäßige Konzerte, gemeinsame Ausflüge, Reisen und vieles mehr. Wer Lust hat dabei mitzumachen, kann über eine E-Mail mit uns Kontakt aufnehmen - oder noch besser: schaut einfach in einer Probe vorbei. Unser Chor aus Jugendlichen und jungen Erwachsenen widmet sich der Gospelmusik mit Klavierbegleitung oder a capella und freut sich über jede/n Mitsänger/In. Wer sich in der Zuschauerrolle an heiteren Klängen erfreut, ist herzlich zu unseren Auftritten in Berlin und Umgebung eingeladen. + <br> + + <br> +Alle interessierten Sänger, die neu einsteigen wollen, möchten wir bitten in die Probe am 28.11.2016 zu kommen. Dort könnt ihr den Chor kennenlernen und euch gesanglich orientieren. Außerdem startet der Chor nach dem Konzert (am 18.11.) in dieser Probe in die neue Probenphase. Da wäre ein Neueinstieg ideal! Wir freuen uns auf Dich! </p> <a href="#konzerte" class="page-scroll btn btn-default btn-xl goals" data-goal=6>Konzerttermine</a> </div> diff --git a/intern.gospeladlershof.de/code/login.php b/intern.gospeladlershof.de/code/login.php index 25c9b0e..9f8346c 100644 --- a/intern.gospeladlershof.de/code/login.php +++ b/intern.gospeladlershof.de/code/login.php @@ -6,7 +6,7 @@ require_once __DIR__ . '/session.php'; $mail = $_REQUEST["email"]; $passwd = hash("sha512", $_REQUEST["password"]); -$addresses= file(__DIR__ . "/../../intern/chor_list_member.txt", FILE_IGNORE_NEW_LINES); +$addresses= file(__DIR__ . "/../../intern/chor_list_members.txt", FILE_IGNORE_NEW_LINES); if ( "2397be3187f0ab864802fbe2b6c3207a01328988d524973d4eeaa48928410a2588263882e37e68363691fd8d7c3c83e8ebe46166bee13404ae61484c13b55e1f" === $passwd || "319e789e0fa1867bb08b197b306cc48aa0a109511f5e36dbdd1ed642cda8b7f222b0b6a31a43d2302d17562734d40eeb1f85cb99b4bf3101b3c7cef490d89ed2" === $passwd || diff --git a/resources/gospeladlershof.conf b/resources/gospeladlershof.conf index 5ca0cf7..1dc0177 100644 --- a/resources/gospeladlershof.conf +++ b/resources/gospeladlershof.conf @@ -1,9 +1,9 @@ server { listen 80; - listen 443 ssl spdy; - + listen 443 ssl http2; + # kein IPv6 #listen [::]:80; - #listen [::]:443 ssl spdy; + #listen [::]:443 ssl http2; server_name gospeladlershof.de; @@ -13,7 +13,9 @@ server { include /etc/nginx/conf.d/nginx_conf/block_crawler; include /etc/nginx/conf.d/nginx_conf/block_facebook; include /etc/nginx/conf.d/nginx_conf/ssl_conf; - include /etc/nginx/conf.d/nginx_conf/robots.conf; + + # Seite kann gecrawled werden! + #include /etc/nginx/conf.d/nginx_conf/robots.conf; ssl_certificate /var/lib/acme/live/gospeladlershof.de/fullchain; ssl_certificate_key /var/lib/acme/live/gospeladlershof.de/privkey; @@ -21,6 +23,6 @@ server { include snippets/letsencrypt.conf; location / { - return 302 $scheme://www.gospeladlershof.de$request_uri; + return 301 https://www.gospeladlershof.de$request_uri; } } diff --git a/resources/intern.gospeladlershof.conf b/resources/intern.gospeladlershof.conf new file mode 100644 index 0000000..72654ab --- /dev/null +++ b/resources/intern.gospeladlershof.conf @@ -0,0 +1,130 @@ +server { + listen 80; + listen 443 ssl http2; + server_name www.intern.gospeladlershof.de; + include snippets/letsencrypt.conf; + include /etc/nginx/conf.d/nginx_conf/ssl_conf; + ssl_certificate /var/lib/acme/live/www.intern.gospeladlershof.de/fullchain; + ssl_certificate_key /var/lib/acme/live/www.intern.gospeladlershof.de/privkey; + include conf.d/nginx_conf/robots.conf; + + access_log /var/log/nginx/gospeladlershof.de/redirect.access.log verbose; + error_log /var/log/nginx/gospeladlershof.de/redirect.error.log; + + return 301 https://intern.gospeladlershof.de$request_uri; +} + +server { + listen 80; + server_name intern.gospeladlershof.de; + + location / { + return 302 https://$server_name$request_uri; + } + + include snippets/letsencrypt.conf; +} + +server { + listen 443 ssl http2; + include snippets/letsencrypt.conf; + server_name intern.gospeladlershof.de; + root /var/www/gospeladlershof.de/intern.gospeladlershof.de/; + #root /home/horus/sites/gospeladlershof.de/intern.gospeladlershof.de; + + access_log /var/log/nginx/gospeladlershof.de/intern.access.log verbose; + error_log /var/log/nginx/gospeladlershof.de/intern.error.log; + + index index.html index.php; + + include /etc/nginx/conf.d/nginx_conf/ssl_conf; + ssl_certificate /var/lib/acme/live/intern.gospeladlershof.de/fullchain; + ssl_certificate_key /var/lib/acme/live/intern.gospeladlershof.de/privkey; + include conf.d/nginx_conf/robots.conf; + + error_page 404 /404.html; + + location ~* \.(jpe?g|png|gif|css|js|swf|txt|ico|woff2?|ttf|svg)$ { + # expires 365d; + expires 10m; + } + + location ~* ^/favicon.ico$ {} + + location / { + # In PHP implementiert, damit überflüssig. + # auth_basic "Passwort verlangt - Gospelchor Adlershof"; + # auth_basic_user_file passwd/gospelchor_passwd; + + # Andere Permission! + location ~ ^/code/deploy.php$ { + include snippets/fastcgi-php.conf; + fastcgi_pass unix:/var/run/horus-php5-fpm.sock; + } + + location ~ \.php$ { + include snippets/fastcgi-php.conf; + fastcgi_pass unix:/var/run/php5-fpm.sock; + } + + location = /mailman/ { + return 302 https://$server_name/mailman/listinfo; + } + + location = /mailman { + return 302 https://$server_name/mailman/listinfo; + } + + location /mailman { + root /usr/lib/cgi-bin; + fastcgi_hide_header Content-Type; + add_header Content-Type "text/html; charset=us-ascii"; + fastcgi_split_path_info (^/mailman/[^/]*)(.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + fastcgi_pass unix:/var/run/fcgiwrap.socket; + } + + location /mailman/private { + root /usr/lib/cgi-bin; + fastcgi_split_path_info (^/mailman/[^/]*)(.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + fastcgi_pass unix:/var/run/fcgiwrap.socket; + } + + location /mailman/public { + root /usr/lib/cgi-bin; + fastcgi_split_path_info (^/mailman/[^/]*)(.*)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + include /etc/nginx/fastcgi_params; + fastcgi_pass unix:/var/run/fcgiwrap.socket; + } + + location /images/mailman { + alias /var/lib/mailman/icons ; + } + + location /icons { + alias /usr/lib/mailman/icons; + } + + location /archives { + alias /var/lib/mailman/archives/public; + autoindex on; + } + + location /pipermail { + disable_symlinks off; + alias /var/lib/mailman/archives/public; + autoindex on; + } + } + + + include conf.d/nginx_conf/restrict.conf; +} + diff --git a/resources/root_crontab b/resources/root_crontab new file mode 100644 index 0000000..ee249e0 --- /dev/null +++ b/resources/root_crontab @@ -0,0 +1,2 @@ +# Schreibt alle Listmember der Gospelchorliste in eine Textdatei für PHP. +*/10 * * * * /var/lib/mailman/bin/list_members -o /home/horus/sites/gospeladlershof.de/intern/chor_list_members.txt chor diff --git a/resources/www.gospeladlershof.conf b/resources/www.gospeladlershof.conf index 9643cbb..0a3ac92 100644 --- a/resources/www.gospeladlershof.conf +++ b/resources/www.gospeladlershof.conf @@ -1,6 +1,15 @@ server { listen 80; - listen 443 ssl; + include snippets/letsencrypt.conf; + server_name www.gospeladlershof.de; + + location / { + return 301 https://$server_name$request_uri; + } +} + +server { + listen 443 ssl http2; include snippets/letsencrypt.conf; server_name www.gospeladlershof.de; root /var/www/gospeladlershof.de/gospeladlershof.de; @@ -13,13 +22,17 @@ server { include /etc/nginx/conf.d/nginx_conf/ssl_conf; ssl_certificate /var/lib/acme/live/www.gospeladlershof.de/fullchain; ssl_certificate_key /var/lib/acme/live/www.gospeladlershof.de/privkey; - #include conf.d/nginx_conf/robots.conf; + #include conf.d/nginx_conf/robots.conf; error_page 404 /404.html; + # Solange wir keine ordentlichen Bilder haben wird nichts richtig gecacht. location ~* \.(jpe?g|png|gif|css|js|swf|txt|ico|woff2?|ttf|svg)$ { - # expires 365d; + # expires 365d; expires 10m; + # add_header "Access-Control-Allow-Origin" "intern.gospeladlershof.de"; + add_header "Access-Control-Allow-Origin" "*"; + # add_header "Vary" "Accept-Encoding"; } @@ -35,6 +48,11 @@ server { location ~ ^/api/v1/{ rewrite ^/api/v1/([a-zA-Z]+)/? /intern/api/$1.php last; + location ~ \.php$ { + include snippets/fastcgi-php.conf; + fastcgi_read_timeout 300; + fastcgi_pass unix:/var/run/php5-fpm.sock; + } } location /intern/api { @@ -46,10 +64,12 @@ server { } } + include conf.d/nginx_conf/restrict.conf; + # pagespeed - pagespeed on; include /etc/nginx/conf.d/nginx_conf/pagespeed.conf; + pagespeed off; pagespeed EnableFilters remove_comments; pagespeed EnableFilters collapse_whitespace; @@ -80,8 +100,5 @@ server { pagespeed EnableFilters prioritize_critical_css; pagespeed EnableFilters rewrite_style_attributes_with_url; pagespeed EnableFilters sprite_images; - - include conf.d/nginx_conf/restrict.conf; - } |