summaryrefslogtreecommitdiff
path: root/resources/intern.gospeladlershof.conf
diff options
context:
space:
mode:
Diffstat (limited to 'resources/intern.gospeladlershof.conf')
-rw-r--r--resources/intern.gospeladlershof.conf130
1 files changed, 130 insertions, 0 deletions
diff --git a/resources/intern.gospeladlershof.conf b/resources/intern.gospeladlershof.conf
new file mode 100644
index 0000000..13e3f03
--- /dev/null
+++ b/resources/intern.gospeladlershof.conf
@@ -0,0 +1,130 @@
+server {
+ listen 80;
+ listen 443 ssl http2;
+ server_name www.intern.gospeladlershof.de;
+ include snippets/letsencrypt.conf;
+ include /etc/nginx/conf.d/nginx_conf/ssl_conf;
+ ssl_certificate /var/lib/acme/live/www.intern.gospeladlershof.de/fullchain;
+ ssl_certificate_key /var/lib/acme/live/www.intern.gospeladlershof.de/privkey;
+ include conf.d/nginx_conf/robots.conf;
+
+ access_log /var/log/nginx/gospeladlershof.de/redirect.access.log verbose;
+ error_log /var/log/nginx/gospeladlershof.de/redirect.error.log;
+
+ return 301 https://intern.gospeladlershof.de$request_uri;
+}
+
+server {
+ listen 80;
+ server_name intern.gospeladlershof.de;
+
+ location / {
+ return 302 https://$server_name$request_uri;
+ }
+
+ include snippets/letsencrypt.conf;
+}
+
+server {
+ listen 443 ssl http2;
+ include snippets/letsencrypt.conf;
+ server_name intern.gospeladlershof.de;
+ root /var/www/gospeladlershof.de/intern.gospeladlershof.de/;
+ #root /home/horus/sites/gospeladlershof.de/intern.gospeladlershof.de;
+
+ access_log /var/log/nginx/gospeladlershof.de/intern.access.log verbose;
+ error_log /var/log/nginx/gospeladlershof.de/intern.error.log;
+
+ index index.html index.php;
+
+ include /etc/nginx/conf.d/nginx_conf/ssl_conf;
+ ssl_certificate /var/lib/acme/live/intern.gospeladlershof.de/fullchain;
+ ssl_certificate_key /var/lib/acme/live/intern.gospeladlershof.de/privkey;
+ include conf.d/nginx_conf/robots.conf;
+
+ error_page 404 /404.html;
+
+ # Solange wir keine ordentlichen Bilder haben wird nichts gecacht.
+ #location ~* \.(jpe?g|png|gif|css|js|swf|txt|ico|woff2?|ttf|svg)$ {
+ # expires 365d;
+ #}
+
+ location ~* ^/favicon.ico$ {}
+
+ location / {
+ # In PHP implementiert, damit überflüssig.
+ # auth_basic "Passwort verlangt - Gospelchor Adlershof";
+ # auth_basic_user_file passwd/gospelchor_passwd;
+
+ # Andere Permission!
+ location ~ ^/code/deploy.php$ {
+ include snippets/fastcgi-php.conf;
+ fastcgi_pass unix:/var/run/horus-php5-fpm.sock;
+ }
+
+ location ~ \.php$ {
+ include snippets/fastcgi-php.conf;
+ fastcgi_pass unix:/var/run/php5-fpm.sock;
+ }
+
+ location = /mailman/ {
+ return 302 https://$server_name/mailman/listinfo;
+ }
+
+ location = /mailman {
+ return 302 https://$server_name/mailman/listinfo;
+ }
+
+ location /mailman {
+ root /usr/lib/cgi-bin;
+ fastcgi_hide_header Content-Type;
+ add_header Content-Type "text/html; charset=us-ascii";
+ fastcgi_split_path_info (^/mailman/[^/]*)(.*)$;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_pass unix:/var/run/fcgiwrap.socket;
+ }
+
+ location /mailman/private {
+ root /usr/lib/cgi-bin;
+ fastcgi_split_path_info (^/mailman/[^/]*)(.*)$;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_pass unix:/var/run/fcgiwrap.socket;
+ }
+
+ location /mailman/public {
+ root /usr/lib/cgi-bin;
+ fastcgi_split_path_info (^/mailman/[^/]*)(.*)$;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_pass unix:/var/run/fcgiwrap.socket;
+ }
+
+ location /images/mailman {
+ alias /var/lib/mailman/icons ;
+ }
+
+ location /icons {
+ alias /usr/lib/mailman/icons;
+ }
+
+ location /archives {
+ alias /var/lib/mailman/archives/public;
+ autoindex on;
+ }
+
+ location /pipermail {
+ disable_symlinks off;
+ alias /var/lib/mailman/archives/public;
+ autoindex on;
+ }
+ }
+
+
+ include conf.d/nginx_conf/restrict.conf;
+}
+