01/02: hydra: berlin: Host issues.guix.info.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/02: hydra: berlin: Host issues.guix.info.

From:	Ricardo Wurmus
Subject:	01/02: hydra: berlin: Host issues.guix.info.
Date:	Sat, 8 Sep 2018 15:22:22 -0400 (EDT)

rekado pushed a commit to branch master
in repository maintenance.

commit ca2848655d5eeb6362e55487916e1dffd2cebf83
Author: Ricardo Wurmus <address@hidden>
Date:   Sat Sep 8 21:16:40 2018 +0200

    hydra: berlin: Host issues.guix.info.
    
    * hydra/nginx/berlin.conf: Add server sections for issues.guix.info on
    port 80 and 443.
---
 hydra/nginx/berlin.conf | 41 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

diff --git a/hydra/nginx/berlin.conf b/hydra/nginx/berlin.conf
index 952e5dc..6f60960 100644
--- a/hydra/nginx/berlin.conf
+++ b/hydra/nginx/berlin.conf
@@ -120,6 +120,17 @@ http {
         }
     }
 
+    server {
+        listen       80;
+        server_name  issues.guix.info;
+        root         /home/rekado/mumi/;
+        index        index.html;
+        access_log   /var/log/nginx/issues-guix-info.access.log;
+        location / {
+          proxy_pass http://localhost:1234;
+        }
+    }
+
     # HTTPS server.
     server {
         listen       443 ssl;
@@ -210,4 +221,34 @@ http {
           root /home/rekado/guix.info;
         }
     }
+    server {
+        listen       443 ssl;
+        server_name  issues.guix.info;
+
+        ssl_certificate     
/etc/letsencrypt/live/issues.guix.info/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/issues.guix.info/privkey.pem;
+
+        # Make sure SSL is disabled.
+        ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+
+        # Disable weak cipher suites.
+        ssl_ciphers         HIGH:!aNULL:!MD5;
+        ssl_prefer_server_ciphers on;
+
+        # Use our own DH parameters created with:
+        #    openssl dhparam -out dhparams.pem 2048
+        # as suggested at <https://weakdh.org/sysadmin.html>.
+        ssl_dhparam         /etc/dhparams.pem;
+
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Port $server_port;
+        proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
+
+        root         /home/rekado/mumi/;
+        index        index.html;
+        access_log   /var/log/nginx/issues-guix-info.https.access.log;
+        location / {
+          proxy_pass http://localhost:1234;
+        }
+    }
 }

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (72bbee8 -> ee6c3d1), Ricardo Wurmus, 2018/09/08
- 01/02: hydra: berlin: Host issues.guix.info., Ricardo Wurmus <=
- 02/02: hydra: berlin: Remove obsolete locations., Ricardo Wurmus, 2018/09/08

Prev by Date: branch master updated (72bbee8 -> ee6c3d1)
Next by Date: 02/02: hydra: berlin: Remove obsolete locations.
Previous by thread: branch master updated (72bbee8 -> ee6c3d1)
Next by thread: 02/02: hydra: berlin: Remove obsolete locations.
Index(es):
- Date
- Thread