christianlight/tutor
6
0
Fork 0
mirror of https://github.com/ChristianLight/tutor.git synced 2025-02-11 05:38:29 +00:00
Code Issues Releases Activity

Simpler proxy config

Browse Source 
http redirects to http
https redirects to https
and the life of servers becomes more simple
This commit is contained in:
Régis Behmo 2019-03-23 15:26:07 -07:00
parent d6a40c681d
commit 328cd2b1ac
4 changed files with 46 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
tutor/templates/apps/nginx/cms.conf
View File

@ -2,7 +2,7 @@ upstream cms-backend {
server cms:8000 fail_timeout=0; server cms:8000 fail_timeout=0;
} }
{% if ACTIVATE_HTTPS and not WEB_PROXY %} {% if ACTIVATE_HTTPS %}
server { server {
server_name {{ CMS_HOST }}; server_name {{ CMS_HOST }};
listen 80; listen 80;
@ -11,7 +11,7 @@ server {
{% endif %} {% endif %}
server { server {
listen {{ "443 ssl" if ACTIVATE_HTTPS and not WEB_PROXY else "80" }}; {% if ACTIVATE_HTTPS %}listen 443 {{ "" if WEB_PROXY else "ssl" }};{% else %}listen 80;{% endif %}
server_name studio.localhost {{ CMS_HOST }}; server_name studio.localhost {{ CMS_HOST }};
{% if ACTIVATE_HTTPS and not WEB_PROXY %} {% if ACTIVATE_HTTPS and not WEB_PROXY %}

4
tutor/templates/apps/nginx/extra.conf
View File

@ -3,7 +3,7 @@ upstream notes-backend {
server notes:8000 fail_timeout=0; server notes:8000 fail_timeout=0;
} }
{% if ACTIVATE_HTTPS and not WEB_PROXY %} {% if ACTIVATE_HTTPS %}
server { server {
server_name notes.{{ LMS_HOST }}; server_name notes.{{ LMS_HOST }};
listen 80; listen 80;
@ -12,7 +12,7 @@ server {
{% endif %} {% endif %}
server { server {
listen {{ "443 ssl" if ACTIVATE_HTTPS and not WEB_PROXY else "80" }}; {% if ACTIVATE_HTTPS %}listen 443 {{ "" if WEB_PROXY else "ssl" }};{% else %}listen 80;{% endif %}
server_name notes.localhost notes.{{ LMS_HOST }}; server_name notes.localhost notes.{{ LMS_HOST }};
{% if ACTIVATE_HTTPS and not WEB_PROXY %} {% if ACTIVATE_HTTPS and not WEB_PROXY %}

4
tutor/templates/apps/nginx/lms.conf
View File

@ -2,7 +2,7 @@ upstream lms-backend {
server lms:8000 fail_timeout=0; server lms:8000 fail_timeout=0;
} }
{% if ACTIVATE_HTTPS and not WEB_PROXY %} {% if ACTIVATE_HTTPS %}
server { server {
server_name {{ LMS_HOST }} preview.{{ LMS_HOST }}; server_name {{ LMS_HOST }} preview.{{ LMS_HOST }};
listen 80; listen 80;
@ -11,7 +11,7 @@ server {
{% endif %} {% endif %}
server { server {
listen {{ "443 ssl" if ACTIVATE_HTTPS and not WEB_PROXY else "80" }}; {% if ACTIVATE_HTTPS %}listen 443 {{ "" if WEB_PROXY else "ssl" }};{% else %}listen 80;{% endif %}
server_name localhost preview.localhost {{ LMS_HOST }} preview.{{ LMS_HOST }}; server_name localhost preview.localhost {{ LMS_HOST }} preview.{{ LMS_HOST }};
{% if ACTIVATE_HTTPS and not WEB_PROXY %} {% if ACTIVATE_HTTPS and not WEB_PROXY %}

59
tutor/templates/local/proxy/nginx/openedx.conf
View File

@ -1,20 +1,7 @@
{% if ACTIVATE_HTTPS %}
server { server {
server_name {{ LMS_HOST }} preview.{{ LMS_HOST }} {{ CMS_HOST }}{% if ACTIVATE_NOTES %} notes.{{ LMS_HOST }}{% endif %};
listen 80; listen 80;
return 301 https://$server_name$request_uri;
}
{% endif %}
server {
listen {{ "443 ssl" if ACTIVATE_HTTPS else "80" }};
server_name {{ LMS_HOST }} preview.{{ LMS_HOST }} {{ CMS_HOST }}; server_name {{ LMS_HOST }} preview.{{ LMS_HOST }} {{ CMS_HOST }};
{% if ACTIVATE_HTTPS %}
ssl_certificate /etc/letsencrypt/live/{{ LMS_HOST }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ LMS_HOST }}/privkey.pem;
{% endif %}
server_tokens off; server_tokens off;
location / { location / {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
@ -26,16 +13,31 @@ server {
} }
} }
{% if ACTIVATE_HTTPS %}
server {
listen 443 ssl;
server_name {{ LMS_HOST }} preview.{{ LMS_HOST }} {{ CMS_HOST }};
ssl_certificate /etc/letsencrypt/live/{{ LMS_HOST }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ LMS_HOST }}/privkey.pem;
server_tokens off;
location / {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://localhost:{{ NGINX_HTTPS_PORT }};
}
}
{% endif %}
{% if ACTIVATE_NOTES %} {% if ACTIVATE_NOTES %}
server { server {
listen {{ "443 ssl" if ACTIVATE_HTTPS else "80" }}; listen 80;
server_name notes.{{ LMS_HOST }}; server_name notes.{{ LMS_HOST }};
{% if ACTIVATE_HTTPS %}
ssl_certificate /etc/letsencrypt/live/notes.{{ LMS_HOST }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/notes.{{ LMS_HOST }}/privkey.pem;
{% endif %}
server_tokens off; server_tokens off;
location / { location / {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
@ -46,4 +48,23 @@ server {
proxy_pass http://localhost:{{ NGINX_HTTP_PORT }}; proxy_pass http://localhost:{{ NGINX_HTTP_PORT }};
} }
} }
{% if ACTIVATE_HTTPS %}
server {
listen 443 ssl;
server_name notes.{{ LMS_HOST }};
ssl_certificate /etc/letsencrypt/live/notes.{{ LMS_HOST }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/notes.{{ LMS_HOST }}/privkey.pem;
server_tokens off;
location / {
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://localhost:{{ NGINX_HTTPS_PORT }};
}
}
{% endif %}
{% endif %} {% endif %}