forked from Hay1tsme/artemis
		
	Per-version URI/Host (#66)
Allows setting allnet uri/host response based on things like version, config files, and other factors to accommodate a wider range of potential setups under the same roof. This DOES require all titles to adopt a new structure but it's documented and should hopefully be somewhat intuitive. Co-authored-by: Hay1tsme <kevin@hay1ts.me> Reviewed-on: Hay1tsme/artemis#66 Co-authored-by: Kevin Trocolli <pitok236@gmail.com> Co-committed-by: Kevin Trocolli <pitok236@gmail.com>
This commit is contained in:
		| @ -24,8 +24,7 @@ server { | ||||
|  | ||||
| # SSL titles, comment out if you don't plan on accepting SSL titles | ||||
| server { | ||||
| 	listen 443 ssl default_server; | ||||
| 	listen [::]:443 ssl default_server;	 | ||||
| 	listen 443 ssl; | ||||
| 	server_name your.hostname.here; | ||||
|  | ||||
| 	ssl_certificate /path/to/cert/title.crt; | ||||
| @ -55,7 +54,7 @@ server { | ||||
| 	ssl_session_tickets off; | ||||
|  | ||||
| 	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; | ||||
| 	ssl_ciphers "ALL:@SECLEVEL=1"; | ||||
| 	ssl_ciphers "ALL:@SECLEVEL=0"; | ||||
| 	ssl_prefer_server_ciphers off; | ||||
|  | ||||
| 	location / { | ||||
| @ -75,7 +74,7 @@ server { | ||||
| 	ssl_session_tickets off; | ||||
|  | ||||
| 	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; | ||||
| 	ssl_ciphers "ALL:@SECLEVEL=1"; | ||||
| 	ssl_ciphers "ALL:@SECLEVEL=0"; | ||||
| 	ssl_prefer_server_ciphers off; | ||||
|  | ||||
| 	location / { | ||||
| @ -85,28 +84,6 @@ server { | ||||
| 	} | ||||
| } | ||||
|  | ||||
| # CXB, comment this out if you don't plan on serving crossbeats. | ||||
| server { | ||||
| 	listen 443 ssl;	 | ||||
| 	server_name cxb.hostname.here; | ||||
| 	 | ||||
| 	ssl_certificate /path/to/cert/cxb.pem; | ||||
| 	ssl_certificate_key /path/to/cert/cxb.key; | ||||
| 	ssl_session_timeout 1d; | ||||
| 	ssl_session_cache shared:MozSSL:10m; | ||||
| 	ssl_session_tickets off; | ||||
|  | ||||
| 	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; | ||||
| 	ssl_ciphers "ALL:@SECLEVEL=1"; | ||||
| 	ssl_prefer_server_ciphers off; | ||||
|  | ||||
| 	location / { | ||||
| 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||||
| 		proxy_pass_request_headers on; | ||||
| 		proxy_pass http://localhost:8080/SDBT/104/; | ||||
| 	} | ||||
| } | ||||
|  | ||||
| # Frontend, set to redirect to HTTPS. Comment out if you don't intend to use the frontend | ||||
| server { | ||||
|     listen 80; | ||||
| @ -143,4 +120,4 @@ server { | ||||
| 		proxy_pass_request_headers on; | ||||
| 		proxy_pass http://localhost:8090/; | ||||
| 	} | ||||
| } | ||||
| } | ||||
|  | ||||
		Reference in New Issue
	
	Block a user