From 44ba2c86ce789ec18ce24a1907b3baedd98ac88b Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Mon, 2 May 2022 10:10:38 +0200 Subject: [PATCH] Remove the local virtualhost. It is not used. --- shinyproxy/nginx_virtualhost.conf.j2 | 382 --------------------------- 1 file changed, 382 deletions(-) delete mode 100644 shinyproxy/nginx_virtualhost.conf.j2 diff --git a/shinyproxy/nginx_virtualhost.conf.j2 b/shinyproxy/nginx_virtualhost.conf.j2 deleted file mode 100644 index 0ff6603..0000000 --- a/shinyproxy/nginx_virtualhost.conf.j2 +++ /dev/null @@ -1,382 +0,0 @@ -{% if nginx_websockets_support is defined and nginx_websockets_support %} -include /etc/nginx/snippets/nginx-websockets.conf; -{% else %} -{% if item.websockets is defined and item.websockets %} -include /etc/nginx/snippets/nginx-websockets.conf; -{% endif %} -{% endif %} - -{% if item.upstream_backends is defined %} -{% for u_bk in item.upstream_backends %} -upstream {{ u_bk.name }} { - {% for srv in u_bk.servers %} - server {{ srv }}; - {% endfor %} -} - -{% endfor %} -{% endif %} - -# variables computed by njs and which may possibly be passed among locations -js_var $auth_token; -js_var $account_record; - -proxy_cache_path /tmp levels=1:2 keys_zone=social_cache:10m max_size=10g inactive=60m use_temp_path=off; - -server { - listen {{ item.http_port | default ('80') }}; - server_name {{ item.server_name }} {% if item.serveraliases is defined %}{{ item.serveraliases }}{% endif %}; -{% if nginx_block_dotfiles %} - location ~ /\.(?!well-known).* { - deny all; - access_log off; - log_not_found off; - return 404; - } -{% endif %} - -{% if letsencrypt_acme_install %} - include /etc/nginx/snippets/letsencrypt-proxy.conf; -{% endif %} - - {% if item.access_log is defined %} - access_log {{ item.access_log }}; - {% else %} - access_log /var/log/nginx/{{ item.server_name }}_access.log; - {% endif %} - - {% if item.error_log is defined %} - error_log {{ item.error_log }}; - {% else %} - error_log /var/log/nginx/{{ item.server_name }}_error.log; - {% endif %} - - {% if nginx_set_xss_protection %} - proxy_hide_header X-XSS-Protection; - add_header X-XSS-Protection "1; mode=block;"; - {% endif %} - {% if nginx_set_frame_origin %} - proxy_hide_header X-Frame-Options; - add_header X-Frame-Options "{{ nginx_x_frame_options }}"; - {% endif %} - {% if nginx_set_content_security_options %} - proxy_hide_header Content-Security-Policy; - add_header Content-Security-Policy "frame-src{% for s in nginx_content_security_src_acl %} {{ s }}{% endfor %}; frame-ancestors{% for l in nginx_content_security_ancestor_acl %} {{ l }}{% endfor %};"; - {% endif %} - server_tokens {{ item.server_tokens | default('off') }}; - -{% if item.ssl_enabled and item.ssl_only %} - location / { - return 301 https://{{ item.server_name }}$request_uri; - } -{% else %} - root {{ item.root | default('/usr/share/nginx/html/') }}; - index {{ item.index | default('index.html index.htm') }}; - error_page 500 502 503 504 {{ item.error_page | default('/50x.html') }}; - location = /50x.html { - root {{ item.error_path | default('/usr/share/nginx/html') }}; - } - location = /favicon.ico { - log_not_found off; - access_log off; - } - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } - {% if haproxy_ips is defined %} - # We are behind haproxy - {% for ip in haproxy_ips %} - set_real_ip_from {{ ip }}; - {% endfor %} - real_ip_header X-Forwarded-For; - {% endif %} - - {% if item.max_body is defined %} - client_max_body_size {{ item.max_body }}; - {% else %} - client_max_body_size {{ nginx_client_max_body_size }}; - {% endif %} - - {% if item.body_timeout is defined %} - client_body_timeout {{ item.body_timeout }}; - {% else %} - client_body_timeout {{ nginx_client_body_timeout }}; - {% endif %} - - {% if nginx_cors_enabled %} - {% if nginx_cors_global %} - include /etc/nginx/snippets/nginx-cors.conf; - {% endif %} - {% endif %} - - {% if item.additional_options is defined %} - {% for add_opt in item.additional_options %} - {{ add_opt }}; - {% endfor %} - {% endif %} - - {% if item.http_acls is defined %} - {% for acl in item.http_acls %} - {{ acl }}; - {% endfor %} - {% endif %} - - {% if nginx_websockets_support is defined and nginx_websockets_support %} - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; - {% else %} - {% if item.websockets is defined and item.websockets %} - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; - {% endif %} - {% endif %} - - {% if item.proxy_standard_setup is defined and item.proxy_standard_setup %} - - # Proxy stuff - {% if item.include_global_proxy_conf is defined and not item.include_global_proxy_conf %} - {% else %} - include /etc/nginx/snippets/nginx-proxy-params.conf; - {% endif %} - - {% if item.proxy_additional_options is defined %} - {% for popt in item.proxy_additional_options %} - {{ popt }}; - {% endfor %} - {% endif %} - - {% if item.locations is defined %} - {% for location in item.locations -%} - - location {{ location.location }} { - - {% if nginx_cors_enabled %} - {% if not nginx_cors_global %} - {% if location.cors is defined and location.cors %} - include /etc/nginx/snippets/nginx-cors.conf; - {% endif %} - {% endif %} - {% endif %} - - {% if location.target is defined %} - proxy_pass {{ location.target }}; - {% elif location.php_target is defined %} - try_files $uri =404; - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass {% if phpfpm_listen_on_socket is defined and phpfpm_listen_on_socket %}unix:{% endif %}{{ location.php_target }}; - fastcgi_index index.php; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param REMOTE_ADDR $http_x_forwarded_for; - #fastcgi_param REMOTE_ADDR $remote_addr; - include fastcgi_params; - {% endif %} - - {% if location.websockets is defined and location.websockets %} - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - {% endif %} - - {% if location.extra_conf is defined %} - {{ location.extra_conf }} - {% endif %} - - {% if location.acls is defined %} - {% for acl in location.acls %} - {{ acl }}; - {% endfor %} - {% endif %} - - {% if location.other_opts is defined %} - {% for opt in location.other_opts %} - {{ opt }}; - {% endfor %} - {% endif %} - } - {% endfor %} - {% endif %} - {% endif %} - - {% if item.extra_parameters is defined %} - {{ item.extra_parameters }} - {% endif %} - -{% endif %} - -} - -{% if item.ssl_enabled %} -server { - listen {% if item.https_port is defined %} {{ item.https_port }} {% else %} {{ https_port | default('443') }} {% endif %} ssl {% if ansible_distribution_release != "trusty" %} http2{% endif %}; - server_name {{ item.server_name }} {% if item.serveraliases is defined %}{{ item.serveraliases }}{% endif %}; - - {% if item.access_log is defined %} - access_log {{ item.access_log }}; - {% else %} - access_log /var/log/nginx/{{ item.server_name }}_ssl_access.log; - {% endif %} - - {% if item.error_log is defined %} - error_log {{ item.error_log }}; - {% else %} - error_log /var/log/nginx/{{ item.server_name }}_ssl_error.log; - {% endif %} - - root {{ item.root | default('/usr/share/nginx/html/') }}; - index {{ item.index | default('index.html index.htm') }}; - error_page 500 502 503 504 {{ item.error_page | default('/50x.html') }}; - location = /50x.html { - root {{ item.error_path | default('/usr/share/nginx/html') }}; - } - location = /favicon.ico { - log_not_found off; - access_log off; - } - location = /robots.txt { - allow all; - log_not_found off; - access_log off; - } -{% if nginx_block_dotfiles %} - location ~ /\.(?!well-known).* { - deny all; - access_log off; - log_not_found off; - return 404; - } -{% endif %} - - {% if haproxy_ips is defined %} - # We are behind haproxy - {% for ip in haproxy_ips %} - set_real_ip_from {{ ip }}; - {% endfor %} - real_ip_header X-Forwarded-For; - {% endif %} - - {% if item.max_body is defined %} - client_max_body_size {{ item.max_body }}; - {% else %} - client_max_body_size {{ nginx_client_max_body_size }}; - {% endif %} - {% if item.body_timeout is defined %} - client_body_timeout {{ item.body_timeout }}; - {% else %} - client_body_timeout {{ nginx_client_body_timeout }}; - {% endif %} - - include /etc/nginx/snippets/nginx-server-ssl.conf; - - {% if nginx_set_xss_protection %} - proxy_hide_header X-XSS-Protection; - add_header X-XSS-Protection "1; mode=block;"; - {% endif %} - {% if nginx_set_frame_origin %} - proxy_hide_header X-Frame-Options; - add_header X-Frame-Options "{{ nginx_x_frame_options }}"; - {% endif %} - {% if nginx_set_content_security_options %} - proxy_hide_header Content-Security-Policy; - add_header Content-Security-Policy "frame-src{% for s in nginx_content_security_src_acl %} {{ s }}{% endfor %}; frame-ancestors{% for l in nginx_content_security_ancestor_acl %} {{ l }}{% endfor %};"; - {% endif %} - server_tokens {{ item.server_tokens | default('off') }}; - - {% if nginx_cors_enabled %} - {% if nginx_cors_global %} - include /etc/nginx/snippets/nginx-cors.conf; - {% endif %} - {% endif %} - - {% if nginx_websockets_support is defined and nginx_websockets_support %} - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; - {% else %} - {% if item.websockets is defined and item.websockets %} - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; - {% endif %} - {% endif %} - - {% if item.additional_options is defined %} - {% for add_opt in item.additional_options %} - {{ add_opt }}; - {% endfor %} - {% endif %} - - {% if item.https_acls is defined %} - {% for acl in item.https_acls %} - {{ acl }}; - {% endfor %} - {% endif %} - - {% if item.proxy_standard_setup is defined and item.proxy_standard_setup %} - - # Proxy stuff - {% if item.include_global_proxy_conf is defined and not item.include_global_proxy_conf %} - {% else %} - include /etc/nginx/snippets/nginx-proxy-params.conf; - {% endif %} - - {% if item.proxy_additional_options is defined %} - {% for popt in item.proxy_additional_options %} - {{ popt }} - {% endfor %} - {% endif %} - - {% if item.locations is defined %} - {% for location in item.locations -%} - location {{ location.location }} { - - {% if nginx_cors_enabled %} - {% if not nginx_cors_global %} - {% if location.cors is defined and location.cors %} - include /etc/nginx/snippets/nginx-cors.conf; - {% endif %} - {% endif %} - {% endif %} - - {% if location.target is defined %} - proxy_pass {{ location.target }}; - {% elif location.php_target is defined %} - try_files $uri =404; - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass {% if phpfpm_listen_on_socket is defined and phpfpm_listen_on_socket %}unix:{% endif %}{{ location.php_target }}; - fastcgi_index index.php; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_param REMOTE_ADDR $http_x_forwarded_for; - #fastcgi_param REMOTE_ADDR $remote_addr; - include fastcgi_params; - {% endif %} - - {% if location.websockets is defined and location.websockets %} - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - {% endif %} - - {% if location.extra_conf is defined %} - {{ location.extra_conf }} - {% endif %} - - {% if location.acls is defined %} - {% for acl in location.acls %} - {{ acl }}; - {% endfor %} - {% endif %} - - {% if location.other_opts is defined %} - {% for opt in location.other_opts %} - {{ opt }}; - {% endfor %} - {% endif %} - } - {% endfor %} - {% endif %} - {% endif %} - - {% if item.extra_parameters is defined %} - {{ item.extra_parameters }} - {% endif %} -} - -{% endif %}