diff options
Diffstat (limited to 'clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2')
-rw-r--r-- | clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2 | 64 |
1 files changed, 56 insertions, 8 deletions
diff --git a/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2 b/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2 index 9504e29..ae5287d 100644 --- a/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2 +++ b/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2 | |||
@@ -1,15 +1,59 @@ | |||
1 | server { | 1 | server { |
2 | server_name {{ lookup('env', 'CGIT_DOMAIN') }}; | 2 | server_name git.jinwei.me; |
3 | |||
4 | return 404; | ||
5 | |||
6 | listen 443 ssl; # managed by Certbot | ||
7 | ssl_certificate /usr/local/etc/letsencrypt/live/cgit.jinwei.me/fullchain.pem; # managed by Certbot | ||
8 | ssl_certificate_key /usr/local/etc/letsencrypt/live/cgit.jinwei.me/privkey.pem; # managed by Certbot | ||
9 | include /usr/local/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | ||
10 | ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot | ||
11 | } | ||
12 | |||
13 | server { | ||
14 | if ($host = git.jinwei.me) { | ||
15 | return 301 https://$host$request_uri; | ||
16 | } # managed by Certbot | ||
17 | |||
18 | server_name git.jinwei.me; | ||
19 | listen 80; | ||
20 | return 404; # managed by Certbot | ||
21 | } | ||
22 | |||
23 | server { | ||
24 | if ($host = cgit.jinwei.me) { | ||
25 | return 301 https://$host$request_uri; | ||
26 | } # managed by Certbot | ||
27 | |||
28 | server_name cgit.jinwei.me; | ||
29 | |||
30 | listen 80; | ||
31 | return 404; # managed by Certbot | ||
32 | } | ||
33 | |||
34 | server { | ||
35 | server_name cgit.jinwei.me; | ||
3 | root /usr/local/www/cgit; | 36 | root /usr/local/www/cgit; |
4 | try_files $uri @cgit; | 37 | try_files $uri @cgit; |
5 | 38 | ||
6 | location @cgit { | 39 | location @cgit { |
7 | include fastcgi_params; | 40 | include fastcgi_params; |
8 | fastcgi_param SCRIPT_FILENAME /usr/local/www/cgit/cgit.cgi; | 41 | fastcgi_param SCRIPT_FILENAME /usr/local/www/cgit/cgit.cgi; |
9 | fastcgi_param PATH_INFO $uri; | 42 | fastcgi_param PATH_INFO $uri; |
10 | fastcgi_param QUERY_STRING $args; | 43 | fastcgi_param QUERY_STRING $args; |
11 | fastcgi_param HTTP_HOST $server_name; | 44 | fastcgi_param HTTP_HOST $server_name; |
12 | fastcgi_pass unix:/var/run/fcgiwrap/fcgiwrap.sock; | 45 | fastcgi_pass unix:/var/run/fcgiwrap/fcgiwrap.sock; |
46 | } | ||
47 | |||
48 | location /assets { | ||
49 | root /var/www/cgit.jinwei.me; | ||
50 | disable_symlinks off; | ||
51 | } | ||
52 | |||
53 | location /static { | ||
54 | alias /var/www/cgit.jinwei.me/static; | ||
55 | expires 24h; | ||
56 | try_files $uri =404; | ||
13 | } | 57 | } |
14 | 58 | ||
15 | error_page 500 502 503 504 /50x.html; | 59 | error_page 500 502 503 504 /50x.html; |
@@ -17,5 +61,9 @@ server { | |||
17 | root /usr/local/www/nginx-dist; | 61 | root /usr/local/www/nginx-dist; |
18 | } | 62 | } |
19 | 63 | ||
20 | listen 80; | 64 | listen 443 ssl; # managed by Certbot |
65 | ssl_certificate /usr/local/etc/letsencrypt/live/cgit.jinwei.me/fullchain.pem; # managed by Certbot | ||
66 | ssl_certificate_key /usr/local/etc/letsencrypt/live/cgit.jinwei.me/privkey.pem; # managed by Certbot | ||
67 | include /usr/local/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | ||
68 | ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot | ||
21 | } | 69 | } |