|
|
@@ -1,68 +1,40 @@ |
|
|
-
|
|
|
# prevent non freecodecamp traffic
|
|
|
server {
|
|
|
# returning 444 here will immediately drop the connection
|
|
|
return 444;
|
|
|
}
|
|
|
|
|
|
-
|
|
|
-# setup to redirect those that get to fcc through https
|
|
|
-# this will send them a minimal page that will redirect them to non https site once loaded.
|
|
|
-# express handles serving the page that will redirect them
|
|
|
+# redirect root to www subdomain
|
|
|
+server {
|
|
|
+ listen 80;
|
|
|
+ server_name freecodecamp.com;
|
|
|
+ return 301 $scheme://www.freecodecamp.com$request_uri;
|
|
|
+}
|
|
|
server {
|
|
|
listen 443 ssl;
|
|
|
- server_name freecodecamp.com www.freecodecamp.com;
|
|
|
-
|
|
|
+ server_name freecodecamp.com;
|
|
|
ssl on;
|
|
|
- ssl_certificate /etc/nginx/ssl/freecodecamp/freecodecamp.com.chained.crt;
|
|
|
- ssl_certificate_key /etc/nginx/ssl/freecodecamp/freecodecamp.key;
|
|
|
-
|
|
|
- error_page 500 502 503 504 /500.html;
|
|
|
-
|
|
|
- location = /500-oops.html {
|
|
|
- root /home/freecodecamp/static;
|
|
|
- }
|
|
|
-
|
|
|
- location = /main.css {
|
|
|
- root /home/freecodecamp/static;
|
|
|
- }
|
|
|
-
|
|
|
- location / {
|
|
|
- include /etc/nginx/mime.types;
|
|
|
- proxy_pass http://127.0.0.1:1337;
|
|
|
- proxy_http_version 1.1;
|
|
|
- proxy_set_header Upgrade $http_upgrade;
|
|
|
- proxy_set_header Connection 'upgrade';
|
|
|
- proxy_set_header Host $host;
|
|
|
-
|
|
|
- proxy_read_timeout 60;
|
|
|
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
- proxy_set_header X-Real-IP $remote_addr;
|
|
|
-
|
|
|
- proxy_cache_bypass $http_upgrade;
|
|
|
-
|
|
|
- proxy_buffering on;
|
|
|
- proxy_buffer_size 1k;
|
|
|
- proxy_buffers 24 4k;
|
|
|
- proxy_busy_buffers_size 8k;
|
|
|
- proxy_max_temp_file_size 2048m;
|
|
|
- proxy_temp_file_write_size 32k;
|
|
|
- }
|
|
|
+ ssl_certificate /etc/nginx/ssl/freecodecamp.com.chained.crt;
|
|
|
+ ssl_certificate_key /etc/nginx/ssl/freecodecamp.key;
|
|
|
+ return 301 $scheme://www.freecodecamp.com$request_uri;
|
|
|
}
|
|
|
|
|
|
-# redirect root to www subdomain
|
|
|
+# upgrade ssl
|
|
|
server {
|
|
|
listen 80;
|
|
|
- server_name freecodecamp.com;
|
|
|
-
|
|
|
- return 301 $scheme://www.freecodecamp.com$request_uri;
|
|
|
+ server_name www.freecodecamp.com;
|
|
|
+ return 301 https://www.freecodecamp.com$request_uri;
|
|
|
}
|
|
|
|
|
|
-# main server
|
|
|
+# ssl
|
|
|
server {
|
|
|
- listen 80;
|
|
|
+ listen 443 ssl;
|
|
|
server_name www.freecodecamp.com;
|
|
|
|
|
|
+ ssl on;
|
|
|
+ ssl_certificate /etc/nginx/ssl/freecodecamp.com.chained.crt;
|
|
|
+ ssl_certificate_key /etc/nginx/ssl/freecodecamp.key;
|
|
|
+
|
|
|
# general error
|
|
|
error_page 500 501 502 503 /500-oops.html;
|
|
|
|
|
@@ -117,3 +89,25 @@ server { |
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
}
|
|
|
}
|
|
|
+server {
|
|
|
+ listen 80;
|
|
|
+ server_name webhook.freecodecamp.com;
|
|
|
+
|
|
|
+ location / {
|
|
|
+ include /etc/nginx/mime.types;
|
|
|
+
|
|
|
+ proxy_pass <%= prbot ip address %>
|
|
|
+ proxy_http_version 1.1;
|
|
|
+
|
|
|
+ proxy_read_timeout 60;
|
|
|
+ proxy_cache_bypass $http_upgrade;
|
|
|
+
|
|
|
+ proxy_set_header Upgrade $http_upgrade;
|
|
|
+ proxy_set_header Connection 'upgrade';
|
|
|
+ proxy_set_header Host $host;
|
|
|
+
|
|
|
+ # add client's IP to proxy request to upstream node servers
|
|
|
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
+ proxy_set_header X-Real-IP $remote_addr;
|
|
|
+ }
|
|
|
+}
|
0 comments on commit
fb7d3a3