diff --git a/public/fs/etc/nginx/nginx-conf.sh b/public/fs/etc/nginx/nginx-conf.sh new file mode 100755 index 0000000..10a88c6 --- /dev/null +++ b/public/fs/etc/nginx/nginx-conf.sh @@ -0,0 +1,11 @@ +#!/bin/sh + +set -eu + +hostzone="$1" + +cfg_script="$0" +cfg_srcdir=$(cd -- "${cfg_script%/*}/" ; pwd -P) + +sed -e 's/@hostzone@/'"${hostzone}"'/g' \ + "${cfg_srcdir}/nginx.conf.in" diff --git a/public/fs/etc/nginx/nginx.conf b/public/fs/etc/nginx/nginx.conf deleted file mode 100644 index cc7b95a..0000000 --- a/public/fs/etc/nginx/nginx.conf +++ /dev/null @@ -1,60 +0,0 @@ -worker_processes 1; - -load_module lib64/nginx/modules/ngx_http_fancyindex_module.so; - -events { - worker_connections 1024; - use epoll; -} - - -http { - include mime.types; - default_type application/octet-stream; - - sendfile on; - tcp_nopush on; - - keepalive_timeout 65; - - include conf.d/*.conf; - - server { - listen [::]:80 default_server ipv6only=off reuseport; - server_name localhost; - - location / { - root /srv/www/htdocs/; - index index.html index.htm; - } - - error_page 500 502 503 504 /50x.html; - - location = /50x.html { - root /srv/www/htdocs/; - } - } - - server { - listen [::]:443 default_server ssl http2 ipv6only=off reuseport; - server_name localhost; - - ssl_certificate /srv/webroot/culturestrings.org/ssl/fullchain.pem; - ssl_certificate_key /srv/webroot/culturestrings.org/ssl/privkey.pem; - ssl_trusted_certificate /srv/webroot/culturestrings.org/ssl/chain.pem; - - location / { - root /srv/www/htdocs/; - index index.html index.htm; - } - - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /srv/www/htdocs/; - } - - } - - include conf.d/ssl_params; - include vhosts.d/*.conf; -} diff --git a/public/fs/etc/nginx/nginx.conf.in b/public/fs/etc/nginx/nginx.conf.in new file mode 100644 index 0000000..d2165fa --- /dev/null +++ b/public/fs/etc/nginx/nginx.conf.in @@ -0,0 +1,60 @@ +worker_processes 1; + +load_module lib64/nginx/modules/ngx_http_fancyindex_module.so; + +events { + worker_connections 1024; + use epoll; +} + + +http { + include mime.types; + default_type application/octet-stream; + + sendfile on; + tcp_nopush on; + + keepalive_timeout 65; + + include conf.d/*.conf; + + server { + listen [::]:80 default_server ipv6only=off reuseport; + server_name localhost; + + location / { + root /srv/www/htdocs/; + index index.html index.htm; + } + + error_page 500 502 503 504 /50x.html; + + location = /50x.html { + root /srv/www/htdocs/; + } + } + + server { + listen [::]:443 default_server ssl http2 ipv6only=off reuseport; + server_name localhost; + + ssl_certificate /srv/webroot/@hostzone@/ssl/fullchain.pem; + ssl_certificate_key /srv/webroot/@hostzone@/ssl/privkey.pem; + ssl_trusted_certificate /srv/webroot/@hostzone@/ssl/chain.pem; + + location / { + root /srv/www/htdocs/; + index index.html index.htm; + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /srv/www/htdocs/; + } + + } + + include conf.d/ssl_params; + include vhosts.d/*.conf; +}