From 08bde22451cdb0fcd9501532b3693ac9f8c8443e Mon Sep 17 00:00:00 2001 From: nutra-bot Date: Wed, 29 Jun 2022 19:13:19 +0000 Subject: [PATCH] fix --- etc/nginx/sites-available/default | 60 ++++++++++--------------------- etc/systemd/system/ntserv.service | 2 +- 2 files changed, 20 insertions(+), 42 deletions(-) diff --git a/etc/nginx/sites-available/default b/etc/nginx/sites-available/default index af5e21d..aee0d49 100644 --- a/etc/nginx/sites-available/default +++ b/etc/nginx/sites-available/default @@ -1,13 +1,13 @@ -upstream deveast.linode.poczatek.dev { +upstream dev.nutra.tk { keepalive 100; server 127.0.0.1:20000; # server unix:/tmp/sanic.sock; } server { - server_name deveast.linode.poczatek.dev; - # listen 443 ssl http2 default_server; - listen [::]:443 ssl http2 default_server; + server_name dev.nutra.tk; + listen 443 ssl http2 default_server; + listen [::]:443 ssl ipv6only=on; # managed by Certbot # React app (base URL) @@ -57,44 +57,20 @@ server { } - listen 443 ssl; # managed by Certbot - ssl_certificate /etc/letsencrypt/live/deveast.linode.poczatek.dev/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/deveast.linode.poczatek.dev/privkey.pem; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/deveast.linode.poczatek.dev/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/deveast.linode.poczatek.dev/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } -# TODO: if is evil -# https://wordpress.org/support/article/nginx/ -# http://wiki.nginx.org/IfIsEvil -server { - server_name deveast.linode.poczatek.dev; - - - # CertBot - if ($host = deveast.linode.poczatek.dev) { - return 301 https://$host$request_uri; - } # managed by Certbot - - listen 80; - return 404; # managed by Certbot -} - - # Redirect all HTTP to HTTPS with no-WWW server { + listen 80 default_server; + listen [::]:80 default_server; server_name ~^(?:www\.)?(.*)$; return 301 https://$1$request_uri; - - listen [::]:443 ssl ipv6only=on; # managed by Certbot - listen 443 ssl; # managed by Certbot - ssl_certificate /etc/letsencrypt/live/deveast.linode.poczatek.dev/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/deveast.linode.poczatek.dev/privkey.pem; # managed by Certbot - include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot - } @@ -106,16 +82,18 @@ server { return 301 $scheme://$1$request_uri; } -server { - if ($host = dev.nutra.tk) { - return 301 https://$host$request_uri; - } # managed by Certbot +# TODO: if is evil +# https://wordpress.org/support/article/nginx/ +# http://wiki.nginx.org/IfIsEvil +server { + if ($host = deveast.linode.poczatek.dev) { + return 301 https://$host$request_uri; + } # managed by Certbot - listen 80 default_server; - listen [::]:80 default_server; - server_name ~^(?:www\.)?(.*)$; - return 404; # managed by Certbot + if ($host = dev.nutra.tk) { + return 301 https://$host$request_uri; + } # managed by Certbot +} -} \ No newline at end of file diff --git a/etc/systemd/system/ntserv.service b/etc/systemd/system/ntserv.service index 2b83a17..3c275fb 100644 --- a/etc/systemd/system/ntserv.service +++ b/etc/systemd/system/ntserv.service @@ -5,7 +5,7 @@ Description=Nutra Server (Sanic / PostgreSQL) User=sanic ExecStart=/usr/bin/env python3 -m ntserv Restart=always -Environment="NTSERV_ENV=dev" "NTSERV_SERVER_HOST=https://deveast.linode.poczatek.dev" "NTSERV_N_WORKERS=2" "NTSERV_PSQL_PASSWORD=REDACTED" "NTSERV_JWT_SECRET=secret" "NTSERV_PROXY_SECRET=secret" +Environment="NTSERV_ENV=dev" "NTSERV_SERVER_HOST=https://dev.nutra.tk" "NTSERV_N_WORKERS=2" "NTSERV_PSQL_PASSWORD=REDACTED" "NTSERV_JWT_SECRET=secret" "NTSERV_PROXY_SECRET=secret" [Install] WantedBy=multi-user.target -- 2.52.0