fuckings to nginx
Every variable is unwrapped at runtime and only accounted for in some commands, which does not include ssl_certificate. Anyone who complains about this is made fun of. Assholes.
This commit is contained in:
parent
7cd01f56a8
commit
f75b6ca38f
|
@ -6,3 +6,11 @@ packages. You may use them on your own servers, though your mileage my vary.
|
|||
Install the -nginx package (e.g. git.sr.ht-nginx) to pull in these files, then
|
||||
edit `/etc/nginx/domains.conf` (and `/etc/nginx/nginx.conf`, if necessary) to
|
||||
suit your particular installation.
|
||||
|
||||
You should also write your own file, *-ssl.conf (e.g.
|
||||
`/etc/nginx/builds-ssl.conf`), which configures the SSL certificate, like so:
|
||||
|
||||
ssl_certificate /etc/ssl/uacme/builds.sr.ht/cert.pem;
|
||||
ssl_certificate_key /etc/ssl/uacme/private/builds.sr.ht/key.pem;
|
||||
|
||||
This is annoying. You can thank the nginx devs.
|
||||
|
|
|
@ -7,10 +7,9 @@ server {
|
|||
server {
|
||||
include sourcehut.conf;
|
||||
include port443.conf;
|
||||
include builds-ssl.conf;
|
||||
server_name $buildssrht;
|
||||
|
||||
ssl_certificate /etc/ssl/uacme/$buildssrht/cert.pem;
|
||||
ssl_certificate_key /etc/ssl/uacme/private/$buildssrht/key.pem;
|
||||
client_max_body_size 100M;
|
||||
|
||||
location / {
|
||||
|
|
|
@ -7,6 +7,7 @@ server {
|
|||
server {
|
||||
include sourcehut.conf;
|
||||
include port443.conf;
|
||||
include dispatch-ssl.conf;
|
||||
server_name $dispatchsrht;
|
||||
|
||||
ssl_certificate /etc/ssl/uacme/$dispatchsrht/cert.pem;
|
||||
|
|
|
@ -7,10 +7,9 @@ server {
|
|||
server {
|
||||
include sourcehut.conf;
|
||||
include port443.conf;
|
||||
include git-ssl.conf;
|
||||
server_name $gitsrht;
|
||||
|
||||
ssl_certificate /etc/ssl/uacme/$gitsrht/cert.pem;
|
||||
ssl_certificate_key /etc/ssl/uacme/private/$gitsrht/key.pem;
|
||||
client_max_body_size 100M;
|
||||
|
||||
location / {
|
||||
|
|
|
@ -7,10 +7,9 @@ server {
|
|||
server {
|
||||
include sourcehut.conf;
|
||||
include port443.conf;
|
||||
include hg-ssl.conf;
|
||||
server_name $hgsrht;
|
||||
|
||||
ssl_certificate /etc/ssl/uacme/$hgsrht/cert.pem;
|
||||
ssl_certificate_key /etc/ssl/uacme/private/$hgsrht/key.pem;
|
||||
client_max_body_size 100M;
|
||||
|
||||
location / {
|
||||
|
|
|
@ -12,11 +12,9 @@ server {
|
|||
server {
|
||||
include sourcehut.conf;
|
||||
include port443.conf;
|
||||
include hub-ssl.conf;
|
||||
server_name $hubsrht;
|
||||
|
||||
ssl_certificate /etc/ssl/uacme/$hubsrht/cert.pem;
|
||||
ssl_certificate_key /etc/ssl/uacme/private/$hubsrht/key.pem;
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:5014;
|
||||
include web.conf;
|
||||
|
|
|
@ -7,11 +7,9 @@ server {
|
|||
server {
|
||||
include sourcehut.conf;
|
||||
include port443.conf;
|
||||
include lists-ssl.conf;
|
||||
server_name $listssrht;
|
||||
|
||||
ssl_certificate /etc/ssl/uacme/$listssrht/cert.pem;
|
||||
ssl_certificate_key /etc/ssl/uacme/private/$listssrht/key.pem;
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:5006;
|
||||
include web.conf;
|
||||
|
|
|
@ -7,10 +7,9 @@ server {
|
|||
server {
|
||||
include sourcehut.conf;
|
||||
include port443.conf;
|
||||
include man-ssl.conf;
|
||||
server_name $mansrht;
|
||||
|
||||
ssl_certificate /etc/ssl/uacme/$mansrht/cert.pem;
|
||||
ssl_certificate_key /etc/ssl/uacme/private/$mansrht/key.pem;
|
||||
client_max_body_size 100M;
|
||||
|
||||
location / {
|
||||
|
|
|
@ -7,11 +7,9 @@ server {
|
|||
server {
|
||||
include sourcehut.conf;
|
||||
include port443.conf;
|
||||
include meta-ssl.conf;
|
||||
server_name $metasrht;
|
||||
|
||||
ssl_certificate /etc/ssl/uacme/$metasrht/cert.pem;
|
||||
ssl_certificate_key /etc/ssl/uacme/private/$metasrht/key.pem;
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:5000;
|
||||
include web.conf;
|
||||
|
|
|
@ -7,10 +7,9 @@ server {
|
|||
server {
|
||||
include sourcehut.conf;
|
||||
include port443.conf;
|
||||
include paste-ssl.conf;
|
||||
server_name $pastesrht pasta.sr.ht;
|
||||
|
||||
ssl_certificate /etc/ssl/uacme/$pastesrht/cert.pem;
|
||||
ssl_certificate_key /etc/ssl/uacme/private/$pastesrht/key.pem;
|
||||
client_max_body_size 10M;
|
||||
|
||||
location / {
|
||||
|
|
|
@ -7,10 +7,9 @@ server {
|
|||
server {
|
||||
include sourcehut.conf;
|
||||
include port443.conf;
|
||||
include todo-ssl.conf;
|
||||
server_name $todosrht;
|
||||
|
||||
ssl_certificate /etc/ssl/uacme/$todosrht/cert.pem;
|
||||
ssl_certificate_key /etc/ssl/uacme/private/$todosrht/key.pem;
|
||||
client_max_body_size 100M;
|
||||
|
||||
location / {
|
||||
|
|
Loading…
Reference in New Issue