ab-docker/ab-nginx
1
0
Fork 0
Code Issues Pull Requests Releases 8 Wiki Activity

refactor(NGINX): update letsencrypt integration

Browse Source 
- actually create letsencrypt challenge directory
- point default server-blocks to proper LE directory
- fix access and error logging for LE requests
- update server-block configuration comment headers
This commit is contained in:
Asif Bacchus
2021-01-07 10:16:24 -07:00
parent 4901116443
commit 0609c680e0
3 changed files with 19 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
build/sites/05-nonsecured.conf
+8 -6
View File
@@ -1,24 +1,26 @@
### UNsecured test page
#
# Default server block with LetsEncrypt support
#
server {
listen 80;
server_name default_server;
location / {
try_files $uri $uri/ =404;
try_files $uri $uri/ =404;
}
# process Let's Encrypt challenges
location ^~ /.well-known/acme-challenge {
# log requests for security reasons
access_log /var/log/nginx/LetsEncrypt_access.log main;
error_log /var/log/nginx/LetsEncrypt_error.log warn;
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/error.log warn;
default_type text/plain;
root /LEChallenge;
root /usr/share/nginx/letsencrypt;
autoindex on;
}
# error pages
include /etc/nginx/errorpages.conf;
}
}
build/sites/05-secured.conf.disabled
+9 -7
View File
@@ -1,4 +1,6 @@
### UNsecured test page
#
# Default SECURED server block with LetsEncrypt support
#
server {
listen 80;
@@ -8,15 +10,15 @@ server {
location / {
return 301 https://$host:<HTTPS_PORT>$request_uri;
}
# process Let's Encrypt challenges
location ^~ /.well-known/acme-challenge {
# log requests for security reasons
access_log /var/log/nginx/LetsEncrypt_access.log main;
error_log /var/log/nginx/LetsEncrypt_error.log warn;
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/error.log warn;
default_type text/plain;
root /LEChallenge;
root /usr/share/nginx/letsencrypt;
autoindex on;
}
@@ -32,9 +34,9 @@ server {
include /etc/nginx/ssl_certs.conf;
location / {
try_files $uri $uri/ =404;
try_files $uri $uri/ =404;
}
# error pages
include /etc/nginx/errorpages.conf;
}
}