Page Menu
Home
DevCentral
Search
Configure Global Search
Log In
Files
F3792381
D1722.id4377.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
8 KB
Referenced Files
None
Subscribers
None
D1722.id4377.diff
View Options
diff --git a/pillar/paas/docker.sls b/pillar/paas/docker.sls
--- a/pillar/paas/docker.sls
+++ b/pillar/paas/docker.sls
@@ -102,7 +102,19 @@
# Infrastructure and development services
phabricator:
- devcentral: {}
+ devcentral:
+ app_port: 31080
+ host: devcentral.nasqueron.org
+ aliases:
+ - phabricator.nasqueron.org
+ blogs:
+ servers:
+ host: servers.nasqueron.org
+ aliases:
+ - server.nasqueron.org
+ - serveur.nasqueron.org
+ - serveurs.nasqueron.org
+ static_host: phabricator-files-for-devcentral-nasqueron.spacetechnology.net
aphlict:
aphlict:
diff --git a/roles/paas-docker/nginx/config.sls b/roles/paas-docker/nginx/config.sls
--- a/roles/paas-docker/nginx/config.sls
+++ b/roles/paas-docker/nginx/config.sls
@@ -42,6 +42,9 @@
{% if 'aliases' in container %}
aliases: {{ container['aliases']|join(" ") }}
{% endif %}
+ # If the nginx configuration needs more key,
+ # pass directly the container dictionary.
+ args: {{ container }}
{% endif %}
{% endfor %}
diff --git a/roles/paas-docker/nginx/files/vhosts/devcentral.conf b/roles/paas-docker/nginx/files/vhosts/devcentral.conf
deleted file mode 100644
--- a/roles/paas-docker/nginx/files/vhosts/devcentral.conf
+++ /dev/null
@@ -1,93 +0,0 @@
-map $http_upgrade $connection_upgrade {
- default upgrade;
- '' close;
-}
-
-server {
- listen 80;
- listen [::]:80;
- server_name phabricator.nasqueron.org;
-
- include includes/letsencrypt;
-
- include includes/tls;
- ssl_certificate /srv/letsencrypt/etc/live/devcentral.nasqueron.org/fullchain.pem;
- ssl_certificate_key /srv/letsencrypt/etc/live/devcentral.nasqueron.org/privkey.pem;
-
- rewrite ^ https://devcentral.nasqueron.org$request_uri? permanent;
-}
-
-server {
- listen 80;
- listen [::]:80;
- server_name phabricator-files-for-devcentral-nasqueron.spacetechnology.net;
-
- return 301 https://$host$request_uri;
-}
-
-server {
- server_name phabricator-files-for-devcentral-nasqueron.spacetechnology.net;
-
- include includes/letsencrypt;
-
- include includes/tls;
- ssl_certificate /srv/letsencrypt/etc/live/devcentral.nasqueron.org/fullchain.pem;
- ssl_certificate_key /srv/letsencrypt/etc/live/devcentral.nasqueron.org/privkey.pem;
-
- include includes/proxy_params;
- location / {
- proxy_pass http://localhost:31080;
- }
-}
-
-server {
- listen 80;
- listen [::]:80;
- server_name devcentral.nasqueron.org;
-
- return 301 https://$host$request_uri;
-}
-
-server {
- server_name devcentral.nasqueron.org;
-
- include includes/letsencrypt;
-
- include includes/tls;
- ssl_certificate /srv/letsencrypt/etc/live/devcentral.nasqueron.org/fullchain.pem;
- ssl_certificate_key /srv/letsencrypt/etc/live/devcentral.nasqueron.org/privkey.pem;
-
- include includes/proxy_params;
- location / {
- proxy_pass http://localhost:31080;
- }
-
- location ~ ^/maniphest/task/create {
- rewrite ^/maniphest/task/create/?(.*) /maniphest/task/edit/form/1/$1;
- }
-
- location = /ws/ {
- proxy_pass http://localhost:22280;
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_read_timeout 999999999;
- }
-
- #502 error
- root /var/wwwroot-502/devcentral.nasqueron.org;
- error_page 502 /502.html;
- location /502.html {}
-}
-
-server {
- listen 80;
- listen [::]:80;
- server_name server.nasqueron.org serveur.nasqueron.org serveurs.nasqueron.org;
-
- include includes/letsencrypt; include includes/tls;
- ssl_certificate /srv/letsencrypt/etc/live/devcentral.nasqueron.org/fullchain.pem;
- ssl_certificate_key /srv/letsencrypt/etc/live/devcentral.nasqueron.org/privkey.pem;
-
- rewrite ^ https://servers.nasqueron.org$request_uri? permanent;
-}
diff --git a/roles/paas-docker/nginx/files/vhosts/phabricator.conf b/roles/paas-docker/nginx/files/vhosts/phabricator.conf
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/nginx/files/vhosts/phabricator.conf
@@ -0,0 +1,176 @@
+# -------------------------------------------------------------
+# Configuration for Docker PaaS front-end nginx
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Author: Sébastien Santoro aka Dereckson
+# Created: 2018-09-11
+# Source file: roles/paas-docker/nginx/files/vhosts/phabricator.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+map $http_upgrade $connection_upgrade {
+ default upgrade;
+ '' close;
+}
+
+# -------------------------------------------------------------
+# Application - {{ fqdn }}
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ fqdn }};
+
+ return 301 https://$host$request_uri;
+}
+
+server {
+ server_name {{ fqdn }};
+
+ include includes/letsencrypt;
+
+ include includes/tls;
+ ssl_certificate /srv/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /srv/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ include includes/proxy_params;
+ location / {
+ proxy_pass http://localhost:{{ app_port }};
+ }
+
+ location ~ ^/maniphest/task/create {
+ rewrite ^/maniphest/task/create/?(.*) /maniphest/task/edit/form/1/$1;
+ }
+
+ location = /ws/ {
+ proxy_pass http://localhost:22280;
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_read_timeout 999999999;
+ }
+
+ #502 error
+ root /var/wwwroot-502/{{ fqdn }};
+ error_page 502 /502.html;
+ location /502.html {}
+}
+
+# -------------------------------------------------------------
+# Static content
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ args['static_host'] }};
+
+ return 301 https://$host$request_uri;
+}
+
+server {
+ server_name {{ args['static_host'] }};
+
+ include includes/tls;
+ ssl_certificate /srv/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /srv/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ include includes/letsencrypt;
+
+ include includes/proxy_params;
+ location / {
+ proxy_pass http://localhost:{{ app_port }};
+ }
+}
+
+{%- if 'blogs' in args %}
+{%- for blog_name, blog in args['blogs'].items() %}
+
+# -------------------------------------------------------------
+# Phame domains for {{ blog_name }}
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ blog['host'] }};
+
+ return 301 https://$host$request_uri;
+}
+
+server {
+ server_name {{ blog['host'] }};
+
+ include includes/tls;
+ ssl_certificate /data/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /data/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ include includes/letsencrypt;
+
+ location / {
+ include proxy_params;
+ proxy_pass http://localhost:{{ app_port }};
+ }
+
+ # Fixes invalid URLs resolved to phame instead of DevCentral
+ location ~ T[0.9]* {
+ rewrite ^ http://{{ fqdn }}$request_uri? redirect;
+ }
+
+ # Fixes invalid URLs resolved to phame instead of DevCentral
+ location /tag/ {
+ rewrite ^ http://{{ fqdn }}$request_uri? redirect;
+ }
+
+ # 502 error
+ root /var/wwwroot-502/{{ fqdn }};
+ error_page 502 /502.html;
+ location /502.html {}
+}
+
+# -------------------------------------------------------------
+# Phame domains for {{ blog_name }} — aliases
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ blog['aliases']|join(' ') }};
+
+ include includes/tls;
+ ssl_certificate /srv/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /srv/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ include includes/letsencrypt;
+
+ return 301 https://{{ blog['host'] }}$request_uri;
+}
+
+{%- endfor %}
+{%- endif %}
+{%- if aliases %}
+
+# -------------------------------------------------------------
+# Redirects for app aliases domains
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ aliases }};
+
+ include includes/tls;
+ ssl_certificate /srv/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /srv/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ include includes/letsencrypt;
+
+ return 301 https://{{ fqdn }}$request_uri;
+}
+{%- endif %}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Thu, Nov 28, 16:46 (7 h, 2 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2269398
Default Alt Text
D1722.id4377.diff (8 KB)
Attached To
Mode
D1722: Provide nginx configuration for Phabricator containers
Attached
Detach File
Event Timeline
Log In to Comment