Page MenuHomeDevCentral

D1722.id4377.diff
No OneTemporary

D1722.id4377.diff

diff --git a/pillar/paas/docker.sls b/pillar/paas/docker.sls
--- a/pillar/paas/docker.sls
+++ b/pillar/paas/docker.sls
@@ -102,7 +102,19 @@
# Infrastructure and development services
phabricator:
- devcentral: {}
+ devcentral:
+ app_port: 31080
+ host: devcentral.nasqueron.org
+ aliases:
+ - phabricator.nasqueron.org
+ blogs:
+ servers:
+ host: servers.nasqueron.org
+ aliases:
+ - server.nasqueron.org
+ - serveur.nasqueron.org
+ - serveurs.nasqueron.org
+ static_host: phabricator-files-for-devcentral-nasqueron.spacetechnology.net
aphlict:
aphlict:
diff --git a/roles/paas-docker/nginx/config.sls b/roles/paas-docker/nginx/config.sls
--- a/roles/paas-docker/nginx/config.sls
+++ b/roles/paas-docker/nginx/config.sls
@@ -42,6 +42,9 @@
{% if 'aliases' in container %}
aliases: {{ container['aliases']|join(" ") }}
{% endif %}
+ # If the nginx configuration needs more key,
+ # pass directly the container dictionary.
+ args: {{ container }}
{% endif %}
{% endfor %}
diff --git a/roles/paas-docker/nginx/files/vhosts/devcentral.conf b/roles/paas-docker/nginx/files/vhosts/devcentral.conf
deleted file mode 100644
--- a/roles/paas-docker/nginx/files/vhosts/devcentral.conf
+++ /dev/null
@@ -1,93 +0,0 @@
-map $http_upgrade $connection_upgrade {
- default upgrade;
- '' close;
-}
-
-server {
- listen 80;
- listen [::]:80;
- server_name phabricator.nasqueron.org;
-
- include includes/letsencrypt;
-
- include includes/tls;
- ssl_certificate /srv/letsencrypt/etc/live/devcentral.nasqueron.org/fullchain.pem;
- ssl_certificate_key /srv/letsencrypt/etc/live/devcentral.nasqueron.org/privkey.pem;
-
- rewrite ^ https://devcentral.nasqueron.org$request_uri? permanent;
-}
-
-server {
- listen 80;
- listen [::]:80;
- server_name phabricator-files-for-devcentral-nasqueron.spacetechnology.net;
-
- return 301 https://$host$request_uri;
-}
-
-server {
- server_name phabricator-files-for-devcentral-nasqueron.spacetechnology.net;
-
- include includes/letsencrypt;
-
- include includes/tls;
- ssl_certificate /srv/letsencrypt/etc/live/devcentral.nasqueron.org/fullchain.pem;
- ssl_certificate_key /srv/letsencrypt/etc/live/devcentral.nasqueron.org/privkey.pem;
-
- include includes/proxy_params;
- location / {
- proxy_pass http://localhost:31080;
- }
-}
-
-server {
- listen 80;
- listen [::]:80;
- server_name devcentral.nasqueron.org;
-
- return 301 https://$host$request_uri;
-}
-
-server {
- server_name devcentral.nasqueron.org;
-
- include includes/letsencrypt;
-
- include includes/tls;
- ssl_certificate /srv/letsencrypt/etc/live/devcentral.nasqueron.org/fullchain.pem;
- ssl_certificate_key /srv/letsencrypt/etc/live/devcentral.nasqueron.org/privkey.pem;
-
- include includes/proxy_params;
- location / {
- proxy_pass http://localhost:31080;
- }
-
- location ~ ^/maniphest/task/create {
- rewrite ^/maniphest/task/create/?(.*) /maniphest/task/edit/form/1/$1;
- }
-
- location = /ws/ {
- proxy_pass http://localhost:22280;
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_read_timeout 999999999;
- }
-
- #502 error
- root /var/wwwroot-502/devcentral.nasqueron.org;
- error_page 502 /502.html;
- location /502.html {}
-}
-
-server {
- listen 80;
- listen [::]:80;
- server_name server.nasqueron.org serveur.nasqueron.org serveurs.nasqueron.org;
-
- include includes/letsencrypt; include includes/tls;
- ssl_certificate /srv/letsencrypt/etc/live/devcentral.nasqueron.org/fullchain.pem;
- ssl_certificate_key /srv/letsencrypt/etc/live/devcentral.nasqueron.org/privkey.pem;
-
- rewrite ^ https://servers.nasqueron.org$request_uri? permanent;
-}
diff --git a/roles/paas-docker/nginx/files/vhosts/phabricator.conf b/roles/paas-docker/nginx/files/vhosts/phabricator.conf
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/nginx/files/vhosts/phabricator.conf
@@ -0,0 +1,176 @@
+# -------------------------------------------------------------
+# Configuration for Docker PaaS front-end nginx
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Author: Sébastien Santoro aka Dereckson
+# Created: 2018-09-11
+# Source file: roles/paas-docker/nginx/files/vhosts/phabricator.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+map $http_upgrade $connection_upgrade {
+ default upgrade;
+ '' close;
+}
+
+# -------------------------------------------------------------
+# Application - {{ fqdn }}
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ fqdn }};
+
+ return 301 https://$host$request_uri;
+}
+
+server {
+ server_name {{ fqdn }};
+
+ include includes/letsencrypt;
+
+ include includes/tls;
+ ssl_certificate /srv/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /srv/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ include includes/proxy_params;
+ location / {
+ proxy_pass http://localhost:{{ app_port }};
+ }
+
+ location ~ ^/maniphest/task/create {
+ rewrite ^/maniphest/task/create/?(.*) /maniphest/task/edit/form/1/$1;
+ }
+
+ location = /ws/ {
+ proxy_pass http://localhost:22280;
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_read_timeout 999999999;
+ }
+
+ #502 error
+ root /var/wwwroot-502/{{ fqdn }};
+ error_page 502 /502.html;
+ location /502.html {}
+}
+
+# -------------------------------------------------------------
+# Static content
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ args['static_host'] }};
+
+ return 301 https://$host$request_uri;
+}
+
+server {
+ server_name {{ args['static_host'] }};
+
+ include includes/tls;
+ ssl_certificate /srv/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /srv/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ include includes/letsencrypt;
+
+ include includes/proxy_params;
+ location / {
+ proxy_pass http://localhost:{{ app_port }};
+ }
+}
+
+{%- if 'blogs' in args %}
+{%- for blog_name, blog in args['blogs'].items() %}
+
+# -------------------------------------------------------------
+# Phame domains for {{ blog_name }}
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ blog['host'] }};
+
+ return 301 https://$host$request_uri;
+}
+
+server {
+ server_name {{ blog['host'] }};
+
+ include includes/tls;
+ ssl_certificate /data/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /data/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ include includes/letsencrypt;
+
+ location / {
+ include proxy_params;
+ proxy_pass http://localhost:{{ app_port }};
+ }
+
+ # Fixes invalid URLs resolved to phame instead of DevCentral
+ location ~ T[0.9]* {
+ rewrite ^ http://{{ fqdn }}$request_uri? redirect;
+ }
+
+ # Fixes invalid URLs resolved to phame instead of DevCentral
+ location /tag/ {
+ rewrite ^ http://{{ fqdn }}$request_uri? redirect;
+ }
+
+ # 502 error
+ root /var/wwwroot-502/{{ fqdn }};
+ error_page 502 /502.html;
+ location /502.html {}
+}
+
+# -------------------------------------------------------------
+# Phame domains for {{ blog_name }} — aliases
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ blog['aliases']|join(' ') }};
+
+ include includes/tls;
+ ssl_certificate /srv/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /srv/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ include includes/letsencrypt;
+
+ return 301 https://{{ blog['host'] }}$request_uri;
+}
+
+{%- endfor %}
+{%- endif %}
+{%- if aliases %}
+
+# -------------------------------------------------------------
+# Redirects for app aliases domains
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ aliases }};
+
+ include includes/tls;
+ ssl_certificate /srv/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /srv/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ include includes/letsencrypt;
+
+ return 301 https://{{ fqdn }}$request_uri;
+}
+{%- endif %}

File Metadata

Mime Type
text/plain
Expires
Thu, Nov 28, 16:46 (7 h, 2 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2269398
Default Alt Text
D1722.id4377.diff (8 KB)

Event Timeline