Page MenuHomeDevCentral

D578.id1762.diff
No OneTemporary

D578.id1762.diff

diff --git a/roles/shellserver/eglide-website/init.sls b/roles/shellserver/eglide-website/init.sls
--- a/roles/shellserver/eglide-website/init.sls
+++ b/roles/shellserver/eglide-website/init.sls
@@ -20,3 +20,13 @@
- group: www-data
- dir_mode: 711
- file_mode: 644
+
+# -------------------------------------------------------------
+# Nginx logs
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/var/log/www/eglide.org:
+ file.directory:
+ - user: root
+ - group: www-data
+ - dir_mode: 750
diff --git a/roles/shellserver/web-hosting/files/eglide/nginx/includes/letsencrypt.conf b/roles/shellserver/web-hosting/files/eglide/nginx/includes/letsencrypt.conf
new file mode 100644
--- /dev/null
+++ b/roles/shellserver/web-hosting/files/eglide/nginx/includes/letsencrypt.conf
@@ -0,0 +1,14 @@
+# -------------------------------------------------------------
+# Configuration for Let's encrypt nginx
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Author: Sébastien Santoro aka Dereckson
+# Created: 2016-01-05
+# Description: Get SSL certificates from Let's encrypt
+# -------------------------------------------------------------
+
+ location /.well-known/acme-challenge {
+ allow all;
+
+ default_type text/plain;
+ root /var/letsencrypt-auto;
+ }
diff --git a/roles/shellserver/web-hosting/files/eglide/nginx/nginx.conf b/roles/shellserver/web-hosting/files/eglide/nginx/nginx.conf
new file mode 100644
--- /dev/null
+++ b/roles/shellserver/web-hosting/files/eglide/nginx/nginx.conf
@@ -0,0 +1,38 @@
+# -------------------------------------------------------------
+# Eglide — nginx configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Eglide
+# Created: 2016-07-26
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Server configuration
+# -------------------------------------------------------------
+
+worker_processes 1;
+
+events {
+ worker_connections 1024;
+}
+
+# -------------------------------------------------------------
+# HTTP configuration
+# -------------------------------------------------------------
+
+http {
+ include mime.types;
+ default_type text/plain;
+
+ server_names_hash_bucket_size 128;
+
+ log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+ '$status $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+
+ sendfile on;
+ keepalive_timeout 65;
+ gzip on;
+
+ include vhosts/*.conf;
+}
diff --git a/roles/shellserver/web-hosting/files/eglide/nginx/vhosts/000.conf b/roles/shellserver/web-hosting/files/eglide/nginx/vhosts/000.conf
new file mode 100644
--- /dev/null
+++ b/roles/shellserver/web-hosting/files/eglide/nginx/vhosts/000.conf
@@ -0,0 +1,33 @@
+# -------------------------------------------------------------
+# Eglide — nginx configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Eglide
+# Created: 2016-07-26
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Default vhost as a catchall when Host: header value doesn't
+# match any server name, ie the domain is unknown.
+# -------------------------------------------------------------
+
+ server {
+ listen 80;
+ listen [2001:470:1f12:9e1::2]:80;
+ listen [2001:470:1f13:9e1:0:c0ff:ee:1]:80;
+ server_name _;
+ root /var/wwwroot/unknown_domains;
+
+ access_log /var/log/www/unknown_domains-access.log main;
+ error_log /var/log/www/unknown_domains-error.log;
+
+ error_page 404 @unknowndomains;
+
+ location / {
+ return 404;
+ }
+
+ location @unknowndomains {
+ rewrite ^(.*)$ /unknown.html break;
+ }
+ }
diff --git a/roles/shellserver/web-hosting/files/eglide/nginx/vhosts/001-eglide.org.conf b/roles/shellserver/web-hosting/files/eglide/nginx/vhosts/001-eglide.org.conf
new file mode 100644
--- /dev/null
+++ b/roles/shellserver/web-hosting/files/eglide/nginx/vhosts/001-eglide.org.conf
@@ -0,0 +1,58 @@
+# -------------------------------------------------------------
+# Eglide — nginx configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Eglide
+# Created: 2016-07-26
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Main vhost receives special responsibilities like serving
+# user directories.
+# -------------------------------------------------------------
+
+ server {
+
+ listen 80;
+ listen [::]:80;
+ server_name localhost eglide eglide.org eglide.nasqueron.org www.eglide.org [2001:470:1f12:896::2] [2001:470:1f13:896:0:c0de:15:11fe];
+ root /var/www/html;
+
+ access_log /var/log/www/eglide.org/www-access.log main;
+ error_log /var/log/www/eglide.org/www-error.log;
+
+ ###
+ ### SSL
+ ###
+
+ include includes/letsencrypt.conf;
+
+ # Once the first certificate has been generated, we'll enabl this snippet:
+ #
+ # SSL - include ssl_params;
+ # SSL - ssl_certificate /usr/local/etc/letsencrypt/live/eglide.org/fullchain.pem;
+ # SSL - ssl_certificate_key /usr/local/etc/letsencrypt/live/eglide.org/privkey.pem;
+
+ ###
+ ### Main site
+ ###
+
+ location / {
+ index index.html index.htm default.html default.htm;
+ }
+
+ error_page 500 502 503 504 /50x.html;
+
+ ###
+ ### public_html user directories
+ ###
+
+ set $userdir public_html;
+
+ location ~ ^/~(.+?)(/.*)?$ {
+ alias /home/$1/$userdir$2;
+ index index.html index.htm;
+ autoindex on;
+ }
+
+ }
diff --git a/roles/shellserver/web-hosting/files/eglide/wwwroot-unknown/unknown.html b/roles/shellserver/web-hosting/files/eglide/wwwroot-unknown/unknown.html
new file mode 100644
--- /dev/null
+++ b/roles/shellserver/web-hosting/files/eglide/wwwroot-unknown/unknown.html
@@ -0,0 +1,17 @@
+<!doctype html>
+<html class="no-js" lang="en">
+<head>
+ <meta charset="utf-8"/>
+ <meta http-equiv="x-ua-compatible" content="ie=edge">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+ <title>Eglide</title>
+</head>
+<body>
+ <h1>Eglide :: Unknown domain</h1>
+ <h2>HTTP 404 Not Found</h2>
+ <p>Eglide allows users to create accounts to host tmux/screen + irssi/weechat or bots for IRC purpose.</p>
+ <p>It also offers a small HTML web presence.</p>
+ <p>The domain you seek redirects to one of our IPs, but it hasn't been declared in our webserver.</p>
+ <p>Contact the domain owner for assistance.</p>
+</body>
+</html>
diff --git a/roles/shellserver/web-hosting/init.sls b/roles/shellserver/web-hosting/init.sls
new file mode 100644
--- /dev/null
+++ b/roles/shellserver/web-hosting/init.sls
@@ -0,0 +1,56 @@
+# -------------------------------------------------------------
+# Salt — nginx configuration
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Eglide
+# Created: 2016-11-08
+# License: Trivial work, not eligible to copyright
+# -------------------------------------------------------------
+
+# -------------------------------------------------------------
+# Nginx configuration files
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+nginx_config_files:
+ file.recurse:
+ {% if grains['os'] == 'FreeBSD' %}
+ - name: /usr/local/etc/nginx
+ {% else %}
+ - name: /etc/nginx
+ {% endif %}
+ - source: salt://roles/shellserver/web-hosting/files/{{ grains['id'] }}/nginx
+ - include_empty: True
+ - clean: False
+ - dir_mode: 755
+ - file_mode: 644
+ - cmd.run:
+ - name: nginx -t reload
+ - onchanges:
+ {% if grains['os'] == 'FreeBSD' %}
+ - file: /usr/local/etc/nginx/nginx.conf
+ {% else %}
+ - file: /etc/nginx/nginx.conf
+ {% endif %}
+
+# -------------------------------------------------------------
+# Nginx logs
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+/var/log/www:
+ file.directory:
+ - user: root
+ - group: www-data
+ - dir_mode: 750
+
+# -------------------------------------------------------------
+# Site to serve when Host: header doesn't match a known vhost
+#
+# Typically, this occurs when a domain is configured in DNS,
+# but not in nginx.
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+unknown_domain_files:
+ file.recurse:
+ - name: /var/wwwroot/unknown_domains
+ - source: salt://roles/shellserver/web-hosting/files/{{ grains['id'] }}/wwwroot-unknown
+ - dir_mode: 755
+ - file_mode: 644

File Metadata

Mime Type
text/plain
Expires
Thu, Jan 23, 09:28 (5 h, 57 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2368803
Default Alt Text
D578.id1762.diff (9 KB)

Event Timeline