Page MenuHomeDevCentral

nginx configuration drift between Salt and deployed version
Open, HighPublic

Description

When salt-call --local state.sls roles/webserver-legacy/nginx/config was deployed this evening for D2062, that triggers unexpected changes:

{

1/usr/local/etc/nginx/vhosts/dereckson.be/mediawiki.conf
2
3 root /var/51-wwwroot/mediawiki-dereckson/core;
4 index index.html index.php;
5
6 - include includes/letsencrypt;
7 -
8 location / {
9 try_files $uri $uri/ /index.php?$query_string;
10 }
11
12
13/usr/local/etc/nginx/vhosts/hypership.space/www.conf:
14
15 @@ -27,13 +27,6 @@
16 error_log /var/log/www/hypership.space/www-error.log;
17 access_log /var/log/www/hypership.space/www-access.log;
18
19 - root /var/wwwroot/hypership.space/www;
20 - index index.html index.php;
21 -
22 - error_page 503 /503.html;
23 -
24 - include includes/letsencrypt;
25 -
26 location /content {
27 return 403;
28 }
29 @@ -52,34 +45,13 @@
30 }
31 }
32
33 - location = /tour {
34 - return 302 /tour.html;
35 - }
36 -
37 location / {
38 - try_files $uri $uri/ @app;
39 -
40 - location ~ \.php$ {
41 - return 503;
42 -
43 - #fastcgi_pass unix:/var/run/web/hypership.space/php-fpm.sock;
44 - #fastcgi_index index.php;
45 - #fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
46 - #include includes/fastcgi_params;
47 - }
48 - }
49 -
50 - location @app {
51 return 503;
52 -
53 - #fastcgi_pass unix:/var/run/web/hypership.space/php-fpm.sock;
54 - #fastcgi_param SCRIPT_FILENAME /var/wwwroot/hypership.space/www/index.php;
55 - #include includes/fastcgi_params;
56 }
57 }
58
59
60 # -------------------------------------------------------------
61 -# Redirections from port 80 and alternative domains
62 +# Redirects from port 80 and alternative domains
63 # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
64
65 server {
66 @@ -119,58 +91,9 @@
67 listen [::]:80;
68 server_name zed51.dereckson.be;
69
70 - include includes/tls;
71 - ssl_certificate /usr/local/etc/letsencrypt/live/hypership.space/fullchain.pem;
72 - ssl_certificate_key /usr/local/etc/letsencrypt/live/hypership.space/privkey.pem;
73 -
74 - error_log /var/log/www/dereckson.be/zed51-error.log;
75 - access_log /var/log/www/dereckson.be/zed51-access.log;
76 -
77 - root /var/51-wwwroot/zed;
78 - index index.html index.php;
79 -
80 include includes/letsencrypt;
81
82 - location /content {
83 - return 403;
84 - }
85 -
86 - location /content/users {
87 - alias /srv/zed/content/users;
88 - }
89 -
90 - location /content/scenes {
91 - alias /srv/zed/content/scenes;
92 -
93 - location ~ \.tpl$ {
94 - # This folder contains templates intended to be rendered,
95 - # and not directly served.
96 - return 403;
97 - }
98 - }
99 -
100 - location = /tour {
101 - return 302 /tour.html;
102 - }
103 -
104 - location / {
105 - try_files $uri $uri/ @app;
106 -
107 - location ~ [^/]\.php(/|$) {
108 - fastcgi_pass unix:/var/run/web/zed51.dereckson.be/php-fpm.sock;
109 - fastcgi_index index.php;
110 - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
111 - include includes/fastcgi_params;
112 -
113 - fastcgi_split_path_info ^((?U).+\.php)(.*)$;
114 - fastcgi_param PATH_INFO $fastcgi_path_info;
115 - fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
116 - }
117 - }
118 -
119 - location @app {
120 - fastcgi_pass unix:/var/run/web/zed51.dereckson.be/php-fpm.sock;
121 - fastcgi_param SCRIPT_FILENAME /var/51-wwwroot/zed/index.php;
122 - include includes/fastcgi_params;
123 + return 503;
124 }
125 }
126
127/usr/local/etc/nginx/vhosts/nasqueron.org/labs.conf
128
129 @@ -35,6 +35,4 @@
130 access_log /var/log/www/nasqueron.org/labs-access.log;
131
132 root /var/wwwroot/nasqueron.org/labs;
133 -
134 - include includes/letsencrypt;
135 }
136
137/usr/local/etc/nginx/vhosts/nasqueron.org/rain.conf
138
139 access_log /var/log/www/nasqueron.org/rain-access.log;
140
141 root /var/wwwroot/nasqueron.org/rain;
142 -
143 - include includes/letsencrypt;
144 }
145
146 server {
147 @@ -60,6 +58,4 @@
148 access_log /var/log/www/nasqueron.org/rain51-access.log;
149
150 root /var/51-wwwroot/rain;
151 -
152 - include includes/letsencrypt;
153 }
}

It also updated trivial changes like typo fixes against other files, that's no op.

It also removed phpinfo.php served for www.espace-win.org, that's acceptable

Event Timeline

dereckson created this task.Apr 13 2019, 17:53
dereckson triaged this task as High priority.