diff --git a/roles/webserver-legacy/nginx/files/vhosts/wolfplex.org/api.conf b/roles/webserver-legacy/nginx/files/vhosts/wolfplex.org/api.conf
index 1b4f93a..078a8c7 100644
--- a/roles/webserver-legacy/nginx/files/vhosts/wolfplex.org/api.conf
+++ b/roles/webserver-legacy/nginx/files/vhosts/wolfplex.org/api.conf
@@ -1,117 +1,121 @@
# -------------------------------------------------------------
# Webserver
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Wolfplex
# Site: api.wolfplex.org
# License: Trivial work, not eligible to copyright
# Source file: roles/webserver-legacy/nginx/files/vhosts/wolfplex.org/api.conf
# -------------------------------------------------------------
#
#
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
#
# -------------------------------------------------------------
# Production API
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
server {
server_name api.wolfplex.org;
include includes/tls;
ssl_certificate /usr/local/etc/letsencrypt/live/api.wolfplex.org/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/api.wolfplex.org/privkey.pem;
error_log /var/log/www/wolfplex.org/api-error.log;
access_log /var/log/www/wolfplex.org/api-access.log;
root /var/wwwroot/wolfplex.org/api;
index index.json index.php index.html;
+ include includes/letsencrypt;
+
location ~ [^/]\.json(/|$) {
include includes/cors-open;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/web/www.wolfplex.org/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include includes/fastcgi_params;
}
}
# -------------------------------------------------------------
# Staging API
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
server {
server_name api51.wolfplex.org;
include includes/tls;
ssl_certificate /usr/local/etc/letsencrypt/live/api.wolfplex.org/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/api.wolfplex.org/privkey.pem;
error_log /var/log/www/wolfplex.org/api51-error.log;
access_log /var/log/www/wolfplex.org/api51-access.log;
root /var/51-wwwroot/wolfplex-api;
index index.json index.php index.html;
+ include includes/letsencrypt;
+
location ~ [^/]\.json(/|$) {
include includes/cors-open;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/web/www.wolfplex.org/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include includes/fastcgi_params;
}
}
# -------------------------------------------------------------
# Redirects for http:// or .be to https://...org
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
server {
listen 80;
listen [::]:80;
server_name api.wolfplex.org api.wolfplex.be;
include includes/letsencrypt;
return 301 https://api.wolfplex.org$request_uri;
}
server {
listen 80;
listen [::]:80;
server_name api51.wolfplex.org api51.wolfplex.be;
include includes/letsencrypt;
return 301 https://api51.wolfplex.org$request_uri;
}
server {
server_name api.wolfplex.be;
include includes/tls;
ssl_certificate /usr/local/etc/letsencrypt/live/api.wolfplex.org/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/api.wolfplex.org/privkey.pem;
return 301 https://api.wolfplex.org$request_uri;
}
server {
server_name api51.wolfplex.be;
include includes/tls;
ssl_certificate /usr/local/etc/letsencrypt/live/api.wolfplex.org/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/api.wolfplex.org/privkey.pem;
return 301 https://api51.wolfplex.org$request_uri;
}
diff --git a/roles/webserver-legacy/nginx/files/vhosts/wolfplex.org/www.conf b/roles/webserver-legacy/nginx/files/vhosts/wolfplex.org/www.conf
index 6b99054..97a66b9 100644
--- a/roles/webserver-legacy/nginx/files/vhosts/wolfplex.org/www.conf
+++ b/roles/webserver-legacy/nginx/files/vhosts/wolfplex.org/www.conf
@@ -1,107 +1,109 @@
# -------------------------------------------------------------
# Webserver
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Wolfplex
# Site: www.wolfplex.org
# License: Trivial work, not eligible to copyright
# Source file: roles/webserver-legacy/nginx/files/vhosts/wolfplex.org/www.conf
# -------------------------------------------------------------
#
#
# This file is managed by our rOPS SaltStack repository.
#
# Changes to this file may cause incorrect behavior
# and will be lost if the state is redeployed.
#
# ---------------------------------------------------------
# Canonical site
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
server {
server_name www.wolfplex.org;
include includes/tls;
ssl_certificate /usr/local/etc/letsencrypt/live/www.wolfplex.org/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/www.wolfplex.org/privkey.pem;
error_log /var/log/www/wolfplex.org/www-error.log;
access_log /var/log/www/wolfplex.org/www-access.log;
root /var/wwwroot/wolfplex.org/www;
index index.html index.php;
+ include includes/letsencrypt;
+
# ---------------------------------------------------------
# Wiki
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
location / {
# Use the wiki as home page
rewrite ^/$ /wiki;
# Link to the most relevant page to present the project
rewrite /presentation/?$ /w/index.php?title=Presentation last;
# Link to the most relevant page for bulletin/news information:
rewrite /b/?$ /w/index.php?title=Bulletin:Main last;
}
include includes/mediawiki-wiki;
# ---------------------------------------------------------
# Etherpad
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
location /pad {
rewrite ^/pad/(.*)$ https://pad.wolfplex.be/p/$1 last;
}
# ---------------------------------------------------------
# Other php-fpm services
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
location ~ \.php$ {
fastcgi_pass unix:/var/run/web/www.wolfplex.org/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include includes/fastcgi_params;
}
}
# ---------------------------------------------------------
# Redirects for http:// or .be to https://...org
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
server {
listen 80;
listen [::]:80;
server_name www.wolfplex.org www.wolfplex.be;
include includes/letsencrypt;
return 301 https://www.wolfplex.org$request_uri;
}
server {
server_name www.wolfplex.be;
include includes/tls;
ssl_certificate /usr/local/etc/letsencrypt/live/www.wolfplex.org/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/www.wolfplex.org/privkey.pem;
return 301 https://www.wolfplex.org$request_uri;
}
server {
listen 80;
listen [::]:80;
server_name wiki.wolfplex.org wiki.wolfplex.be;
include includes/tls;
ssl_certificate /usr/local/etc/letsencrypt/live/www.wolfplex.org/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/www.wolfplex.org/privkey.pem;
include includes/letsencrypt;
return 301 https://www.wolfplex.org/wiki$request_uri;
}