[SAC] [OSGeo] #2428: Pages on staging.grass.osgeo.org without https
OSGeo
trac_osgeo at osgeo.org
Sun Mar 22 15:50:28 PDT 2020
#2428: Pages on staging.grass.osgeo.org without https
---------------------------+------------------------
Reporter: neteler | Owner: sac@…
Type: defect | Status: new
Priority: normal | Milestone: Unplanned
Component: Systems Admin | Resolution:
Keywords: |
---------------------------+------------------------
Comment (by robe):
For future reference commit
https://git.osgeo.org/gitea/sac/osgeo7/commit/495143e3ff441347f0d56a4b46d15a001faea9c6
{{{
diff --git a/etc/nginx/sites-available/grass.osgeo.org b/etc/nginx/sites-
available/grass.osgeo.org
index 31fd76d..03d3b83 100644
--- a/etc/nginx/sites-available/grass.osgeo.org
+++ b/etc/nginx/sites-available/grass.osgeo.org
@@ -1,7 +1,6 @@
server {
server_name staging.grass.osgeo.org;
server_name grass.osgeo.org;
- listen 80 proxy_protocol; # managed by Certbot
set_real_ip_from 140.211.15.0/24;
real_ip_header proxy_protocol;
@@ -18,10 +17,29 @@ server {
proxy_redirect off;
}
- listen 443 ssl; # managed by Certbot
+ listen 443 ssl proxy_protocol; # managed by Certbot
ssl_certificate
/etc/letsencrypt/live/staging.grass.osgeo.org/fullchain.pem; # managed by
Certbot
ssl_certificate_key
/etc/letsencrypt/live/staging.grass.osgeo.org/privkey.pem; # managed by
Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
+server {
+ if ($host = staging.grass.osgeo.org) {
+ return 301 https://$host$request_uri;
+ } # managed by Certbot
+
+ if ($host = grass.osgeo.org) {
+ return 301 https://$host$request_uri;
+ } # managed by Certbot
+
+
+
+ server_name staging.grass.osgeo.org;
+ server_name grass.osgeo.org;
+ listen 80 proxy_protocol;
+ return 404; # managed by Certbot
+
+
+}
+
}}}
then did
{{{
nginx -t #verify config has no typos
systemctl reload nginx
}}}
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/2428#comment:2>
OSGeo <https://osgeo.org/>
OSGeo committee and general foundation issue tracker.
More information about the Sac
mailing list