update .gitignore

explicitly specify both ipv4 and ipv6 in subdomains nginx config file
add clean config script
2019-07-16 12:19:09 -07:00 · 2019-07-13 08:07:06 -07:00 · 2019-07-13 06:40:50 -07:00 · 2019-07-12 23:07:56 -07:00 · 2019-03-25 13:19:37 -07:00 · 2018-09-08 19:33:38 -07:00
9 changed files with 107 additions and 59 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@ letsencrypt/
 letsencrypt_certs/
 nginx.conf.default
 rojo.charlesreid1.com
 conf.d/http.subdomains.conf
--- a/conf.d/client-allow.conf
+++ b/conf.d/client-allow.conf
@@ -1,2 +0,0 @@
 allow 10.5.0.1;
 allow 45.56.87.232;
--- a/conf.d/http.subdomains.conf
+++ b/conf.d/http.subdomains.conf
@@ -1,55 +0,0 @@
 ####################
 #
 # charlesreid1 subdomains
 # (http only, https happens with krash)
 # 
 # runs on #blackbeard
 # 
 # nginx only listens on the private vpn ip,
 # because it is reverse-proxied by another
 # nginx instance (krash).
 # binding to the private vpn ip happens
 # at the docker level, not the nginx level.
 #
 # 7777  pages.charlesreid1.com
 # 7778  hooks.charlesreid1.com
 # 7779  bots.charlesreid1.com
 # 
 ####################
 server {
    listen 7777;
    server_name pages.charlesreid1.com;
    include /etc/nginx/conf.d/client-allow.conf;
    deny all;
    port_in_redirect off;
    location / {
        index index.html;
        try_files $uri $uri/ $uri/index.html =404;
        root /www/pages.charlesreid1.com/htdocs;
    }
 }
 server {
    listen 7778;
    server_name hooks.charlesreid1.com;
    include /etc/nginx/conf.d/client-allow.conf;
    deny all;
    location / {
        index index.html;
        try_files $uri $uri/ =404;
        root /www/hooks.charlesreid1.com/htdocs;
    }
 }
 server {
    listen 7779;
    server_name bots.charlesreid1.com;
    include /etc/nginx/conf.d/client-allow.conf;
    deny all;
    location / {
        try_files $uri $uri/ =404;
        root /www/bots.charlesreid1.com/htdocs;
        index index.html;
    }
 }
--- a/conf.d_templates/client-allow.conf
+++ b/conf.d_templates/client-allow.conf
@@ -0,0 +1 @@
 allow {{ nginx_charlesreid1_ip }};
--- a/conf.d_templates/http.subdomains.conf.j2
+++ b/conf.d_templates/http.subdomains.conf.j2
@@ -0,0 +1,69 @@
 ####################
 #
 # charlesreid1 subdomains
 # (this is http only)
 # (the https happens in pod-charlesreid1)
 # (this happens in pod-webhooks)
 # 
 # We use a client-allow.conf to block all IPs
 # except for the IP of the machine running
 # pod-charlesreid1. This is because this pod
 # is reverse-proxied by the machine running
 # pod-charlesreid1.
 #
 # Binding to a private ip happens
 # at the docker level, not the nginx level.
 #
 # 7777  pages.{{ server_name_default }}
 # 7778  hooks.{{ server_name_default }}
 # 7779  bots.{{ server_name_default }}
 # 
 ####################
 server {
    listen 7777;
    listen [::]:7777;
    server_name pages.{{ server_name_default }};
    ## Only allow IPs in client-allow.conf
    #include /etc/nginx/conf.d/client-allow.conf;
    #deny all;
    port_in_redirect off;
    location / {
        index index.html;
        try_files $uri $uri/ $uri/index.html =404;
        root /www/pages.{{ server_name_default }}/htdocs;
    }
 }
 server {
    listen 7778;
    listen [::]:7778;
    server_name hooks.{{ server_name_default }};
    ## Only allow IPs in client-allow.conf
    #include /etc/nginx/conf.d/client-allow.conf;
    #deny all;
    location / {
        index index.html;
        try_files $uri $uri/ $uri/index.html =404;
        root /www/hooks.{{ server_name_default }}/htdocs;
    }
 }
 server {
    listen 7779;
    listen [::]:7779;
    server_name bots.{{ server_name_default }};
    ## Only allow IPs in client-allow.conf
    #include /etc/nginx/conf.d/client-allow.conf;
    #deny all;
    location / {
        index index.html;
        try_files $uri $uri/ $uri/index.html =404;
        root /www/bots.{{ server_name_default }}/htdocs;
    }
 }
--- a/docs/index.md
+++ b/docs/index.md
@@ -34,6 +34,7 @@ inside the container:
 ```
 server {
    listen *:7777;
    }
 ```
 Meanwhile, in the `docker-compose.yml` file,
--- a/2
+++ b/2
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -21,7 +21,7 @@ theme:
  font:
    text: 'Roboto'
    code: 'Roboto Mono'
-pages:
+nav:
  - 'Home':         'index.md'
 # Extensions
@@ -31,3 +31,6 @@ markdown_extensions:
      guess_lang: false
  - toc:
      permalink: true
 strict: true
--- a/scripts/clean_config.py
+++ b/scripts/clean_config.py
@@ -0,0 +1,30 @@
 import glob
 import os
 import subprocess
 """
 Clean d-nginx-subdomains conf.d directory
 This script cleans out the conf.d directory
 in the d-nginx-subdomains repo.
 This script should be run before you generate a new set
 of config files from the nginx config file templates in
 d-nginx-subdomains/conf.d_templates/
 This script cleans out all the config files in the folder
 d-nginx-subdomains/conf.d/
 That way there are no old config files to clash with the
 new ones.
 """
 HERE = os.path.abspath(os.path.dirname(__file__))
 CONF = os.path.abspath(os.path.join(HERE,'..','conf.d'))
 for f in glob.glob(os.path.join(CONF,"*.conf")):
    if os.path.basename(f)!="_.conf":
        cmd = ['rm','-fr',f]
        subprocess.call(cmd)
Author	SHA1	Message	Date
Charles Reid	a87dcd5f3d	update .gitignore	2019-07-16 12:19:09 -07:00
C Reid	e9dc8c6b42	explicitly specify both ipv4 and ipv6 in subdomains nginx config file	2019-07-13 08:07:06 -07:00
C Reid	a859c5837c	add clean config script	2019-07-13 06:40:50 -07:00
C Reid	3037db52d6	move configuration templates to conf.d_templates, clean conf.d	2019-07-12 23:07:56 -07:00
C Reid	12781c12e9	updates to subdomains config file	2019-03-25 13:19:37 -07:00
Charles Reid	71467e35ff	include explanatory comment	2018-09-08 19:33:38 -07:00
Charles Reid	abb4187794	Update mkdocs.yml for mkdocs 1.0	2018-08-11 12:33:18 -07:00
Charles Reid	65d3c81478	Update mkdocs-material for mkdocs 1.0	2018-08-11 12:20:43 -07:00
Charles Reid	72e6866ea6	typo sniper	2018-07-30 23:58:37 +00:00