Add kochbuch

author: jaseg <code@jaseg.net> 2020-01-17 00:51:31 +0100
committer: jaseg <code@jaseg.net> 2020-01-22 15:57:23 +0100
commit: 9b8d653d72bd7bbaf5f5f06c18b6218026423617 (patch)
tree: eab01b756c164acaeff3317afc9e781e1340ca73
parent: a6caa1aaa3c228feeaa55b893aadd78c9cc533be (diff)
download: infra-9b8d653d72bd7bbaf5f5f06c18b6218026423617.tar.gz
infra-9b8d653d72bd7bbaf5f5f06c18b6218026423617.tar.bz2
infra-9b8d653d72bd7bbaf5f5f06c18b6218026423617.zip
2 files changed, 42 insertions, 0 deletions
diff --git a/nginx.conf b/nginx.conf
index 6cf28cf..8d21357 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -132,6 +132,45 @@ http {
     server {
         listen       443 ssl http2;
         listen       [::]:443 ssl http2;
+        server_name  kochbuch.jaseg.net kochbuch.jaseg.net;
+        root         /usr/share/nginx/html;
+
+        ssl_certificate "/etc/letsencrypt/live/kochbuch.jaseg.net/fullchain.pem";
+        ssl_certificate_key "/etc/letsencrypt/live/kochbuch.jaseg.net/privkey.pem";
+        ssl_dhparam "/etc/letsencrypt/ssl-dhparams.pem";
+        include /etc/letsencrypt/options-ssl-nginx.conf;
+
+        ssl_stapling on;
+        ssl_stapling_verify on;
+
+        resolver 67.207.67.2 67.207.67.3 valid=300s;
+        resolver_timeout 10s;
+
+        add_header Strict-Transport-Security "max-age=86400";
+
+        # Load configuration files for the default server block.
+        include /etc/nginx/default.d/*.conf;
+
+        location / {
+            auth_basic "blubb";
+            auth_basic_user_file /etc/nginx/kochbuch.htpasswd;
+            root /var/www/kochbuch.jaseg.net;
+        }
+
+        error_page 404 /404.html;
+        location = /40x.html {
+            root         /usr/share/nginx/html;
+        }
+
+        error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
+            root         /usr/share/nginx/html;
+        }
+    }
+
+    server {
+        listen       443 ssl http2;
+        listen       [::]:443 ssl http2;
         server_name  pogojig.jaseg.net;
         root         /usr/share/nginx/html;
 
@@ -145,6 +184,7 @@ http {
 
         resolver 67.207.67.2 67.207.67.3 valid=300s;
         resolver_timeout 10s;
+        client_max_body_size 10M;
 
         add_header Strict-Transport-Security "max-age=86400";
 
diff --git a/setup_webserver.yml b/setup_webserver.yml
index 671a699..1405bed 100644
--- a/setup_webserver.yml
+++ b/setup_webserver.yml
@@ -18,6 +18,7 @@
     mode: 0550
   loop:
       - blog.jaseg.net
+      - kochbuch.jaseg.net
       - tracespace.jaseg.net
       - openjscad.jaseg.net
 
@@ -48,6 +49,7 @@
       creates: /etc/letsencrypt/live/{{item}}/fullchain.pem
   loop:
       - blog.jaseg.net
+      - kochbuch.jaseg.net
       - gerbolyze.jaseg.net
       - tracespace.jaseg.net
       - openjscad.jaseg.net
author	jaseg <code@jaseg.net>	2020-01-17 00:51:31 +0100
committer	jaseg <code@jaseg.net>	2020-01-22 15:57:23 +0100
commit	9b8d653d72bd7bbaf5f5f06c18b6218026423617 (patch)
tree	eab01b756c164acaeff3317afc9e781e1340ca73
parent	a6caa1aaa3c228feeaa55b893aadd78c9cc533be (diff)
download	infra-9b8d653d72bd7bbaf5f5f06c18b6218026423617.tar.gz infra-9b8d653d72bd7bbaf5f5f06c18b6218026423617.tar.bz2 infra-9b8d653d72bd7bbaf5f5f06c18b6218026423617.zip