diff --git a/setup/README b/setup/README new file mode 100644 index 00000000..3b736cdc --- /dev/null +++ b/setup/README @@ -0,0 +1,3 @@ +Tato složka obsahuje různé konfiguráky potřebné k rozběhnutí webu na serveru. + +TODO: Napsat sem i přehled toho, jak to funguje. diff --git a/setup/nginx/mam-test.ks.matfyz.cz b/setup/nginx/mam-test.ks.matfyz.cz new file mode 100644 index 00000000..27e90979 --- /dev/null +++ b/setup/nginx/mam-test.ks.matfyz.cz @@ -0,0 +1,43 @@ +server { + listen 195.113.20.177:80; + listen [2001:718:1e03:801::b1]:80; + server_name mam-test.ks.matfyz.cz; + return 301 https://$server_name$request_uri; + +} +server { + # SSL configuration + listen 195.113.20.177:443 ssl; + listen [2001:718:1e03:801::b1]:443 ssl; + + # SSL keys + ssl on; + ssl_certificate /etc/letsencrypt/live/mam-test.ks.matfyz.cz/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/mam-test.ks.matfyz.cz/privkey.pem; # managed by Certbot + ssl_dhparam /etc/ssl/dhparams.pem; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 5m; + + server_name mam-test.ks.matfyz.cz; + + client_max_body_size 50M; + + auth_basic "MaMweb test - access restricted"; + auth_basic_user_file /akce/mam/www/mamweb-test/.htpasswd; + + location /static/ { + root /akce/mam/www/mamweb-test/; + } + + location /media/ { + root /akce/mam/www/mamweb-test/; + } + + location / { try_files $uri @mamweb_test; } + + location @mamweb_test { + include uwsgi_params; + uwsgi_pass unix:/tmp/uwsgi-mamweb_test.sock; + } + +} diff --git a/setup/nginx/mam.mff.cuni.cz b/setup/nginx/mam.mff.cuni.cz new file mode 100644 index 00000000..08996adf --- /dev/null +++ b/setup/nginx/mam.mff.cuni.cz @@ -0,0 +1,51 @@ + +server { + listen 195.113.20.177:80; + listen [2001:718:1e03:801::b1]:80; + server_name mam.mff.cuni.cz; + return 301 https://$server_name$request_uri; + +} +server { + # SSL configuration + # + listen 195.113.20.177:443 ssl; + listen [2001:718:1e03:801::b1]:443 ssl; + + # SSL keys + ssl on; + ssl_certificate /etc/ssl/domains/mam.mff.cuni.cz/bundle.pem; + ssl_certificate_key /etc/ssl/domains/mam.mff.cuni.cz/privkey.pem; + ssl_dhparam /etc/ssl/dhparams.pem; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 5m; + + + server_name mam.mff.cuni.cz; + # server_name mamweb.bezva.org; + + client_max_body_size 50M; + + location /static/ { + root /akce/mam/www/mamweb-prod/; + } + + location /media/ { + root /akce/mam/www/mamweb-prod/; + } + + location /wiki/ { + proxy_pass http://127.0.0.1:5001/; + proxy_set_header X-Real_IP $remote_addr; + proxy_redirect off; + sub_filter 'href="/' 'href=/wiki/'; + sub_filter 'src="/' 'src=/wiki/'; + } + + location / { try_files $uri @mamweb_prod; } + + location @mamweb_prod { + include uwsgi_params; + uwsgi_pass unix:/tmp/uwsgi-mamweb_prod.sock; + } +} diff --git a/setup/systemd/mamweb-prod.service b/setup/systemd/mamweb-prod.service new file mode 100644 index 00000000..89af2a5c --- /dev/null +++ b/setup/systemd/mamweb-prod.service @@ -0,0 +1,10 @@ +[Unit] +Description=uWSGI instance to serve mam.mff.cuni.cz +After=network.target + +[Service] +WorkingDirectory=/akce/mam/www/mamweb-prod +ExecStart=/usr/bin/uwsgi --ini mamweb_prod.ini + +[Install] +WantedBy=default.target diff --git a/setup/systemd/mamweb-test.service b/setup/systemd/mamweb-test.service new file mode 100644 index 00000000..616605bb --- /dev/null +++ b/setup/systemd/mamweb-test.service @@ -0,0 +1,10 @@ +[Unit] +Description=uWSGI instance to serve mam-test.kam.mff.cuni.cz +After=network.target + +[Service] +WorkingDirectory=/akce/mam/www/mamweb-test +ExecStart=/usr/bin/uwsgi --ini mamweb_test.ini + +[Install] +WantedBy=default.target diff --git a/mamweb_prod.ini b/setup/uwsgi/mamweb_prod.ini similarity index 100% rename from mamweb_prod.ini rename to setup/uwsgi/mamweb_prod.ini diff --git a/mamweb_test.ini b/setup/uwsgi/mamweb_test.ini similarity index 100% rename from mamweb_test.ini rename to setup/uwsgi/mamweb_test.ini