[GNUnet-SVN] [taler-deployment] branch master updated (51a5bf1 -> 95870c

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] [taler-deployment] branch master updated (51a5bf1 -> 95870c

From:	gnunet
Subject:	[GNUnet-SVN] [taler-deployment] branch master updated (51a5bf1 -> 95870c9)
Date:	Mon, 05 Feb 2018 13:34:48 +0100

This is an automated email from the git hooks/post-receive script.

dold pushed a change to branch master
in repository deployment.

    from 51a5bf1  fixing auditor site at nginx conf
     new 163856f  we are not using hacky redirects anymore
     new 95870c9  apikey auth for demo

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 etc/nginx/conf.d/demo.redirects   |  7 ------
 etc/nginx/conf.d/test.redirects   |  9 --------
 etc/nginx/sites-enabled/demo.site | 46 ++++++++++++++-------------------------
 etc/nginx/sites-enabled/test.site |  6 -----
 4 files changed, 16 insertions(+), 52 deletions(-)
 delete mode 100644 etc/nginx/conf.d/demo.redirects
 delete mode 100644 etc/nginx/conf.d/test.redirects

diff --git a/etc/nginx/conf.d/demo.redirects b/etc/nginx/conf.d/demo.redirects
deleted file mode 100644
index a65172f..0000000
--- a/etc/nginx/conf.d/demo.redirects
+++ /dev/null
@@ -1,7 +0,0 @@
-rewrite ^/shop$ $scheme://shop.demo.taler.net/ redirect;
-rewrite ^/donations$ $scheme://donations.demo.taler.net/ redirect;
-rewrite ^/landing$ $scheme://demo.taler.net/ redirect;
-rewrite ^/bank(.*)$ $scheme://bank.demo.taler.net/$1 redirect;
-rewrite ^/exchange$ $scheme://exchange.demo.taler.net/ redirect;
-rewrite ^/exchange/(.*)$ $scheme://exchange.demo.taler.net/$1 redirect;
-rewrite ^/blog/track$ $scheme://blog.demo.taler.net/track redirect;
diff --git a/etc/nginx/conf.d/test.redirects b/etc/nginx/conf.d/test.redirects
deleted file mode 100644
index 5a6510b..0000000
--- a/etc/nginx/conf.d/test.redirects
+++ /dev/null
@@ -1,9 +0,0 @@
-rewrite ^/shop$ $scheme://shop.test.taler.net/ redirect;
-rewrite ^/donations$ $scheme://donations.test.taler.net/ redirect;
-rewrite ^/landing$ $scheme://test.taler.net/ redirect;
-rewrite ^/bank(.*)$ $scheme://bank.test.taler.net/$1 redirect;
-rewrite ^/exchange$ $scheme://exchange.test.taler.net/ redirect;
-rewrite ^/exchange/(.*)$ $scheme://exchange.test.taler.net/$1 redirect;
-rewrite ^/blog/track$ $scheme://blog.test.taler.net/track redirect;
-# relative redirect that works from anywhere in a URL.
-rewrite ^.*/redir_app_rel/(.*) /$1 redirect;
diff --git a/etc/nginx/sites-enabled/demo.site 
b/etc/nginx/sites-enabled/demo.site
index c3e8d7a..7017a24 100644
--- a/etc/nginx/sites-enabled/demo.site
+++ b/etc/nginx/sites-enabled/demo.site
@@ -24,7 +24,6 @@ server {
   listen 443 ssl;
   listen [::]:443 ssl;
   server_name auditor.demo.taler.net;
-  include conf.d/demo.redirects;
   include conf.d/talerssl;
   location / {
     rewrite ^/$ /en/ redirect;
@@ -41,7 +40,6 @@ server {
   listen [::]:443 ssl;
   server_name demo.taler.net www.demo.taler.net;
   rewrite /javascript /javascript.html break;
-  include conf.d/demo.redirects;
   include conf.d/talerssl;
   location / {
     rewrite ^/$ /en/ redirect;
@@ -81,36 +79,35 @@ server {
   listen [::]:443 ssl;
   listen [::]:80;
   server_name backend.demo.taler.net;
-  include conf.d/test.redirects;
   include conf.d/talerssl;
 
-  location / {
+  location /public {
+    proxy_redirect off;
+    proxy_set_header Host $host;
+    proxy_set_header X-Forwarded-Host "backend.test.taler.net";
+    proxy_set_header X-Forwarded-Proto "https";
     proxy_pass http://unix:/home/demo/sockets/merchant.http:/;
+  }
+
+  location / {
+    # match the ApiKey part ignoring case, and the actual key
+    # with case-sensitivity on.
+    if ($http_authorization !~ "(?i)ApiKey (?-i)sandbox") {
+      return 401;
+    }
     proxy_redirect off;
     proxy_set_header Host $host;
+    proxy_set_header X-Forwarded-Host "backend.test.taler.net";
+    proxy_set_header X-Forwarded-Proto "https";
+    proxy_pass http://unix:/home/demo/sockets/merchant.http:/;
   }
 }
 
 server {
   listen 443 ssl;
-  listen [::]:443 ssl;
-  server_name shop.demo.taler.net;
-  root /dev/null;
-  include conf.d/demo.redirects;
-  include conf.d/talerssl;
-
-  location / {
-    uwsgi_pass unix:/home/demo/sockets/shop.uwsgi;
     include /etc/nginx/uwsgi_params;
   }
 
-  location /backend {
-    rewrite /backend/(.*) /$1 break;
-    proxy_pass http://unix:/home/demo/sockets/merchant.http:/;
-    proxy_redirect off;
-    proxy_set_header Host $host;
-  }
-
   include conf.d/favicon_robots;
 }
 
@@ -119,7 +116,6 @@ server {
   listen 443 ssl;
   listen [::]:443 ssl;
   server_name donations.demo.taler.net;
-  include conf.d/demo.redirects;
   include conf.d/talerssl;
 
   location / {
@@ -127,14 +123,6 @@ server {
     include /etc/nginx/uwsgi_params;
   }
 
-
-  location /backend {
-    rewrite /backend/(.*) /$1 break;
-    proxy_pass http://unix:/home/demo/sockets/merchant.http:/;
-    proxy_redirect off;
-    proxy_set_header Host $host;
-  }
-
   include conf.d/favicon_robots;
 }
 
@@ -142,7 +130,6 @@ server {
   server_name survey.demo.taler.net;
   listen 443 ssl;
   listen [::]:443 ssl;
-  include conf.d/test.redirects;
   include conf.d/talerssl;
 
   location / {
@@ -155,7 +142,6 @@ server {
   listen 443 ssl;
   listen [::]:443 ssl;
   server_name bank.demo.taler.net;
-  include conf.d/demo.redirects;
   include conf.d/talerssl;
 
   location / {
diff --git a/etc/nginx/sites-enabled/test.site 
b/etc/nginx/sites-enabled/test.site
index 1e2afb3..1c1fe25 100644
--- a/etc/nginx/sites-enabled/test.site
+++ b/etc/nginx/sites-enabled/test.site
@@ -23,7 +23,6 @@ server {
   listen 443 ssl;
   listen [::]:443 ssl;
   rewrite /javascript /javascript.html break;
-  include conf.d/test.redirects;
   include conf.d/talerssl;
   location @green {
     add_header X-Taler-Deployment-Color green;
@@ -54,7 +53,6 @@ server {
   listen 443 ssl;
   listen [::]:443 ssl;
   root /dev/null;
-  include conf.d/test.redirects;
   include conf.d/talerssl;
   location @green {
     add_header X-Taler-Deployment-Color green;
@@ -142,7 +140,6 @@ server {
   listen 443 ssl;
   listen [::]:443 ssl;
   root /dev/null;
-  include conf.d/test.redirects;
   include conf.d/talerssl;
 
   location @blue {
@@ -241,7 +238,6 @@ server {
   server_name survey.test.taler.net;
   listen 443 ssl;
   listen [::]:443 ssl;
-  include conf.d/test.redirects;
   include conf.d/talerssl;
 
   location / {
@@ -254,7 +250,6 @@ server {
   server_name donations.test.taler.net;
   listen 443 ssl;
   listen [::]:443 ssl;
-  include conf.d/test.redirects;
   include conf.d/talerssl;
 
   location @blue {
@@ -288,7 +283,6 @@ server {
   server_name bank.test.taler.net;
   listen 443 ssl;
   listen [::]:443 ssl;
-  include conf.d/test.redirects;
   include conf.d/talerssl;
 
   location @blue {

-- 
To stop receiving notification emails like this one, please contact
address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] [taler-deployment] branch master updated (51a5bf1 -> 95870c9), gnunet <=
- [GNUnet-SVN] [taler-deployment] 02/02: apikey auth for demo, gnunet, 2018/02/05
- [GNUnet-SVN] [taler-deployment] 01/02: we are not using hacky redirects anymore, gnunet, 2018/02/05

Prev by Date: [GNUnet-SVN] [taler-deployment] 02/02: apikey auth for demo
Next by Date: [GNUnet-SVN] [taler-deployment] 01/02: we are not using hacky redirects anymore
Previous by thread: [GNUnet-SVN] [taler-deployment] branch master updated: fixing auditor site at nginx conf
Next by thread: [GNUnet-SVN] [taler-deployment] 02/02: apikey auth for demo
Index(es):
- Date
- Thread