## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # #upstream backend_istex{ # server 127.0.0.1:8080; #} #upstream backend_cillex{ # server 127.0.0.1:7080; #} #events { # worker_connections 2000; #} server { server_name write.frame.gargantext.org; location / { # include proxy_params; proxy_pass http://localhost:3000; # proxy_http_version 1.1; # proxy_set_header Upgrade $http_upgrade; # proxy_set_header Connection "upgrade"; # proxy_set_header Host $host; # proxy_cookie_path / "/; secure; HttpOnly; SameSite=lax"; #proxy_set_header X-Real-IP $remote_addr; # proxy_cookie_domain $host $host; # proxy_ignore_headers Cache-Control Expires Set-Cookie; } location /socket.io { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $host; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/searx.frame.gargantext.org/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/searx.frame.gargantext.org/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { server_name write2.frame.gargantext.org; location / { # include proxy_params; proxy_pass http://localhost:3001; # proxy_http_version 1.1; # proxy_set_header Upgrade $http_upgrade; # proxy_set_header Connection "upgrade"; # proxy_set_header Host $host; # proxy_cookie_path / "/; secure; HttpOnly; SameSite=lax"; #proxy_set_header X-Real-IP $remote_addr; # proxy_cookie_domain $host $host; # proxy_ignore_headers Cache-Control Expires Set-Cookie; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/write2.frame.gargantext.org/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/write2.frame.gargantext.org/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { server_name calc.frame.gargantext.org; location / { include proxy_params; proxy_pass http://localhost:8000; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/searx.frame.gargantext.org/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/searx.frame.gargantext.org/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } #server { # server_name hackmd.gargantext.org; # location / { # include proxy_params; # proxy_pass http://localhost:8000; # } # # listen 443 ssl; # managed by Certbot # ssl_certificate /etc/letsencrypt/live/cillex.gargantext.org/fullchain.pem; # managed by Certbot # ssl_certificate_key /etc/letsencrypt/live/cillex.gargantext.org/privkey.pem; # managed by Certbot # include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot # ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot # #} server { server_name istex.frame.gargantext.org; location / { include proxy_params; proxy_pass http://localhost:8080; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/searx.frame.gargantext.org/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/searx.frame.gargantext.org/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { server_name istex.gargantext.org; location / { include proxy_params; proxy_pass http://localhost:8080; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/searx.frame.gargantext.org/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/searx.frame.gargantext.org/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { server_name searx.frame.gargantext.org; location / { include proxy_params; proxy_pass http://localhost:8181; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/searx.frame.gargantext.org/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/searx.frame.gargantext.org/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } # Virtual Host configuration for example.com # # You can move that to a different file under sites-available/ and symlink that # to sites-enabled/ to enable it. # #server { # listen 80; # listen [::]:80; # # server_name example.com; # # root /var/www/example.com; # index index.html; # # location / { # try_files $uri $uri/ =404; # } #} server { if ($host = cillex.gargantext.org) { return 301 https://$host$request_uri; } # managed by Certbot server_name cillex.gargantext.org; return 404; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/searx.frame.gargantext.org/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/searx.frame.gargantext.org/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = searx.frame.gargantext.org) { return 301 https://$host$request_uri; } # managed by Certbot server_name searx.frame.gargantext.org; listen 80; return 404; # managed by Certbot } server { if ($host = istex.frame.gargantext.org) { return 301 https://$host$request_uri; } # managed by Certbot server_name istex.frame.gargantext.org; listen 80; return 404; # managed by Certbot } server { if ($host = calc.frame.gargantext.org) { return 301 https://$host$request_uri; } # managed by Certbot server_name calc.frame.gargantext.org; listen 80; return 404; # managed by Certbot } server { if ($host = write.frame.gargantext.org) { return 301 https://$host$request_uri; } # managed by Certbot server_name write.frame.gargantext.org; listen 80; return 404; # managed by Certbot } server { if ($host = write2.frame.gargantext.org) { return 301 https://$host$request_uri; } # managed by Certbot server_name write2.frame.gargantext.org; listen 80; return 404; # managed by Certbot } server { if ($host = istex.gargantext.org) { return 301 https://$host$request_uri; } # managed by Certbot server_name istex.gargantext.org; listen 80; return 404; # managed by Certbot } server { if ($host = cillex.gargantext.org) { return 301 https://$host$request_uri; } # managed by Certbot server_name cillex.gargantext.org; listen 80; return 404; # managed by Certbot }