m
This commit is contained in:
zino
@@ -11,47 +11,32 @@ server {
|
|||||||
ssl_certificate /etc/letsencrypt/live/etherpad.zinomedia.de/fullchain.pem;
|
ssl_certificate /etc/letsencrypt/live/etherpad.zinomedia.de/fullchain.pem;
|
||||||
ssl_certificate_key /etc/letsencrypt/live/etherpad.zinomedia.de/privkey.pem;
|
ssl_certificate_key /etc/letsencrypt/live/etherpad.zinomedia.de/privkey.pem;
|
||||||
|
|
||||||
# optional basic auth
|
# (optional) basic auth
|
||||||
auth_basic "Protected";
|
auth_basic "Protected";
|
||||||
auth_basic_user_file /usr/share/nginx/html/etherpad.zinomedia.de/.htpasswd;
|
auth_basic_user_file /usr/share/nginx/html/etherpad.zinomedia.de/.htpasswd;
|
||||||
|
|
||||||
# ---- Allow normal files to pass through (exactly like wiki) ----
|
|
||||||
location ~ ^/(locales/|locales\.json|admin/|static/|pluginfw/|javascripts/|socket\.io/|ep/|minified/|api/|ro/|error/|jserror/|favicon\.ico|robots\.txt|.*\.js)$ {
|
|
||||||
proxy_pass http://etherpad:9001;
|
|
||||||
proxy_buffering off;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_pass_header Server;
|
|
||||||
proxy_http_version 1.1;
|
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
|
||||||
proxy_set_header Connection $connection_upgrade;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
}
|
|
||||||
|
|
||||||
# ---- Redirect /p/* to the friendly version /<pad> (client-side 301; per wiki) ----
|
|
||||||
location /p/ {
|
|
||||||
rewrite ^/p/(.*) /$1 redirect;
|
|
||||||
}
|
|
||||||
|
|
||||||
# ---- Home page ----
|
|
||||||
location ~ ^/$ {
|
|
||||||
proxy_pass http://etherpad:9001;
|
|
||||||
proxy_buffering off;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_pass_header Server;
|
|
||||||
proxy_http_version 1.1;
|
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
|
||||||
proxy_set_header Connection $connection_upgrade;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
}
|
|
||||||
|
|
||||||
# ---- Handle pad URLs (the trick) ----
|
|
||||||
# Upstream redirects to /p/<pad>; we rewrite that back to /<pad> for the browser.
|
|
||||||
location / {
|
location / {
|
||||||
proxy_redirect / /p/;
|
rewrite ^/$ / break;
|
||||||
|
rewrite ^/locales/(.*) /locales/$1 break;
|
||||||
|
rewrite ^/locales.json /locales.json break;
|
||||||
|
rewrite ^/admin(.*) /admin$1 break;
|
||||||
|
rewrite ^/p/(.*) /p/$1 break;
|
||||||
|
rewrite ^/static/(.*) /static/$1 break;
|
||||||
|
rewrite ^/pluginfw/(.*) /pluginfw/$1 break;
|
||||||
|
rewrite ^/javascripts/(.*) /javascripts/$1 break;
|
||||||
|
rewrite ^/socket.io/(.*) /socket.io/$1 break;
|
||||||
|
rewrite ^/ep/(.*) /ep/$1 break;
|
||||||
|
rewrite ^/minified/(.*) /minified/$1 break;
|
||||||
|
rewrite ^/api/(.*) /api/$1 break;
|
||||||
|
rewrite ^/ro/(.*) /ro/$1 break;
|
||||||
|
rewrite ^/error/(.*) /error/$1 break;
|
||||||
|
rewrite ^/jserror(.*) /jserror$1 break;
|
||||||
|
rewrite ^/redirect(.*) /redirect$1 break;
|
||||||
|
rewrite ^/(.*\.js) /$1 break;
|
||||||
|
rewrite /favicon.ico /favicon.ico break;
|
||||||
|
rewrite /robots.txt /robots.txt break;
|
||||||
|
rewrite /(.*) /p/$1;
|
||||||
|
|
||||||
proxy_pass http://etherpad:9001;
|
proxy_pass http://etherpad:9001;
|
||||||
proxy_buffering off;
|
proxy_buffering off;
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
|
|||||||
Reference in New Issue
Block a user