Browse Source

respaldo configuraciones servidor

master
kleper 4 months ago
parent
commit
d7deac3bd0
19 changed files with 515 additions and 0 deletions
  1. +10
    -0
      mapproxy/config.py
  2. +15
    -0
      mapproxy/mapas.service
  3. +49
    -0
      mapproxy/mapproxy-osm.yaml
  4. +15
    -0
      mapproxy/seed.yaml
  5. +34
    -0
      ssl/GandiStandardSSLCA2.pem
  6. +32
    -0
      ssl/darien.nuestrared.org.crt
  7. +28
    -0
      ssl/myserver.key
  8. +18
    -0
      ssl/server.csr
  9. +15
    -0
      webserver/apache2/ports.conf
  10. +24
    -0
      webserver/apache2/sites-available/000-default.conf
  11. +44
    -0
      webserver/apache2/sites-available/default-ssl.conf
  12. +1
    -0
      webserver/apache2/sites-enabled/000-default.conf
  13. +1
    -0
      webserver/apache2/sites-enabled/default-ssl.conf
  14. +65
    -0
      webserver/nginx.conf
  15. +12
    -0
      webserver/proxy.conf
  16. +47
    -0
      webserver/sites-available/default
  17. +51
    -0
      webserver/sites-enabled/captive
  18. +1
    -0
      webserver/sites-enabled/default
  19. +53
    -0
      webserver/sites-enabled/default-ssl

+ 10
- 0
mapproxy/config.py View File

@@ -0,0 +1,10 @@
# WSGI module for use with Apache mod_wsgi or gunicorn

# # uncomment the following lines for logging
# # create a log.ini with `mapproxy-util create -t log-ini`
# from logging.config import fileConfig
# import os.path
# fileConfig(r'/srv/mapproxy/log.ini', {'here': os.path.dirname(__file__)})

from mapproxy.wsgiapp import make_wsgi_app
application = make_wsgi_app(r'/srv/mapproxy/mapproxy-osm.yaml')

+ 15
- 0
mapproxy/mapas.service View File

@@ -0,0 +1,15 @@
[Unit]
Description=Servicio de Mapas
After=syslog.target
[Service]
ExecStart=/usr/local/bin/uwsgi --http :8080 --wsgi-file /srv/mapproxy/config.py
RuntimeDirectory=uwsgi
Restart=always
KillSignal=SIGQUIT
Type=notify
StandardError=syslog
NotifyAccess=all
[Install]
WantedBy=multi-user.target

+ 49
- 0
mapproxy/mapproxy-osm.yaml View File

@@ -0,0 +1,49 @@
services:
#sets up how to make the source data available
demo:
tms:
wmts:
wms:
srs: ['CRS:84', 'EPSG:4326', 'EPSG:3857']

layers:
#sets up which layers you want to make available using the services above. You can add many, but let's stick to osm data here.
- name: osm
title: Open Streetmap Tiles
sources: [osm_cache] #this layer should use the osm_cache (defined below) as it's source.

caches:
#setup the cache for the open streetmap tiles. This cache is used by the layer above.

osm_cache:
grids: [GLOBAL_WEBMERCATOR]
bulk_meta_tiles: true
sources: [osm_tiles]
cache:
type: sqlite
directory: osmcache

sources:
osm_tiles:
#the osm_tiles source refers to the openstreetmap.org tiles. These will be downloaded upon request (if not already cached) and served by MapProxy
type: tile
url: http://c.tile.openstreetmap.org/%(tms_path)s.%(format)s
grid: osm_grid #the grid to use for the osm tiles. This is really important. It is specified below.

grids:
osm_grid:
base: GLOBAL_WEBMERCATOR
srs: EPSG:3857
origin: nw

globals:
#next are some global configuration options for MapProxy. They mostly explain themselves, or can be looked-up in the MapProxy docs.
cache:
# where to store the cached images
base_dir: '/opt/mapproxy/cache_data'
# where to store lockfiles
lock_dir: '/opt/mapproxy/cache_data'
# image/transformation options
image:
resampling_method: bilinear
jpeg_quality: 90

+ 15
- 0
mapproxy/seed.yaml View File

@@ -0,0 +1,15 @@
seeds:
colombia:
caches: [osm_cache]
coverages: [colombia]
levels:
to: 19
# refresh_before:
# re-generate tiles older than this date
# time: 2021-10-10T12:35:00

coverages:
colombia:
# simple bbox
bbox: [-77.47, 7.85, -76.58, 8.68]
srs: "EPSG:4326"

+ 34
- 0
ssl/GandiStandardSSLCA2.pem View File

@@ -0,0 +1,34 @@
-----BEGIN CERTIFICATE-----
MIIF6TCCA9GgAwIBAgIQBeTcO5Q4qzuFl8umoZhQ4zANBgkqhkiG9w0BAQwFADCB
iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQw
OTEyMDAwMDAwWhcNMjQwOTExMjM1OTU5WjBfMQswCQYDVQQGEwJGUjEOMAwGA1UE
CBMFUGFyaXMxDjAMBgNVBAcTBVBhcmlzMQ4wDAYDVQQKEwVHYW5kaTEgMB4GA1UE
AxMXR2FuZGkgU3RhbmRhcmQgU1NMIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCUBC2meZV0/9UAPPWu2JSxKXzAjwsLibmCg5duNyj1ohrP0pIL
m6jTh5RzhBCf3DXLwi2SrCG5yzv8QMHBgyHwv/j2nPqcghDA0I5O5Q1MsJFckLSk
QFEW2uSEEi0FXKEfFxkkUap66uEHG4aNAXLy59SDIzme4OFMH2sio7QQZrDtgpbX
bmq08j+1QvzdirWrui0dOnWbMdw+naxb00ENbLAb9Tr1eeohovj0M1JLJC0epJmx
bUi8uBL+cnB89/sCdfSN3tbawKAyGlLfOGsuRTg/PwSWAP2h9KK71RfWJ3wbWFmV
XooS/ZyrgT5SKEhRhWvzkbKGPym1bgNi7tYFAgMBAAGjggF1MIIBcTAfBgNVHSME
GDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUs5Cn2MmvTs1hPJ98
rV1/Qf1pMOowDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGy
MQECAhowCAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNl
cnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNy
bDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRy
dXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZ
aHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAWGf9
crJq13xhlhl+2UNG0SZ9yFP6ZrBrLafTqlb3OojQO3LJUP33WbKqaPWMcwO7lWUX
zi8c3ZgTopHJ7qFAbjyY1lzzsiI8Le4bpOHeICQW8owRc5E69vrOJAKHypPstLbI
FhfFcvwnQPYT/pOmnVHvPCvYd1ebjGU6NSU2t7WKY28HJ5OxYI2A25bUeo8tqxyI
yW5+1mUfr13KFj8oRtygNeX56eXVlogMT8a3d2dIhCe2H7Bo26y/d7CQuKLJHDJd
ArolQ4FCR7vY4Y8MDEZf7kYzawMUgtN+zY+vkNaOJH1AQrRqahfGlZfh8jjNp+20
J0CT33KpuMZmYzc4ZCIwojvxuch7yPspOqsactIGEk72gtQjbz7Dk+XYtsDe3CMW
1hMwt6CaDixVBgBwAc/qOR2A24j3pSC4W/0xJmmPLQphgzpHphNULB7j7UTKvGof
KA5R2d4On3XNDgOVyvnFqSot/kGkoUeuDcL5OWYzSlvhhChZbH2UF3bkRYKtcCD9
0m9jqNf6oDP6N8v3smWe2lBvP+Sn845dWDKXcCMu5/3EFZucJ48y7RetWIExKREa
m9T8bJUox04FB6b9HbwZ4ui3uRGKLXASUoWNjDNKD/yZkuBjcNqllEdjB+dYxzFf
BT02Vf6Dsuimrdfp5gJ0iHRc2jTbkNJtUQoj1iM=
-----END CERTIFICATE-----

+ 32
- 0
ssl/darien.nuestrared.org.crt View File

@@ -0,0 +1,32 @@
-----BEGIN CERTIFICATE-----
MIIGkTCCBXmgAwIBAgIQX2xDpYCUU2YQuwDxWGFdWTANBgkqhkiG9w0BAQsFADBfMQswCQYDVQQG
EwJGUjEOMAwGA1UECBMFUGFyaXMxDjAMBgNVBAcTBVBhcmlzMQ4wDAYDVQQKEwVHYW5kaTEgMB4G
A1UEAxMXR2FuZGkgU3RhbmRhcmQgU1NMIENBIDIwHhcNMTkxMDE3MDAwMDAwWhcNMjExMDE3MjM1
OTU5WjBgMSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGzAZBgNVBAsTEkdhbmRp
IFN0YW5kYXJkIFNTTDEeMBwGA1UEAxMVZGFyaWVuLm51ZXN0cmFyZWQub3JnMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4E0xShzjoh0vYJFMqEoTYINCVfO+i+Yms/bUsnbM2R9SXWp
2S3DdxSvzMenNARGYORYhryPTUIik/aqm4oBXnqzO4OTfHtBQdWq9IqIp0mQL2iQRvPjSOJsgKMx
eybOqSHxGd+Ij5Nfau9J4BFyIZRj/A0z1EXVkayMtLNhDtKxBbyTZ0zOSfcOJdeYlfrmkcFfQ7mi
7MhpsAisdoQ2gf5lPDDehVBpApdTxqGQBFLzo8+kJIo7rvl0utB0tZQ+FrGkjHvXwxBI9NlpyB7l
2PSdD+oO04xDNQM/cBTCNHNB8nkSKVdzrnUvc06DD0gdl1S1EAeIz886I6/gS9DiyQIDAQABo4ID
RjCCA0IwHwYDVR0jBBgwFoAUs5Cn2MmvTs1hPJ98rV1/Qf1pMOowHQYDVR0OBBYEFMZ+i5L+0QbA
pR14KxDcOTDHWeNSMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjBLBgNVHSAERDBCMDYGCysGAQQBsjEBAgIaMCcwJQYIKwYBBQUHAgEW
GWh0dHBzOi8vY3BzLnVzZXJ0cnVzdC5jb20wCAYGZ4EMAQIBMEEGA1UdHwQ6MDgwNqA0oDKGMGh0
dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9HYW5kaVN0YW5kYXJkU1NMQ0EyLmNybDBzBggrBgEFBQcB
AQRnMGUwPAYIKwYBBQUHMAKGMGh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9HYW5kaVN0YW5kYXJk
U1NMQ0EyLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTA7BgNVHREE
NDAyghVkYXJpZW4ubnVlc3RyYXJlZC5vcmeCGXd3dy5kYXJpZW4ubnVlc3RyYXJlZC5vcmcwggF/
BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AH0+8viP/4hVaCTCwMqeUol5K8UOeAl/LmqXaJl+IvDX
AAABbdp1VncAAAQDAEcwRQIgPaWvnUPW75NfGQdWZQBURie9dcIsD0/prIVueiLV70MCIQCPumLq
i1PjKG76BT1ZF0I4t5ZrUlvCpDVP2UQnyI5yIAB2AESUZS6w7s6vxEAH2Kj+KMDa5oK+2MsxtT/T
M5a1toGoAAABbdp1VnAAAAQDAEcwRQIgclN7S0/9Ne0pSYvKB6ELKsxrYD++v70eSBg0DaKZFcEC
IQCbRge9Ya9euq6p3q/tfBeJQkyLCC8Obr7kAlbgbVB92AB3AFWB1MIWkDYBSuoLm1c8U/DA5Dh4
cCUIFy+jqh0HE9MMAAABbdp1Vj4AAAQDAEgwRgIhAISjvAU7yJbWWRoYIIz3wq19WZf5pCIY2WnA
TkYR2c/NAiEAjlbSGHDsFooafF4gwAEnGazGBYVGWFPVNTlqfA1JAkMwDQYJKoZIhvcNAQELBQAD
ggEBADHymHaXTQXuPa0344zrJtv3JfAaeJgDda6MKf9/sQw6pJ8/v5tRfb1ss66Rmojvfysz373M
4AdQGxPTOKSpdJ6ujVL7PlF45y5kJwSJxUc1e93YV+n/c0dYCKKQlrUqh1UbnVZTNqUt3xiUjKXD
/bFideuMX6UhyN2ra1dCm0S7DzgqgU/MlM5wGErWyhzkDhFJjlp+67FhEAsprStIVShHQU9UZX00
xhPERFX8vnOfbnvz99pDu44/ROH/5gMtUC8TS1S3l+MjH5uk7roRDnpXv6u9o/XiXFJbs2qmH+k9
Nwf2A7qNvDGX+3yrv7aUvuK6ek1KCojOZfW/DAY0wfM=
-----END CERTIFICATE-----

+ 28
- 0
ssl/myserver.key View File

@@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC/gTTFKHOOiHS9
gkUyoShNgg0JV876L5iaz9tSydszZH1JdanZLcN3FK/Mx6c0BEZg5FiGvI9NQiKT
9qqbigFeerM7g5N8e0FB1ar0ioinSZAvaJBG8+NI4myAozF7Js6pIfEZ34iPk19q
70ngEXIhlGP8DTPURdWRrIy0s2EO0rEFvJNnTM5J9w4l15iV+uaRwV9DuaLsyGmw
CKx2hDaB/mU8MN6FUGkCl1PGoZAEUvOjz6Qkijuu+XS60HS1lD4WsaSMe9fDEEj0
2WnIHuXY9J0P6g7TjEM1Az9wFMI0c0HyeRIpV3OudS9zToMPSB2XVLUQB4jPzzoj
r+BL0OLJAgMBAAECggEAf+0M1kN+ZhFrgoi6NucG6DffA4W/wsr2szv0s+oZ3svb
Ea5jJqv2bd7IzQ/19r6AUQtYw7DEPYTXWmYlc7+NyJJIlpH/fOFNJ3BXQgIk5TMz
+SdtcahMBQ0UFB5v2GeFF+CPkYwMSnTVAbcVb3PX/OyGmgIrxDpeP3C3kaJeTKp0
APTnWz/lNx9zeiSb6bPhigR9rR6+qvWD9lRxdqv109EiHL/7x3lULqLneADhSLBZ
ibKcKR3AZ5Y1pI/b/eDxjWuLbhjH+7c6bHKrQKo7MNqM6z6GAZYZp1EGkxVtUZ+7
O7CIFUh8iyI0x1F1eqMCCvrzqTkHyO/6vcfjq+qwMQKBgQDmPxTCAUjp6pNt4AyS
vff10VE6tB9zOqMagPl3hi6/UdUlId74bnhwAGwL2/NMd4T46k/1U1QZmTTJZkhu
uXYDIiMiFWzoLQb6MKNL/iG8+dRfLhoZd4pE3qY5fMvsFK23m2yfEoElVSk3HH0l
etB6BhKovQ+cc8cwcjGapvK/DQKBgQDU7Mm4Ybu7BkNBoGOA1uJVRBD4R5rRr79G
nLpWLPVzolW3MdsSzASJ9TLdVXv2J4J0+SeDqfUU+QwdAgl3qC1GBchys8E0Msdd
MDuRaqRIlpUtM0EkZv6ltZw06VB+joSlJItxM5eRlJGq5Z0Z71XghboGQ9e3BLAZ
MNTrHoMjrQKBgQDHC6GWViYCkpgBVL+J3FCQYfQnG7BUnUyDjRwdCBNBsizhfPaV
LmtP6A1/8xXR9UEvLuEQ5Ii/2IKZ2aKklhA/hTN6M6uCy+pMP9/rwjbId/HwlppZ
ic4u24w4BnsEDJxhLiwpGIYtEAIhcq99xz6TPszCsy7bwfthFldrqwgPwQKBgQCI
v1KGUm5pHQqQ2VtOYbOWo1JqwkISLVchGIMr2VACZd26/BAAsHqxx4JVWBN28cT9
Lw9Lphm60IARGT/PU3lQIWKtF/kbdwlHNjTrnZvI6rz//Iz3vhYJguvBp56EyS8z
iJbtqv7LBqnPIgyVnXp/6iKg521hI2edphj4r+31OQKBgD/IThvl2PlU6druaK/5
wuJGHsghDpn11sto4TuSP3B2/lAHwISM7l3GEWqFfe/gGEzsAyz2zqrg9ifRrd1D
Q1V9iDhDzNwducH17HvjPCStZ/HRzK8c3tphZfN09oyjbp/2aDrx+/oPFlYF7hbv
dHyQzJ2Hx5lXoauGJGxAxmbm
-----END PRIVATE KEY-----

+ 18
- 0
ssl/server.csr View File

@@ -0,0 +1,18 @@
-----BEGIN CERTIFICATE REQUEST-----
MIIC9jCCAd4CAQAwgbAxCzAJBgNVBAYTAkNPMREwDwYDVQQIDAhDaG9jw4PCszES
MBAGA1UEBwwJQWNhbmTDg8KtMRcwFQYDVQQKDA5OdWVzdHJhUmVkLm9yZzEbMBkG
A1UECwwSUmVkZXMgQ29tdW5pdGFyaWFzMR4wHAYDVQQDDBVkYXJpZW4ubnVlc3Ry
YXJlZC5vcmcxJDAiBgkqhkiG9w0BCQEWFWNvcnJlb0BudWVzdHJhcmVkLm9yZzCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL+BNMUoc46IdL2CRTKhKE2C
DQlXzvovmJrP21LJ2zNkfUl1qdktw3cUr8zHpzQERmDkWIa8j01CIpP2qpuKAV56
szuDk3x7QUHVqvSKiKdJkC9okEbz40jibICjMXsmzqkh8RnfiI+TX2rvSeARciGU
Y/wNM9RF1ZGsjLSzYQ7SsQW8k2dMzkn3DiXXmJX65pHBX0O5ouzIabAIrHaENoH+
ZTww3oVQaQKXU8ahkARS86PPpCSKO675dLrQdLWUPhaxpIx718MQSPTZacge5dj0
nQ/qDtOMQzUDP3AUwjRzQfJ5EilXc651L3NOgw9IHZdUtRAHiM/POiOv4EvQ4skC
AwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQCe8XhyW5FkCnea/U5eRLycKhqSE5ma
8S+1iix6al+PWOnpkj22MdCcLRJuOPrAzWovLfuRuxO/hotbAGo/iJEMJuifUIxp
FrYf1f/c7KOU9/WuDFwuNh9NcJv0Pj+pCcqE5eSEBcD8wc+Z8Mai7MjQIF4E6gP1
TApa+T3Mgb/SufQUHY+3N2farDVhgZP9/PsCpORtx4Yu0tMxZDzOXLi2vsJ6bI5f
GCuMLB6cwWtoOC1Yny91ZG7tBUsO5LfRSheBtNUVRdQ/7RqNtB5GtjSaD2nDbAcx
4o2Eo2AiQc00sw1KnkyIu+g9OfNTjutpWsrcWhblZ/SNfGDuXCDaUm5v
-----END CERTIFICATE REQUEST-----

+ 15
- 0
webserver/apache2/ports.conf View File

@@ -0,0 +1,15 @@
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf

Listen 85

<IfModule ssl_module>
Listen 8443
</IfModule>

<IfModule mod_gnutls.c>
Listen 8443
</IfModule>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

+ 24
- 0
webserver/apache2/sites-available/000-default.conf View File

@@ -0,0 +1,24 @@
<VirtualHost *:85>
ServerName darien.nuestrared.org
ServerAdmin info@tupale.co
DocumentRoot /var/www/html
RewriteEngine On
RewriteCond %{HTTP_HOST} ^darien\.nuestrared.org [NC,OR]
RewriteRule ^/$ /e1 [R]

<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/html/>
Options FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined


</VirtualHost>


+ 44
- 0
webserver/apache2/sites-available/default-ssl.conf View File

@@ -0,0 +1,44 @@
<IfModule mod_ssl.c>
<VirtualHost *:8443>
ServerName darien.nuestrared.org
ServerAdmin info@tupale.co
DocumentRoot /var/www/html
RewriteEngine On
RewriteCond %{HTTP_HOST} ^darien\.nuestrared.org [NC,OR]
RewriteRule ^/$ /e1 [R]

<Directory />
Options FollowSymLinks
AllowOverride All
</Directory>
<Directory /var/www/html/>
Options FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>


ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined


# RewriteEngine On
# RewriteCond %{HTTPS} off
# RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

SSLCertificateFile /etc/letsencrypt/darien.crt
SSLCertificateKeyFile /etc/letsencrypt/myserver.key
Include /etc/letsencrypt/options-ssl-apache.conf
#

ErrorDocument 404 /404.php
<Files "404.php">
<If "-z %{ENV:REDIRECT_STATUS}">
RedirectMatch 404 ^/404.php$
</If>
</Files>

</VirtualHost>

</IfModule>


+ 1
- 0
webserver/apache2/sites-enabled/000-default.conf View File

@@ -0,0 +1 @@
../sites-available/000-default.conf

+ 1
- 0
webserver/apache2/sites-enabled/default-ssl.conf View File

@@ -0,0 +1 @@
../sites-available/default-ssl.conf

+ 65
- 0
webserver/nginx.conf View File

@@ -0,0 +1,65 @@
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
worker_connections 768;
multi_accept on;
}

http {

##
# Basic Settings
##

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;

server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-stream;

##
# SSL Settings
##

ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;

##
# Logging Settings
##

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

##
# Gzip Settings
##

gzip on;

gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

##
# Virtual Host Configs
##

include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}



+ 12
- 0
webserver/proxy.conf View File

@@ -0,0 +1,12 @@
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#client_max_body_size 10m;
#client_body_buffer_size 128k;
proxy_connect_timeout 600s;
proxy_send_timeout 600;
proxy_read_timeout 600s;
send_timeout 600;
#proxy_buffers 32 4k;


+ 47
- 0
webserver/sites-available/default View File

@@ -0,0 +1,47 @@
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.php;
add_header Access-Control-Allow-Origin "*";
server_name reddarien.nuestrared.org dariencaribe.org dariencaribe.nuestrared.org www.dariencaribe.org darien.info www.darien.info darien.nuestrared.org;
return 301 https://$host$request_uri;

location /mapproxy {
proxy_pass http://localhost:8080;
proxy_set_header Host $http_host;
proxy_set_header X-Script-Name /mapproxy;
}

location / {
proxy_pass https://10.10.4.2:8443/;
include /etc/nginx/proxy.conf;
}



location @rewrite {
# Some modules enforce no slash (/) at the end of the URL
# Else this rewrite block wouldn&#39;t be needed (GlobalRedirect)
rewrite ^/(.*)$ /index.php?variable=$1;
}


location ~ \.php$ {
include snippets/fastcgi-php.conf;
#try_files $uri =404;
#fastcgi_param REMOTE_ADDR $http_x_real_ip;
#fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9002;
#fastcgi_index index.php;
#include fastcgi_params;
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fastcgi_param PATH_INFO $fastcgi_path_info;
}

location ~ /\.ht {
deny all;
}
}


+ 51
- 0
webserver/sites-enabled/captive View File

@@ -0,0 +1,51 @@
#Este archivo de configuración hace que los celulares que se conecten a la red encuentren el portal captivo y crean que estan conectados a Internet
server {
listen 80;
server_name
clients3.google.com
clients.l.google.com
connectivitycheck.android.com
connectivitycheck.gstatic.com
play.googleapis.com
;
root /var/www/captive;

index index.html index.htm index.nginx-debian.html;

location /generate_204 {
return 204;
return 302 http://infolocal.nuestrared.org;
}
location / {
try_files $uri $uri/ =404;
}

# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass 127.0.0.1:9000;
}

location ~ /\.ht {
deny all;
}
}


server {
server_name
apple.com
captive.apple.com;
listen 80;

root /var/www/captive;

location / {
try_files /index.html /index.html;
}

}


+ 1
- 0
webserver/sites-enabled/default View File

@@ -0,0 +1 @@
/etc/nginx/sites-available/default

+ 53
- 0
webserver/sites-enabled/default-ssl View File

@@ -0,0 +1,53 @@
server {
listen 443 default_server;
listen [::]:443 default_server;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.php;
add_header Access-Control-Allow-Origin "*";
server_name reddarien.nuestrared.org dariencaribe.org dariencaribe.nuestrared.org www.dariencaribe.org darien.info www.darien.info darien.nuestrared.org;

ssl on;
ssl_certificate /etc/letsencrypt/darien.crt; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/myserver.key; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


location /mapproxy {
proxy_pass http://localhost:8080;
proxy_set_header Host $http_host;
proxy_set_header X-Script-Name /mapproxy;
}

location / {
proxy_pass https://10.10.4.2:8443/;
include /etc/nginx/proxy.conf;
}



location @rewrite {
# Some modules enforce no slash (/) at the end of the URL
# Else this rewrite block wouldn&#39;t be needed (GlobalRedirect)
rewrite ^/(.*)$ /index.php?variable=$1;
}


location ~ \.php$ {
include snippets/fastcgi-php.conf;
#try_files $uri =404;
#fastcgi_param REMOTE_ADDR $http_x_real_ip;
#fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9002;
#fastcgi_index index.php;
#include fastcgi_params;
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fastcgi_param PATH_INFO $fastcgi_path_info;
}

location ~ /\.ht {
deny all;
}
}


Loading…
Cancel
Save