2021-12-07 19:51:31 +00:00
parent e20cc7396a
commit d9c505a2f5
9 changed files with 9 additions and 237 deletions
--- a/dist/docker/linux-x64/host/docker-nginx-ayanova-sample-config/letsencrypt/docker-compose.yml
+++ b/dist/docker/linux-x64/host/docker-nginx-ayanova-sample-config/letsencrypt/docker-compose.yml
@@ -1,18 +0,0 @@
-version: '3.1'
-
-services:
-
-  letsencrypt-nginx-container:
-    container_name: 'letsencrypt-nginx-container'
-    image: nginx:latest
-    ports:
-      - "80:80"
-    volumes:
-      - ./nginx.conf:/etc/nginx/conf.d/default.conf
-      - ./letsencrypt-site:/usr/share/nginx/html
-    networks:
-      - docker-network
-
-networks:
-  docker-network:
-    driver: bridge
--- a/dist/docker/linux-x64/host/docker-nginx-ayanova-sample-config/letsencrypt/letsencrypt-site/index.html
+++ b/dist/docker/linux-x64/host/docker-nginx-ayanova-sample-config/letsencrypt/letsencrypt-site/index.html
@@ -1,14 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-    <meta charset="utf-8" />
-    <title>Let's Encrypt First Time Cert Issue Site</title>
-</head>
-<body>
-    <h1>Hello world</h1>
-    <p>
-        This is the temporary site that will only be used for the very first time SSL certificates are issued by Let's Encrypt's
-        certbot.
-    </p>
-</body>
-</html>
--- a/dist/docker/linux-x64/host/docker-nginx-ayanova-sample-config/letsencrypt/nginx.conf
+++ b/dist/docker/linux-x64/host/docker-nginx-ayanova-sample-config/letsencrypt/nginx.conf
@@ -1,13 +0,0 @@
-server {
-    listen 80;
-    listen [::]:80;
-    server_name helloayanova.com www.helloayanova.com v8.helloayanova.com test.helloayanova.com;
-
-    location ~ /.well-known/acme-challenge {
-        allow all;
-        root /usr/share/nginx/html;
-    }
-
-    root /usr/share/nginx/html;
-    index index.html;
-}
--- a/dist/docker/linux-x64/host/docker-nginx-ayanova-sample-config/production/dh-param/dhparam-2048.pem
+++ b/dist/docker/linux-x64/host/docker-nginx-ayanova-sample-config/production/dh-param/dhparam-2048.pem
@@ -1,8 +0,0 @@
-----BEGIN DH PARAMETERS-----
-MIIBCAKCAQEA2wcsrWmfQbGC0V8eW14YPtYA1jt2dNeqV6B7Z/w0GnrwjL+xuYhG
-LzDhQuJvhEsDFCd//roBXWOFOZdAR0otkcxaQ+AaP0z/0UsC8NWGnM1G6q4fBju/
-y9e+dqjybyHIX10FtTj/gKV8lBcWJIw7cMmlAShj6xfd1zPPehNswLiRrWHusL/E
-5GkV/x4U76KbViqqTqrV5J6dmnxaNk4s8AphGvqeu/UrewjVf8C+fl6hljICUayJ
-WzHd5Ss/CASPRk91nnhcP9r3XZNyuPkyxmJrlZVElsC94T5Chnth+uix4TpBV/2P
-0Ax8sCLPVlw9Op7Bu7fJ+QJ5gbVk9n93mwIBAg==
-----END DH PARAMETERS-----
--- a/dist/docker/linux-x64/host/docker-nginx-ayanova-sample-config/production/docker-compose.yml
+++ b/dist/docker/linux-x64/host/docker-nginx-ayanova-sample-config/production/docker-compose.yml
@@ -1,22 +0,0 @@
-version: '3.1'
-
-services:
-
-  production-nginx-container:
-    container_name: 'production-nginx-container'
-    image: nginx:latest
-    restart: always
-    ports:
-      - "80:80"
-      - "443:443"
-    volumes:
-      - ./production.conf:/etc/nginx/conf.d/default.conf
-      - ./production-site:/usr/share/nginx/html
-      - ./dh-param/dhparam-2048.pem:/etc/ssl/certs/dhparam-2048.pem
-      - /docker-volumes/etc/letsencrypt/live/helloayanova.com/fullchain.pem:/etc/letsencrypt/live/helloayanova.com/fullchain.pem
-      - /docker-volumes/etc/letsencrypt/live/helloayanova.com/privkey.pem:/etc/letsencrypt/live/helloayanova.com/privkey.pem
-
-networks:
-  default:
-    external:
-      name: docker-network
--- a/dist/docker/linux-x64/host/docker-nginx-ayanova-sample-config/production/production-site/index.html
+++ b/dist/docker/linux-x64/host/docker-nginx-ayanova-sample-config/production/production-site/index.html
@@ -1,13 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-    <meta charset="utf-8" />
-    <title>HelloAyaNova</title>
-</head>
-<body>
-    <h1>Hello AyaNova</h1>
-    <p>
-        Test site
-    </p>
-</body>
-</html>
--- a/dist/docker/linux-x64/host/docker-nginx-ayanova-sample-config/production/production.conf
+++ b/dist/docker/linux-x64/host/docker-nginx-ayanova-sample-config/production/production.conf
@@ -1,142 +0,0 @@
-server {
-    listen 80;
-    listen [::]:80;
-    server_name helloayanova.com www.helloayanova.com;
-    location ^~ /.well-known/acme-challenge {
-        root /usr/share/nginx/html;
-        default_type text/plain;
-        allow all;
-    }
-    location / {
-        rewrite ^ https://$host$request_uri? permanent;
-    }
-}
-#https://helloayanova.com
-server {
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
-    server_name helloayanova.com;
-    server_tokens off;
-    ssl_certificate /etc/letsencrypt/live/helloayanova.com/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/helloayanova.com/privkey.pem;
-    ssl_buffer_size 8k;
-    ssl_dhparam /etc/ssl/certs/dhparam-2048.pem;
-    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
-    ssl_prefer_server_ciphers on;
-    ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
-    ssl_ecdh_curve secp384r1;
-    ssl_session_tickets off;
-    # OCSP stapling
-    ssl_stapling on;
-    ssl_stapling_verify on;
-    resolver 8.8.8.8;
-    location ^~ /.well-known/acme-challenge {
-        root /usr/share/nginx/html;
-        default_type text/plain;
-        allow all;
-    }
-    return 301 https://www.helloayanova.com$request_uri;
-}
-#https://www.helloayanova.com
-#This is the "web" server for static files outside of AyaNova app server
-server {
-    server_name www.helloayanova.com;
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
-    server_tokens off;
-    ssl on;
-    ssl_buffer_size 8k;
-    ssl_dhparam /etc/ssl/certs/dhparam-2048.pem;
-    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
-    ssl_prefer_server_ciphers on;
-    ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
-    ssl_ecdh_curve secp384r1;
-    ssl_session_tickets off;
-    # OCSP stapling
-    ssl_stapling on;
-    ssl_stapling_verify on;
-    resolver 8.8.8.8 8.8.4.4;
-    ssl_certificate /etc/letsencrypt/live/helloayanova.com/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/helloayanova.com/privkey.pem;
-    location ^~ /.well-known/acme-challenge {
-        root /usr/share/nginx/html;
-        default_type text/plain;
-        allow all;
-    }
-
-
-    location / {
-        #security headers
-        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
-        add_header X-XSS-Protection "1; mode=block" always;
-        add_header X-Content-Type-Options "nosniff" always;
-        add_header X-Frame-Options "DENY" always;
-        #CSP
-        add_header Content-Security-Policy "frame-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com https://ajax.googleapis.com; img-src 'self'; style-src 'self' https://maxcdn.bootstrapcdn.com; font-src 'self' data: https://maxcdn.bootstrapcdn.com; form-action 'self'; upgrade-insecure-requests;" always;
-        add_header Referrer-Policy "strict-origin-when-cross-origin" always;
-   }
-
-
-    root /usr/share/nginx/html;
-    index index.html;
-}
-
-#https://v8.helloayanova.com, https://test.helloayanova.com   helloayanova
-server {
-    server_name test.helloayanova.com v8.helloayanova.com;
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
-    server_tokens off;
-    ssl on;
-    ssl_buffer_size 8k;
-    ssl_dhparam /etc/ssl/certs/dhparam-2048.pem;
-    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
-    ssl_prefer_server_ciphers on;
-    ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
-    ssl_ecdh_curve secp384r1;
-    ssl_session_tickets off;
-    # OCSP stapling
-    ssl_stapling on;
-    ssl_stapling_verify on;
-    resolver 8.8.8.8 8.8.4.4;
-    ssl_certificate /etc/letsencrypt/live/helloayanova.com/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/helloayanova.com/privkey.pem;
-    location ^~ /.well-known/acme-challenge {
-        root /usr/share/nginx/html;
-        default_type text/plain;
-        allow all;
-    }
-
-    location / {
-        #security headers
-        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
-        add_header X-XSS-Protection "1; mode=block" always;
-        add_header X-Content-Type-Options "nosniff" always;
-        add_header X-Frame-Options "DENY" always;
-
-        #CSP
-        #https://developers.google.com/web/fundamentals/security/csp/
-        add_header Content-Security-Policy "frame-src 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' https://apis.google.com; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/; font-src 'self' https://fonts.googleapis.com/ https://fonts.gstatic.com; form-action 'self'; upgrade-insecure-requests;" always;
-        add_header Referrer-Policy "strict-origin-when-cross-origin" always;
-
-        #This is "ayanova" because it's the docker network and port
-        proxy_pass http://ayanova:7575;
-        proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection "";
-        proxy_set_header Host $http_host;
-        proxy_cache_bypass $http_upgrade;
-
-	#These timeouts are only required for large trial data generation which should be re-coded to start the process and return immediately
-	#AS of alpha-4 large data generation on D.O. takes 1'04'' so setting these to 3 minutes as a safe margin
-
-	proxy_connect_timeout       180;
-	proxy_send_timeout          180;
-	proxy_read_timeout          180;
-	send_timeout                180;
-
-
-   }
-
-
-}
--- a/dist/docker/linux-x64/restartnginx.sh
+++ b/dist/docker/linux-x64/restartnginx.sh
@@ -1,6 +0,0 @@
-#!/bin/bash
-cd /docker/letsencrypt-docker-nginx/src/production 
-docker-compose down
-docker-compose up -d
-#docker start dock-pg10 dock-pgadmin
-#/docker/letsencrypt-docker-nginx/src/production run sudo docker-compose up -d