* CLUSTER.DOMAIN
* collections.CLUSTER.DOMAIN
-* \*\-\-collections.CLUSTER.DOMAIN
+* \*.collections.CLUSTER.DOMAIN
* download.CLUSTER.DOMAIN
* keep.CLUSTER.DOMAIN
* workbench.CLUSTER.DOMAIN
InternalURLs:
'http://localhost:8004': {}
WebDAV:
- ExternalURL: 'https://*--collections.__CLUSTER__.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__/'
+ ExternalURL: 'https://*.collections.__CLUSTER__.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__/'
InternalURLs:
'http://localhost:9002': {}
WebDAVDownload:
use_package: true
pkgs:
- certbot: latest
- - python3-certbot-nginx
+ - python3-certbot-dns-route53
config:
server: https://acme-v02.api.letsencrypt.org/directory
email: __INITIAL_USER_EMAIL__
- authenticator: nginx
- webroot-path: /var/www
+ authenticator: dns-route53
agree-tos: true
keep-until-expiring: true
expand: true
max-log-backups: 0
deploy-hook: systemctl reload nginx
-
-### NGINX
-nginx:
- ### SNIPPETS
- snippets:
- ### LETSENCRYPT DEFAULT PATH
- letsencrypt_well_known.conf:
- - location /.well-known:
- - root: /var/www
- download.__CLUSTER__.__DOMAIN__
collections.__CLUSTER__.__DOMAIN__:
- collections.__CLUSTER__.__DOMAIN__
+ - *.collections.__CLUSTER__.__DOMAIN__
### NGINX
nginx:
- server_name: __CLUSTER__.__DOMAIN__
- listen:
- 80 default
- - include: snippets/letsencrypt_well_known.conf
- location /:
- return: '301 https://$host$request_uri'
- server_name: keep.__CLUSTER__.__DOMAIN__
- listen:
- 80
- - include: snippets/letsencrypt_well_known.conf
- location /:
- return: '301 https://$host$request_uri'
overwrite: true
config:
- server:
- - server_name: '~^((.*--)?collections|download)\.__CLUSTER__\.__DOMAIN__'
+ - server_name: '~^((.*\.)?collections|download)\.__CLUSTER__\.__DOMAIN__'
- listen:
- 80
- - include: snippets/letsencrypt_well_known.conf
- location /:
- return: '301 https://$host$request_uri'
cmd: create-initial-cert-collections.__CLUSTER__.__DOMAIN__-collections.__CLUSTER__.__DOMAIN__
config:
- server:
- - server_name: '~^(.*--)?collections\.__CLUSTER__\.__DOMAIN__'
+ - server_name: '*.collections.__CLUSTER__.__DOMAIN__'
- listen:
- __CONTROLLER_EXT_SSL_PORT__ http2 ssl
- index: index.html index.htm
- server_name: webshell.__CLUSTER__.__DOMAIN__
- listen:
- 80
- - include: snippets/letsencrypt_well_known.conf
- location /:
- return: '301 https://$host$request_uri'
- server_name: ws.__CLUSTER__.__DOMAIN__
- listen:
- 80
- - include: snippets/letsencrypt_well_known.conf
- location /:
- return: '301 https://$host$request_uri'
- server_name: workbench2.__CLUSTER__.__DOMAIN__
- listen:
- 80
- - include: snippets/letsencrypt_well_known.conf
- location /:
- return: '301 https://$host$request_uri'
- server_name: workbench.__CLUSTER__.__DOMAIN__
- listen:
- 80
- - include: snippets/letsencrypt_well_known.conf
- location /:
- return: '301 https://$host$request_uri'
projects / arvados.git / commitdiff