[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
branch master updated: hydra: berlin: Redirect HTTP to HTTPS by default.
From: |
Tobias Geerinckx-Rice |
Subject: |
branch master updated: hydra: berlin: Redirect HTTP to HTTPS by default. |
Date: |
Fri, 19 Nov 2021 10:56:05 -0500 |
This is an automated email from the git hooks/post-receive script.
nckx pushed a commit to branch master
in repository maintenance.
The following commit(s) were added to refs/heads/master by this push:
new 4015696 hydra: berlin: Redirect HTTP to HTTPS by default.
4015696 is described below
commit 4015696e45c2242a2e7221c4f43231db5581bda4
Author: Tobias Geerinckx-Rice <me@tobias.gr>
AuthorDate: Tue Nov 2 16:31:36 2021 +0100
hydra: berlin: Redirect HTTP to HTTPS by default.
* hydra/nginx/berlin.scm (%berlin-servers): Add a default port-80 server
to redirect all requests to their HTTPS counterparts. Remove explicit
HTTP support for guix.gnu.org and issues.guix.gnu.org.
---
hydra/nginx/berlin.scm | 42 +++++++-----------------------------------
1 file changed, 7 insertions(+), 35 deletions(-)
diff --git a/hydra/nginx/berlin.scm b/hydra/nginx/berlin.scm
index 4713d7b..38854e3 100644
--- a/hydra/nginx/berlin.scm
+++ b/hydra/nginx/berlin.scm
@@ -809,7 +809,13 @@ PUBLISH-URL."
(define %berlin-servers
(list
- ;; Plain HTTP
+ ;; Redirect domains that don't explicitly support HTTP (below) to HTTPS.
+ (nginx-server-configuration
+ (listen '("80"))
+ (raw-content
+ (list "return 308 https://$host$request_uri;")))
+
+ ;; Domains that still explicitly support plain HTTP.
(nginx-server-configuration
(listen '("80"))
(server-name '("ci.guix.gnu.org"))
@@ -843,40 +849,6 @@ PUBLISH-URL."
(nginx-server-configuration
(listen '("80"))
- (server-name '("guix.gnu.org"))
- (root "/srv/guix.gnu.org")
- (locations guix.gnu.org-locations)
- (raw-content
- (list
- "add_header Content-Security-Policy \"frame-ancestors 'none'\";"
-
- ;; TODO This works around NGinx using the epoch for the
- ;; Last-Modified date, as well as the etag.
- ;; See http://issues.guix.gnu.org/37207
- "add_header Last-Modified \"\";"
- "if_modified_since off;"
- "etag off;"
-
- "rewrite (.*)/$ $1/index.html;"
- "access_log /var/log/nginx/guix-info.access.log;")))
-
- (nginx-server-configuration
- (listen '("80"))
- (server-name '("issues.guix.gnu.org"))
- (root "/home/rekado/mumi/")
- (locations
- (list (nginx-location-configuration ;certbot
- (uri "/.well-known")
- (body (list "root /var/www;")))
- (nginx-location-configuration
- (uri "/")
- (body '("proxy_pass http://localhost:1234;")))))
- (raw-content
- (list
- "access_log /var/log/nginx/issues-guix-info.access.log;")))
-
- (nginx-server-configuration
- (listen '("80"))
(server-name '("guixwl.org"
"www.guixwl.org"))
(root "/home/rekado/gwl/")
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- branch master updated: hydra: berlin: Redirect HTTP to HTTPS by default.,
Tobias Geerinckx-Rice <=