Scott.Idem/OSIT-AE-Docker-Env
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: disabled internal SSL/HTTPS in Nginx configs to support host-level SSL termination.

Browse Source
This commit is contained in:
Scott Idem
2026-03-11 23:05:51 -04:00
parent 14173cfc22
commit a7b6112f4d
3 changed files with 202 additions and 279 deletions
Download Patch File Download Diff File Expand all files Collapse all files

135
conf/nginx/site.conf
View File

@@ -1,115 +1,38 @@
# Aether Platform - Default Nginx Site Config
# This file handles the default (non-matching) requests.
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
# server {
# listen 80;
# server_name _;
#
# access_log /logs/nginx/access_docker.log;
# error_log /logs/nginx/error_docker.log;
#
# root /srv/html_php;
#
# index index.html index.htm index.php;
#
# # location / {
# # # root /usr/share/nginx/html;
# # index index.html index.htm;
# # }
#
# location ~ \.php$ {
# index index.html index.htm index.php;
#
# try_files $uri =404;
# fastcgi_split_path_info ^(.+\.php)(/.+)$;
# fastcgi_pass php7:9000;
# fastcgi_index index.php;
# include fastcgi_params;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_param PATH_INFO $fastcgi_path_info;
# }
#
# #error_page 404 /404.html;
#
# # redirect server error pages to the static page /50x.html
# #
# # error_page 500 502 503 504 /50x.html;
# # location = /50x.html {
# # root /usr/share/nginx/html;
# # }
#
# # proxy the PHP scripts to Apache listening on 127.0.0.1:80
# #
# #location ~ \.php$ {
# # proxy_pass http://127.0.0.1;
# #}
#
# # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
# #
# #location ~ \.php$ {
# # root html;
# # fastcgi_pass 127.0.0.1:9000;
# # fastcgi_index index.php;
# # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# # include fastcgi_params;
# #}
#
# # deny access to .htaccess files, if Apache's document root
# # concurs with nginx's one
# #
# #location ~ /\.ht {
# # deny all;
# #}
# }
server {
listen 443 ssl;
listen [::]:443 ssl;
# http2 on;
server_name _;
access_log /logs/nginx/access_docker.log;
error_log /logs/nginx/error_docker.log;
# Do not overflow the SSL send buffer (causes extra round trips)
# ssl_buffer_size 8k;
include /etc/nginx/options-ssl-nginx.conf;
ssl_certificate /etc/certs/fullchain.pem;
ssl_certificate_key /etc/certs/privkey.pem;
ssl_dhparam /etc/certs/ssl-dhparams.pem;
access_log /logs/nginx/access_docker_default.log;
error_log /logs/nginx/error_docker_default.log;
# Just return a 404 for any non-matching domains
location / {
return 404;
}
# root /srv/html_php;
#
# index index.php index.html;
#
# # These two locations remove .html and .php from filenames.
# location / {
# try_files $uri $uri/ $uri.html $uri.php$is_args$query_string;
# }
#
# location ~ \.php$ {
# root /srv/html_php;
#
# # index index.html index.htm index.php;
#
# try_files $uri =404;
# # try_files $uri $document_root$fastcgi_script_name =404;
#
# fastcgi_split_path_info ^(.+\.php)(/.+)$;
# fastcgi_pass php7:9000;
# fastcgi_index index.php;
# include fastcgi_params;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_param PATH_INFO $fastcgi_path_info;
# }
}
# SSL is disabled by default for internal containers.
# If you need SSL termination INSIDE the container, uncomment this block
# and ensure valid certs are in /etc/certs/
#
# server {
# listen 443 ssl;
# listen [::]:443 ssl;
# server_name _;
#
# access_log /logs/nginx/access_docker_ssl.log;
# error_log /logs/nginx/error_docker_ssl.log;
#
# include /etc/nginx/options-ssl-nginx.conf;
#
# ssl_certificate /etc/certs/fullchain.pem;
# ssl_certificate_key /etc/certs/privkey.pem;
# ssl_dhparam /etc/certs/ssl-dhparams.pem;
#
# location / {
# return 404;
# }
# }