Catching up Webserver config

roles/WebServer/files/conf.d/Core/aaa_default.conf

@@ -1,21 +1,12 @@
 server {
     listen      443 ssl http2;
     server_name default_server;
-    include sec.conf;
-    include letsencrypt.conf;
-    include default.csp.conf;
-    rewrite ^/(.*)$ https://aninix.net/$1 permanent;
-
-}
-
-server {
-    listen      443 ssl http2;
-    server_name aninix.net;
 
     include sec.conf;
-    include letsencrypt.conf;
     include default.csp.conf;
 
+    include letsencrypt.conf;
+
     location / {
 
       rewrite ^/martialarts(\/)*(\/index.html)*$ /assets/martialarts/index.html;
@@ -54,3 +45,16 @@ server {
     }
 
 }
+
+server {
+    listen      443 ssl http2;
+    server_name foundation.aninix.net;
+    include sec.conf;
+    include letsencrypt.conf;
+    include default.csp.conf;
+
+    location / {
+        rewrite ^/(.*)$ https://aninix.net/$1 permanent;
+    }
+
+}

roles/WebServer/files/conf.d/Core/cyberbrain.conf

@@ -4,7 +4,6 @@ server {
 
     include sec.conf;
     include default.csp.conf;
-    include letsencrypt.conf;
 
     location /
     {
@@ -19,4 +18,7 @@ server {
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Real-PORT $remote_port;
     }
+
+    include letsencrypt.conf;
+
 }

roles/WebServer/files/conf.d/Core/geth.conf

@@ -15,15 +15,15 @@ server {
 
     location /
     {
-      proxy_set_header Host $http_host;
-      proxy_set_header X-Forwarded-Host $host;
-      proxy_set_header X-Forwarded-Server $host;
-      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-      proxy_pass       http://geth.msn0.aninix.net:8123;
-      proxy_redirect http:// https://;
-      proxy_http_version 1.1;
-      proxy_set_header Upgrade $http_upgrade;
-      proxy_set_header Connection $connection_upgrade;
-      proxy_read_timeout 86400;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Server $host;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_pass       http://geth.msn0.aninix.net:8123;
+        proxy_redirect http:// https://;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection $connection_upgrade;
+        proxy_read_timeout 86400;
     }
 }

roles/WebServer/files/conf.d/Core/lykos-wiki.conf

@@ -2,7 +2,7 @@ server {
     listen      443 ssl;
     server_name lykos.aninix.net;
 
-    include letsencrypt.conf;
+    # include local.conf;
 
     root /usr/share/webapps/;
 
@@ -34,4 +34,6 @@ server {
         deny all;
     }
 
+    include letsencrypt.conf;
+
 }

roles/WebServer/files/conf.d/Core/password.conf

@@ -6,28 +6,30 @@ server {
     include default.csp.conf;
     include letsencrypt.conf;
 
-    root /usr/share/webapps/self-service-password/htdocs/;
+    location / {
+        root /usr/share/webapps/self-service-password/htdocs/;
 
-    # https://ltb-project.org/documentation/self-service-password/1.3/config_nginx
-    index index.php index.html index.htm;
+        # https://ltb-project.org/documentation/self-service-password/1.3/config_nginx
+        index index.php index.html index.htm;
 
-    # Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
-    sendfile off;
+        # Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
+        sendfile off;
 
-    gzip on;
-    gzip_comp_level 6;
-    gzip_min_length 1000;
-    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js;
-    gzip_vary on;
-    gzip_proxied any;
-    gzip_disable "MSIE [1-6]\.(?!.*SV1)";
+        gzip on;
+        gzip_comp_level 6;
+        gzip_min_length 1000;
+        gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js;
+        gzip_vary on;
+        gzip_proxied any;
+        gzip_disable "MSIE [1-6]\.(?!.*SV1)";
 
-    # Add stdout logging
+        # Add stdout logging
 
-    #error_log /dev/stdout warn;
-    #access_log /dev/stdout info;
+        #error_log /dev/stdout warn;
+        #access_log /dev/stdout info;
 
-    include ../conf.d/fastcgi.config;
+        include ../conf.d/fastcgi.config;
+    }
 
     # deny access to . files, for security
     #

roles/WebServer/files/conf.d/Core/travelpawscvt.com.conf

@@ -0,0 +1,14 @@
+server {
+    listen      443 ssl;
+    server_name travelpawscvt.com;
+
+    #include local.conf;
+    include letsencrypt.conf;
+    include ../conf.d/fastcgi.config;
+
+    root /opt/travelpawscvt;
+
+    client_max_body_size 5m;
+    client_body_timeout 60;
+
+}

roles/WebServer/files/conf.d/Core/wolfpack.conf

@@ -4,7 +4,6 @@ server {
 
     include sec.conf;
     include default.csp.conf;
-    include letsencrypt.conf;
 
     location /
     {
@@ -12,4 +11,6 @@ server {
         autoindex on;
         autoindex_format html;
     }
+
+    include letsencrypt.conf;
 }