Whitespace cleanup to get in sync with AniNIX/Uniglot hooks

roles/WebServer/README.md

@@ -6,7 +6,7 @@ The WebServer serves content on the Web -- its name is simple to match the funct
 # Relevant Files and Software
 Configuration files live in [/opt/openresty/nginx/](file:///opt/openresty/nginx), including ciphersuites, URI redirection, and pathing. It can be validated with the `openresty -t` command. Webserver isn't meant to hold files itself -- it generally proxies and SSL-terminates connections for other apps, using location-based hosting and fastcgi.
 
-Of security note are the default.csp.conf and sec.conf files in [the conf folder](/AniNIX/Ubiqtorate/src/branch/main/roles/WebServer/files/conf). These files include our security remediations, as we have been able to get them to work with our apps. 
+Of security note are the default.csp.conf and sec.conf files in [the conf folder](/AniNIX/Ubiqtorate/src/branch/main/roles/WebServer/files/conf). These files include our security remediations, as we have been able to get them to work with our apps.
 
 **Please note:** We offer a redirect on www.aninix.net and http://aninix.net:80/ only as a legacy convenience as browsers do not yet support 443 by default -- no data is transmitted on these. When the webhosting community acknowledges the death of the empty www. subdomain and the necessity of encryption, we will drop these. However, for usability, we include them for now.
 

roles/WebServer/files/conf.d/Core/aaa_default.conf

@@ -1,25 +1,25 @@
 server {
     listen      443 ssl http2;
     server_name default_server;
+    include sec.conf;
+    include letsencrypt.conf;
+    include default.csp.conf;
+    rewrite ^/(.*)$ https://aninix.net/$1 permanent;
+
+}
+
+server {
+    listen      443 ssl http2;
+    server_name aninix.net;
 
     include sec.conf;
+    include letsencrypt.conf;
     include default.csp.conf;
 
-    location /
-    {
-      rewrite ^/martialarts(\/*)$ /assets/martialarts/index.html;
-      rewrite /shadowarch /AniNIX/ShadowArch/raw/branch/main/EtcFiles/shadowarch
+    location / {
+
+      rewrite ^/martialarts(\/)*(\/index.html)*$ /assets/martialarts/index.html;
 
-      location /aninix.xml { 
-          proxy_hide_header Content-Type;
-          add_header content-type "application/atom+xml";
-          rewrite /aninix.xml /AniNIX/Wiki/raw/branch/main/rss/aninix.xml;
-      }
-      location /martialarts/maqotw.xml { 
-          proxy_hide_header Content-Type;
-          add_header content-type "application/atom+xml";
-          rewrite /martialarts/maqotw.xml /AniNIX/Wiki/raw/branch/main/rss/maqotw.xml;
-      }
       proxy_set_header Host $http_host;
       proxy_set_header X-Forwarded-Host $host;
       proxy_set_header X-Forwarded-Server $host;
@@ -27,8 +27,19 @@ server {
       proxy_pass       http://127.0.0.1:3000;
     }
 
-    location /whatismyip
-    {
+    location /aninix.xml {
+        proxy_hide_header Content-Type;
+        add_header content-type "application/atom+xml";
+        rewrite /aninix.xml /AniNIX/Wiki/raw/branch/main/rss/aninix.xml;
+    }
+
+    location /martialarts/maqotw.xml {
+        proxy_hide_header Content-Type;
+        add_header content-type "application/atom+xml";
+        rewrite /martialarts/maqotw.xml /AniNIX/Wiki/raw/branch/main/rss/maqotw.xml;
+    }
+
+    location /whatismyip {
         include ../conf.d/fastcgi.config;
         root /usr/share/webapps/aninix/;
         location ~* whatismyip {
@@ -36,12 +47,10 @@ server {
             expires max;
         }
     }
-    location /blackpage
-    {
+
+    location /blackpage {
         root /usr/share/webapps/aninix/;
         try_files $uri /blackpage.html;
     }
 
-    include letsencrypt.conf;
-
 }

roles/WebServer/files/conf.d/Core/adhan.conf

@@ -1,6 +1,6 @@
 server {
     listen      443 ssl http2;
-    server_name adhan.aninix.net; 
+    server_name adhan.aninix.net;
 
     include sec.conf;
     include default.csp.conf;

roles/WebServer/files/conf.d/Core/geth.conf

@@ -1,4 +1,4 @@
-map $http_upgrade $connection_upgrade { 
+map $http_upgrade $connection_upgrade {
     default upgrade;
     ''      close;
 }

roles/WebServer/files/conf.d/Core/lykos-wiki.conf

@@ -2,7 +2,7 @@ server {
     listen      443 ssl;
     server_name lykos.aninix.net;
 
-    include letsencrypt.conf;    
+    include letsencrypt.conf;
 
     root /usr/share/webapps/;
 

roles/WebServer/files/conf.d/Core/password.conf

@@ -1,19 +1,19 @@
 server {
     listen      443 ssl http2;
-    server_name password.aninix.net; 
+    server_name password.aninix.net;
 
     include sec.conf;
     include default.csp.conf;
     include letsencrypt.conf;
 
     root /usr/share/webapps/self-service-password/htdocs/;
-    
+
     # https://ltb-project.org/documentation/self-service-password/1.3/config_nginx
     index index.php index.html index.htm;
- 
+
     # Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
     sendfile off;
-     
+
     gzip on;
     gzip_comp_level 6;
     gzip_min_length 1000;
@@ -21,24 +21,24 @@ server {
     gzip_vary on;
     gzip_proxied any;
     gzip_disable "MSIE [1-6]\.(?!.*SV1)";
- 
+
     # Add stdout logging
-     
+
     #error_log /dev/stdout warn;
     #access_log /dev/stdout info;
-     
+
     include ../conf.d/fastcgi.config;
-     
+
     # deny access to . files, for security
     #
     location ~ /\.\. {
-    		log_not_found off; 
-    		deny all;
+        log_not_found off;
+        deny all;
     }
-     
+
     location ~ /scripts {
-    		log_not_found off; 
-    		deny all;
+        log_not_found off;
+        deny all;
     }
- 
+
 }

roles/WebServer/files/conf.d/Core/sharingan.conf

@@ -7,7 +7,7 @@ server {
     # include default.csp.conf;
     include local.conf;
     include letsencrypt.conf;
-    
+
 
     location /
     {

roles/WebServer/files/conf.d/Core/singularity.conf

@@ -1,6 +1,6 @@
 server {
     listen      443 ssl;
-    server_name singularity.aninix.net; 
+    server_name singularity.aninix.net;
 
     include sec.conf;
     include default.csp.conf;

roles/WebServer/files/conf/sec.conf

@@ -1,5 +1,5 @@
 ssl_dhparam          /etc/ssl/certs/dhparam.pem;
-ssl_certificate      /etc/letsencrypt/live/aninix.net-0001/fullchain.pem; 
+ssl_certificate      /etc/letsencrypt/live/aninix.net-0001/fullchain.pem;
 ssl_certificate_key  /etc/letsencrypt/live/aninix.net-0001/privkey.pem;
 
 ssl_session_cache    shared:SSL:1m;

roles/WebServer/tasks/main.yml

@@ -58,13 +58,13 @@
    service:
      name: openresty
      state: stopped
-     enabled: no 
+     enabled: no
 
  - name: Ensure service is started
    become: yes
    when: conf.changed or confd.changed
    service:
-     name: "{{ item }}" 
+     name: "{{ item }}"
      enabled: yes
      state: restarted
    loop: