From da92b448760e4881eb9e92bf10e23cf0c48921d2 Mon Sep 17 00:00:00 2001 From: sijanec Date: Tue, 4 May 2021 19:37:39 +0200 Subject: fix? for #1 --- apache.conf | 82 ++++++------------------------------------------------------- nginx.conf | 4 +-- 2 files changed, 10 insertions(+), 76 deletions(-) diff --git a/apache.conf b/apache.conf index 914d286..574c843 100644 --- a/apache.conf +++ b/apache.conf @@ -1,100 +1,34 @@ -# substitute, proxy, headers, ssl, proxy_http, dump_io mods need enable: a2enmod +# substitute, proxy, headers, ssl, proxy_http mods need enable: a2enmod SSLEngine On - SSLCertificateFile /etc/letsencrypt/live/gimb.tk/fullchain.pem - SSLCertificateKeyFile /etc/letsencrypt/live/gimb.tk/privkey.pem + SSLCertificateFile /etc/ssl/certifikati/fullchain.pem + SSLCertificateKeyFile /etc/ssl/certifikati/privkey.pem SSLProxyEngine On SSLProxyCheckPeerCN Off SSLProxyCheckPeerName Off - # The ServerName directive sets the request scheme, hostname and port that - # the server uses to identify itself. This is used when creating - # redirection URLs. In the context of virtual hosts, the ServerName - # specifies what hostname must appear in the request's Host: header to - # match this virtual host. For the default virtual host (this file) this - # value is not decisive as it is used as a last resort host regardless. - # However, you must set it for any further virtual host explicitly. - #ServerName www.example.com - - #ServerAdmin webmaster@localhost - #DocumentRoot /var/www/apache2 - - # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, - # error, crit, alert, emerg. - # It is also possible to configure the loglevel for particular - # modules, e.g. - #LogLevel info ssl:warn - ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined - - # For most configuration files from conf-available/, which are - # enabled or disabled at a global level, it is possible to - # include a line for only one particular virtual host. For example the - # following line enables the CGI configuration for this host only - # after it has been globally disabled with "a2disconf". - #Include conf-available/serve-cgi-bin.conf - RequestHeader unset Accept-Encoding ProxyPreserveHost Off ProxyPass "/" "https://teletext.rtvslo.si:443/" ProxyPassReverse "/" "https://teletext.rtvslo.si:443/" AddOutputFilterByType SUBSTITUTE text/html Substitute "s|teletext.rtvslo.si|teletekst.xn--jha.ga|i" - Substitute "s/weird.function/console.log/i" - Substitute "s/usemap/width=480 height=336 usemap/i" - DumpIOInput Off - DumpIOOutput On - LogLevel dumpio:trace7 - LogLevel debug + Substitute "s| usemap|' width=480 height=336 src='data:image/svg+xml,%3Csvg xmlns=http://www.w3.org/2000/svg width=480px height=336px %3E%3C/svg%3E' usemap|i" + Substitute "s/id=\"mainDisplay\" src/id=\"mainDisplay\" onload='this.src=\"/i" -# ServerName cargova.xn--pga.ga -# SSLEngine On -# SSLCertificateFile /etc/ssl/sslforfree/sg.crt -# SSLCertificateKeyFile /etc/ssl/sslforfree/sg.key SSLProxyEngine On SSLProxyCheckPeerCN Off SSLProxyCheckPeerName Off - # The ServerName directive sets the request scheme, hostname and port that - # the server uses to identify itself. This is used when creating - # redirection URLs. In the context of virtual hosts, the ServerName - # specifies what hostname must appear in the request's Host: header to - # match this virtual host. For the default virtual host (this file) this - # value is not decisive as it is used as a last resort host regardless. - # However, you must set it for any further virtual host explicitly. - #ServerName www.example.com - - #ServerAdmin webmaster@localhost - #DocumentRoot /var/www/apache2 - - # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, - # error, crit, alert, emerg. - # It is also possible to configure the loglevel for particular - # modules, e.g. - #LogLevel info ssl:warn - ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined - - # For most configuration files from conf-available/, which are - # enabled or disabled at a global level, it is possible to - # include a line for only one particular virtual host. For example the - # following line enables the CGI configuration for this host only - # after it has been globally disabled with "a2disconf". - #Include conf-available/serve-cgi-bin.conf - RequestHeader unset Accept-Encoding ProxyPreserveHost Off ProxyPass "/" "https://teletext.rtvslo.si:443/" ProxyPassReverse "/" "https://teletext.rtvslo.si:443/" AddOutputFilterByType SUBSTITUTE text/html - Substitute "s/teletext.rtvslo.si/teletekst.xn--jha.ga:2780/i" - Substitute "s/weird.function/console.log/i" - DumpIOInput Off - DumpIOOutput On - LogLevel dumpio:trace7 - LogLevel debug - + Substitute "s|teletext.rtvslo.si|teletekst.xn--jha.ga|i" + Substitute "s| usemap|' width=480 height=336 src='data:image/svg+xml,%3Csvg xmlns=http://www.w3.org/2000/svg width=480px height=336px %3E%3C/svg%3E' usemap|i" + Substitute "s/id=\"mainDisplay\" src/id=\"mainDisplay\" onload='this.src=\"/i" - -# vim: syntax=apache ts=4 sw=4 sts=4 sr noet diff --git a/nginx.conf b/nginx.conf index ff71ccc..fe2e98d 100644 --- a/nginx.conf +++ b/nginx.conf @@ -9,8 +9,8 @@ server { server { listen 0.0.0.0:443 ssl http2; listen [::]:443 ssl http2; - ssl_certificate /etc/letsencrypt/live/teletekst.xn--jha.ga/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/teletekst.xn--jha.ga/privkey.pem; + ssl_certificate /etc/ssl/certifikati/fullchain.pem; + ssl_certificate_key /etc/ssl/certifikati/privkey.pem; ssl_session_cache builtin:1000 shared:SSL:10m; ssl_prefer_server_ciphers on; add_header Strict-Transport-Security "max-age=604800"; -- cgit v1.2.3