From 3af01bed85d62088c3d188741c10ed7af7a6ec27 Mon Sep 17 00:00:00 2001
From: Tim Abbott <tabbott@mit.edu>
Date: Sun, 14 Aug 2016 11:02:48 -0700
Subject: [PATCH] puppet: Simplify zulip_ops nginx configuration.

Whatever dist/ functionality this had in 2014 is now served by
zulip.org, and since this serves as a sample, it should be as simple
as possible.

Previously, this was more cluttered than it needed to be.
---
 .../zulip_ops/files/nginx/sites-available/zulip   | 15 ++++-----------
 1 file changed, 4 insertions(+), 11 deletions(-)

diff --git a/puppet/zulip_ops/files/nginx/sites-available/zulip b/puppet/zulip_ops/files/nginx/sites-available/zulip
index ae176fdf5a..c9d95553c7 100644
--- a/puppet/zulip_ops/files/nginx/sites-available/zulip
+++ b/puppet/zulip_ops/files/nginx/sites-available/zulip
@@ -3,21 +3,14 @@ include /etc/nginx/zulip-include/upstreams;
 server {
     listen 443;
 
+    # While a proper wildcard cert is recommended, because nginx
+    # doesn't actually check SSL certificates when reverse proxying
+    # :(, one can get away with a snake-oil cert if one wants.
     ssl on;
-
     ssl_certificate /etc/ssl/certs/wildcard-zulipchat.com.combined-chain.crt;
     ssl_certificate_key /etc/ssl/private/wildcard-zulipchat.com.key;
 
-    # We don't actually have an SSL cert for zulipchat.com on this
-    # machine, but that's okay since clients will never be accessing
-    # this host directly.
-    server_name zulipchat.com;
-
-    # Downloadable software
-    location /dist/ {
-        autoindex on;
-        alias /srv/www/dist/;
-    }
+    server_name zulipchat.com *.zulipchat.com;
 
     include /etc/nginx/zulip-include/app;
 }