paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-12 18:06:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
aa7df21265fea8bcd68af585c985d6fb8fe751fd
zulip/puppet/zulip_ops/files/nginx/sites-available/loadbalancer
Tim Abbott 7c2c82b190 nginx: Update nginx configuration for fhir/hl7 organization. 
We should eventually add templating for the set of hosts here, but
it's worth merging this change to remove the deleted hostname and
replace it with the current one.
2020-10-13 16:50:26 -07:00

157 lines
4.2 KiB
Plaintext
Raw Blame History

upstream staging {
server staging0.zulipchat.net:443;
keepalive 10000;
}
upstream prod {
server prod0.zulipchat.net:443;
keepalive 10000;
}
server {
listen 80;
location / {
return 301 https://$host$request_uri;
}
include /etc/nginx/zulip-include/certbot;
}
server {
listen www.zulipstaging.com:443 http2;
server_name www.zulipstaging.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/zulipchat.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/zulipchat.com/privkey.pem;
location / {
return 301 https://zulipstaging.com$request_uri;
}
include /etc/nginx/zulip-include/certbot;
}
server {
# The listen needs to be `www.zulipstaging.com` since bare zulipstaging.com
# is not a CNAME and thus has the public IP inside EC2
listen www.zulipstaging.com:443 http2;
server_name zulipstaging.com *.zulipstaging.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/zulipchat.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/zulipchat.com/privkey.pem;
location / {
proxy_pass https://staging/;
include /etc/nginx/zulip-include/proxy;
}
# We don't need /api/v1/events/internal, because that doesn't go through the loadbalancer.
location /json/events {
proxy_pass https://staging;
include /etc/nginx/zulip-include/proxy_longpolling;
}
location /api/v1/events {
proxy_pass https://staging;
include /etc/nginx/zulip-include/proxy_longpolling;
}
include /etc/nginx/zulip-include/certbot;
}
server {
# The listen needs to be `www.zulipchat.com` since bare zulipchat.com
# is not a CNAME and thus has the public IP inside EC2
listen www.zulipchat.com:443 http2;
server_name www.zulipchat.com zulipchat.com www.zulip.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/zulipchat.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/zulipchat.com/privkey.pem;
location / {
return 301 https://zulip.com$request_uri;
}
location /static {
# The app loads static files from https://zulipchat.com/static,
# so skip the redirect for those.
proxy_pass https://prod;
include /etc/nginx/zulip-include/proxy;
}
include /etc/nginx/zulip-include/certbot;
}
server {
# The listen needs to be `www.zulipchat.com` since bare zulipchat.com
# is not a CNAME and thus has the public IP inside EC2
listen www.zulipchat.com:443 default_server http2;
server_name *.zulipchat.com zulip.com *.zulip.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/zulipchat.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/zulipchat.com/privkey.pem;
location / {
proxy_pass https://prod;
include /etc/nginx/zulip-include/proxy;
}
location /json/events {
proxy_pass https://prod;
include /etc/nginx/zulip-include/proxy_longpolling;
}
location /api/v1/events {
proxy_pass https://prod;
include /etc/nginx/zulip-include/proxy_longpolling;
}
include /etc/nginx/zulip-include/certbot;
}
server {
listen chat.fhir.org:443 http2;
server_name chat.fhir.org;
ssl_certificate /etc/letsencrypt/live/chat.fhir.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/chat.fhir.org/privkey.pem;
location / {
proxy_pass https://prod;
include /etc/nginx/zulip-include/proxy;
}
location /json/events {
proxy_pass https://prod;
include /etc/nginx/zulip-include/proxy_longpolling;
}
location /api/v1/events {
proxy_pass https://prod;
include /etc/nginx/zulip-include/proxy_longpolling;
}
include /etc/nginx/zulip-include/certbot;
}
server {
listen uploads.zulipusercontent.net:443 http2;
server_name uploads.zulipusercontent.net;
ssl on;
ssl_certificate /etc/letsencrypt/live/uploads.zulipusercontent.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/uploads.zulipusercontent.net/privkey.pem;
location / {
proxy_pass http://127.0.0.1:9292;
include /etc/nginx/zulip-include/proxy;
}
include /etc/nginx/zulip-include/certbot;
}
Reference in New Issue View Git Blame Copy Permalink