--- /dev/null
+listen 443;
+include /etc/nginx/conf.d/ssl.conf;
+ssl_certificate /etc/nginx/x509.d/changedechaine-www-tls/crt.pem;
+ssl_certificate_key /etc/nginx/x509.d/changedechaine-www-tls/key.pem;
--- /dev/null
+hint="run before: remote/runit-configure nginx -- $site"
+assert "sudo test -f /etc/nginx/x509.d/\"$site\"/key.pem" hint
+
+sudo install -m 664 -o www -g www \
+ "$tool"/var/pub/x509/www.changedechaine.org/crt+ca.pem \
+ /etc/nginx/x509.d/"$site"/crt.pem
+
+sudo rmdir ~www-data/"$site" || true
+sudo ln -fns "${site%-tls}" ~www-data/"$site"
+
--- /dev/null
+../cdc-www/site.conf
\ No newline at end of file
--- /dev/null
+www.changedechaine.org
--- /dev/null
+server {
+ listen 80;
+ server_name
+ changedechaine.org;
+
+ return 301 http://futur.changedechaine.org$request_uri;
+ }
--- /dev/null
+listen 80;
--- /dev/null
+pool=cdc_www
+sudo adduser php_"$pool" www-"$site"
+sudo adduser www-"$site" sftp
+
+sudo rmdir ~www-data/"$site" || true
+sudo install -d -m 2750 -o root -g www-"$site" \
+ ~www-data/"$site"
+sudo install -d -m 2750 -o www-"$site" -g www-"$site" \
+ ~www-data/"$site"/etc \
+ ~www-data/"$site"/etc/ssh
+sudo install -d -m 2770 -o www-"$site" -g www-"$site" \
+ ~www-data/"$site"/www
+
+"$tool"/local/runit-sv-start mysql
+while ! sudo mysql -u root </dev/null
+do sleep 1; done
+
+"$tool"/local/mysql-user-create php_"$pool"
+"$tool"/local/mysql-database-create php_"$pool"
--- /dev/null
+server_name
+ changedechaine.heureux-cyclage.org
+ changedechaine.org
+ futur.changedechaine.org
+ www.changedechaine.org;
+root /home/www/data/cdc-www/www;
+
+rewrite /wp-admin$ $scheme://$host$uri/ permanent;
+ # Add trailing slash to */wp-admin requests.
+location = /wp-admin/ {
+ return 301 /wp-admin/index.php?$args;
+ }
+location / {
+ index index.html index.htm index.php;
+ try_files $uri $uri/ /index.php?$args;
+ }
+location ~* ^.+\.(css|gif|html|ico|jpeg|js|jpg|png|txt|xml)$ {
+ access_log off;
+ expires 30d;
+ log_not_found off;
+ }
+location ~ /\. {
+ access_log off;
+ deny all;
+ log_not_found off;
+ }
+location ~ \.php(|/.+)$ {
+ include /etc/nginx/conf.d/fastcgi.conf;
+ set $no_cache "0";
+ if ($request_method !~ ^(GET|HEAD)$) {
+ # NOTE: if non GET/HEAD, don't cache and mark user as uncacheable for 1 second via cookie.
+ set $no_cache "1";
+ }
+ if ($no_cache = "1") {
+ # NOTE: drop no cache cookie if need be (for some reason, add_header fails if included in prior if-block).
+ add_header Set-Cookie "_mcnc=1; Max-Age=2; Path=/";
+ add_header X-Microcachable "0";
+ }
+ if ($http_cookie ~* "_mcnc") {
+ # NOTE: bypass cache if no-cache cookie is set
+ set $no_cache "1";
+ }
+ fastcgi_cache_bypass $no_cache;
+ fastcgi_cache_use_stale updating;
+ fastcgi_cache_valid 200 10s;
+ fastcgi_cache_valid 404 10m;
+ fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
+ fastcgi_index index.php;
+ fastcgi_no_cache $no_cache;
+ fastcgi_param REDIRECT_STATUS 200;
+ # NOTE: PHP only, required if PHP was built with --enable-force-cgi-redirect
+ fastcgi_pass_header Cookie;
+ fastcgi_pass_header Set-Cookie;
+ fastcgi_split_path_info ^(.+\.php)(/.+)$;
+ try_files $fastcgi_script_name =404;
+ # Check for path info security issue
+
+
+ fastcgi_pass unix:/run/php5/fpm/cdc_www;
+ }
+# vim: ft=sh
+++ /dev/null
-listen 443;
-include /etc/nginx/conf.d/ssl.conf;
-ssl_certificate /etc/nginx/x509.d/changedechaine-www-tls/crt.pem;
-ssl_certificate_key /etc/nginx/x509.d/changedechaine-www-tls/key.pem;
+++ /dev/null
-hint="run before: remote/runit-configure nginx -- $site"
-assert "sudo test -f /etc/nginx/x509.d/\"$site\"/key.pem" hint
-
-sudo install -m 664 -o www -g www \
- "$tool"/var/pub/x509/www.changedechaine.org/crt+ca.pem \
- /etc/nginx/x509.d/"$site"/crt.pem
-
-sudo rmdir ~www-data/"$site" || true
-sudo ln -fns "${site%-tls}" ~www-data/"$site"
-
+++ /dev/null
-../changedechaine-www/site.conf
\ No newline at end of file
+++ /dev/null
-www.changedechaine.org
+++ /dev/null
-server {
- listen 80;
- server_name
- changedechaine.org;
-
- return 301 http://futur.changedechaine.org$request_uri;
- }
+++ /dev/null
-listen 80;
+++ /dev/null
-pool=changedechaine_www
-sudo adduser php_"$pool" www-"$site"
-sudo adduser www-"$site" sftp
-
-sudo rmdir ~www-data/"$site" || true
-sudo install -d -m 2750 -o root -g www-"$site" \
- ~www-data/"$site"
-sudo install -d -m 2750 -o www-"$site" -g www-"$site" \
- ~www-data/"$site"/etc \
- ~www-data/"$site"/etc/ssh
-sudo install -d -m 2770 -o www-"$site" -g www-"$site" \
- ~www-data/"$site"/www
-
-"$tool"/local/runit-sv-start mysql
-while ! sudo mysql -u root </dev/null
-do sleep 1; done
-
-"$tool"/local/mysql-user-create php_"$pool"
-"$tool"/local/mysql-database-create php_"$pool"
+++ /dev/null
-server_name
- changedechaine.heureux-cyclage.org
- changedechaine.org
- futur.changedechaine.org
- www.changedechaine.org;
-root /home/www/data/changedechaine-www/www;
-
-rewrite /wp-admin$ $scheme://$host$uri/ permanent;
- # Add trailing slash to */wp-admin requests.
-location = /wp-admin/ {
- return 301 /wp-admin/index.php?$args;
- }
-location / {
- index index.html index.htm index.php;
- try_files $uri $uri/ /index.php?$args;
- }
-location ~* ^.+\.(css|gif|html|ico|jpeg|js|jpg|png|txt|xml)$ {
- access_log off;
- expires 30d;
- log_not_found off;
- }
-location ~ /\. {
- access_log off;
- deny all;
- log_not_found off;
- }
-location ~ \.php(|/.+)$ {
- include /etc/nginx/conf.d/fastcgi.conf;
- set $no_cache "0";
- if ($request_method !~ ^(GET|HEAD)$) {
- # NOTE: if non GET/HEAD, don't cache and mark user as uncacheable for 1 second via cookie.
- set $no_cache "1";
- }
- if ($no_cache = "1") {
- # NOTE: drop no cache cookie if need be (for some reason, add_header fails if included in prior if-block).
- add_header Set-Cookie "_mcnc=1; Max-Age=2; Path=/";
- add_header X-Microcachable "0";
- }
- if ($http_cookie ~* "_mcnc") {
- # NOTE: bypass cache if no-cache cookie is set
- set $no_cache "1";
- }
- fastcgi_cache_bypass $no_cache;
- fastcgi_cache_use_stale updating;
- fastcgi_cache_valid 200 10s;
- fastcgi_cache_valid 404 10m;
- fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
- fastcgi_index index.php;
- fastcgi_no_cache $no_cache;
- fastcgi_param REDIRECT_STATUS 200;
- # NOTE: PHP only, required if PHP was built with --enable-force-cgi-redirect
- fastcgi_pass_header Cookie;
- fastcgi_pass_header Set-Cookie;
- fastcgi_split_path_info ^(.+\.php)(/.+)$;
- try_files $fastcgi_script_name =404;
- # Check for path info security issue
-
-
- fastcgi_pass unix:/run/php5/fpm/changedechaine_www;
- }
-# vim: ft=sh