added https parts site, video site, fixed modsecurity

2022-04-12 01:15:51 -04:00
parent 232b28a647
commit 9fbe473e3c
22 changed files with 193 additions and 246 deletions
--- a/ansible/roles/http/templates/nginx/sites/video.bdebyl.net.conf.j2
+++ b/ansible/roles/http/templates/nginx/sites/video.bdebyl.net.conf.j2
@@ -0,0 +1,24 @@
+upstream shinobi {
+  server 127.0.0.1:8085;
+}
+
+server {
+  modsecurity on;
+  modsecurity_rules_file {{ nginx_path }}/modsec_includes.conf;
+
+  listen 80;
+  server_name {{ video_server_name }};
+
+  location / {
+    allow 192.168.1.0/24;
+    allow 127.0.0.1;
+    deny all;
+
+    proxy_set_header X-Forwarded-For $remote_addr;
+    proxy_set_header Upgrade         $http_upgrade;
+    proxy_set_header Connection      $connection_upgrade;
+
+    proxy_buffering off;
+    proxy_pass http://shinobi;
+  }
+}