From 08555a451ce82858163914cb1202c775a444b3f4 Mon Sep 17 00:00:00 2001
From: Christian Elberfeld <elberfeld@web.de>
Date: Thu, 3 Nov 2022 01:08:01 +0100
Subject: [PATCH] removed old nginx config

---
 common/nginx/handlers/main.yml             |  6 ---
 common/nginx/includes/_ssl_common_settings |  9 ----
 common/nginx/includes/esphome.warpzone     | 13 -----
 common/nginx/includes/infra.warpzone       | 12 -----
 common/nginx/includes/ldap.warpzone        | 13 -----
 common/nginx/includes/unifi.warpone        |  4 --
 common/nginx/tasks/config_site.yml         | 24 ---------
 common/nginx/tasks/main.yml                | 49 ------------------
 common/nginx/templates/letsencrypt.sh      |  5 --
 common/nginx/templates/nginx-matrix        | 18 -------
 common/nginx/templates/nginx-site          | 59 ----------------------
 common/nginx/templates/nginx-status        | 24 ---------
 common/nginx/templates/telegraf.conf       | 24 ---------
 13 files changed, 260 deletions(-)
 delete mode 100644 common/nginx/handlers/main.yml
 delete mode 100644 common/nginx/includes/_ssl_common_settings
 delete mode 100644 common/nginx/includes/esphome.warpzone
 delete mode 100644 common/nginx/includes/infra.warpzone
 delete mode 100644 common/nginx/includes/ldap.warpzone
 delete mode 100644 common/nginx/includes/unifi.warpone
 delete mode 100644 common/nginx/tasks/config_site.yml
 delete mode 100644 common/nginx/tasks/main.yml
 delete mode 100644 common/nginx/templates/letsencrypt.sh
 delete mode 100644 common/nginx/templates/nginx-matrix
 delete mode 100644 common/nginx/templates/nginx-site
 delete mode 100644 common/nginx/templates/nginx-status
 delete mode 100644 common/nginx/templates/telegraf.conf

diff --git a/common/nginx/handlers/main.yml b/common/nginx/handlers/main.yml
deleted file mode 100644
index 7217c0ff..00000000
--- a/common/nginx/handlers/main.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- name: restart nginx
-  service: name=nginx state=restarted
-
-- name: restart telegraf
-  service: name=telegraf state=restarted
diff --git a/common/nginx/includes/_ssl_common_settings b/common/nginx/includes/_ssl_common_settings
deleted file mode 100644
index 247d5608..00000000
--- a/common/nginx/includes/_ssl_common_settings
+++ /dev/null
@@ -1,9 +0,0 @@
-
-	ssl_session_cache shared:SSL:5m;
-	ssl_session_timeout 5m;
-	
-	add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
-	ssl_protocols TLSv1.2;
-	ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;	
-	ssl_prefer_server_ciphers on;   
-    
\ No newline at end of file
diff --git a/common/nginx/includes/esphome.warpzone b/common/nginx/includes/esphome.warpzone
deleted file mode 100644
index a7771cd6..00000000
--- a/common/nginx/includes/esphome.warpzone
+++ /dev/null
@@ -1,13 +0,0 @@
-
-
-
-    location /  {
-        	proxy_set_header        Host $host;
-        	proxy_set_header        X-Real-IP $remote_addr;
-
-	        proxy_pass      http://127.0.0.1:42006/;
-        	proxy_redirect  off;
-
-    }
-
-
diff --git a/common/nginx/includes/infra.warpzone b/common/nginx/includes/infra.warpzone
deleted file mode 100644
index 040c4565..00000000
--- a/common/nginx/includes/infra.warpzone
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
-    location /static {
-        alias /tmp/warpinfra/static; # your Django project's static files - amend as required
-    }
-
-    location / {
-        uwsgi_pass  unix:///tmp/warpinfra/warpinfra.sock; 
-        include     /etc/nginx/uwsgi_params; # the uwsgi_params file you installed
-    }
-
-
diff --git a/common/nginx/includes/ldap.warpzone b/common/nginx/includes/ldap.warpzone
deleted file mode 100644
index d37146d7..00000000
--- a/common/nginx/includes/ldap.warpzone
+++ /dev/null
@@ -1,13 +0,0 @@
-
-
-
-    location /  {
-        	proxy_set_header        Host $host;
-        	proxy_set_header        X-Real-IP $remote_addr;
-
-	        proxy_pass      http://127.0.0.1:42004/;
-        	proxy_redirect  off;
-
-    }
-
-
diff --git a/common/nginx/includes/unifi.warpone b/common/nginx/includes/unifi.warpone
deleted file mode 100644
index d266449e..00000000
--- a/common/nginx/includes/unifi.warpone
+++ /dev/null
@@ -1,4 +0,0 @@
-
-    location / {
-      rewrite     ^(.*)   https://warpsrvint:8443$1;
-    }
diff --git a/common/nginx/tasks/config_site.yml b/common/nginx/tasks/config_site.yml
deleted file mode 100644
index 1dd25b6b..00000000
--- a/common/nginx/tasks/config_site.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-
-# Konfiguration einer nginx-site 
-# {{ item }} enthält den vollständigen Domänennamen 
-# Falls erforderlich wird das Zertifikat über Letsencrypt geholt 
-
-- name: Check if cert already exists for {{ item }} 
-  stat:
-    path: /etc/letsencrypt/live/{{ item }}/privkey.pem
-  register: cert
-  when: webserver_ssl == true
-
-- name: Stop nginx
-  service: name=nginx state=stopped
-  notify: restart nginx
-  when: webserver_ssl == true and cert.stat.exists == False 
-
-- name: Get Certificate for {{ item }} via Certbot
-  command: "certbot certonly --non-interactive --agree-tos --standalone -m {{ letsencrypt_mail }} -w /var/www/html/  -d {{ item }}"
-  when: webserver_ssl == true and cert.stat.exists == False 
-
-- name: Create nginx config for {{ item }}
-  template: src=nginx-site dest=/etc/nginx/sites-enabled/{{ item }}
-  notify: restart nginx
-
diff --git a/common/nginx/tasks/main.yml b/common/nginx/tasks/main.yml
deleted file mode 100644
index 4afb9d88..00000000
--- a/common/nginx/tasks/main.yml
+++ /dev/null
@@ -1,49 +0,0 @@
-# Pakete installieren
-- name: nginx installieren
-  apt:
-    name: "{{ packages }}"
-    update_cache: yes
-    state: present
-  vars:
-    packages:
-    - nginx-light
-
-# Pakete installieren (SSL)
-- name: openssl and certbot installieren
-  apt:
-    name: "{{ packages }}"
-    update_cache: yes
-    state: present
-  vars:
-    packages:
-    - ca-certificates 
-    - openssl
-    - certbot
-  when: webserver_ssl == true
-
-# DH Parameter erzeugen 
-- name: check if DH Params exists 
-  stat:
-    path: /etc/nginx/dhparams.pem
-  register: dhparams
-  when: webserver_ssl == true
-
-
-- name: generate new DH Params 
-  command: openssl dhparam -out /etc/nginx/dhparams.pem 2048
-  when: webserver_ssl == true and dhparams.stat.exists == False 
-
-
-# NginX einrichten 
-- name: nginx default Konfig entfernen 
-  file: 
-    path: /etc/nginx/sites-enabled/default 
-    state: absent
-
-
-# nginx konfigurieren 
-- include: config_site.yml
-  with_items:
-    - "{{ webserver_domains }}"
- 
-
diff --git a/common/nginx/templates/letsencrypt.sh b/common/nginx/templates/letsencrypt.sh
deleted file mode 100644
index 57dd5ed3..00000000
--- a/common/nginx/templates/letsencrypt.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/bash
-
-{% for domain in webserver_domains %}
-certbot certonly --non-interactive --agree-tos --webroot -m {{ letsencrypt_mail }} -w /var/www/html/  -d {{ domain }}
-{% endfor %}
diff --git a/common/nginx/templates/nginx-matrix b/common/nginx/templates/nginx-matrix
deleted file mode 100644
index e655afe7..00000000
--- a/common/nginx/templates/nginx-matrix
+++ /dev/null
@@ -1,18 +0,0 @@
-
-server {
-    listen 8448 ssl http2;
-    listen [::]:8448 ssl http2;
-
-	ssl_certificate /etc/letsencrypt/live/matrix.warpzone.ms/fullchain.pem;
-	ssl_certificate_key /etc/letsencrypt/live/matrix.warpzone.ms/privkey.pem;
-	ssl_dhparam /etc/nginx/dhparams.pem;
-
-  	{% include "includes/_ssl_common_settings" %}
-
-    server_name matrix.warpzone.ms;
-
-    location / {
-        proxy_pass http://127.0.0.1:18448;
-        proxy_set_header X-Forwarded-For $remote_addr;
-    }
-}
diff --git a/common/nginx/templates/nginx-site b/common/nginx/templates/nginx-site
deleted file mode 100644
index 1a6b4df3..00000000
--- a/common/nginx/templates/nginx-site
+++ /dev/null
@@ -1,59 +0,0 @@
-
-
-map $http_upgrade $connection_upgrade {
-        default upgrade;
-        ''      close;
-}
-
-server {
-
-	listen 80;
-	listen [::]:80;
-
-	server_name {{ item }};
-	root /dev/null;
-	index index.html;
-
-    {% if webserver_ssl == true %}
-
-	location /.well-known/acme-challenge/ {
-		root /var/www/html/;
-	}
-
-    location / {
-        	rewrite     ^(.*)   https://{{ item }}$1 permanent;
-  	}
-	  
-	{% else %}
-
-  	{% include "includes/" + item ignore missing %}
-
-    {% endif %}
-}
-
-{% if webserver_ssl == true %}
-
-server {
-
-	listen 443 ssl http2;
- 	listen [::]:443 ssl http2;
-
-	ssl_certificate /etc/letsencrypt/live/{{ item }}/fullchain.pem;
-	ssl_certificate_key /etc/letsencrypt/live/{{ item }}/privkey.pem;
-	ssl_dhparam /etc/nginx/dhparams.pem;
-
-  	{% include "includes/_ssl_common_settings" %}
-
-	server_name {{ item }};
-	root /dev/null;
-	index index.html;
-
-	location /.well-known/acme-challenge/ {
-		root /var/www/html/;
-	}
-
-  	{% include "includes/" + item ignore missing %}
-	
-}
-
-{% endif %}
diff --git a/common/nginx/templates/nginx-status b/common/nginx/templates/nginx-status
deleted file mode 100644
index 7bc3c674..00000000
--- a/common/nginx/templates/nginx-status
+++ /dev/null
@@ -1,24 +0,0 @@
-
-
-server {
-
-  listen 9145;
-
-  location /status {
-
-        # Turn on nginx stats
-        stub_status on;
-
-        # I do not need logs for stats
-        access_log   off;
-
-        # Security: Only allow access from 
-        allow 127.0.0.1;
-   
-        # Send rest of the world to /dev/null #
-        deny all;
-        
-  }
-  
-}
-
diff --git a/common/nginx/templates/telegraf.conf b/common/nginx/templates/telegraf.conf
deleted file mode 100644
index 34894dd3..00000000
--- a/common/nginx/templates/telegraf.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-
-# Read Nginx's basic status information (ngx_http_stub_status_module)
-[[inputs.nginx]]
-  ## An array of Nginx stub_status URI to gather stats.
-  urls = ["http://127.0.0.1:9145/status"]
-
-  ## Optional TLS Config
-  # tls_ca = "/etc/telegraf/ca.pem"
-  # tls_cert = "/etc/telegraf/cert.pem"
-  # tls_key = "/etc/telegraf/key.pem"
-  ## Use TLS but skip chain & host verification
-  # insecure_skip_verify = false
-
-  ## HTTP response timeout (default: 5s)
-  response_timeout = "5s"
-
-
-#[[inputs.logparser]]
-#  files = ["/var/log/nginx/access.log"]
-#  from_beginning = true
-#  name_override = "nginx_access_log"
-#  [inputs.logparser.grok]
-#    patterns = ["%{COMBINED_LOG_FORMAT}"]
-
-- 
GitLab