From a4e5c20193da0ab41621d8d2060f4631e4109e6a Mon Sep 17 00:00:00 2001 From: Kevin Midboe Date: Fri, 10 Nov 2023 21:50:13 +0100 Subject: [PATCH 1/4] Replaced all instances of add_header with more_set_headers --- sites-available/000-default.conf | 2 +- sites-available/adtech.conf | 2 +- sites-available/blockchain.conf | 4 ++-- sites-available/blog.conf | 4 ++-- sites-available/brewpi.conf | 14 +++++++------- sites-available/castdeck.conf | 8 ++++---- sites-available/drone.conf | 2 +- sites-available/elastic.conf | 8 ++++---- sites-available/fjordmap.conf | 6 +++--- sites-available/gitea.conf | 2 +- sites-available/grafana.conf | 2 +- sites-available/headscale.conf | 2 +- sites-available/hitler.conf | 6 +++--- sites-available/hiveMonitor.conf | 2 +- sites-available/k9ee.conf | 2 +- sites-available/kevinmidboe.conf | 2 +- sites-available/leifsopplevelser.conf | 2 +- sites-available/lottis.conf | 8 ++++---- sites-available/maps.conf | 2 +- sites-available/memestream.conf | 2 +- sites-available/mondrian.conf | 2 +- sites-available/planetposen.conf | 2 +- sites-available/plex.conf | 2 +- sites-available/proxy.conf | 6 +++--- sites-available/request.conf | 2 +- sites-available/ruterna.conf | 6 +++--- sites-available/schleppecloud.conf | 2 +- sites-available/wagovipps.conf | 8 ++++---- sites-available/warden.conf | 2 +- 29 files changed, 57 insertions(+), 57 deletions(-) diff --git a/sites-available/000-default.conf b/sites-available/000-default.conf index 7e5f634..d7c4d3c 100644 --- a/sites-available/000-default.conf +++ b/sites-available/000-default.conf @@ -56,7 +56,7 @@ server { # listen 80 default_server; # listen [::]:80 default_server; # server_name planetposen.no *.leifsopplevelser.no ruterna.no *.kevinmidboe.com kevinmidboe.com knowit.vin seasoned.show request.movie *.schleppe.cloud *.k9e.no; -# add_header Upgrading Connection; +# more_set_headers Upgrading Connection; # return 302 https://$host$request_uri; #} diff --git a/sites-available/adtech.conf b/sites-available/adtech.conf index 13e1f05..5a24d7c 100644 --- a/sites-available/adtech.conf +++ b/sites-available/adtech.conf @@ -5,7 +5,7 @@ server { server_name adtech.schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } diff --git a/sites-available/blockchain.conf b/sites-available/blockchain.conf index ace0181..df53e2f 100644 --- a/sites-available/blockchain.conf +++ b/sites-available/blockchain.conf @@ -5,7 +5,7 @@ server { server_name blockchain.schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } @@ -23,4 +23,4 @@ server { ssl_certificate /etc/letsencrypt/live/blockchain.schleppe.cloud/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/blockchain.schleppe.cloud/privkey.pem; # managed by Certbot -} \ No newline at end of file +} diff --git a/sites-available/blog.conf b/sites-available/blog.conf index 18c3c6d..85364bc 100644 --- a/sites-available/blog.conf +++ b/sites-available/blog.conf @@ -5,7 +5,7 @@ server { server_name blog.kevinmidboe.com; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } @@ -26,4 +26,4 @@ server { ssl_certificate /etc/letsencrypt/live/blog.kevinmidboe.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/blog.kevinmidboe.com/privkey.pem; # managed by Certbot -} \ No newline at end of file +} diff --git a/sites-available/brewpi.conf b/sites-available/brewpi.conf index e68cf4f..95ea3e8 100644 --- a/sites-available/brewpi.conf +++ b/sites-available/brewpi.conf @@ -5,7 +5,7 @@ server { server_name brew.schleppe.cloud beer.schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } @@ -24,9 +24,9 @@ server { resolver 10.0.0.72; proxy_pass http://brewpi.schleppe:8080; - add_header 'Access-Control-Allow-Origin' 'brewpi.schleppe.cloud beer.schleppe.cloud'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - add_header 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Origin' 'brewpi.schleppe.cloud beer.schleppe.cloud'; + more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; @@ -53,9 +53,9 @@ server { resolver 10.0.0.72; proxy_pass http://brewpi.schleppe:8080; - add_header 'Access-Control-Allow-Origin' 'brewpi.schleppe.cloud beer.schleppe.cloud'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - add_header 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Origin' 'brewpi.schleppe.cloud beer.schleppe.cloud'; + more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; diff --git a/sites-available/castdeck.conf b/sites-available/castdeck.conf index 2cc70e7..a2da29e 100644 --- a/sites-available/castdeck.conf +++ b/sites-available/castdeck.conf @@ -5,7 +5,7 @@ server { server_name castdeck.schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } @@ -24,9 +24,9 @@ server { resolver 10.0.0.72; proxy_pass http://castdeck.schleppe:80; - add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - add_header 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Origin' '*'; + more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; proxy_set_header Host $host; } diff --git a/sites-available/drone.conf b/sites-available/drone.conf index cce6b36..f33301f 100644 --- a/sites-available/drone.conf +++ b/sites-available/drone.conf @@ -5,7 +5,7 @@ server { server_name drone.schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } diff --git a/sites-available/elastic.conf b/sites-available/elastic.conf index 5af49cb..7c717c0 100644 --- a/sites-available/elastic.conf +++ b/sites-available/elastic.conf @@ -15,7 +15,7 @@ server { server_name kibana.schleppe.cloud elastic.schleppe.cloud es.schleppe.cloud elastic.keivnmidboe.com; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } @@ -44,7 +44,7 @@ server { resolver 10.0.0.72; proxy_pass https://elastic; - add_header X-Upstream $upstream_addr always; + more_set_headers X-Upstream $upstream_addr always; } ssl_certificate /etc/letsencrypt/live/elastic.schleppe.cloud-0001/fullchain.pem; # managed by Certbot @@ -62,7 +62,7 @@ server { resolver 10.0.0.72; proxy_pass http://elastic; - add_header X-Upstream $upstream_addr always; + more_set_headers X-Upstream $upstream_addr always; } ssl_certificate /etc/letsencrypt/live/elastic.schleppe.cloud/fullchain.pem; # managed by Certbot @@ -80,7 +80,7 @@ server { resolver 10.0.0.72; proxy_pass http://elastic; - add_header X-Upstream $upstream_addr always; + more_set_headers X-Upstream $upstream_addr always; } ssl_certificate /etc/letsencrypt/live/elastic.kevinmidboe.com-0001/fullchain.pem; # managed by Certbot diff --git a/sites-available/fjordmap.conf b/sites-available/fjordmap.conf index 2da2155..e0645f1 100644 --- a/sites-available/fjordmap.conf +++ b/sites-available/fjordmap.conf @@ -13,9 +13,9 @@ server { location / { proxy_http_version 1.1; - add_header 'Access-Control-Allow-Origin' 'fjordmap.schleppe.cloud'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - add_header 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Origin' 'fjordmap.schleppe.cloud'; + more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; diff --git a/sites-available/gitea.conf b/sites-available/gitea.conf index 231be57..c0d2fed 100644 --- a/sites-available/gitea.conf +++ b/sites-available/gitea.conf @@ -5,7 +5,7 @@ server { server_name git.schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } diff --git a/sites-available/grafana.conf b/sites-available/grafana.conf index d00851e..7155c4f 100644 --- a/sites-available/grafana.conf +++ b/sites-available/grafana.conf @@ -14,7 +14,7 @@ server { server_name grafana.schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } diff --git a/sites-available/headscale.conf b/sites-available/headscale.conf index addd4d4..2e817be 100644 --- a/sites-available/headscale.conf +++ b/sites-available/headscale.conf @@ -26,6 +26,6 @@ server { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; - add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always; + more_set_headers Strict-Transport-Security "max-age=15552000; includeSubDomains" always; } } diff --git a/sites-available/hitler.conf b/sites-available/hitler.conf index 183e385..fe2a5bf 100644 --- a/sites-available/hitler.conf +++ b/sites-available/hitler.conf @@ -11,9 +11,9 @@ server { location / { proxy_http_version 1.1; - add_header 'Access-Control-Allow-Origin' 'hitler.kevinmidboe.com'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - add_header 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Origin' 'hitler.kevinmidboe.com'; + more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; diff --git a/sites-available/hiveMonitor.conf b/sites-available/hiveMonitor.conf index a87f315..275a93d 100644 --- a/sites-available/hiveMonitor.conf +++ b/sites-available/hiveMonitor.conf @@ -11,7 +11,7 @@ server { server_name hive.schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } diff --git a/sites-available/k9ee.conf b/sites-available/k9ee.conf index a5d15dc..c6898dc 100644 --- a/sites-available/k9ee.conf +++ b/sites-available/k9ee.conf @@ -14,7 +14,7 @@ server { resolver 10.0.0.72; proxy_http_version 1.1; - add_header Proxy Bifrost; + more_set_headers Proxy Bifrost; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; diff --git a/sites-available/kevinmidboe.conf b/sites-available/kevinmidboe.conf index 8de63ba..60c6c0d 100644 --- a/sites-available/kevinmidboe.conf +++ b/sites-available/kevinmidboe.conf @@ -5,7 +5,7 @@ server { server_name kevinmidboe.com; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } diff --git a/sites-available/leifsopplevelser.conf b/sites-available/leifsopplevelser.conf index 61bfee5..c6c49a7 100644 --- a/sites-available/leifsopplevelser.conf +++ b/sites-available/leifsopplevelser.conf @@ -8,7 +8,7 @@ server { server_name *.leifsopplevelser.no leifsopplevelser.no; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } diff --git a/sites-available/lottis.conf b/sites-available/lottis.conf index 987e4e6..6fe0833 100644 --- a/sites-available/lottis.conf +++ b/sites-available/lottis.conf @@ -17,7 +17,7 @@ server { server_name .lottis.vin .vinlottis.no aller.vin knowit.vin; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } @@ -137,7 +137,7 @@ server { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; - add_header 'Access-Control-Allow-Headers' 'Content-Type, vinlottis-admin'; + more_set_headers 'Access-Control-Allow-Headers' 'Content-Type, vinlottis-admin'; } ssl_certificate /etc/letsencrypt/live/aller.lottis.vin/fullchain.pem; # managed by Certbot @@ -161,7 +161,7 @@ server { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; - add_header 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; } ssl_certificate /etc/letsencrypt/live/aller.vin/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/aller.vin/privkey.pem; # managed by Certbot @@ -195,4 +195,4 @@ server { ssl_certificate_key /etc/letsencrypt/live/beta.lottis.vin/privkey.pem; # managed by Certbot } # Beta end -# - - - - - - - - \ No newline at end of file +# - - - - - - - - diff --git a/sites-available/maps.conf b/sites-available/maps.conf index da21c73..f5ae3a3 100644 --- a/sites-available/maps.conf +++ b/sites-available/maps.conf @@ -5,7 +5,7 @@ server { server_name maps.schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } diff --git a/sites-available/memestream.conf b/sites-available/memestream.conf index 5b417af..ae17dc8 100644 --- a/sites-available/memestream.conf +++ b/sites-available/memestream.conf @@ -5,7 +5,7 @@ server { server_name memestream.schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } diff --git a/sites-available/mondrian.conf b/sites-available/mondrian.conf index 4ec6922..667517f 100644 --- a/sites-available/mondrian.conf +++ b/sites-available/mondrian.conf @@ -5,7 +5,7 @@ server { server_name mondrian.schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } diff --git a/sites-available/planetposen.conf b/sites-available/planetposen.conf index 2476289..d3efe09 100644 --- a/sites-available/planetposen.conf +++ b/sites-available/planetposen.conf @@ -77,7 +77,7 @@ server { resolver 10.0.0.72; proxy_pass http://planetposen-backend/api; -# add_header 'Access-Control-Allow-Origin' 'planet.schleppe.cloud'; +# more_set_headers 'Access-Control-Allow-Origin' 'planet.schleppe.cloud'; more_set_headers 'Access-Control-Allow-Origin *'; more_set_headers 'Access-Control-Allow-Methods GET, POST, OPTIONS'; more_set_headers 'Access-Control-Allow-Headers Content-Type'; diff --git a/sites-available/plex.conf b/sites-available/plex.conf index 1ce1102..c65606e 100644 --- a/sites-available/plex.conf +++ b/sites-available/plex.conf @@ -5,7 +5,7 @@ server { server_name sonarr.schleppe.cloud tau.schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } diff --git a/sites-available/proxy.conf b/sites-available/proxy.conf index e01dfc4..f4ddc3a 100644 --- a/sites-available/proxy.conf +++ b/sites-available/proxy.conf @@ -7,9 +7,9 @@ server { location / { proxy_http_version 1.1; - add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - add_header 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Origin' '*'; + more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; diff --git a/sites-available/request.conf b/sites-available/request.conf index 8636b55..a17c19b 100644 --- a/sites-available/request.conf +++ b/sites-available/request.conf @@ -5,7 +5,7 @@ server { server_name .request.movie; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } diff --git a/sites-available/ruterna.conf b/sites-available/ruterna.conf index e5f9fd8..c40e820 100644 --- a/sites-available/ruterna.conf +++ b/sites-available/ruterna.conf @@ -7,9 +7,9 @@ server { location / { proxy_http_version 1.1; - add_header 'Access-Control-Allow-Origin' 'lottis.vin'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - add_header 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Origin' 'lottis.vin'; + more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; diff --git a/sites-available/schleppecloud.conf b/sites-available/schleppecloud.conf index 127acbb..20aa436 100644 --- a/sites-available/schleppecloud.conf +++ b/sites-available/schleppecloud.conf @@ -5,7 +5,7 @@ server { server_name schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } diff --git a/sites-available/wagovipps.conf b/sites-available/wagovipps.conf index ce4f8b8..aeded6b 100644 --- a/sites-available/wagovipps.conf +++ b/sites-available/wagovipps.conf @@ -5,7 +5,7 @@ server { server_name wagovipps.schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } @@ -25,10 +25,10 @@ server { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; - add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, OPTIONS'; - add_header 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, PUT, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; } ssl_certificate /etc/letsencrypt/live/wagovipps.schleppe.cloud/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/wagovipps.schleppe.cloud/privkey.pem; # managed by Certbot -} \ No newline at end of file +} diff --git a/sites-available/warden.conf b/sites-available/warden.conf index 12461aa..65e8e58 100644 --- a/sites-available/warden.conf +++ b/sites-available/warden.conf @@ -5,7 +5,7 @@ server { server_name warden.schleppe.cloud; - add_header Upgrading Connection; + more_set_headers Upgrading Connection; return 302 https://$host$request_uri; } From 3eeecbfcfed2f2ef1a8212cd774fc5986132434d Mon Sep 17 00:00:00 2001 From: Kevin Midboe Date: Fri, 10 Nov 2023 22:18:02 +0100 Subject: [PATCH 2/4] Updated all more_set_header statements with 'KEY: value1 value2' syntax --- nginx.conf | 2 +- sites-available/000-default.conf | 4 ++-- sites-available/adtech.conf | 2 +- sites-available/blockchain.conf | 2 +- sites-available/blog.conf | 2 +- sites-available/brewpi.conf | 14 +++++++------- sites-available/castdeck.conf | 8 ++++---- sites-available/drone.conf | 2 +- sites-available/elastic.conf | 8 ++++---- sites-available/fjordmap.conf | 6 +++--- sites-available/gitea.conf | 2 +- sites-available/grafana.conf | 2 +- sites-available/headscale.conf | 2 +- sites-available/hitler.conf | 6 +++--- sites-available/hiveMonitor.conf | 2 +- sites-available/kevinmidboe.conf | 2 +- sites-available/leifsopplevelser.conf | 2 +- sites-available/lottis.conf | 6 +++--- sites-available/maps.conf | 2 +- sites-available/memestream.conf | 2 +- sites-available/mondrian.conf | 2 +- sites-available/planetposen.conf | 20 ++++++++++---------- sites-available/plex.conf | 2 +- sites-available/proxy.conf | 6 +++--- sites-available/request.conf | 2 +- sites-available/ruterna.conf | 6 +++--- sites-available/schleppecloud.conf | 2 +- sites-available/wagovipps.conf | 6 +++--- sites-available/warden.conf | 2 +- snippets/proxy-params.conf | 2 +- 30 files changed, 64 insertions(+), 64 deletions(-) diff --git a/nginx.conf b/nginx.conf index 0d02224..1b96ba3 100644 --- a/nginx.conf +++ b/nginx.conf @@ -35,7 +35,7 @@ http { # Headers # ################## - more_set_headers 'X-Web-Entry Bifrost'; + more_set_headers 'X-Web-Entry: Bifrost'; ################## # SSL settings # diff --git a/sites-available/000-default.conf b/sites-available/000-default.conf index d7c4d3c..02f6157 100644 --- a/sites-available/000-default.conf +++ b/sites-available/000-default.conf @@ -10,8 +10,8 @@ server { server_name _; - more_set_headers 'X-Dead-End true'; - more_set_headers 'Content-Type text/plain'; + more_set_headers 'X-Dead-End: true'; + more_set_headers 'Content-Type: text/plain'; return 200 ok; } diff --git a/sites-available/adtech.conf b/sites-available/adtech.conf index 5a24d7c..2d8cb97 100644 --- a/sites-available/adtech.conf +++ b/sites-available/adtech.conf @@ -5,7 +5,7 @@ server { server_name adtech.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers 'Upgrading: Connection'; return 302 https://$host$request_uri; } diff --git a/sites-available/blockchain.conf b/sites-available/blockchain.conf index df53e2f..9788a44 100644 --- a/sites-available/blockchain.conf +++ b/sites-available/blockchain.conf @@ -5,7 +5,7 @@ server { server_name blockchain.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers 'Upgrading: Connection'; return 302 https://$host$request_uri; } diff --git a/sites-available/blog.conf b/sites-available/blog.conf index 85364bc..81dd745 100644 --- a/sites-available/blog.conf +++ b/sites-available/blog.conf @@ -5,7 +5,7 @@ server { server_name blog.kevinmidboe.com; - more_set_headers Upgrading Connection; + more_set_headers 'Upgrading: Connection'; return 302 https://$host$request_uri; } diff --git a/sites-available/brewpi.conf b/sites-available/brewpi.conf index 95ea3e8..b38160a 100644 --- a/sites-available/brewpi.conf +++ b/sites-available/brewpi.conf @@ -5,7 +5,7 @@ server { server_name brew.schleppe.cloud beer.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers 'Upgrading: Connection'; return 302 https://$host$request_uri; } @@ -24,9 +24,9 @@ server { resolver 10.0.0.72; proxy_pass http://brewpi.schleppe:8080; - more_set_headers 'Access-Control-Allow-Origin' 'brewpi.schleppe.cloud beer.schleppe.cloud'; - more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Origin: brewpi.schleppe.cloud beer.schleppe.cloud'; + more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers: Content-Type'; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; @@ -53,9 +53,9 @@ server { resolver 10.0.0.72; proxy_pass http://brewpi.schleppe:8080; - more_set_headers 'Access-Control-Allow-Origin' 'brewpi.schleppe.cloud beer.schleppe.cloud'; - more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Origin: brewpi.schleppe.cloud beer.schleppe.cloud'; + more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers: Content-Type'; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; diff --git a/sites-available/castdeck.conf b/sites-available/castdeck.conf index a2da29e..8c2bc98 100644 --- a/sites-available/castdeck.conf +++ b/sites-available/castdeck.conf @@ -5,7 +5,7 @@ server { server_name castdeck.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers 'Upgrading: Connection'; return 302 https://$host$request_uri; } @@ -24,9 +24,9 @@ server { resolver 10.0.0.72; proxy_pass http://castdeck.schleppe:80; - more_set_headers 'Access-Control-Allow-Origin' '*'; - more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Origin: *'; + more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers: Content-Type'; proxy_set_header Host $host; } diff --git a/sites-available/drone.conf b/sites-available/drone.conf index f33301f..582a3cf 100644 --- a/sites-available/drone.conf +++ b/sites-available/drone.conf @@ -5,7 +5,7 @@ server { server_name drone.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers 'Upgrading: Connection'; return 302 https://$host$request_uri; } diff --git a/sites-available/elastic.conf b/sites-available/elastic.conf index 7c717c0..06eb19a 100644 --- a/sites-available/elastic.conf +++ b/sites-available/elastic.conf @@ -15,7 +15,7 @@ server { server_name kibana.schleppe.cloud elastic.schleppe.cloud es.schleppe.cloud elastic.keivnmidboe.com; - more_set_headers Upgrading Connection; + more_set_headers 'Upgrading: Connection'; return 302 https://$host$request_uri; } @@ -44,7 +44,7 @@ server { resolver 10.0.0.72; proxy_pass https://elastic; - more_set_headers X-Upstream $upstream_addr always; + more_set_headers 'X-Upstream: $upstream_addr'; } ssl_certificate /etc/letsencrypt/live/elastic.schleppe.cloud-0001/fullchain.pem; # managed by Certbot @@ -62,7 +62,7 @@ server { resolver 10.0.0.72; proxy_pass http://elastic; - more_set_headers X-Upstream $upstream_addr always; + more_set_headers 'X-Upstream: $upstream_addr'; } ssl_certificate /etc/letsencrypt/live/elastic.schleppe.cloud/fullchain.pem; # managed by Certbot @@ -80,7 +80,7 @@ server { resolver 10.0.0.72; proxy_pass http://elastic; - more_set_headers X-Upstream $upstream_addr always; + more_set_headers 'X-Upstream $upstream_addr'; } ssl_certificate /etc/letsencrypt/live/elastic.kevinmidboe.com-0001/fullchain.pem; # managed by Certbot diff --git a/sites-available/fjordmap.conf b/sites-available/fjordmap.conf index e0645f1..408de40 100644 --- a/sites-available/fjordmap.conf +++ b/sites-available/fjordmap.conf @@ -13,9 +13,9 @@ server { location / { proxy_http_version 1.1; - more_set_headers 'Access-Control-Allow-Origin' 'fjordmap.schleppe.cloud'; - more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Origin: fjordmap.schleppe.cloud'; + more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers: Content-Type'; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; diff --git a/sites-available/gitea.conf b/sites-available/gitea.conf index c0d2fed..c94a0a3 100644 --- a/sites-available/gitea.conf +++ b/sites-available/gitea.conf @@ -5,7 +5,7 @@ server { server_name git.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers 'Upgrading: Connection'; return 302 https://$host$request_uri; } diff --git a/sites-available/grafana.conf b/sites-available/grafana.conf index 7155c4f..287b056 100644 --- a/sites-available/grafana.conf +++ b/sites-available/grafana.conf @@ -14,7 +14,7 @@ server { server_name grafana.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers 'Upgrading: Connection'; return 302 https://$host$request_uri; } diff --git a/sites-available/headscale.conf b/sites-available/headscale.conf index 2e817be..591c033 100644 --- a/sites-available/headscale.conf +++ b/sites-available/headscale.conf @@ -26,6 +26,6 @@ server { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; - more_set_headers Strict-Transport-Security "max-age=15552000; includeSubDomains" always; + more_set_headers 'Strict-Transport-Security: max-age=15552000; includeSubDomains'; } } diff --git a/sites-available/hitler.conf b/sites-available/hitler.conf index fe2a5bf..c6241bd 100644 --- a/sites-available/hitler.conf +++ b/sites-available/hitler.conf @@ -11,9 +11,9 @@ server { location / { proxy_http_version 1.1; - more_set_headers 'Access-Control-Allow-Origin' 'hitler.kevinmidboe.com'; - more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Origin: hitler.kevinmidboe.com'; + more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers: Content-Type'; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; diff --git a/sites-available/hiveMonitor.conf b/sites-available/hiveMonitor.conf index 275a93d..a66391d 100644 --- a/sites-available/hiveMonitor.conf +++ b/sites-available/hiveMonitor.conf @@ -11,7 +11,7 @@ server { server_name hive.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers "Upgrading: Connection"; return 302 https://$host$request_uri; } diff --git a/sites-available/kevinmidboe.conf b/sites-available/kevinmidboe.conf index 60c6c0d..718f8ae 100644 --- a/sites-available/kevinmidboe.conf +++ b/sites-available/kevinmidboe.conf @@ -5,7 +5,7 @@ server { server_name kevinmidboe.com; - more_set_headers Upgrading Connection; + more_set_headers "Upgrading: Connection"; return 302 https://$host$request_uri; } diff --git a/sites-available/leifsopplevelser.conf b/sites-available/leifsopplevelser.conf index c6c49a7..5296c5c 100644 --- a/sites-available/leifsopplevelser.conf +++ b/sites-available/leifsopplevelser.conf @@ -8,7 +8,7 @@ server { server_name *.leifsopplevelser.no leifsopplevelser.no; - more_set_headers Upgrading Connection; + more_set_headers "Upgrading: Connection"; return 302 https://$host$request_uri; } diff --git a/sites-available/lottis.conf b/sites-available/lottis.conf index 6fe0833..3638be4 100644 --- a/sites-available/lottis.conf +++ b/sites-available/lottis.conf @@ -17,7 +17,7 @@ server { server_name .lottis.vin .vinlottis.no aller.vin knowit.vin; - more_set_headers Upgrading Connection; + more_set_headers "Upgrading: Connection"; return 302 https://$host$request_uri; } @@ -137,7 +137,7 @@ server { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; - more_set_headers 'Access-Control-Allow-Headers' 'Content-Type, vinlottis-admin'; + more_set_headers 'Access-Control-Allow-Headers: Content-Type, vinlottis-admin'; } ssl_certificate /etc/letsencrypt/live/aller.lottis.vin/fullchain.pem; # managed by Certbot @@ -161,7 +161,7 @@ server { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; - more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Headers: Content-Type'; } ssl_certificate /etc/letsencrypt/live/aller.vin/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/aller.vin/privkey.pem; # managed by Certbot diff --git a/sites-available/maps.conf b/sites-available/maps.conf index f5ae3a3..526b74f 100644 --- a/sites-available/maps.conf +++ b/sites-available/maps.conf @@ -5,7 +5,7 @@ server { server_name maps.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers "Upgrading: Connection"; return 302 https://$host$request_uri; } diff --git a/sites-available/memestream.conf b/sites-available/memestream.conf index ae17dc8..cfeac0f 100644 --- a/sites-available/memestream.conf +++ b/sites-available/memestream.conf @@ -5,7 +5,7 @@ server { server_name memestream.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers "Upgrading: Connection"; return 302 https://$host$request_uri; } diff --git a/sites-available/mondrian.conf b/sites-available/mondrian.conf index 667517f..6dd5e8c 100644 --- a/sites-available/mondrian.conf +++ b/sites-available/mondrian.conf @@ -5,7 +5,7 @@ server { server_name mondrian.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers "Upgrading: Connection"; return 302 https://$host$request_uri; } diff --git a/sites-available/planetposen.conf b/sites-available/planetposen.conf index d3efe09..fdb709a 100644 --- a/sites-available/planetposen.conf +++ b/sites-available/planetposen.conf @@ -24,7 +24,7 @@ server { server_name planetposen.no planet.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers "Upgrading: Connection"; return 302 https://$host$request_uri; } @@ -66,9 +66,9 @@ server { proxy_request_buffering off; - more_set_headers 'Access-Control-Allow-Origin planet.schleppe.cloud'; - more_set_headers 'Access-Control-Allow-Methods GET, POST, OPTIONS'; - more_set_headers 'Access-Control-Allow-Headers Content-Type'; + more_set_headers 'Access-Control-Allow-Origin: planet.schleppe.cloud'; + more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers: Content-Type'; client_max_body_size 5M; } @@ -78,18 +78,18 @@ server { proxy_pass http://planetposen-backend/api; # more_set_headers 'Access-Control-Allow-Origin' 'planet.schleppe.cloud'; - more_set_headers 'Access-Control-Allow-Origin *'; - more_set_headers 'Access-Control-Allow-Methods GET, POST, OPTIONS'; - more_set_headers 'Access-Control-Allow-Headers Content-Type'; + more_set_headers 'Access-Control-Allow-Origin: *'; + more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers: Content-Type'; } location / { resolver 10.0.0.72; proxy_pass http://planetposen-frontend; - more_set_headers 'Access-Control-Allow-Origin planet.schleppe.cloud'; - more_set_headers 'Access-Control-Allow-Methods GET, POST, OPTIONS'; - more_set_headers 'Access-Control-Allow-Headers Content-Type'; + more_set_headers 'Access-Control-Allow-Origin: planet.schleppe.cloud'; + more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers: Content-Type'; } ssl_certificate /etc/letsencrypt/live/planet.schleppe.cloud/fullchain.pem; # managed by Certbot diff --git a/sites-available/plex.conf b/sites-available/plex.conf index c65606e..9b1b738 100644 --- a/sites-available/plex.conf +++ b/sites-available/plex.conf @@ -5,7 +5,7 @@ server { server_name sonarr.schleppe.cloud tau.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers "Upgrading: Connection"; return 302 https://$host$request_uri; } diff --git a/sites-available/proxy.conf b/sites-available/proxy.conf index f4ddc3a..9b7bc59 100644 --- a/sites-available/proxy.conf +++ b/sites-available/proxy.conf @@ -7,9 +7,9 @@ server { location / { proxy_http_version 1.1; - more_set_headers 'Access-Control-Allow-Origin' '*'; - more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Origin: *'; + more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers: Content-Type'; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; diff --git a/sites-available/request.conf b/sites-available/request.conf index a17c19b..98bf148 100644 --- a/sites-available/request.conf +++ b/sites-available/request.conf @@ -5,7 +5,7 @@ server { server_name .request.movie; - more_set_headers Upgrading Connection; + more_set_headers 'Upgrading: Connection'; return 302 https://$host$request_uri; } diff --git a/sites-available/ruterna.conf b/sites-available/ruterna.conf index c40e820..cee3051 100644 --- a/sites-available/ruterna.conf +++ b/sites-available/ruterna.conf @@ -7,9 +7,9 @@ server { location / { proxy_http_version 1.1; - more_set_headers 'Access-Control-Allow-Origin' 'lottis.vin'; - more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Origin: lottis.vin'; + more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers: Content-Type'; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; diff --git a/sites-available/schleppecloud.conf b/sites-available/schleppecloud.conf index 20aa436..23e64a3 100644 --- a/sites-available/schleppecloud.conf +++ b/sites-available/schleppecloud.conf @@ -5,7 +5,7 @@ server { server_name schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers 'Upgrading: Connection'; return 302 https://$host$request_uri; } diff --git a/sites-available/wagovipps.conf b/sites-available/wagovipps.conf index aeded6b..abae616 100644 --- a/sites-available/wagovipps.conf +++ b/sites-available/wagovipps.conf @@ -5,7 +5,7 @@ server { server_name wagovipps.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers 'Upgrading: Connection'; return 302 https://$host$request_uri; } @@ -25,8 +25,8 @@ server { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; - more_set_headers 'Access-Control-Allow-Methods' 'GET, POST, PUT, OPTIONS'; - more_set_headers 'Access-Control-Allow-Headers' 'Content-Type'; + more_set_headers 'Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS'; + more_set_headers 'Access-Control-Allow-Headers: Content-Type'; } ssl_certificate /etc/letsencrypt/live/wagovipps.schleppe.cloud/fullchain.pem; # managed by Certbot diff --git a/sites-available/warden.conf b/sites-available/warden.conf index 65e8e58..877b2d2 100644 --- a/sites-available/warden.conf +++ b/sites-available/warden.conf @@ -5,7 +5,7 @@ server { server_name warden.schleppe.cloud; - more_set_headers Upgrading Connection; + more_set_headers 'Upgrading: Connection'; return 302 https://$host$request_uri; } diff --git a/snippets/proxy-params.conf b/snippets/proxy-params.conf index c9a4ab4..4181a6c 100644 --- a/snippets/proxy-params.conf +++ b/snippets/proxy-params.conf @@ -3,4 +3,4 @@ proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for; proxy_set_header Host $host; -more_set_headers 'X-Proxy-Params Applied'; +more_set_headers 'X-Proxy-Params: Applied'; From 95675031d727c4d52db63f02488d9dcaea5acd7d Mon Sep 17 00:00:00 2001 From: Kevin Midboe Date: Fri, 10 Nov 2023 22:18:24 +0100 Subject: [PATCH 3/4] Removed k9ee.conf --- sites-available/k9ee.conf | 28 ---------------------------- sites-enabled/k9ee.conf | 1 - 2 files changed, 29 deletions(-) delete mode 100644 sites-available/k9ee.conf delete mode 120000 sites-enabled/k9ee.conf diff --git a/sites-available/k9ee.conf b/sites-available/k9ee.conf deleted file mode 100644 index c6898dc..0000000 --- a/sites-available/k9ee.conf +++ /dev/null @@ -1,28 +0,0 @@ - -server { - listen 443 ssl http2; - listen [::]:443 ssl http2; - - server_name k9ee.no; - - error_page 404 /404.html; - location = /404.html { - root /home/kevin/; - } - - location / { - resolver 10.0.0.72; - - proxy_http_version 1.1; - more_set_headers Proxy Bifrost; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $host; - proxy_pass http://k9e.kazan.schleppe; - } - - ssl_certificate /etc/letsencrypt/live/k9e.no/fullchain.pem; # managed by Kevin - ssl_certificate_key /etc/letsencrypt/live/k9e.no/privkey.pem; # managed by Kevin -} - diff --git a/sites-enabled/k9ee.conf b/sites-enabled/k9ee.conf deleted file mode 120000 index 3028675..0000000 --- a/sites-enabled/k9ee.conf +++ /dev/null @@ -1 +0,0 @@ -../sites-available/k9ee.conf \ No newline at end of file From 8237ee70c9b14f4b72bfcf77c3f4b440112f7156 Mon Sep 17 00:00:00 2001 From: Kevin Midboe Date: Fri, 10 Nov 2023 22:38:03 +0100 Subject: [PATCH 4/4] Reload nginx after deploying over rsync --- .drone.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.drone.yml b/.drone.yml index 93687ff..f089a70 100644 --- a/.drone.yml +++ b/.drone.yml @@ -155,6 +155,7 @@ steps: --exclude=".*" --exclude="*_temp" * $NGINX_USER@$NGINX_HOST:/etc/nginx/ + - ssh -i .ssh/id_ed25519 -o StrictHostKeyChecking 'sudo systemctl reload nginx' environment: NGINX_USER: from_secret: NGINX_USER @@ -171,6 +172,6 @@ steps: --- kind: signature -hmac: 7e392f769559ba043b923bbc35197ad955864d15a179979949528362731cbf29 +hmac: af057f67070e2ea82be5b75874e0a5cc89ec8a912e71d2369f4d4537c02faecb ...