Add install of nodejs + add bloc for search robot to gitlab, jenkins and prtainer + add config for www.c2a-systeme.fr

This commit is contained in:
Mathieu Sanchez 2019-04-24 08:48:21 +09:00
parent 4bafdd297a
commit 6598b31180
5 changed files with 70 additions and 10 deletions

View File

@ -1,4 +1,5 @@
# http://nginx.org/en/docs/http/websocket.html
# http://nginx.org/en/docs/http/websocket.html
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
@ -84,9 +85,10 @@ server {
# Disable check to allow unlimited body sizes. this allows apps to accept whatever size they want
client_max_body_size 0;
# location = /robots.txt {
# return 200 "";
# }
# Bloc accès of the search robots
location = /robots.txt {
return 200 "User-agent: *\nDisallow: /";
}
proxy_pass http://127.0.0.1:8001;

View File

@ -84,9 +84,10 @@ server {
# Disable check to allow unlimited body sizes. this allows apps to accept whatever size they want
client_max_body_size 0;
# location = /robots.txt {
# return 200 "";
# }
# Bloc accès of the search robots
location = /robots.txt {
return 200 "User-agent: *\nDisallow: /";
}
proxy_pass http://127.0.0.1:8002;

View File

@ -84,9 +84,10 @@ server {
# Disable check to allow unlimited body sizes. this allows apps to accept whatever size they want
client_max_body_size 0;
# location = /robots.txt {
# return 200 "";
# }
# Bloc accès of the search robots
location = /robots.txt {
return 200 "User-agent: *\nDisallow: /";
}
proxy_pass http://127.0.0.1:8003;

View File

@ -0,0 +1,52 @@
# http://nginx.org/en/docs/http/websocket.html
# http://nginx.org/en/docs/http/websocket.html
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# http server
server {
listen 80;
listen [::]:80;
server_name www.c2a-systeme.fr;
location / {
# redirect everything to HTTPS
return 301 https://$host$request_uri;
}
}
# https server
server {
server_name www.c2a-systeme.fr;
listen 443 http2;
listen [::]:443 http2;
ssl on;
# paths are relative to prefix and not to this file
ssl_certificate /etc/letsencrypt/live/www.c2a-systeme.fr/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/www.c2a-systeme.fr/privkey.pem;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
# https://bettercrypto.org/static/applied-crypto-hardening.pdf
# https://mozilla.github.io/server-side-tls/ssl-config-generator/
# https://cipherli.st/
# https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # don't use SSLv3 ref: POODLE
# ciphers according to https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.10.3&openssl=1.0.2g&hsts=yes&profile=modern
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
add_header Strict-Transport-Security "max-age=15768000";
root /var/www/html/c2a-web-platform;
index index.html;
location / {
try_files $uri $uri/ /index.html =404;
}
}

View File

@ -6,4 +6,8 @@ rm /root/sdk-tools-linux-4333796.zip
yes | ./tools/bin/sdkmanager --licenses
yes | ./tools/bin/sdkmanager "platforms;android-28" --sdk_root=/opt/android-sdk
apt-get update
apt-get install -y curl
curl -sL https://deb.nodesource.com/setup_10.x | bash -
apt-get install -y nodejs