engineering
/
configurations
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: engineering:do2
Branches Tags
engineering:master
engineering:do2
...
pull from: engineering:master
Branches Tags
engineering:master
engineering:do2

4 Commits
do2 ... master

Author SHA1 Message Date
Matthew ecf5c57a4f
pushes 2025-03-26 17:41:29 -04:00
Matthew d648232d38
pushes 2025-03-21 15:27:37 -04:00
Matthew 33f60e2d81
redirects for edu and canvas for .org 2025-03-20 18:01:40 -04:00
Matthew 8ecd64af13
redirects for edu and canvas for .org 2025-03-20 00:22:18 -04:00
4 changed files with 28 additions and 34 deletions
Show Stats Expand all files Collapse all files

34
Nginx/Server Blocks/edu.libraryofcode.org.conf
View File

@ -6,37 +6,5 @@ server {
ssl_certificate /etc/nginx/ssl/org.chain.crt; ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem; ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /opt/moodle; return 307 https://canvas.libraryofcode.dev$request_uri;
index index.html index.htm index.php;
error_page 404 /error/index.php; error_page 403 =404 /error/index.php;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_pass unix:/run/php/php8.0-fpm_moodle.sock;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_read_timeout 300;
proxy_read_timeout 300;
}
location /dataroot/ {
internal;
alias /var/opt/moodledata/; # ensure the path ends with /
}
# Hide all dot files but allow "Well-Known URIs" as per RFC 5785
location ~ /\.(?!well-known).* {
return 404;
}
# This should be after the php fpm rule and very close to the last nginx ruleset.
# Don't allow direct access to various internal files. See MDL-69333
location ~ (/vendor/|/node_modules/|composer\.json|/readme|/README|readme\.txt|/upgrade\.txt|db/install\.xml|/fixtures/|/behat/|phpunit\.xml|\.lock|environment\.xml) {
deny all;
return 404;
}
} }

13
Nginx/Server Blocks/smm.libraryofcode.org.conf Normal file
View File

@ -0,0 +1,13 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name smm.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
#limit_req zone=one burst=15;
location / {
proxy_pass http://localhost:8080;
}
}

2
Postfix/main.conf
View File

@ -1,7 +1,7 @@
# See /usr/share/postfix/main.cf.dist for a commented, more complete version # See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Server Information # Server Information
smtpd_banner = $myhostname LIBRARY OF CODE SP-US STAFF SVCS | ESMTP (Debian/GNU) smtpd_banner = $myhostname LIBRARY OF CODE INC STAFF SVCS | ESMTP (Debian/GNU)
myhostname = staff.libraryofcode.org myhostname = staff.libraryofcode.org
myorigin = /etc/mailname myorigin = /etc/mailname
mydestination = $myhostname mydestination = $myhostname

13
Postfix/master.conf
View File

@ -17,6 +17,19 @@ smtp inet n - y - - smtpd
#dnsblog unix - - y - 0 dnsblog #dnsblog unix - - y - 0 dnsblog
#tlsproxy unix - - y - 0 tlsproxy #tlsproxy unix - - y - 0 tlsproxy
5878 inet n - y - - smtpd
-o syslog_name=postfix/submission5878
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_recipient=no
-o smtpd_client_restrictions=$mua_client_restrictions
-o smtpd_helo_restrictions=$mua_helo_restrictions
-o smtpd_sender_restrictions=$mua_sender_restrictions
-o smtpd_recipient_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
-o cleanup_service_name=privclean
submission inet n - y - - smtpd submission inet n - y - - smtpd
-o syslog_name=postfix/submission -o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt -o smtpd_tls_security_level=encrypt