engineering
/
configurations
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: engineering:master
Branches Tags
engineering:master
engineering:do2
...
pull from: engineering:do2
Branches Tags
engineering:master
engineering:do2

12 Commits
master ... do2

Author SHA1 Message Date
Matthew 4a1d041d4a
pushes 2025-03-26 17:39:26 -04:00
Matthew 52fabbc860
pushes 2025-03-22 00:42:38 -04:00
Matthew 8b745bd444
SSL config changes 2025-03-21 12:41:26 -04:00
Matthew e0c08fb1f8
SSL config changes 2025-03-21 12:40:57 -04:00
Matthew a353eda89a
redirects for edu and canvas for .org 2025-03-20 18:51:21 -04:00
Matthew dd97c840b6
redirects for edu and canvas for .org 2025-03-20 18:03:40 -04:00
Matthew 036ecb5689
all fixes 2025-03-19 20:03:29 -04:00
Matthew 459ec2a343
all fixes 2025-03-19 20:00:44 -04:00
Matthew f43622df28
all fixes 2025-03-19 19:59:15 -04:00
Matthew 10f1be502b
all fixes 2025-03-19 19:44:14 -04:00
Matthew 0a024afbaa
all fixes 2025-03-19 19:43:22 -04:00
Matthew 4dfdcb9d85
all fixes 2025-03-19 19:41:46 -04:00
63 changed files with 320 additions and 1071 deletions
Show Stats Expand all files Collapse all files

48
Docker/Composer/Cal.com/docker-compose.yml Normal file
View File

@ -0,0 +1,48 @@
# Use postgres/example user/password credentials
version: '3.8'
volumes:
database-data:
networks:
stack:
name: stack
external: false
services:
database:
container_name: database
image: postgres
restart: always
volumes:
- database-data:/var/lib/postgresql/data/
env_file: .env
networks:
- stack
calcom:
image: calcom.docker.scarf.sh/calcom/cal.com
build:
context: .
dockerfile: Dockerfile
args:
NEXT_PUBLIC_WEBAPP_URL: ${NEXT_PUBLIC_WEBAPP_URL}
NEXT_PUBLIC_API_V2_URL: ${NEXT_PUBLIC_API_V2_URL}
NEXT_PUBLIC_LICENSE_CONSENT: ${NEXT_PUBLIC_LICENSE_CONSENT}
CALCOM_TELEMETRY_DISABLED: ${CALCOM_TELEMETRY_DISABLED}
NEXTAUTH_SECRET: ${NEXTAUTH_SECRET}
CALENDSO_ENCRYPTION_KEY: ${CALENDSO_ENCRYPTION_KEY}
DATABASE_URL: ${DATABASE_URL}
DATABASE_DIRECT_URL: ${DATABASE_URL}
network: stack
restart: always
networks:
- stack
ports:
- 3000:3000
env_file: .env
environment:
- DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${DATABASE_HOST}/${POSTGRES_DB}
- DATABASE_DIRECT_URL=${DATABASE_URL}
depends_on:
- database

29
Docker/Composer/Docuseal/docker-compose.yml Normal file
View File

@ -0,0 +1,29 @@
services:
app:
env_file:
- .env
depends_on:
postgres:
condition: service_healthy
image: docuseal/docuseal:latest
ports:
- 3002:3000 # Change host port to 3001
environment:
- FORCE_SSL=${HOST}
- DATABASE_URL=postgresql://postgres:postgres@postgres:5432/docuseal
volumes:
- /data/docuseal # Docker will auto-manage this volume
postgres:
image: postgres:15
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: docuseal
volumes:
- /var/lib/postgresql/data # Docker will auto-manage this volume
healthcheck:
test: ["CMD-SHELL", "pg_isready -U postgres"]
interval: 5s
timeout: 5s
retries: 5

23
Nginx/Server Blocks/ats.libraryofcode.org.conf
View File

@ -1,23 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ats.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/opencats;
index index.html index.htm index.php;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_param HTACCESS on;
proxy_read_timeout 800;
}
}

14
Nginx/Server Blocks/bin.libraryofcode.org.conf
View File

@ -1,14 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name bin.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/binary;
location / {
autoindex on;
}
}

16
Nginx/Server Blocks/board.ins.conf
View File

@ -1,16 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
#listen [::]:443 ssl http2;
server_name board.ins;
ssl_certificate /etc/nginx/ssl/board-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/board-ins.key.pem;
location / {
proxy_pass http://localhost:3121;
}
location /api {
proxy_pass http://localhost:3892;
}
}

12
Nginx/Server Blocks/book.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name book.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:3000;
}
}

14
Nginx/Server Blocks/canvas.libraryofcode.dev.conf Normal file
View File

@ -0,0 +1,14 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name canvas.libraryofcode.dev;
ssl_certificate /etc/letsencrypt/live/libraryofcode.dev/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/libraryofcode.dev/privkey.pem;
root /opt/canvas/public;
index index.html;
return 307 https://canvas.libraryofcode.org$request_uri;
}

55
Nginx/Server Blocks/canvas.libraryofcode.org.conf Normal file
View File

@ -0,0 +1,55 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name canvas.libraryofcode.org;
#ssl_certificate /etc/letsencrypt/live/libraryofcode.org/fullchain.pem;
#ssl_certificate_key /etc/letsencrypt/live/libraryofcode.org/privkey.pem;
ssl_certificate /etc/ssl/private/emea.chain.crt;
ssl_certificate_key /etc/ssl/private/emea.key;
root /opt/canvas/public;
index index.html;
passenger_enabled on;
passenger_app_env production;
passenger_ruby /usr/local/bin/ruby;
passenger_user canvas;
passenger_group root;
passenger_friendly_error_pages on;
# passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;
#passenger_pool_idle_time 300;
#passenger_max_pool_size 10;
client_max_body_size 50M;
# Serve the static login discovery page at /login-discovery
location = /login-discovery {
default_type text/html;
alias /var/www/html/canvas-login-discovery.html;
}
location / {
try_files $uri @app;
}
location @app {
passenger_enabled on;
}
location /assets/ {
expires max;
add_header Cache-Control public;
}
location ~* \.(?:ico|css|js|gif|jpe?g|png|woff2?|eot|ttf|svg|otf)$ {
expires max;
add_header Cache-Control public;
}
location /health_check {
access_log off;
return 200 "OK\n";
}
}

22
Nginx/Server Blocks/cert.libraryofcode.org.conf
View File

@ -1,22 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name cert.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
ssl_verify_client optional_no_ca;
location / {
proxy_pass https://offsite-ejbca.mracs.dev;
proxy_set_header X-SSL-CERT $ssl_client_cert;
proxy_set_header X-Client-Verify $ssl_client_verify;
proxy_set_header X-Client-DN $ssl_client_s_dn;
proxy_set_header X-Client-Serial $ssl_client_serial;
}
location /test-headers {
return 200 "X-SSL-CERT: $ssl_client_cert\nX-Client-Verify: $ssl_client_verify\nX-Client-DN: $ssl_client_s_dn\nX-Client-Serial: $ssl_client_serial\n";
add_header Content-Type text/plain;
}
}

12
Nginx/Server Blocks/certapi.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name certapi.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:3030;
}
}

16
Nginx/Server Blocks/cloud.libraryofcode.org.conf
View File

@ -1,16 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name cloud.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
return 307 $scheme://www.libraryofcode.org/;
}
location ~ /(.*)$ {
rewrite https://$1.cloud.libraryofcode.org temporary;
}
}

12
Nginx/Server Blocks/comm.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name comm.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:3895;
}
}

22
Nginx/Server Blocks/confluence.libraryofcode.org.conf
View File

@ -1,22 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name confluence.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
return 307 https://wiki.libraryofcode.org/;
}
location /synchrony {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8091/synchrony;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}

20
Nginx/Server Blocks/content.libraryofcode.org.conf
View File

@ -1,20 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name content.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/content;
location / {
autoindex on;
}
location /sec {
autoindex on;
auth_basic "Secure Area";
auth_basic_user_file /etc/nginx/htpasswd;
}
}

10
Nginx/Server Blocks/cshd.libraryofcode.org.conf
View File

@ -1,10 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name cshd.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
return 302 https://staff.libraryofcode.org$request_uri;
}

12
Nginx/Server Blocks/data.ins.conf
View File

@ -1,12 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
#listen [::]:443 ssl http2;
server_name data.ins;
ssl_certificate /etc/nginx/ssl/data-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/data-ins.key.pem;
location / {
proxy_pass http://10.8.0.1:19999;
}
}

11
Nginx/Server Blocks/directory.libraryofcode.org.conf
View File

@ -1,11 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name directory.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/staff-directory;
index index.html;
}

35
Nginx/Server Blocks/dns.ins.conf
View File

@ -1,35 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
server_name dns.ins;
ssl_certificate /etc/nginx/ssl/dns-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/dns-ins.key.pem;
index index.html index.htm index.php;
root /opt/powerdns-admin;
access_log /var/log/nginx/powerdns-admin.local.access.log combined;
error_log /var/log/nginx/powerdns-admin.local.error.log;
location ~ ^/static/ {
include /etc/nginx/mime.types;
root /opt/powerdns-admin/powerdnsadmin;
location ~* \.(jpg|jpeg|png|gif)$ {
expires 365d;
}
location ~* ^.+.(css|js)$ {
expires 7d;
}
}
location / {
proxy_pass http://unix:/run/powerdns-admin/socket;
proxy_read_timeout 120;
proxy_connect_timeout 120;
proxy_redirect off;
}
}

14
Nginx/Server Blocks/docker.libraryofcode.org.conf
View File

@ -1,14 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name docker.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
client_max_body_size 1G;
location / {
proxy_pass http://localhost:5000;
}
}

12
Nginx/Server Blocks/docsign.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name docsign.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:3002;
}
}

14
Nginx/Server Blocks/drive.libraryofcode.org.conf
View File

@ -1,14 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name drive.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
client_max_body_size 1G;
location / {
proxy_pass http://localhost:5608;
}
}

17
Nginx/Server Blocks/eds.libraryofcode.org.conf
View File

@ -1,17 +0,0 @@
upstream eds-backend {
server localhost:7101;
server node2.libraryofcode.org:7101 backup;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name eds.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://eds-backend;
}
}

42
Nginx/Server Blocks/edu.libraryofcode.org.conf
View File

@ -1,42 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name edu.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /opt/moodle;
index index.html index.htm index.php;
error_page 404 /error/index.php; error_page 403 =404 /error/index.php;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_pass unix:/run/php/php8.0-fpm_moodle.sock;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_read_timeout 300;
proxy_read_timeout 300;
}
location /dataroot/ {
internal;
alias /var/opt/moodledata/; # ensure the path ends with /
}
# Hide all dot files but allow "Well-Known URIs" as per RFC 5785
location ~ /\.(?!well-known).* {
return 404;
}
# This should be after the php fpm rule and very close to the last nginx ruleset.
# Don't allow direct access to various internal files. See MDL-69333
location ~ (/vendor/|/node_modules/|composer\.json|/readme|/README|readme\.txt|/upgrade\.txt|db/install\.xml|/fixtures/|/behat/|phpunit\.xml|\.lock|environment\.xml) {
deny all;
return 404;
}
}

12
Nginx/Server Blocks/firewall.ins.conf
View File

@ -1,12 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
#listen [::]:443 ssl http2;
server_name firewall.ins;
ssl_certificate /etc/nginx/ssl/firewall-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/firewall-ins.key.pem;
location / {
proxy_pass http://192.168.56.1:80;
}
}

13
Nginx/Server Blocks/forms.libraryofcode.org.conf
View File

@ -1,13 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name forms.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/forms;
rewrite ^(/.*)\.html(\?.*)?$ $1$2 permanent;
try_files $uri.html $uri/ $uri =404;
}

12
Nginx/Server Blocks/git.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name git.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:3056;
}
}

68
Nginx/Server Blocks/gitlab.libraryofcode.org.conf
View File

@ -1,68 +0,0 @@
upstream gitlab-workhorse {
server unix:/var/opt/gitlab/gitlab-workhorse/sockets/socket fail_timeout=0;
}
## HTTPS host
server {
listen 0.0.0.0:443 ssl http2;
listen [::]:443 ipv6only=on ssl http2;
server_name gitlab.libraryofcode.org; ## Replace this with something like gitlab.example.com
root /opt/gitlab/embedded/service/gitlab-rails/public;
## Strong SSL Security
## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html & https://cipherli.st/
ssl on;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
# GitLab needs backwards compatible ciphers to retain compatibility with Java IDEs
#ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
## See app/controllers/application_controller.rb for headers set
## [Optional] Enable HTTP Strict Transport Security
## HSTS is a feature improving protection against MITM attacks
## For more information see: https://www.nginx.com/blog/http-strict-transport-security-hsts-and-nginx/
add_header Strict-Transport-Security "max-age=31536000; preload";
## [Optional] If your certficate has OCSP, enable OCSP stapling to reduce the overhead and latency of running SSL.
## Replace with your ssl_trusted_certificate. For more info see:
## - https://medium.com/devops-programming/4445f4862461
## - https://www.ruby-forum.com/topic/4419319
## - https://www.digitalocean.com/community/tutorials/how-to-configure-ocsp-stapling-on-apache-and-nginx
# ssl_stapling on;
# ssl_stapling_verify on;
# ssl_trusted_certificate /etc/nginx/ssl/stapling.trusted.crt;
# resolver 208.67.222.222 208.67.222.220 valid=300s; # Can change to your DNS resolver if desired
# resolver_timeout 5s;
## Individual nginx logs for this GitLab vhost
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
location / {
client_max_body_size 0;
gzip off;
## https://github.com/gitlabhq/gitlabhq/issues/694
## Some requests take more than 30 seconds.
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://gitlab-workhorse;
}
}

16
Nginx/Server Blocks/gocrypt.libraryofcode.org.conf
View File

@ -1,16 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name gocrypt.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/gocryptdoc;
index index.html;
location / {
try_files $uri $uri/index.html =404;
}
}

12
Nginx/Server Blocks/hr.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name hr.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:5487;
}
}

31
Nginx/Server Blocks/inbox.libraryofcode.org.conf
View File

@ -1,31 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name inbox.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/rainloop;
index index.php index.html;
access_log /var/log/nginx/rainloop_access.log;
error_log /var/log/nginx/rainloop_error.log;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ ^/(.+\.php)$ {
try_files $uri =404;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
location ^~ /data {
deny all;
}
}

30
Nginx/Server Blocks/ins-test.libraryofcode.org.conf
View File

@ -1,30 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ins-test.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/ins-test.chain.crt;
ssl_certificate_key /etc/nginx/ssl/ins-test.key.pem;
ssl_session_cache builtin:1000 shared:SSL:10m;
#ssl_protocols TLSv1.2;
#ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify off;
root /var/www/content;
location / {
autoindex on;
}
location /sec {
autoindex on;
auth_basic "Secure Area";
auth_basic_user_file /etc/nginx/htpasswd;
}
}

30
Nginx/Server Blocks/internships.libraryofcode.org.conf
View File

@ -1,30 +0,0 @@
// php7.2-fpm-internships.sock
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name internships.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_pass /run/php/php7.2-fpm-internships.sock;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# Hide all dot files but allow "Well-Known URIs" as per RFC 5785
location ~ /\.(?!well-known).* {
return 404;
}
location ~ (/vendor/|/node_modules/|composer\.json|/readme|/README|readme\.txt|/upgrade\.txt|db/install\.xml|/fixtures/|/behat/|phpunit\.xml|\.lock|environment\.xml) {
deny all;
return 404;
}
}

44
Nginx/Server Blocks/journal.libraryofcode.org.conf
View File

@ -1,44 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name journal.libraryofcode.org;
root /var/www/ojs;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
error_page 404 /index.php;
location ~ ^(.+\.php)(.*)$ {
set $path_info $fastcgi_path_info;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_param PATH_INFO $path_info;
fastcgi_param PATH_TRANSLATED $document_root$path_info;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
include fastcgi_params;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ /\.(?!well-known).* {
deny all;
}
}

13
Nginx/Server Blocks/keys.ins.conf
View File

@ -1,13 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
#listen [::]:443 ssl http2;
server_name keys.ins;
ssl_certificate /etc/nginx/ssl/keys-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/keys-ins.key.pem;
root /var/www/keys;
location / {
autoindex on;
}
}

22
Nginx/Server Blocks/keys.libraryofcode.org.conf
View File

@ -1,22 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;server_name keys.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/html/sks;
error_page 404 /404.html;
location ~ (.git|LICENSE|readme.md) {
deny all;
return 404;
}
location /pks {
proxy_pass http://localhost:11371;
proxy_pass_header Server;
}
}

12
Nginx/Server Blocks/ledger.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ledger.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:5762;
}
}

17
Nginx/Server Blocks/libraryofcode.dev.conf Normal file
View File

@ -0,0 +1,17 @@
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name libraryofcode.dev www.libraryofcode.dev;
ssl_certificate /etc/letsencrypt/live/libraryofcode.dev/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/libraryofcode.dev/privkey.pem;
#ssl_certificate /etc/nginx/ssl/org.chain.crt;
#ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /opt/libraryofcode.dev-frontend;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}

41
Nginx/Server Blocks/libraryofcode.org.conf
View File

@ -1,41 +0,0 @@
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name www.libraryofcode.org;
ssl_certificate /etc/ssl/private/ev.chain.crt;
ssl_certificate_key /etc/ssl/private/ev.key.pem;
#ssl_certificate /etc/nginx/ssl/org.chain.crt;
#ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/wordpress;
include /var/www/wordpress/hidemywpghost.conf;
index index.php;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/run/php/wordpress.sock; # Matches the PHP-FPM socket
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location = /ads.txt {
root /var/www/int/1;
}
}

34
Nginx/Server Blocks/lists-old.libraryofcode.org.conf
View File

@ -1,34 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name lists.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
client_max_body_size 1G;
location / {
return 307 $scheme://lists.libraryofcode.org/cgi-bin/mailman/listinfo;
}
location /cgi-bin/mailman {
root /usr/lib/;
fastcgi_split_path_info (^/cgi-bin/mailman/[^/]*)(.*)$;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
}
location /images/mailman {
alias /usr/share/images/mailman;
}
location /pipermail {
alias /var/lib/mailman/archives/public;
autoindex on;
}
}

16
Nginx/Server Blocks/lists.libraryofcode.org.conf
View File

@ -1,16 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name lists.libraryofcode.org;
location /static/ {
alias /etc/mailman3/static/;
}
location / {
proxy_pass http://127.0.0.1:6475;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}

13
Nginx/Server Blocks/loc.sh.conf
View File

@ -1,13 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name loc.sh;
ssl_certificate /etc/letsencrypt/live/loc.sh-0001/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/loc.sh-0001/privkey.pem; # managed by Certbot
location / {
proxy_pass http://localhost:3890;
}
}

12
Nginx/Server Blocks/mc-map.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mc-map.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:8123;
}
}

12
Nginx/Server Blocks/modmail.ins.conf
View File

@ -1,12 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
#listen [::]:443 ssl http2;
server_name modmail.ins;
ssl_certificate /etc/nginx/ssl/modmail-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/modmail-ins.key.pem;
location / {
proxy_pass http://10.8.0.1:5478;
}
}

12
Nginx/Server Blocks/nlm.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name nlm.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:9000;
}
}

39
Nginx/Server Blocks/pbx.ins.conf
View File

@ -1,39 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
listen [::]:443 ssl http2;
server_name pbx.ins;
ssl_certificate /etc/nginx/ssl/pbx-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/pbx-ins.key.pem;
client_max_body_size 230M;
client_body_timeout 1h;
root /var/www/html;
index index.html index.htm index.php;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf; # server defaults are good
fastcgi_pass unix:/run/php/php7.3-fpm-asterisk.sock;
fastcgi_param HTACCESS on; # disables FreePBX htaccess warning
proxy_read_timeout 800;
}
# Block access to orangehrm and orangehrm-5.1 directories
location ~ ^/(orangehrm|orangehrm-5\.1)(/|$) {
deny all;
return 403;
}
# Disallows the things that the FreePBX .htaccess files disallow
location ~ (/\.ht|/\.git|\.ini$|/libraries|/helpers|/i18n|/node|/views/.+php$) {
deny all;
}
# From the api module .htaccess file
rewrite ^/admin/api/([^/]*)/([^/]*)/?(.*)?$ /admin/api/api.php?module=$1&command=$2&route=$3 last;
}

39
Nginx/Server Blocks/pbx.libraryofcode.org.conf
View File

@ -1,39 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name pbx.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
client_max_body_size 230M;
client_body_timeout 1h;
root /var/www/html;
index index.html index.htm index.php;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf; # server defaults are good
fastcgi_pass unix:/run/php/php7.3-fpm-asterisk.sock;
fastcgi_param HTACCESS on; # disables FreePBX htaccess warning
proxy_read_timeout 800;
}
# Block access to orangehrm and orangehrm-5.1 directories
location ~ ^/(orangehrm|orangehrm-5\.1)(/|$) {
deny all;
return 403;
}
# Disallows the things that the FreePBX .htaccess files disallow
location ~ (/\.ht|/\.git|\.ini$|/libraries|/helpers|/i18n|/node|/views/.+php$) {
deny all;
}
# From the api module .htaccess file
rewrite ^/admin/api/([^/]*)/([^/]*)/?(.*)?$ /admin/api/api.php?module=$1&command=$2&route=$3 last;
}

16
Nginx/Server Blocks/report.libraryofcode.org.conf
View File

@ -1,16 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name report.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/report;
index public/index.html;
location /assets {
alias /var/www/report/assets/;
try_files $uri $uri/ =404;
}
}

12
Nginx/Server Blocks/s3.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name s3.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:9000;
}
}

13
Nginx/Server Blocks/sis.libraryofcode.org.conf
View File

@ -1,13 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name sis.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
#proxy_pass http://localhost:6969;
return 307 https://edu.libraryofcode.org/;
}
}

14
Nginx/Server Blocks/skb.libraryofcode.org.conf
View File

@ -1,14 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name skb.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
client_max_body_size 1G;
location / {
proxy_pass http://localhost:3001;
}
}

13
Nginx/Server Blocks/staff.libraryofcode.org.conf
View File

@ -1,13 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name staff.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
#limit_req zone=one burst=15;
location / {
proxy_pass http://localhost:6574;
}
}

13
Nginx/Server Blocks/static.libraryofcode.org.conf
View File

@ -1,13 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name static.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/static;
location / {
autoindex on;
}
}

34
Nginx/Server Blocks/time.libraryofcode.org.conf
View File

@ -1,34 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name time.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /opt/kimai2/public;
index index.php;
access_log off;
log_not_found off;
location ~ /\.ht {
deny all;
}
location / {
try_files $uri /index.php$is_args$args;
}
location ~ ^/index\.php(/|$) {
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi.conf;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=$document_root/..:/tmp/";
internal;
}
location ~ \.php$ {
return 404;
}
}

14
Nginx/Server Blocks/wiki.libraryofcode.org.conf
View File

@ -1,14 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name wiki.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
client_max_body_size 1G;
location / {
proxy_pass http://localhost:3006;
}
}

76
Nginx/html/canvas-login-discovery.html Normal file
View File

@ -0,0 +1,76 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login to Canvas</title>
<style>
body {
font-family: Arial, sans-serif;
text-align: center;
background-color: #f4f4f4;
padding: 50px;
}
.login-container {
background: white;
padding: 30px;
border-radius: 10px;
box-shadow: 0px 0px 10px rgba(0, 0, 0, 0.1);
display: inline-block;
max-width: 400px;
}
.login-container img {
max-width: 100%;
height: auto;
margin-bottom: 20px;
}
h2 {
margin-bottom: 20px;
}
.login-button {
display: block;
width: 100%;
padding: 12px;
margin: 10px 0;
border: none;
border-radius: 5px;
font-size: 16px;
cursor: pointer;
}
.enterprise-login {
background-color: #0057B8;
color: white;
}
.google-login {
background-color: #4285F4;
color: white;
}
.login-button:hover {
opacity: 0.9;
}
footer {
margin-top: 30px;
font-size: 14px;
color: #777;
}
</style>
</head>
<body>
<div class="login-container">
<!-- Canvas Image -->
<img src="https://www.libraryofcode.org/storage/2025/03/Canvas_Horizontal_ByInstructure_Color_RGB.webp" alt="Canvas Image">
<h2>Login to Canvas</h2>
<p><i>Staff should use Enterprise Login.</i></p>
<button class="login-button enterprise-login" onclick="window.location.href='https://canvas.libraryofcode.org/login/saml'">
Enterprise Login with Okta (@libraryofcode.org)
</button>
<button class="login-button google-login" onclick="window.location.href='https://canvas.libraryofcode.org/login/google'">
Login with Google Workspace (@libraryofcode.dev)
</button>
</div>
<footer>
<a target="_blank" href="https://www.libraryofcode.org">Library of Code, Inc. | Division of Education | Department of Operations</a>
</footer>
</body>
</html>

5
Nginx/html/cs/404.html
View File

@ -16,10 +16,9 @@
<h2>Site Operator</h2>
<p>If you're the operator of this site, here are the steps you can take.</p>
<ol type=1>
<li>This domain isn't registered with our systems. Please contact Engineering to bind this domain.</li>
<li>This domain isn't registered with our systems. Please contact CSMS to bind this domain.</li>
<li>If none of these solved your issue, please contact the Department of Engineering at <strong>engineering@libraryofcode.org</strong></li>
</ol>
<hr><center><a href="https://www.libraryofcode.org/">Library of Code sp-us</a></center>
<hr><center><a href="https://www.libraryofcode.org/">Library of Code, Inc. | Division of Cloud Services & Member Support (CSMS)</a></center>
</body>
<!--- DO NOT EDIT - GlobalSign SSL Site Seal Code - DO NOT EDIT ---><table width=125 border=0 cellspacing=0 cellpadding=0 title="Verified by: GlobalSign nv-sa" ><tr><td><span id="ss_img_wrapper_gmogs_image_110-45_en_dblue"><a href="https://www.globalsign.com/" target=_blank title="GlobalSign nv-sa" rel="nofollow"><img alt="GlobalSign nv-sa" border=0 id="ss_img" src="//seal.globalsign.com/SiteSeal/images/gs_noscript_110-45_en.gif"></a></span><script type="text/javascript" src="//seal.globalsign.com/SiteSeal/gmogs_image_110-45_en_dblue.js"></script></td></tr></table><!--- DO NOT EDIT - GlobalSign SSL Site Seal Code - DO NOT EDIT --->
</html>

3
Nginx/html/cs/429.html
View File

@ -21,7 +21,6 @@
<li>Make sure you're not requesting your domain multiple times in your frontend.</li>
<li>If none of these solved your issue, please contact the Department of Engineering at <strong>engineering@libraryofcode.org</strong></li>
</ol>
<hr><center><a href="https://www.libraryofcode.org/">Library of Code sp-us</a></center>
<hr><center><a href="https://www.libraryofcode.org/">Library of Code, Inc. | Division of Cloud Services & Member Support (CSMS)</a></center>
</body>
<!--- DO NOT EDIT - GlobalSign SSL Site Seal Code - DO NOT EDIT ---><table width=125 border=0 cellspacing=0 cellpadding=0 title="Verified by: GlobalSign nv-sa" ><tr><td><span id="ss_img_wrapper_gmogs_image_110-45_en_dblue"><a href="https://www.globalsign.com/" target=_blank title="GlobalSign nv-sa" rel="nofollow"><img alt="GlobalSign nv-sa" border=0 id="ss_img" src="//seal.globalsign.com/SiteSeal/images/gs_noscript_110-45_en.gif"></a></span><script type="text/javascript" src="//seal.globalsign.com/SiteSeal/gmogs_image_110-45_en_dblue.js"></script></td></tr></table><!--- DO NOT EDIT - GlobalSign SSL Site Seal Code - DO NOT EDIT --->
</html>

43
Nginx/html/cs/500.html
View File

@ -1,28 +1,28 @@
<!DOCTYPE html>
<html>
<head>
<title>Library of Code</title>
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<script
src="https://browser.sentry-cdn.com/6.19.1/bundle.min.js"
integrity="sha384-GRagWAKYasaEEyhq5NqRz9Hs7zZOXt+DwzY/WGbWZBkpvt5+lZxITNyU3bD7SFk5"
crossorigin="anonymous"
></script>
<script>
Sentry.init({
dsn: "https://5e09616da86344c5b5e2629d85914857@sentry.libraryofcode.org/4",
});
Sentry.setTag('hostname', window.location.hostname);
Sentry.captureException(new Error('500 INTERNAL SERVER ERROR'));
function showDialog() {
Sentry.showReportDialog();
}
</script>
</head>
<!--<head>-->
<!-- <title>Library of Code</title>-->
<!-- <meta name="viewport" content="width=device-width,initial-scale=1.0">-->
<!-- <script-->
<!-- src="https://browser.sentry-cdn.com/6.19.1/bundle.min.js"-->
<!-- integrity="sha384-GRagWAKYasaEEyhq5NqRz9Hs7zZOXt+DwzY/WGbWZBkpvt5+lZxITNyU3bD7SFk5"-->
<!-- crossorigin="anonymous"-->
<!-- ></script>-->
<!-- <script>-->
<!-- Sentry.init({-->
<!-- dsn: "https://5e09616da86344c5b5e2629d85914857@sentry.libraryofcode.org/4",-->
<!-- });-->
<!-- Sentry.setTag('hostname', window.location.hostname);-->
<!-- Sentry.captureException(new Error('500 INTERNAL SERVER ERROR'));-->
<!-- function showDialog() {-->
<!-- Sentry.showReportDialog();-->
<!-- }-->
<!-- </script>-->
<!--</head>-->
<body bgcolor="white">
<center><h1>500 Internal Server Error</h1></center>
<p>Something went wrong while trying to process the request.</p>
<p><i><a onclick="javascript:showDialog()" href="#">Click here to report this problem to the Department of Engineering</a></i></p>
<!---<p><i><a onclick="javascript:showDialog()" href="#">Click here to report this problem to the Department of Engineering</a></i></p>--->
<h2>User</h2>
<p>If you're just visiting the site, here are the steps you can take.</p>
<ol type=1>
@ -36,7 +36,6 @@
<li>Make sure there's no announcement, issue, or maintenance posts. If there aren't, please contact us.</li>
<li>If none of these solved your issue, please contact the Department of Engineering at <strong>engineering@libraryofcode.org</strong></li>
</ol>
<hr><center><a href="https://www.libraryofcode.org/">Library of Code sp-us</a></center>
<hr><center><a href="https://www.libraryofcode.org/">Library of Code, Inc. | Division of Cloud Services & Member Support (CSMS)</a></center>
</body>
<!--- DO NOT EDIT - GlobalSign SSL Site Seal Code - DO NOT EDIT ---><table width=125 border=0 cellspacing=0 cellpadding=0 title="Verified by: GlobalSign nv-sa" ><tr><td><span id="ss_img_wrapper_gmogs_image_110-45_en_dblue"><a href="https://www.globalsign.com/" target=_blank title="GlobalSign nv-sa" rel="nofollow"><img alt="GlobalSign nv-sa" border=0 id="ss_img" src="//seal.globalsign.com/SiteSeal/images/gs_noscript_110-45_en.gif"></a></span><script type="text/javascript" src="//seal.globalsign.com/SiteSeal/gmogs_image_110-45_en_dblue.js"></script></td></tr></table><!--- DO NOT EDIT - GlobalSign SSL Site Seal Code - DO NOT EDIT --->
</html>

43
Nginx/html/cs/502.html
View File

@ -1,28 +1,28 @@
<!DOCTYPE html>
<html>
<head>
<title>Library of Code</title>
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<script
src="https://browser.sentry-cdn.com/6.19.1/bundle.min.js"
integrity="sha384-GRagWAKYasaEEyhq5NqRz9Hs7zZOXt+DwzY/WGbWZBkpvt5+lZxITNyU3bD7SFk5"
crossorigin="anonymous"
></script>
<script>
Sentry.init({
dsn: "https://5e09616da86344c5b5e2629d85914857@sentry.libraryofcode.org/4",
});
Sentry.setTag('hostname', window.location.hostname);
Sentry.captureException(new Error('502 BAD GATEWAY'));
function showDialog() {
Sentry.showReportDialog();
}
</script>
</head>
<!--<head>-->
<!-- <title>Library of Code</title>-->
<!-- <meta name="viewport" content="width=device-width,initial-scale=1.0">-->
<!-- <script-->
<!-- src="https://browser.sentry-cdn.com/6.19.1/bundle.min.js"-->
<!-- integrity="sha384-GRagWAKYasaEEyhq5NqRz9Hs7zZOXt+DwzY/WGbWZBkpvt5+lZxITNyU3bD7SFk5"-->
<!-- crossorigin="anonymous"-->
<!-- ></script>-->
<!-- <script>-->
<!-- Sentry.init({-->
<!-- dsn: "https://5e09616da86344c5b5e2629d85914857@sentry.libraryofcode.org/4",-->
<!-- });-->
<!-- Sentry.setTag('hostname', window.location.hostname);-->
<!-- Sentry.captureException(new Error('502 BAD GATEWAY'));-->
<!-- function showDialog() {-->
<!-- Sentry.showReportDialog();-->
<!-- }-->
<!-- </script>-->
<!--</head>-->
<body bgcolor="white">
<center><h1>502 Bad Gateway</h1></center>
<p>We received an invalid response from the upstream server.</p>
<p><i><a onclick="javascript:showDialog()" href="#">Click here to report this problem to the Department of Engineering</a></i></p>
<!--<p><i><a onclick="javascript:showDialog()" href="#">Click here to report this problem to the Department of Engineering</a></i></p>-->
<h2>User</h2>
<p>If you're just visiting the site, here are the steps you can take.</p>
<ol type=1>
@ -36,7 +36,6 @@
<li>We could be listening on another port than the one you're using, make sure you're using the port given to you by Engineering.</li>
<li>If none of these solved your issue, please contact the Department of Engineering at <strong>engineering@libraryofcode.org</strong></li>
</ol>
<hr><center><a href="https://www.libraryofcode.org/">Library of Code sp-us</a></center>
<hr><center><a href="https://www.libraryofcode.org/">Library of Code, Inc. | Division of Cloud Services & Member Support (CSMS)</a></center>
</body>
<!--- DO NOT EDIT - GlobalSign SSL Site Seal Code - DO NOT EDIT ---><table width=125 border=0 cellspacing=0 cellpadding=0 title="Verified by: GlobalSign nv-sa" ><tr><td><span id="ss_img_wrapper_gmogs_image_110-45_en_dblue"><a href="https://www.globalsign.com/" target=_blank title="GlobalSign nv-sa" rel="nofollow"><img alt="GlobalSign nv-sa" border=0 id="ss_img" src="//seal.globalsign.com/SiteSeal/images/gs_noscript_110-45_en.gif"></a></span><script type="text/javascript" src="//seal.globalsign.com/SiteSeal/gmogs_image_110-45_en_dblue.js"></script></td></tr></table><!--- DO NOT EDIT - GlobalSign SSL Site Seal Code - DO NOT EDIT --->
</html>

43
Nginx/html/cs/504.html
View File

@ -1,28 +1,28 @@
<!DOCTYPE html>
<html>
<head>
<title>Library of Code</title>
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<script
src="https://browser.sentry-cdn.com/6.19.1/bundle.min.js"
integrity="sha384-GRagWAKYasaEEyhq5NqRz9Hs7zZOXt+DwzY/WGbWZBkpvt5+lZxITNyU3bD7SFk5"
crossorigin="anonymous"
></script>
<script>
Sentry.init({
dsn: "https://5e09616da86344c5b5e2629d85914857@sentry.libraryofcode.org/4",
});
Sentry.setTag('hostname', window.location.hostname);
Sentry.captureException(new Error('504 GATEWAY TIMEOUT'));
function showDialog() {
Sentry.showReportDialog();
}
</script>
</head>
<!--<head>-->
<!-- <title>Library of Code</title>-->
<!-- <meta name="viewport" content="width=device-width,initial-scale=1.0">-->
<!-- <script-->
<!-- src="https://browser.sentry-cdn.com/6.19.1/bundle.min.js"-->
<!-- integrity="sha384-GRagWAKYasaEEyhq5NqRz9Hs7zZOXt+DwzY/WGbWZBkpvt5+lZxITNyU3bD7SFk5"-->
<!-- crossorigin="anonymous"-->
<!-- ></script>-->
<!-- <script>-->
<!-- Sentry.init({-->
<!-- dsn: "https://5e09616da86344c5b5e2629d85914857@sentry.libraryofcode.org/4",-->
<!-- });-->
<!-- Sentry.setTag('hostname', window.location.hostname);-->
<!-- Sentry.captureException(new Error('504 GATEWAY TIMEOUT'));-->
<!-- function showDialog() {-->
<!-- Sentry.showReportDialog();-->
<!-- }-->
<!-- </script>-->
<!--</head>-->
<body bgcolor="white">
<center><h1>504 Gateway Timeout</h1></center>
<p>We couldn't contact the upstream server within a reasonable amount of time.</p>
<p><i><a onclick="javascript:showDialog()" href="#">Click here to report this problem to the Department of Engineering</a></i></p>
<!--<p><i><a onclick="javascript:showDialog()" href="#">Click here to report this problem to the Department of Engineering</a></i></p>-->
<h2>User</h2>
<p>If you're just visiting the site, here are the steps you can take.</p>
<ol type=1>
@ -36,7 +36,6 @@
<li>Check your server logs for errors.</li>
<li>If none of these solved your issue, please contact the Department of Engineering at <strong>engineering@libraryofcode.org</strong></li>
</ol>
<hr><center><a href="https://www.libraryofcode.org/">Library of Code sp-us</a></center>
<hr><center><a href="https://www.libraryofcode.org/">Library of Code, Inc. | Division of Cloud Services & Member Support (CSMS)</a></center>
</body>
<!--- DO NOT EDIT - GlobalSign SSL Site Seal Code - DO NOT EDIT ---><table width=125 border=0 cellspacing=0 cellpadding=0 title="Verified by: GlobalSign nv-sa" ><tr><td><span id="ss_img_wrapper_gmogs_image_110-45_en_dblue"><a href="https://www.globalsign.com/" target=_blank title="GlobalSign nv-sa" rel="nofollow"><img alt="GlobalSign nv-sa" border=0 id="ss_img" src="//seal.globalsign.com/SiteSeal/images/gs_noscript_110-45_en.gif"></a></span><script type="text/javascript" src="//seal.globalsign.com/SiteSeal/gmogs_image_110-45_en_dblue.js"></script></td></tr></table><!--- DO NOT EDIT - GlobalSign SSL Site Seal Code - DO NOT EDIT --->
</html>

2
Nginx/nginx.conf
View File

@ -22,7 +22,7 @@ http {
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
#more_set_headers 'Server: LIBRARY OF CODE SP-US INTERNAL SVCS (nginx) [https://loc.sh/]';
more_set_headers 'Server: LIBRARY OF CODE INC INTERNAL SVCS (nginx) [https://loc.sh/]';
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
resolver 1.1.1.1 63.141.252.133;

2
Postfix/main.conf
View File

@ -1,7 +1,7 @@
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
# Server Information
smtpd_banner = $myhostname LIBRARY OF CODE SP-US STAFF SVCS | ESMTP (Debian/GNU)
smtpd_banner = $myhostname LIBRARY OF CODE INC STAFF SVCS | ESMTP (Debian/GNU)
myhostname = staff.libraryofcode.org
myorigin = /etc/mailname
mydestination = $myhostname

13
Postfix/master.conf
View File

@ -17,6 +17,19 @@ smtp inet n - y - - smtpd
#dnsblog unix - - y - 0 dnsblog
#tlsproxy unix - - y - 0 tlsproxy
5878 inet n - y - - smtpd
-o syslog_name=postfix/submission5878
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_recipient=no
-o smtpd_client_restrictions=$mua_client_restrictions
-o smtpd_helo_restrictions=$mua_helo_restrictions
-o smtpd_sender_restrictions=$mua_sender_restrictions
-o smtpd_recipient_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
-o cleanup_service_name=privclean
submission inet n - y - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt