ssl

2023-09-18 16:11:14 -07:00
15 changed files with 111 additions and 126 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1,2 @@
-nginx-1.20.1
+conf/includes/localhost.crt
+conf/includes/localhost.key
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -6,6 +6,5 @@
    "files.exclude": {
        "**/.git": false
    },
-    "coverage-gutters.coverageBaseDir": "./.vscode/ReportGenerator/Cobertura/*",
-    "thunder-client.saveToWorkspace": false
+    "coverage-gutters.coverageBaseDir": "./.vscode/ReportGenerator/Cobertura/*"
 }
--- a/conf/includes/Gogs.conf
+++ b/conf/includes/Gogs.conf
@ -0,0 +1,8 @@
+location / {
+    proxy_hide_header Authorization;
+    if ($http_Authorization != "Basic asdf") {
+        return 401;
+    }
+    proxy_set_header Authorization "Basic asdf";
+    proxy_pass http://localhost:3000;
+}
--- a/conf/includes/biorad4.pass
+++ b/conf/includes/biorad4.pass
@ -1 +0,0 @@
-https://intranet.infineon.com/
--- a/conf/includes/cdn.conf
+++ b/conf/includes/cdn.conf
@ -1,31 +0,0 @@
-location /cdn/ {
-    root "D://web-sites//cdn";
-    autoindex on;
-    if ($request_method = 'OPTIONS') {
-        add_header 'Access-Control-Allow-Origin' '*';
-        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
-        #
-        # Custom headers and headers various browsers *should* be OK with but aren't
-        #
-        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
-        #
-        # Tell client that this pre-flight info is valid for 20 days
-        #
-        add_header 'Access-Control-Max-Age' 1728000;
-        add_header 'Content-Type' 'text/plain; charset=utf-8';
-        add_header 'Content-Length' 0;
-        return 204;
-    }
-    if ($request_method = 'POST') {
-        add_header 'Access-Control-Allow-Origin' '*' always;
-        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
-        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
-        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
-    }
-    if ($request_method = 'GET') {
-        add_header 'Access-Control-Allow-Origin' '*' always;
-        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
-        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
-        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
-    }
-}
--- a/conf/includes/code-marketplace.conf
+++ b/conf/includes/code-marketplace.conf
@ -1,9 +0,0 @@
-location / {
-    proxy_pass http://localhost:3001/;
-    proxy_set_header Host $host;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Connection upgrade;
-    proxy_set_header Accept-Encoding gzip;
-    proxy_set_header X-Forwarded-Host $http_host;
-    proxy_set_header X-Forwarded-Proto $scheme;
-}
--- a/conf/includes/ec-server.pass
+++ b/conf/includes/ec-server.pass
@ -0,0 +1 @@
+nocert
--- a/conf/includes/github.conf
+++ b/conf/includes/github.conf
@ -1,16 +1,4 @@
-
-    server {
-        listen 443 ssl http2;
-        listen [::]:443 ssl http2;
-        server_name github;
-        # https://github
-        ssl_certificate "includes/localhost.crt";
-        ssl_certificate_key "includes/localhost.key";
-        ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
-        location / {
-            root "D://Tmp//phares//www";
-            autoindex on;
-        }
-        error_page 500 502 503 504 /50x.html;
-        include "includes/html-error.conf";
-    }
+location / {
+    root "D://www//github";
+    index index.html index.htm;
+}
--- a/conf/includes/json.conf
+++ b/conf/includes/json.conf
@ -1,12 +1,12 @@
 location ~* .(3gp|apng|avi|avif|bmp|css|cur|flv|gif|htm|html|ico|jfif|jpeg|jpg|js|mid|mov|mp3|mp4|mpeg|mpg|ogg|pdf|php|pjp|pjpeg|png|svg|tif|tiff|txt|wav|webp|wmf|wml|wmv|xml|xml)$ {
    expires 1d;
    index index.html index.htm;
-    root "D://Tmp//phares//www";
+    root "C://SAM_2.1.10//Result";
 }
 location / {
    index index.html index.htm;
    # root /var/www/html/637998119172547651;
-    root "D://Tmp//phares//www";
+    root "C://SAM_2.1.10//Result";
    # First attempt to serve request as file, then
    autoindex on;
    # Send the data in JSON
--- a/conf/includes/localhost.conf
+++ b/conf/includes/localhost.conf
@ -17,7 +17,7 @@ organizationName_default    = Infineon Technologies Americas Corp.
 organizationalUnitName      = organizationalunit
 organizationalUnitName_default = Development
 commonName                  = Common Name (e.g. server FQDN or YOUR name)
-commonName_default          = biorad4
+commonName_default          = example.com
 commonName_max              = 64

 [req_ext]
@ -27,6 +27,15 @@ subjectAltName = @alt_names
 subjectAltName = @alt_names

 [alt_names]
-DNS.1   = biorad4
+DNS.1   = example.com
 DNS.2   = localhost
 DNS.3   = 127.0.0.1
+
+# https://webscoot.io/blog/create-self-signed-certificate-ubuntu-windows-nginx/
+# cd "C:\Program Files\Git\usr\bin"
+# openssl
+# req -x509 -nodes -days 365 -newkey rsa:2048 -keyout L:\Git\NGINX-Conf\conf\includes\localhost.key -out L:\Git\NGINX-Conf\conf\includes\localhost.crt -config L:\Git\NGINX-Conf\conf\includes\localhost.conf
+# openssl
+# pkcs12 -in L:\git\NGINX-Conf\conf\includes\ec-server.pfx -nocerts -out L:\Git\NGINX-Conf\conf\includes\ec-server.key
+# openssl
+# pkcs12 -in L:\git\NGINX-Conf\conf\includes\ec-server.pfx -clcerts -nokeys -out L:\Git\NGINX-Conf\conf\includes\ec-server.crt
--- a/conf/includes/metrology.conf
+++ b/conf/includes/metrology.conf
@ -1,28 +0,0 @@
-server {
-    listen 4439 ssl http2;
-    listen [::]:4439 ssl http2;
-    # https://oi-metrology-viewer-prod
-    server_name oi-metrology-viewer-prod;
-    # http://oi-metrology-viewer-prod:8080
-    ssl_certificate "includes/oi-metrology-viewer-prod.cer";
-    ssl_certificate_key "includes/oi-metrology-viewer-prod.key";
-    ssl_password_file "includes/oi-metrology-viewer-prod.pass";
-    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
-    location / {
-        autoindex on;
-        root "D://Tmp//phares//wwwroot";
-    } 
-    location /api/ {
-        proxy_http_version 1.1;
-        proxy_cache_bypass $http_upgrade;
-        proxy_pass http://localhost:5002;
-        proxy_set_header Host $http_host;
-        proxy_set_header Connection keep-alive;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header X-Forwarded-Proto https;
-    }
-    error_page 500 502 503 504 /50x.html;
-    include "includes/html-error.conf";
-}
-
-# see pipeline yml
--- a/conf/includes/stratus.conf
+++ b/conf/includes/stratus.conf
@ -1,31 +0,0 @@
-server {
-    listen 5050;
-    server_name localhost;
-    include "includes/html.conf";
-    error_page 500 502 503 504 /50x.html;
-    include "includes/html-error.conf";
-}    
-server {
-    listen 8081;
-    server_name localhost;
-    location / {
-        index index.html index.htm;
-        root "D://IFXApps//Logs";
-        # First attempt to serve request as file, then
-        autoindex on;
-        # Send the data in JSON
-        autoindex_format json;
-    }
-}  
-server {
-    listen 8082;
-    server_name localhost;
-    location / {
-        index index.html index.htm;
-        root "C://Program Files//Accent";
-        # First attempt to serve request as file, then
-        autoindex on;
-        # Send the data in JSON
-        autoindex_format json;
-    }
-}
--- a/conf/includes/www.conf
+++ b/conf/includes/www.conf
@ -1,4 +1,4 @@
 location / {
-    root "D://www";
+    root "C://SAM_2.1.10//Result";
    index index.html index.htm;
 }
--- a/conf/includes/wwwroot.conf
+++ b/conf/includes/wwwroot.conf
@ -1,4 +1,4 @@
 location / {
-    root "D://wwwroot";
+    root "C://SAM_2.1.10//Result";
    try_files $uri $uri/ /index.html =404;
 }
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -4,8 +4,87 @@ events {
 }
 http {
    include "includes/mime.types";
-    include "includes/stratus.conf";
    default_type application/octet-stream;
    sendfile on;
    keepalive_timeout 65;
+    server {
+        listen 80;
+        # listen 443 ssl http2;
+        # listen [::]:443 ssl http2;
+        server_name localhost;
+        # ssl_certificate "includes/localhost.crt";
+        # ssl_certificate_key "includes/localhost.key";
+        # ssl_certificate "includes/ec-server.cer";
+        # ssl_certificate "includes/ec-server.crt";
+        # ssl_certificate_key "includes/ec-server.key";
+        # ssl_password_file "includes/ec-server.pass";
+        # ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
+        # include "includes/html.conf";
+        include "includes/BaGet.conf";
+        error_page 500 502 503 504 /50x.html;
+        include "includes/html-error.conf";
+        # include "includes/github.conf";
+    }
+    server {
+        listen 4430;
+        server_name iscn5cg1325c0x.infineon.com;
+        include "includes/BaGet.conf";
+    }
+    server {
+        listen 5051;
+        server_name localhost;
+        include "includes/www.conf";
+    }
+    server {
+        listen 5052;
+        server_name localhost;
+        include "includes/dex.conf";
+    }
+    server {
+        listen 5053;
+        server_name localhost;
+        include "includes/ProgramData.conf";
+    }
+    server {
+        listen 5054;
+        server_name localhost;
+        include "includes/json.conf";
+    }
+    server {
+        listen 5055;
+        server_name localhost;
+        include "includes/wwwroot.conf";
+    }
 }
+# mkdir "L:\DevOps\Mesa_FI"
+# cd "L:\DevOps\Mesa_FI"
+# git clone https://tfs.intra.infineon.com/tfs/ManufacturingIT/Mesa_FI/_git/NGINX-Conf
+# -
+# rmdir /s "C:\Users\Administrator\AppData\Local\IFXApps\nginx-1.20.1\conf"
+# mklink /J "C:\Users\Administrator\AppData\Local\IFXApps\nginx-1.20.1\conf" "L:\Git\NGINX-Conf\conf"
+# -
+# As administrator
+# -
+# cd "C:\Users\Administrator\AppData\Local\IFXApps\nssm-2.24\win64"
+# nssm install "nginx"
+# -
+# C:\Users\Administrator\AppData\Local\IFXApps\nginx-1.20.1\nginx.exe
+# C:\Users\Administrator\AppData\Local\IFXApps\nginx-1.20.1
+# -
+# start nginx
+# C:\Users\Administrator\AppData\Local\IFXApps\nginx-1.20.1\logs\service.out.log
+# C:\Users\Administrator\AppData\Local\IFXApps\nginx-1.20.1\logs\service.error.log
+# -
+# mklink /J "D:\Tmp\Phares\www\pictures" "D:\Documents\Pictures"
+# mklink /J "D:\Tmp\Phares\www\NGINdeX.io" "L:\Git\NGINdeX.io"
+# mklink /J "D:\Tmp\Phares\www\pictures" "D:\Documents\Pictures"
+# mklink /J "D:\Tmp\Phares\www\NGINdeX.io" "L:\DevOps\Mesa_FI\NGINdeX.io"
+# -
+# ln -s /etc/nginx/sites-available/json /etc/nginx/sites-enabled/
+# ln -s /srv/samba/share/637998119172547651 /var/www/html/637998119172547651
+# ln -s /var/www/html/NGINdeX.io /var/www/html/637998119172547651/NGINdeX.io
+# ln -s /srv/git /var/www/html/637998119172547651/git
+# -
+# cd "C:\Users\phares\AppData\Local\IFXApps\nginx-1.20.1"
+# .\nginx -t
+# .\nginx -s reload