Skip to content

Commit

Permalink
updates for cloud server
Browse files Browse the repository at this point in the history
  • Loading branch information
jeroen committed Jul 3, 2020
1 parent 9863630 commit 293761a
Show file tree
Hide file tree
Showing 8 changed files with 18 additions and 125 deletions.
4 changes: 2 additions & 2 deletions cloudserver.md
Original file line number Diff line number Diff line change
Expand Up @@ -93,8 +93,8 @@ Configure the back-end server ip address:
Install the SSL private key:

# Copy the private key
sudo cp ocpu2017.key /etc/ssl/private/ocpu2017.key
sudo chmod 600 /etc/ssl/private/ocpu2017.key
sudo cp ocpu2017.key /etc/letsencrypt/live/ocpu.io/privkey.pem
sudo chmod 600 /etc/letsencrypt/live/ocpu.io/privkey.pem

Enable the ocpu.io site

Expand Down
2 changes: 1 addition & 1 deletion debian/changelog
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
opencpu (2.2.0-bionic0) bionic; urgency=low
opencpu (2.2.0-bionic2) bionic; urgency=low

* Debian package with OpenCPU software. See www.opencpu.org

Expand Down
1 change: 0 additions & 1 deletion debian/opencpu-cache.install
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
opencpu-cache/nginx/* /etc/nginx/
opencpu-cache/certs/* /usr/lib/opencpu/certs/
opencpu-cache/init.d/* /usr/lib/opencpu/init.d/
opencpu-cache/systemd/* /etc/systemd/system/multi-user.target.wants/
opencpu-cache/scripts/* /usr/lib/opencpu/scripts/
Expand Down
1 change: 0 additions & 1 deletion debian/opencpu-cache.links
Original file line number Diff line number Diff line change
@@ -1,2 +1 @@
/usr/lib/opencpu/init.d/opencpu-cache /etc/init.d/opencpu-cache
/usr/lib/opencpu/certs/ocpu2017.pem /etc/ssl/certs/ocpu2017.pem
98 changes: 0 additions & 98 deletions opencpu-cache/certs/ocpu2017.pem

This file was deleted.

1 change: 0 additions & 1 deletion opencpu-cache/nginx/sites-available/opencpu
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@ server {
port_in_redirect off;

# Enable HTTPS
ssl on;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
Expand Down
21 changes: 9 additions & 12 deletions opencpu-cache/nginx/sites-available/opencpu-homepage
Original file line number Diff line number Diff line change
Expand Up @@ -10,15 +10,14 @@ server {

# Main homepage
server {
listen 8007;
listen 8007 ssl;
server_name www.opencpu.org;

# For iptables prerouting
port_in_redirect off;

ssl on;
ssl_certificate /etc/ssl/certs/ocpu2017.pem;
ssl_certificate_key /etc/ssl/private/ocpu2017.key;
ssl_certificate /etc/letsencrypt/live/ocpu.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ocpu.io/privkey.pem;

location / {
proxy_pass http://jeroen.github.io/opencpu-pages/;
Expand All @@ -41,11 +40,10 @@ server {
}

server {
listen 8007;
listen 8007 ssl;
server_name opencpu.org blog.opencpu.org;
ssl on;
ssl_certificate /etc/ssl/certs/ocpu2017.pem;
ssl_certificate_key /etc/ssl/private/ocpu2017.key;
ssl_certificate /etc/letsencrypt/live/ocpu.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ocpu.io/privkey.pem;
rewrite ^ https://www.opencpu.org permanent;
}

Expand All @@ -58,11 +56,10 @@ server {
}

server {
listen 8007 default_server;
listen 8007 ssl default_server;
server_name "";
return 444 "Invalid opencpu vhost: $host\n";
default_type "text/plain";
ssl on;
ssl_certificate /etc/ssl/certs/ocpu2017.pem;
ssl_certificate_key /etc/ssl/private/ocpu2017.key;
ssl_certificate /etc/letsencrypt/live/ocpu.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ocpu.io/privkey.pem;
}
15 changes: 6 additions & 9 deletions opencpu-cache/ocpu.io/ocpu-io
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,8 @@ server {
listen 8007 ssl http2;
include /usr/lib/opencpu/ocpu.io/ocpu-cran.conf;

ssl on;
ssl_certificate /etc/ssl/certs/ocpu2017.pem;
ssl_certificate_key /etc/ssl/private/ocpu2017.key;
ssl_certificate /etc/letsencrypt/live/ocpu.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ocpu.io/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
Expand All @@ -34,9 +33,8 @@ server {
listen 8007 ssl http2;
include /usr/lib/opencpu/ocpu.io/ocpu-github.conf;

ssl on;
ssl_certificate /etc/ssl/certs/ocpu2017.pem;
ssl_certificate_key /etc/ssl/private/ocpu2017.key;
ssl_certificate /etc/letsencrypt/live/ocpu.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ocpu.io/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
Expand All @@ -55,7 +53,6 @@ server {
server_name ocpu.io;
rewrite ^ https://www.opencpu.org/demo.html redirect;

ssl on;
ssl_certificate /etc/ssl/certs/ocpu2017.pem;
ssl_certificate_key /etc/ssl/private/ocpu2017.key;
ssl_certificate /etc/letsencrypt/live/ocpu.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ocpu.io/privkey.pem;
}

0 comments on commit 293761a

Please sign in to comment.