Commits on Source (36)
-
nimrod authored
I'm getting nowhere. I still got an A+, but now I'm marked down because I don't support TLS 1.2.
d16a4238 -
nimrod authored
- No more proxying in www.shore.co.il. I think about redoing it all with a subdomain per service. Also no more secrets, intead authenticate against the LDAP server or something. - CI templates. - Simpler self-signed SSL certificate generation. - Set the hostname in CI. - Use the www-redirect snippet in shore.co.il.
10c86add -
nimrod authored
Access LAM on its own domain (from inside the network only).
505e354a -
nimrod authorede1176c35
-
nimrod authored2eec369a
-
nimrod authored
Those directories were used by hosts now served by ns4.
04d58f78 -
nimrod authored
To make more uniform, use the same location on all hosts. Instead of copying the same tasks over and over in the renew-certs playbook in the homelab repo.
94d60987 -
nimrod authoreda275ff97
-
nimrod authoredaa4e4079
-
nimrod authorede865c9b8
-
nimrod authoredb03c4c43
-
nimrod authored9cf4ae30
-
nimrod authored
Trying to figure out and issue with Nextcloud and Collabora Online. Should be reverted ASAP.
c93db9ee -
nimrod authored
This time it's mixed content.
79c4fd44 -
nimrod authoreda6e0144d
-
nimrod authored80214962
-
nimrod authored
I swear it should be the other way round (it looks to me like Nextcloud is embedding the code iframe), but disabling CSP on Nextcloud worked and I saw a comment on the Internet about it so lets give it a try.
71c4c6d5 -
nimrod authoredb786f8d9
-
nimrod authoredc988b777
-
nimrod authored29ed67d4
-
nimrod authoredd97194c7
-
nimrod authoredeaa9b058
-
nimrod authoredf0240b8c
-
nimrod authored
The headers should be set in the server that has the /validate endpoint so we can get the correct client IP.
09cf36a8 -
nimrod authored
Because of the setup I have with HAProxy in ns1 in front of Nginx, all of the requests have the same client IP. In essence this is just rate limiting all requests, regardless of the client IP (unless coming from the internal network).
8ca1e7a4 -
nimrod authored3970f1d9
-
nimrod authored88df16c0
-
nimrod authoredd8253d11
conf.d/auth.shore.co.il.conf
0 → 100644
conf.d/code.shore.co.il.conf
0 → 100644
conf.d/git.shore.co.il.conf
0 → 100644
conf.d/lam.shore.co.il.conf
0 → 100644
conf.d/mail.shore.co.il.conf
0 → 100644
conf.d/nextcloud.shore.co.il.conf
0 → 100644
conf.d/notify.shore.co.il.conf
0 → 100644
conf.d/sogo.shore.co.il.conf
0 → 100644
conf.d/vouch.shore.co.il.conf
0 → 100644
conf.d/zpush.shore.co.il.conf
0 → 100644
snippets/nextcloud-well-known.conf
0 → 100644
www/mail.shore.co.il/.well-known/mta-sts.txt
0 → 100644