Commits on Source (37)
-
nimrod authoredc0a6db61
-
nimrod authored
- No more proxying in www.shore.co.il. I think about redoing it all with a subdomain per service. Also no more secrets, intead authenticate against the LDAP server or something. - CI templates. - Simpler self-signed SSL certificate generation. - Set the hostname in CI. - Use the www-redirect snippet in shore.co.il.
49c0699c -
nimrod authored
Access LAM on its own domain (from inside the network only).
3b9e2fd8 -
nimrod authored7f593396
-
nimrod authored194c1c68
-
nimrod authored
Those directories were used by hosts now served by ns4.
cbef47ee -
nimrod authored
To make more uniform, use the same location on all hosts. Instead of copying the same tasks over and over in the renew-certs playbook in the homelab repo.
0e93e3c0 -
nimrod authored5b4b2d4d
-
nimrod authoreda1325b83
-
nimrod authored587f55f2
-
nimrod authoredf87c5683
-
nimrod authoredbaf0c4d2
-
nimrod authored
Trying to figure out and issue with Nextcloud and Collabora Online. Should be reverted ASAP.
09f4534d -
nimrod authored
This time it's mixed content.
4f6ac117 -
nimrod authoredd5398b1c
-
nimrod authored782fe667
-
nimrod authored
I swear it should be the other way round (it looks to me like Nextcloud is embedding the code iframe), but disabling CSP on Nextcloud worked and I saw a comment on the Internet about it so lets give it a try.
a02488bb -
nimrod authored27b68818
-
nimrod authoredf83724f4
-
nimrod authored410a474b
-
nimrod authoredf863228d
-
nimrod authored85e5ef58
-
nimrod authoredd4ec9c50
-
nimrod authored
The headers should be set in the server that has the /validate endpoint so we can get the correct client IP.
f391bb3a -
nimrod authored
Because of the setup I have with HAProxy in ns1 in front of Nginx, all of the requests have the same client IP. In essence this is just rate limiting all requests, regardless of the client IP (unless coming from the internal network).
96b227be -
nimrod authoreda37d73e7
-
nimrod authoredd3cf9d33
-
nimrod authoredc8f6a6e5
-
nimrod authoredb79704b9
conf.d/auth.shore.co.il.conf
0 → 100644
conf.d/code.shore.co.il.conf
0 → 100644
conf.d/git.shore.co.il.conf
0 → 100644
conf.d/lam.shore.co.il.conf
0 → 100644
conf.d/mail.shore.co.il.conf
0 → 100644
conf.d/nextcloud.shore.co.il.conf
0 → 100644
conf.d/notify.shore.co.il.conf
0 → 100644
conf.d/sogo.shore.co.il.conf
0 → 100644
conf.d/vouch.shore.co.il.conf
0 → 100644
conf.d/zpush.shore.co.il.conf
0 → 100644
snippets/nextcloud-well-known.conf
0 → 100644
www/mail.shore.co.il/.well-known/mta-sts.txt
0 → 100644