|
|
@@ -383,8 +383,38 @@ function install_keyserver {
|
|
383
|
383
|
|
|
384
|
384
|
keyserver_nginx_site=/etc/nginx/sites-available/$KEYSERVER_DOMAIN_NAME
|
|
385
|
385
|
if [[ $ONION_ONLY == "no" ]]; then
|
|
386
|
|
- function_check nginx_http_redirect
|
|
387
|
|
- nginx_http_redirect $KEYSERVER_DOMAIN_NAME
|
|
|
386
|
+ # NOTE: without http active on port 80 the keyserver doesn't work
|
|
|
387
|
+ # from the commandline
|
|
|
388
|
+ echo 'server {' > $keyserver_nginx_site
|
|
|
389
|
+ echo ' listen 80;' >> $keyserver_nginx_site
|
|
|
390
|
+ echo ' listen 0.0.0.0:11371;' >> $keyserver_nginx_site
|
|
|
391
|
+ echo ' listen [::]:80;' >> $keyserver_nginx_site
|
|
|
392
|
+ echo " server_name $KEYSERVER_DOMAIN_NAME;" >> $keyserver_nginx_site
|
|
|
393
|
+ echo '' >> $keyserver_nginx_site
|
|
|
394
|
+ echo ' # Logs' >> $keyserver_nginx_site
|
|
|
395
|
+ echo ' access_log /dev/null;' >> $keyserver_nginx_site
|
|
|
396
|
+ echo ' error_log /dev/null;' >> $keyserver_nginx_site
|
|
|
397
|
+ echo '' >> $keyserver_nginx_site
|
|
|
398
|
+ echo ' # Root' >> $keyserver_nginx_site
|
|
|
399
|
+ echo " root /var/www/$KEYSERVER_DOMAIN_NAME/htdocs;" >> $keyserver_nginx_site
|
|
|
400
|
+ echo '' >> $keyserver_nginx_site
|
|
|
401
|
+ echo ' rewrite ^/stats /pks/lookup?op=stats;' >> $keyserver_nginx_site
|
|
|
402
|
+ echo ' rewrite ^/s/(.*) /pks/lookup?search=$1;' >> $keyserver_nginx_site
|
|
|
403
|
+ echo ' rewrite ^/search/(.*) /pks/lookup?search=$1;' >> $keyserver_nginx_site
|
|
|
404
|
+ echo ' rewrite ^/g/(.*) /pks/lookup?op=get&search=$1;' >> $keyserver_nginx_site
|
|
|
405
|
+ echo ' rewrite ^/get/(.*) /pks/lookup?op=get&search=$1;' >> $keyserver_nginx_site
|
|
|
406
|
+ echo ' rewrite ^/d/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
|
|
|
407
|
+ echo ' rewrite ^/download/(.*) /pks/lookup?op=get&options=mr&search=$1;' >> $keyserver_nginx_site
|
|
|
408
|
+ echo '' >> $keyserver_nginx_site
|
|
|
409
|
+ echo ' location /pks {' >> $keyserver_nginx_site
|
|
|
410
|
+ echo ' proxy_pass http://127.0.0.1:11373;' >> $keyserver_nginx_site
|
|
|
411
|
+ echo ' proxy_pass_header Server;' >> $keyserver_nginx_site
|
|
|
412
|
+ echo " add_header Via \"1.1 $KEYSERVER_DOMAIN_NAME:11371 (nginx)\";" >> $keyserver_nginx_site
|
|
|
413
|
+ echo ' proxy_ignore_client_abort on;' >> $keyserver_nginx_site
|
|
|
414
|
+ echo ' client_max_body_size 8m;' >> $keyserver_nginx_site
|
|
|
415
|
+ echo ' }' >> $keyserver_nginx_site
|
|
|
416
|
+ echo '}' >> $keyserver_nginx_site
|
|
|
417
|
+ echo '' >> $keyserver_nginx_site
|
|
388
|
418
|
echo 'server {' >> $keyserver_nginx_site
|
|
389
|
419
|
echo ' listen 443 ssl;' >> $keyserver_nginx_site
|
|
390
|
420
|
echo ' listen 0.0.0.0:11372 ssl;' >> $keyserver_nginx_site
|
Bob Mottram
8 年之前