From bbee6f0ea8142abffc34f753ccd4761726168373 Mon Sep 17 00:00:00 2001 From: Denzil Phillips Date: Tue, 7 Jan 2025 10:07:36 -0500 Subject: [PATCH] Removed library-staging1 &2 from inventory Co-authored-by: Vickie Karasic --- inventory/all_projects/libwww | 3 - .../files/conf/http/dev/library_staging.conf | 80 ------------------- 2 files changed, 83 deletions(-) delete mode 100644 roles/nginxplus/files/conf/http/dev/library_staging.conf diff --git a/inventory/all_projects/libwww b/inventory/all_projects/libwww index e3f73d9d53..6898863b78 100644 --- a/inventory/all_projects/libwww +++ b/inventory/all_projects/libwww @@ -1,6 +1,3 @@ -[libwww_staging] -library-staging1.lib.princeton.edu -library-staging2.lib.princeton.edu [libwww_production] library-prod1.lib.princeton.edu library-prod3.lib.princeton.edu diff --git a/roles/nginxplus/files/conf/http/dev/library_staging.conf b/roles/nginxplus/files/conf/http/dev/library_staging.conf deleted file mode 100644 index 9cf373eb5e..0000000000 --- a/roles/nginxplus/files/conf/http/dev/library_staging.conf +++ /dev/null @@ -1,80 +0,0 @@ -# Ansible managed -proxy_cache_path /var/cache/nginx/library-staging/ keys_zone=library-stagingcache:10m; - -upstream library-staging { - zone library-staging 256k; - least_time last_byte inflight; - server library-staging1.lib.princeton.edu resolve; - server library-staging2.lib.princeton.edu resolve; - sticky learn - create=$upstream_cookie_library-stagingcookie - lookup=$cookie_library-stagingcookie - zone=library-stagingclient_sessions:1m; -} - -server { - listen 80; - server_name library-staging.lib.princeton.edu; - - location / { - return 301 https://$server_name$request_uri; - } -} - -server { - listen 443 ssl; - http2 on; - server_name library-staging.lib.princeton.edu; - - client_max_body_size 8m; - - ssl_certificate /etc/letsencrypt/live/library-staging.lib/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/library-staging.lib/privkey.pem; - ssl_session_cache shared:SSL:1m; - ssl_prefer_server_ciphers on; - - location / { - app_protect_enable off; - app_protect_security_log_enable on; - proxy_pass http://library-staging; - proxy_cache library-stagingcache; - # handle errors using errors.conf - proxy_intercept_errors on; - health_check uri=/health interval=10 fails=3 passes=2; - proxy_set_header Host $http_host; - # to allow springshare libwizard tutorial embeds - add_header Content-Security-Policy "frame-ancestors 'self' https://princeton.libwizard.com;"; - # we expect this to fail because library-staging is behind VPN - # allow princeton network - include /etc/nginx/conf.d/templates/restrict.conf; - # block all - deny all; - } - - location ~ ^(\/sites)?(\/default)?(\/files)?\/(styles|js|css|assets|images|javascripts|stylesheets|swfs|system)\/ { - proxy_pass http://library-staging; - health_check uri=/health interval=10 fails=3 passes=2; - proxy_set_header Host $http_host; - - # Disabling rate limiting for now, as assets were being included. - # If we add this back, ensure we don't include static assets in - # sites/all/themes and sites/default/* - #limit_req zone=libweb_ip_rate_limit burst=12 delay=8; - proxy_cache library-stagingcache; - proxy_cache_min_uses 3; - proxy_cache_key "$host$request_uri $cookie_user"; - proxy_cache_use_stale error timeout updating http_500 http_502 - http_503 http_504; - proxy_cache_background_update on; - proxy_cache_lock on; - proxy_connect_timeout 2h; - proxy_send_timeout 2h; - proxy_read_timeout 2h; - } - - include /etc/nginx/conf.d/templates/errors.conf; - - include /etc/nginx/conf.d/templates/libwww-proxy-pass-staging.conf; - - include /etc/nginx/conf.d/templates/libwww-proxy-pass.conf; -}