Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
LQDN Adminsys
piops-roles
hedgedocs-pad-lqdn
Commits
ef192357
Commit
ef192357
authored
Mar 05, 2021
by
nono
💻
Browse files
Updated configuration of permissions
parent
23cf750f
Changes
4
Hide whitespace changes
Inline
Side-by-side
files/etc/nginx/hedgedocs-nginx.conf.j2
View file @
ef192357
...
...
@@ -3,31 +3,37 @@ map $http_upgrade $connection_upgrade {
'' close;
}
server {
server_name {{ service_hedgedocs_domain | lower }};
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /socket.io/ {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
server_name {{ service_hedgedocs_domain }};
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /socket.io/ {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
listen [::]:443 ssl http2;
listen 443 ssl http2;
ssl_certificate /etc/letsencrypt/live/{{ service_hedgedocs_domain | lower }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ service_hedgedocs_domain | lower }}/privkey.pem;
# Errors
access_log /var/log/nginx/hedgedocs_access.log;
error_log /var/log/nginx/hedgedocs_error.log warn;
# SSL
ssl_certificate /etc/letsencrypt/live/{{ service_hedgedocs_domain }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ service_hedgedocs_domain }}/privkey.pem;
# Improve HTTPS performance with session resumption
ssl_session_cache shared:SSL:10m;
...
...
files/hedgedocs.service
View file @
ef192357
...
...
@@ -13,8 +13,9 @@ RestartSec=2s
User
=
hedgedocs
Group
=
www-data
# the location you cloned CodiMD to.
WorkingDirectory
=
/home/hedgedocs/hedgedoc
ExecStart
=
/usr/bin/npm start --production
# This is relative to the home of the hedgedocs user : https://www.freedesktop.org/software/systemd/man/systemd.exec.html
WorkingDirectory
=
hedgedoc/
ExecStart
=
npm start --production
Restart
=
always
PrivateTmp
=
true
PrivateDevices
=
true
...
...
tasks/configuration.yml
View file @
ef192357
...
...
@@ -28,7 +28,7 @@
dest
:
/home/hedgedocs/hedgedoc/config.json
owner
:
hedgedocs
group
:
www-data
mode
:
06
44
mode
:
06
00
-
name
:
Configuration du fichier SystemD
template
:
...
...
tasks/install-service.yml
View file @
ef192357
...
...
@@ -17,5 +17,5 @@
dest
:
/home/hedgedocs/
owner
:
hedgedocs
group
:
www-data
mode
:
0
644
mode
:
0
740
remote_src
:
yes
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment