2016-01-29 17:50:16 +01:00
|
|
|
server {
|
|
|
|
listen __PORT__;
|
|
|
|
server_name auth.__DNSDOMAIN__;
|
|
|
|
root __PORTALDIR__;
|
|
|
|
|
2016-02-24 20:18:44 +01:00
|
|
|
location ~ \.pl(?:$|/) {
|
2016-01-29 17:50:16 +01:00
|
|
|
include /etc/nginx/fastcgi_params;
|
2016-02-15 22:12:56 +01:00
|
|
|
fastcgi_pass unix:__FASTCGISOCKDIR__/llng-fastcgi.sock;
|
2016-02-18 11:50:02 +01:00
|
|
|
fastcgi_param LLTYPE cgi;
|
2016-02-16 09:56:03 +01:00
|
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
2016-03-01 14:48:40 +01:00
|
|
|
set $sn $request_uri;
|
|
|
|
if ($sn ~ "^(.*)\?") {
|
|
|
|
set $sn $1;
|
|
|
|
}
|
|
|
|
fastcgi_param SCRIPT_NAME $sn;
|
2016-02-11 13:09:51 +01:00
|
|
|
fastcgi_split_path_info ^(.*\.pl)(/.+)$;
|
2016-01-29 17:50:16 +01:00
|
|
|
}
|
|
|
|
|
2016-02-24 20:18:44 +01:00
|
|
|
index index.pl;
|
2016-01-29 17:50:16 +01:00
|
|
|
location / {
|
2016-02-11 10:36:12 +01:00
|
|
|
try_files $uri $uri/ =404;
|
|
|
|
|
|
|
|
# Uncomment this if you use https only
|
|
|
|
#add_header Strict-Transport-Security "15768000";
|
2016-01-29 17:50:16 +01:00
|
|
|
}
|
2016-02-16 12:19:32 +01:00
|
|
|
|
2016-02-18 12:49:30 +01:00
|
|
|
# SOAP functions for sessions management (disabled by default)
|
|
|
|
location /index/adminSessions {
|
|
|
|
deny all;
|
|
|
|
}
|
|
|
|
|
|
|
|
# SOAP functions for sessions access (disabled by default)
|
|
|
|
location /index.pl/sessions {
|
|
|
|
deny all;
|
|
|
|
}
|
|
|
|
|
|
|
|
# SOAP functions for configuration access (disabled by default)
|
|
|
|
location /index.pl/config {
|
|
|
|
deny all;
|
|
|
|
}
|
|
|
|
|
|
|
|
# SOAP functions for notification insertion (disabled by default)
|
|
|
|
location /index.pl/notification {
|
|
|
|
deny all;
|
|
|
|
}
|
|
|
|
# SAML2 Issuer
|
|
|
|
rewrite ^/saml/metadata /metadata.pl last;
|
|
|
|
rewrite ^/saml/.* /index.pl last;
|
|
|
|
|
|
|
|
# CAS Issuer
|
|
|
|
rewrite ^/cas/.* /index.pl;
|
|
|
|
|
|
|
|
# OpenID Issuer
|
|
|
|
rewrite ^/openidserver/.* /index.pl last;
|
|
|
|
|
|
|
|
# OpenID Connect Issuer
|
|
|
|
rewrite ^/oauth2/.* /index.pl last;
|
|
|
|
rewrite ^/.well-known/openid-configuration$ /openid-configuration.pl last;
|
|
|
|
|
2016-02-16 12:19:32 +01:00
|
|
|
# DEBIAN
|
|
|
|
# If install was made with USEDEBIANLIBS (official releases), uncomment this
|
|
|
|
#location /javascript/ {
|
|
|
|
# alias /usr/share/javascript/;
|
|
|
|
#}
|
2016-01-29 17:50:16 +01:00
|
|
|
}
|