From 99b8524c16cc99ceeaf1ebf588f2fc0f2c0fbe0a Mon Sep 17 00:00:00 2001
From: Cullum Smith <cullum@sacredheartsc.com>
Date: Sat, 12 Oct 2024 08:14:59 -0400
Subject: add a bunch of hostclasses

---
 files/usr/local/etc/nginx/vhosts.conf.ttrss_server | 43 ++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 files/usr/local/etc/nginx/vhosts.conf.ttrss_server

(limited to 'files/usr/local/etc/nginx/vhosts.conf.ttrss_server')

diff --git a/files/usr/local/etc/nginx/vhosts.conf.ttrss_server b/files/usr/local/etc/nginx/vhosts.conf.ttrss_server
new file mode 100644
index 0000000..fb0343d
--- /dev/null
+++ b/files/usr/local/etc/nginx/vhosts.conf.ttrss_server
@@ -0,0 +1,43 @@
+server {
+  listen 443      ssl default_server;
+  listen [::]:443 ssl default_server;
+  http2 on;
+
+  root ${ttrss_repo_dir};
+  index index.php index.html;
+
+  ssl_certificate      ${ttrss_https_cert};
+  ssl_certificate_key  ${ttrss_https_key};
+
+  add_header Strict-Transport-Security "max-age=63072000" always;
+
+  auth_gss_keytab ${ttrss_keytab};
+  auth_gss_allow_basic_fallback off;
+
+  location ~ ^/index\.php$ {
+    auth_gss on;
+    satisfy any;
+$(printf '    deny %s;\n' $kerberized_cidrs)
+    allow all;
+
+    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+    if (!-f \$document_root\$fastcgi_script_name) {
+      return 404;
+    }
+    fastcgi_index index.php;
+    fastcgi_intercept_errors on;
+    include fastcgi_params;
+    fastcgi_pass unix:${ttrss_fpm_socket};
+  }
+
+  location ~ [^/]\.php(/|$) {
+    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+    if (!-f \$document_root\$fastcgi_script_name) {
+      return 404;
+    }
+    fastcgi_index index.php;
+    fastcgi_intercept_errors on;
+    include fastcgi_params;
+    fastcgi_pass unix:${ttrss_fpm_socket};
+  }
+}
-- 
cgit v1.2.3