nginx.tmpl.conf

dockers/proxy/config/nginx.tmpl.conf

@@ -92,6 +92,7 @@ server {
   }
 }
 
+
   server {
     server_name __DOMAIN__ www.__DOMAIN__;
     include includes/port;
@@ -99,13 +100,6 @@ server {
     ssl_certificate_key /etc/letsencrypt/live/www.__DOMAIN__/privkey.pem;
     include includes/proxy_params;
 
-    # ssl_protocols TLSv1.2 TLSv1.3;
-    # ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
-    # ssl_prefer_server_ciphers off;
-    # ssl_stapling on;
-    # ssl_stapling_verify on;
-    # ssl_trusted_certificate /etc/letsencrypt/live/__DOMAIN__/fullchain.pem;
-
     include includes/allow_ip;
     # XXX >>>
     # A concerver jusqu'en juin 2021
@@ -223,8 +217,6 @@ server {
 {{framadate
   server {
     server_name __DATE_HOST__.__DOMAIN__;
-    # pb nom en dur
-    server_name kazdate.__DOMAIN__;
     include includes/port;
     ssl_certificate /etc/letsencrypt/live/__DOMAIN__/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/__DOMAIN__/privkey.pem;
@@ -290,14 +282,6 @@ server {
   # mais c'est pas grave pour nous. Il n'y a pas de domaine kazXbzh à la racine du NIC
     server_name ~^(?<asso>.+)-__PAHEKO_HOST__\.__DOMAIN__$;
 
-    # # capture des domaines extérieurs vers des paheko locaux
-    # include includes/paheko_kaz_name;
-
-    # if ($asso = '') {
-    #    set $asso $paheko_kaz_map;
-    #    # XXX a tester
-    #    #set $http_host $asso;
-    # }
     include includes/port;
     ssl_certificate /etc/letsencrypt/live/$ssl_local_cert/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/$ssl_local_cert/privkey.pem;