diff --git a/nginx_cryptpad.conf.tmpl b/nginx_cryptpad.conf.tmpl index 84f1a22..0a37a98 100644 --- a/nginx_cryptpad.conf.tmpl +++ b/nginx_cryptpad.conf.tmpl @@ -1,16 +1,16 @@ -# -- cpad-01.oopen.de +# -- @cryptpad-url@ -# we want restrict authentication to cryptpad sandbox urls "cpadsb-01.oopen.de" +# we want restrict authentication to cryptpad sandbox urls "@cryptpad_sandbox_url@" # #map $http_host $auth_type { # default "off"; #This will turn off auth-basic -# cpadsb-01.oopen.de "Restricted"; #This or any other string will turn it back on +# @cryptpad_sandbox_url@ "Restricted"; #This or any other string will turn it back on #} server { listen 80; listen [::]:80; - server_name cpad-01.oopen.de; + server_name @cryptpad-url@; return 301 https://$server_name$request_uri; } @@ -33,8 +33,8 @@ server { # These variables must be different to take advantage of CryptPad's sandboxing techniques. # In the event of an XSS vulnerability in CryptPad's front-end code # this will limit the amount of information accessible to attackers. - set $main_domain "cpad-01.oopen.de"; - set $sandbox_domain "cpadsb-01.oopen.de"; + set $main_domain "@cryptpad-url@"; + set $sandbox_domain "@cryptpad_sandbox_url@"; # By default CryptPad allows remote domains to embed CryptPad documents in iframes. # This behaviour can be blocked by changing $allowed_origins from "*" to the @@ -57,15 +57,15 @@ server { set $files_domain "${main_domain}"; # nginx doesn't let you set server_name via variables, so you need to hardcode your domains here - server_name cpad-01.oopen.de cpadsb-01.oopen.de; + server_name @cryptpad-url@ @cryptpad_sandbox_url@; # You'll need to Set the path to your certificates and keys here # IMPORTANT: this config is intended to serve assets for at least two domains # (your main domain and your sandbox domain). As such, you'll need to generate a single SSL certificate # that includes both domains in order for things to work as expected. - ssl_certificate /var/lib/dehydrated/certs/cpad-01.oopen.de/fullchain.pem; - ssl_certificate_key /var/lib/dehydrated/certs/cpad-01.oopen.de/privkey.pem; - ssl_trusted_certificate /var/lib/dehydrated/certs/cpad-01.oopen.de/chain.pem; + ssl_certificate /var/lib/dehydrated/certs/@cryptpad-url@/fullchain.pem; + ssl_certificate_key /var/lib/dehydrated/certs/@cryptpad-url@/privkey.pem; + ssl_trusted_certificate /var/lib/dehydrated/certs/@cryptpad-url@/chain.pem; # ---------- # !! inserted by ckubu !!