Rake SSL settings for CTOR into single config

Minoru · Minoru · commit 77b1c7fd053a · 2017-06-24T17:54:21.000+03:00
diff --git a/ctor/etc/nginx/sites-available/default b/ctor/etc/nginx/sites-available/default
@@ -2,11 +2,7 @@ server {
     listen 443 ssl;
     server_name codingteam.org.ru;
     keepalive_timeout 60;
-    ssl_certificate /etc/letsencrypt/live/loglist.net/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/loglist.net/privkey.pem;
-    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-    ssl_ciphers  "HIGH:!aNULL:!MD5:!kEDH";
-    add_header Strict-Transport-Security 'max-age=15552000';
+    include /etc/nginx/ssl.conf;
 
     location /_logs/ {
         proxy_set_header X-Forwarded-Host $host;
diff --git a/ctor/etc/nginx/sites-available/loglist b/ctor/etc/nginx/sites-available/loglist
@@ -21,11 +21,7 @@ server {
         listen 443 ssl;
         server_name loglist.net;
 	keepalive_timeout 60;
-        ssl_certificate /etc/letsencrypt/live/loglist.net/fullchain.pem;
-        ssl_certificate_key /etc/letsencrypt/live/loglist.net/privkey.pem;
-        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-        ssl_ciphers  "HIGH:!aNULL:!MD5:!kEDH";
-        add_header Strict-Transport-Security 'max-age=15552000';
+        include /etc/nginx/ssl.conf;
 
         location / {
                  proxy_set_header X-Forwarded-Host $host;
@@ -41,11 +37,7 @@ server {
     listen 443 ssl;
     server_name *.loglist.net;
     keepalive_timeout 60;
-    ssl_certificate /etc/letsencrypt/live/loglist.net/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/loglist.net/privkey.pem;
-    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-    ssl_ciphers  "HIGH:!aNULL:!MD5:!kEDH";
-    add_header Strict-Transport-Security 'max-age=15552000';
+    include /etc/nginx/ssl.conf;
 
     location / {
         return 301 https://loglist.net$request_uri;
diff --git a/ctor/etc/nginx/sites-available/tales b/ctor/etc/nginx/sites-available/tales
@@ -2,11 +2,7 @@ server {
     listen 443 ssl;
     server_name tales.codingteam.org.ru;
     keepalive_timeout 60;
-    ssl_certificate /etc/letsencrypt/live/loglist.net/fullchain.pem;
-    ssl_certificate_key /etc/letsencrypt/live/loglist.net/privkey.pem;
-    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-    ssl_ciphers  "HIGH:!aNULL:!MD5:!kEDH";
-    add_header Strict-Transport-Security 'max-age=15552000';
+    include /etc/nginx/ssl.conf;
 
     location / {
         alias /opt/codingteam/tales/;
diff --git a/ctor/etc/nginx/ssl.conf b/ctor/etc/nginx/ssl.conf
@@ -0,0 +1,5 @@
+ssl_certificate /etc/letsencrypt/live/loglist.net/fullchain.pem;
+ssl_certificate_key /etc/letsencrypt/live/loglist.net/privkey.pem;
+ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ssl_ciphers  "HIGH:!aNULL:!MD5:!kEDH";
+add_header Strict-Transport-Security 'max-age=15552000';
