diff --git a/servers/puppet/files/nagios3/conf.d/hosts.cfg b/servers/puppet/files/nagios3/conf.d/hosts.cfg index 9e7caf62ab..b077b9c5d1 100644 --- a/servers/puppet/files/nagios3/conf.d/hosts.cfg +++ b/servers/puppet/files/nagios3/conf.d/hosts.cfg @@ -30,6 +30,14 @@ define host{ hostgroups all } +define host{ + use generic-host + host_name staging + alias Staging + address staging.humbughq.com + hostgroups all + } + define host{ use generic-host host_name git diff --git a/servers/puppet/files/nginx/sites-available/humbug-dev b/servers/puppet/files/nginx/sites-available/humbug-dev new file mode 100644 index 0000000000..878d418c7c --- /dev/null +++ b/servers/puppet/files/nginx/sites-available/humbug-dev @@ -0,0 +1,54 @@ +server { + listen 80; + server_name dev.humbughq.com; + return 301 https://$server_name$request_uri; +} + +server { + listen 443; + + ssl on; + ssl_certificate /etc/ssl/certs/app.humbughq.com.combined-chain.crt; + ssl_certificate_key /etc/ssl/private/app.humbughq.com.key; + + server_name dev.humbughq.com; + access_log /var/log/nginx/humbug.access.log; + error_log /var/log/nginx/humbug.error.log; + + # Enable HSTS: tell browsers to always use HTTPS + add_header Strict-Transport-Security max-age=15768000; + + # Avoid clickjacking attacks + add_header X-Frame-Options DENY; + + # Serve a custom error page when the app is down + error_page 502 503 504 /static/public/html/5xx.html; + + # Serve static files directly + location /static/ { + alias /home/humbug/humbug/zephyr/static-access-control/; + expires 30d; + error_page 404 /static/public/html/404.html; + } + + # Send longpoll requests to Tornado + location ~ /json/get_updates|/api/v1/get_messages { + proxy_pass http://localhost:9993; + proxy_redirect off; + + # Needed for longpolling + proxy_buffering off; + proxy_read_timeout 1200; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + # Send everything else to Django via FastCGI + location / { + include fastcgi_params; + fastcgi_pass unix:/home/humbug/humbug/fastcgi-socket; + fastcgi_split_path_info ^()(.*)$; + } +} diff --git a/servers/puppet/files/nginx/sites-available/humbug-staging b/servers/puppet/files/nginx/sites-available/humbug-staging new file mode 100644 index 0000000000..5a7f250744 --- /dev/null +++ b/servers/puppet/files/nginx/sites-available/humbug-staging @@ -0,0 +1,54 @@ +server { + listen 80; + server_name staging.humbughq.com; + return 301 https://$server_name$request_uri; +} + +server { + listen 443; + + ssl on; + ssl_certificate /etc/ssl/certs/app.humbughq.com.combined-chain.crt; + ssl_certificate_key /etc/ssl/private/app.humbughq.com.key; + + server_name staging.humbughq.com; + access_log /var/log/nginx/humbug.access.log; + error_log /var/log/nginx/humbug.error.log; + + # Enable HSTS: tell browsers to always use HTTPS + add_header Strict-Transport-Security max-age=15768000; + + # Avoid clickjacking attacks + add_header X-Frame-Options DENY; + + # Serve a custom error page when the app is down + error_page 502 503 504 /static/public/html/5xx.html; + + # Serve static files directly + location /static/ { + alias /home/humbug/humbug/zephyr/static-access-control/; + expires 30d; + error_page 404 /static/public/html/404.html; + } + + # Send longpoll requests to Tornado + location ~ /json/get_updates|/api/v1/get_messages { + proxy_pass http://localhost:9993; + proxy_redirect off; + + # Needed for longpolling + proxy_buffering off; + proxy_read_timeout 1200; + + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + # Send everything else to Django via FastCGI + location / { + include fastcgi_params; + fastcgi_pass unix:/home/humbug/humbug/fastcgi-socket; + fastcgi_split_path_info ^()(.*)$; + } +}