fix(nginx): update configs for ssl reverse proxy severs (#7)

Reviewed-on: #7

nginx/sites-available/44300.conf

@@ -0,0 +1,17 @@
+server {
+	listen 44300 ssl;
+
+	server_name _;
+
+	include snippets/vlw.se-ssl;
+
+	location / {
+		proxy_set_header Host $host;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection upgrade;
+		proxy_set_header Accept-Encoding gzip;
+		proxy_set_header X-Forwarded-For $remote_addr;
+
+		proxy_pass http://localhost:8000;
+	}
+}

nginx/sites-available/44301.conf

@@ -0,0 +1,11 @@
+server {
+	listen 44301 ssl;
+
+	server_name _;
+
+	include snippets/vlw.se-ssl;
+
+	location / {
+		proxy_pass http://localhost:8001;
+	}
+}

nginx/sites-available/44302.conf

@@ -0,0 +1,11 @@
+server {
+	listen 44302 ssl;
+
+	server_name _;
+
+	include snippets/vlw.se-ssl;
+
+	location / {
+		proxy_pass http://localhost:8001;
+	}
+}

nginx/sites-available/44303.conf

@@ -0,0 +1,16 @@
+server {
+	listen 44303 ssl;
+
+	server_name api.vlw.se;
+
+	include snippets/vlw.se-ssl;
+
+	location / {
+		add_header 'Access-Control-Allow-Origin' $http_origin;
+		add_header 'Access-Control-Allow-Credentials' 'true';
+		add_header 'Access-Control-Allow-Methods' 'GET, POST, PATCH, PUT, OPTIONS';
+		add_header 'Access-Control-Allow-Headers' 'Authorization, Origin, Content-Type, Accept';
+
+		proxy_pass http://localhost:8003;
+	}
+}

nginx/sites-available/8001.conf

@@ -1,8 +1,7 @@
 server {
-	listen 44300 ssl http2;
+	listen 8001;
 
 	server_name _;
-	include snippets/vlw.se-ssl.conf;
 
 	root /var/www;
 	index index.html index.php;

nginx/sites-available/8002.conf

@@ -1,10 +1,8 @@
 server {
-	listen 44301 ssl;
+	listen 8002;
 
 	server_name _;
 
-	include snippets/vlw.se-ssl.conf;
-
 	# Reflect
 	#root /var/www/reflect/public;
 

nginx/sites-available/8003.conf

@@ -1,10 +1,8 @@
 server {
-	listen 44302 ssl http2;
+	listen 8003;
 
 	server_name _;
 
-	include snippets/vlw.se-ssl.conf;
-
 	# Reflect
 	root /var/www/fw/reflect/public;
 	# iCellate API peer helper

nginx/snippets/fastcgi-php.conf

@@ -0,0 +1,13 @@
+# regex to split $uri to $fastcgi_script_name and $fastcgi_path
+fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+
+# Check that the PHP script exists before passing it
+#try_files $fastcgi_script_name =404;
+
+# Bypass the fact that try_files resets $fastcgi_path_info
+# see: http://trac.nginx.org/nginx/ticket/321
+set $path_info $fastcgi_path_info;
+fastcgi_param PATH_INFO $path_info;
+
+fastcgi_index index.php;
+include fastcgi.conf;

pma/config.inc.php

@@ -0,0 +1,179 @@
+<?php
+/**
+ * phpMyAdmin sample configuration, you can use it as base for
+ * manual configuration. For easier setup you can use setup/
+ *
+ * All directives are explained in documentation in the doc/ folder
+ * or at <https://docs.phpmyadmin.net/>.
+ */
+
+declare(strict_types=1);
+
+/**
+ * This is needed for cookie based authentication to encrypt password in
+ * cookie. Needs to be 32 chars long.
+ */
+$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */
+
+/**
+ * Servers configuration
+ */
+$i = 0;
+
+/**
+ * Server: localhost
+ */
+$i++;
+/* Authentication type */
+$cfg['Servers'][$i]['auth_type'] = 'config';
+$cfg['Servers'][$i]['user'] = 'www-data';
+$cfg['Servers'][$i]['password'] = '';
+/* Server parameters */
+$cfg['Servers'][$i]['TempDir'] = '/tmp';
+$cfg['Servers'][$i]['socket'] = '/run/mysqld/mysqld.sock';
+$cfg['Servers'][$i]['compress'] = false;
+$cfg['Servers'][$i]['AllowNoPassword'] = true;
+
+/**
+ * Server: The Generation MBP
+ */
+$i++;
+/* Authentication type */
+$cfg['Servers'][$i]['connect_type'] = 'tcp';
+/* Server parameters */
+$cfg['Servers'][$i]['TempDir'] = '/tmp';
+$cfg['Servers'][$i]['host'] = '192.168.88.173';
+$cfg['Servers'][$i]['compress'] = false;
+$cfg['Servers'][$i]['AllowNoPassword'] = true;
+
+/**
+ *
+/**
+ * phpMyAdmin configuration storage settings.
+ */
+
+/* User used to manipulate with storage */
+// $cfg['Servers'][$i]['controlhost'] = '';
+// $cfg['Servers'][$i]['controlport'] = '';
+// $cfg['Servers'][$i]['controluser'] = 'pma';
+// $cfg['Servers'][$i]['controlpass'] = 'pmapass';
+
+/* Storage database and tables */
+// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';
+// $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark';
+// $cfg['Servers'][$i]['relation'] = 'pma__relation';
+// $cfg['Servers'][$i]['table_info'] = 'pma__table_info';
+// $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords';
+// $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages';
+// $cfg['Servers'][$i]['column_info'] = 'pma__column_info';
+// $cfg['Servers'][$i]['history'] = 'pma__history';
+// $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs';
+// $cfg['Servers'][$i]['tracking'] = 'pma__tracking';
+// $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig';
+// $cfg['Servers'][$i]['recent'] = 'pma__recent';
+// $cfg['Servers'][$i]['favorite'] = 'pma__favorite';
+// $cfg['Servers'][$i]['users'] = 'pma__users';
+// $cfg['Servers'][$i]['usergroups'] = 'pma__usergroups';
+// $cfg['Servers'][$i]['navigationhiding'] = 'pma__navigationhiding';
+// $cfg['Servers'][$i]['savedsearches'] = 'pma__savedsearches';
+// $cfg['Servers'][$i]['central_columns'] = 'pma__central_columns';
+// $cfg['Servers'][$i]['designer_settings'] = 'pma__designer_settings';
+// $cfg['Servers'][$i]['export_templates'] = 'pma__export_templates';
+
+/**
+ * End of servers configuration
+ */
+
+/**
+ * Directories for saving/loading files from server
+ */
+$cfg['UploadDir'] = '';
+$cfg['SaveDir'] = '';
+
+/**
+ * Whether to display icons or text or both icons and text in table row
+ * action segment. Value can be either of 'icons', 'text' or 'both'.
+ * default = 'both'
+ */
+//$cfg['RowActionType'] = 'icons';
+
+/**
+ * Defines whether a user should be displayed a "show all (records)"
+ * button in browse mode or not.
+ * default = false
+ */
+//$cfg['ShowAll'] = true;
+
+/**
+ * Number of rows displayed when browsing a result set. If the result
+ * set contains more rows, "Previous" and "Next".
+ * Possible values: 25, 50, 100, 250, 500
+ * default = 25
+ */
+//$cfg['MaxRows'] = 50;
+
+/**
+ * Disallow editing of binary fields
+ * valid values are:
+ *   false    allow editing
+ *   'blob'   allow editing except for BLOB fields
+ *   'noblob' disallow editing except for BLOB fields
+ *   'all'    disallow editing
+ * default = 'blob'
+ */
+//$cfg['ProtectBinary'] = false;
+
+/**
+ * Default language to use, if not browser-defined or user-defined
+ * (you find all languages in the locale folder)
+ * uncomment the desired line:
+ * default = 'en'
+ */
+//$cfg['DefaultLang'] = 'en';
+//$cfg['DefaultLang'] = 'de';
+
+/**
+ * How many columns should be used for table display of a database?
+ * (a value larger than 1 results in some information being hidden)
+ * default = 1
+ */
+//$cfg['PropertiesNumColumns'] = 2;
+
+/**
+ * Set to true if you want DB-based query history.If false, this utilizes
+ * JS-routines to display query history (lost by window close)
+ *
+ * This requires configuration storage enabled, see above.
+ * default = false
+ */
+//$cfg['QueryHistoryDB'] = true;
+
+/**
+ * When using DB-based query history, how many entries should be kept?
+ * default = 25
+ */
+//$cfg['QueryHistoryMax'] = 100;
+
+/**
+ * Whether or not to query the user before sending the error report to
+ * the phpMyAdmin team when a JavaScript error occurs
+ *
+ * Available options
+ * ('ask' | 'always' | 'never')
+ * default = 'ask'
+ */
+//$cfg['SendErrorReports'] = 'always';
+
+/**
+ * 'URLQueryEncryption' defines whether phpMyAdmin will encrypt sensitive data from the URL query string.
+ * 'URLQueryEncryptionSecretKey' is a 32 bytes long secret key used to encrypt/decrypt the URL query string.
+ */
+//$cfg['URLQueryEncryption'] = true;
+//$cfg['URLQueryEncryptionSecretKey'] = '';
+
+/**
+ * You can find more configuration options in the documentation
+ * in the doc/ folder or at <https://docs.phpmyadmin.net/>.
+ */
+
+$cfg['RowActionLinksWithoutUnique'] = true;