From: Andy Allan Date: Fri, 22 Apr 2016 15:44:09 +0000 (+0100) Subject: Remove old config files. X-Git-Tag: live~4460 X-Git-Url: https://git.openstreetmap.org./rails.git/commitdiff_plain/c3c6cfd6e6280dc604a11c987fcc7b2278e21140 Remove old config files. We use passenger (configured via chef) and these old files will just cause confusion. --- diff --git a/config/lighttpd-host-blocks.sh b/config/lighttpd-host-blocks.sh deleted file mode 100644 index 3022e74db..000000000 --- a/config/lighttpd-host-blocks.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh - -if [ -d /etc/firewall ] -then - for ip in $(ls /etc/firewall) - do - echo "\$HTTP[\"remoteip\"] == \"$ip\" { url.access-deny = (\"\") }" - done -fi diff --git a/config/lighttpd.conf b/config/lighttpd.conf deleted file mode 100644 index e728c6716..000000000 --- a/config/lighttpd.conf +++ /dev/null @@ -1,281 +0,0 @@ -# -# Load the modules that we need -# -server.modules = ( - "mod_access", - "mod_accesslog", - "mod_cgi", - "mod_compress", - "mod_evasive", - "mod_expire", - "mod_fastcgi", - "mod_redirect", - "mod_status" -) - -# -# Basic server configuration -# -server.username = "www-data" -server.groupname = "www-data" -server.pid-file = "/var/run/lighttpd.pid" -server.max-fds = 8192 -server.reject-expect-100-with-417 = "disable" - -# -# Setup logging -# -accesslog.filename = "/var/log/lighttpd/access.log" -accesslog.format = "%h %V %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%{Accept-Language}i\"" -server.errorlog = "/var/log/lighttpd/error.log" - -# -# Allow munin to monitor the server's status -# -$HTTP["remoteip"] == "128.40.168.98" { - status.config-url = "/server-config" - status.status-url = "/server-status" - status.statistics-url = "/server-statistics" -} - -# -# Pull in host blocks -# -include_shell "lighttpd-host-blocks.sh" - -# -# Block some troublesome robots -# -#$HTTP["useragent"] =~ "msnbot" { url.access-deny = ("") } -$HTTP["useragent"] =~ "Twiceler" { url.access-deny = ("") } -$HTTP["useragent"] =~ "Baiduspider" { url.access-deny = ("") } -$HTTP["useragent"] =~ "Sosospider+" { url.access-deny = ("") } -#$HTTP["useragent"] =~ "Yahoo! Slurp" { url.access-deny = ("") } -$HTTP["useragent"] =~ "Yeti" { url.access-deny = ("") } -#$HTTP["useragent"] =~ "Googlebot" { url.access-deny = ("") } -$HTTP["useragent"] =~ "The Hare and the Hedgeho" { url.access-deny = ("") } - -# -# Block tilesAtHome -# -$HTTP["useragent"] =~ "tilesAtHome" { url.access-deny = ("") } - -# -# Block JOSM revisions 1722-1727 as they have a serious bug that causes -# lat/lon to be swapped (http://josm.openstreetmap.de/ticket/2804) -# -$HTTP["useragent"] =~ "^JOSM/[0-9]+\.[0-9]+ \(172[234567] " { - url.access-deny = ("") -} - -# -# Setup MIME type mapping -# -mimetype.assign = ( - ".css" => "text/css", - ".gif" => "image/gif", - ".html" => "text/html; charset=utf-8", - ".jpg" => "image/jpeg", - ".js" => "application/x-javascript", - ".png" => "image/png", - ".swf" => "application/x-shockwave-flash", - ".txt" => "text/plain", - ".xml" => "text/xml" -) - -# -# Force special MIME type for crossdomain.xml files -# -$HTTP["url"] =~ "/crossdomain\.xml$" { - mimetype.assign = ( ".xml" => "text/x-cross-domain-policy" ) -} - -# -# Enable compression of appropriate static content -# -compress.filetype = ( - "application/x-javascript", - "application/x-shockwave-flash", - "text/css", - "text/html", - "text/plain" -) - -# -# Set expiry for static content -# -expire.url = ( - "/export/embed.html" => "access 7 days", - "/images/" => "access 10 years", - "/javascripts/" => "access 10 years", - "/openlayers/" => "access 7 days", - "/stylesheets/" => "access 10 years" -) - -# -# Cache compressed content -# -compress.cache-dir = "/var/cache/lighttpd" - -# -# Redirect trac and wiki requests to the right places -# -url.redirect = ( - "^/trac/(.*)$" => "http://trac.openstreetmap.org/$1", - "^/wiki/(.*)$" => "http://wiki.openstreetmap.org/$1" -) - -# -# Redirect everything except www.openstreetmap.org and -# api.openstreetmap.org to www.openstreetmap.org -# -$HTTP["host"] =~ "^api\." { - $HTTP["host"] != "api.openstreetmap.org" { - url.redirect = ( "^(.*)$" => "http://api.openstreetmap.org$1" ) - } -} -else $HTTP["host"] != "www.openstreetmap.org" { - url.redirect = ( "^(.*)$" => "http://www.openstreetmap.org$1" ) -} - -# -# Run anything with a .pl iextension as a CGI script -# -cgi.assign = ( ".pl" => "/usr/bin/perl" ) - -# -# Serve static content from the rails public area ourselves -# -server.document-root = "/home/rails/public" - -# -# Send everything else to the appropriate FastCGI server -# -$HTTP["url"] =~ "^/trace/[0-9]+/data$" { - server.error-handler-404 = "/dispatch.bulkapi" -} -else $HTTP["url"] =~ "^/api/0\.6/map$" { - server.error-handler-404 = "/dispatch.map" -} -else $HTTP["url"] =~ "^/api/0\.6/(trackpoints|amf|amf/read|swf/trackpoints|changeset/[0-9]+/(upload|download))$" { - server.error-handler-404 = "/dispatch.bulkapi" -} -else $HTTP["url"] =~ "^/api/0\.6/.*/(full|history|search|ways)$" { - server.error-handler-404 = "/dispatch.bulkapi" -} -else $HTTP["url"] =~ "^/api/0\.6/" { - server.error-handler-404 = "/dispatch.api" -} -else $HTTP["url"] =~ "^/api/0\.[0-9]+/" { - url.access-deny = ("") -} -else $HTTP["url"] =~ "^/geocoder/(search|description)_geonames$" { - server.error-handler-404 = "/dispatch.geonames" -} -else $HTTP["url"] =~ "^/" { - server.error-handler-404 = "/dispatch.web" -} - -# -# Configure the FastCGI servers -# -fastcgi.server = ( - ".web" => ( - ( "host" => "127.0.0.1", "port" => 8000, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8001, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8002, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8003, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8004, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8005, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8006, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8007, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8008, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8009, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8010, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8011, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8012, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8013, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8014, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8015, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8016, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8017, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8018, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8019, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8020, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8021, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8022, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8023, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8024, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8025, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8026, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8027, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8028, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8029, "check-local" => "disable" ) - ), - ".geonames" => ( - ( "host" => "127.0.0.1", "port" => 8030, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8031, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8032, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8033, "check-local" => "disable" ) - ), - ".api" => ( - ( "host" => "127.0.0.1", "port" => 8034, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8035, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8036, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8037, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8038, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8039, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8040, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8041, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8042, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8043, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8044, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8045, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8046, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8047, "check-local" => "disable" ), - ( "host" => "127.0.0.1", "port" => 8048, "check-local" => "disable" ) - ), - ".bulkapi" => ( - ( "host" => "10.0.0.10", "port" => 8000, "check-local" => "disable" ), - ( "host" => "10.0.0.11", "port" => 8000, "check-local" => "disable" ), - ( "host" => "10.0.0.12", "port" => 8000, "check-local" => "disable" ), - ( "host" => "10.0.0.10", "port" => 8001, "check-local" => "disable" ), - ( "host" => "10.0.0.11", "port" => 8001, "check-local" => "disable" ), - ( "host" => "10.0.0.12", "port" => 8001, "check-local" => "disable" ), - ( "host" => "10.0.0.10", "port" => 8002, "check-local" => "disable" ), - ( "host" => "10.0.0.11", "port" => 8002, "check-local" => "disable" ), - ( "host" => "10.0.0.12", "port" => 8002, "check-local" => "disable" ), - ( "host" => "10.0.0.10", "port" => 8003, "check-local" => "disable" ), - ( "host" => "10.0.0.11", "port" => 8003, "check-local" => "disable" ), - ( "host" => "10.0.0.12", "port" => 8003, "check-local" => "disable" ), - ( "host" => "10.0.0.10", "port" => 8004, "check-local" => "disable" ), - ( "host" => "10.0.0.11", "port" => 8004, "check-local" => "disable" ), - ( "host" => "10.0.0.12", "port" => 8004, "check-local" => "disable" ), - ( "host" => "10.0.0.10", "port" => 8005, "check-local" => "disable" ), - ( "host" => "10.0.0.11", "port" => 8005, "check-local" => "disable" ), - ( "host" => "10.0.0.12", "port" => 8005, "check-local" => "disable" ), - ( "host" => "10.0.0.10", "port" => 8006, "check-local" => "disable" ), - ( "host" => "10.0.0.11", "port" => 8006, "check-local" => "disable" ), - ( "host" => "10.0.0.12", "port" => 8006, "check-local" => "disable" ), - ( "host" => "10.0.0.10", "port" => 8007, "check-local" => "disable" ), - ( "host" => "10.0.0.11", "port" => 8007, "check-local" => "disable" ), - ( "host" => "10.0.0.12", "port" => 8007, "check-local" => "disable" ), - ( "host" => "10.0.0.10", "port" => 8008, "check-local" => "disable" ), - ( "host" => "10.0.0.11", "port" => 8008, "check-local" => "disable" ), - ( "host" => "10.0.0.12", "port" => 8008, "check-local" => "disable" ), - ( "host" => "10.0.0.10", "port" => 8009, "check-local" => "disable" ), - ( "host" => "10.0.0.11", "port" => 8009, "check-local" => "disable" ), - ( "host" => "10.0.0.12", "port" => 8009, "check-local" => "disable" ), - ( "host" => "10.0.0.10", "port" => 8010, "check-local" => "disable" ), - ( "host" => "10.0.0.11", "port" => 8010, "check-local" => "disable" ), - ( "host" => "10.0.0.12", "port" => 8010, "check-local" => "disable" ), - ( "host" => "10.0.0.10", "port" => 8011, "check-local" => "disable" ), - ( "host" => "10.0.0.11", "port" => 8011, "check-local" => "disable" ), - ( "host" => "10.0.0.12", "port" => 8011, "check-local" => "disable" ) - ), - ".map" => ( - ( "host" => "10.0.0.10", "port" => 9000, "check-local" => "disable" ), - ( "host" => "10.0.0.11", "port" => 9000, "check-local" => "disable" ), - ( "host" => "10.0.0.12", "port" => 9000, "check-local" => "disable" ) - ) -) diff --git a/config/nginx.conf b/config/nginx.conf deleted file mode 100644 index ae349b746..000000000 --- a/config/nginx.conf +++ /dev/null @@ -1,266 +0,0 @@ -# Run as www-data -user www-data www-data; - -# Use two worker processes -worker_processes 2; - -# Define PID files -pid /var/run/nginx.pid; - -# Define error log -error_log /var/log/nginx/error.log; - -events { - # max clients = worker_processes * worker_connections - worker_connections 1024; -} - -http { - # Configure MIME types - include /etc/nginx/mime.types; - default_type application/octet-stream; - - # Configure network details - sendfile on; - keepalive_timeout 65; - tcp_nodelay on; - - # Define access log - access_log /var/log/nginx/access.log; - - # Configure compression (text/html is compressed by default) - gzip on; - gzip_min_length 1100; - gzip_buffers 4 8k; - gzip_types text/plain application/x-javascript application/x-shockwave-flash text/css; - - #NO CGI SUPPORT IN NGINX fix stat .pl later - - # Define fastcgi backend for web pages - upstream web_backend { - server 127.0.0.1:8000; - server 127.0.0.1:8001; - server 127.0.0.1:8002; - server 127.0.0.1:8003; - server 127.0.0.1:8004; - server 127.0.0.1:8005; - server 127.0.0.1:8006; - server 127.0.0.1:8007; - server 127.0.0.1:8008; - server 127.0.0.1:8009; - server 127.0.0.1:8010; - server 127.0.0.1:8011; - server 127.0.0.1:8012; - server 127.0.0.1:8013; - server 127.0.0.1:8014; - server 127.0.0.1:8015; - server 127.0.0.1:8016; - server 127.0.0.1:8017; - server 127.0.0.1:8018; - server 127.0.0.1:8019; - server 127.0.0.1:8020; - server 127.0.0.1:8021; - server 127.0.0.1:8022; - server 127.0.0.1:8023; - server 127.0.0.1:8024; - server 127.0.0.1:8025; - } - - # Define fastcgi backend for geocoder searches - upstream geocoder_backend { - server 127.0.0.1:8026; - server 127.0.0.1:8027; - server 127.0.0.1:8028; - server 127.0.0.1:8029; - } - - # Define fastcgi backend for api requests - upstream api_backend { - server 127.0.0.1:8030; - server 127.0.0.1:8031; - server 127.0.0.1:8032; - server 127.0.0.1:8033; - server 127.0.0.1:8034; - server 127.0.0.1:8035; - server 127.0.0.1:8036; - server 127.0.0.1:8037; - server 127.0.0.1:8038; - server 127.0.0.1:8039; - server 127.0.0.1:8040; - server 127.0.0.1:8041; - server 127.0.0.1:8042; - server 127.0.0.1:8043; - server 127.0.0.1:8044; - } - - # Define fastcgi backend for bulk api requests - upstream bulkapi_backend { - server 10.0.0.10:8000; - server 10.0.0.11:8000; - server 10.0.0.12:8000; - server 10.0.0.10:8001; - server 10.0.0.11:8001; - server 10.0.0.12:8001; - server 10.0.0.10:8002; - server 10.0.0.11:8002; - server 10.0.0.12:8002; - server 10.0.0.10:8003; - server 10.0.0.11:8003; - server 10.0.0.12:8003; - server 10.0.0.10:8004; - server 10.0.0.11:8004; - server 10.0.0.12:8004; - } - - # Define fastcgi backend for tiles@home requests - upstream tah_backend { - server 10.0.0.10:8005; - server 10.0.0.11:8005; - server 10.0.0.12:8005; - } - - server { - # Listen on port 80 - listen 80; - - # Serve rails public files - root /home/rails/public; - - # Use index.html as the index page - index index.html; - - # Redirect trac requests for historical reasons - location /trac/ { - rewrite ^/trac/(.*)$ http://trac.openstreetmap.org/$1 permanent; - } - - # Redirect wiki requests for historical reasons - location /wiki/ { - rewrite ^/wiki/(.*)$ http://wiki.openstreetmap.org/$1 permanent; - } - - # Placeholder for blocking abuse - include /etc/nginx/blocked_hosts; - allow all; - - # Block some bulk download agents - if ($http_user_agent ~* LWP::Simple|downloadosm|BBBike) { - return 403; - } - - # Block some robots - if ($http_user_agent ~* msnbot|twiceler) { - return 403; - } - - # Map api.openstreetmap/0.n/... to api.openstreetmap/api/0.n/... - if ($host ~* ^api\.) { - rewrite ^/(0\.[0-9]+)/(.*)$ /api/$1/$2; - rewrite ^/capabilities$ /api/capabilities; - } - - # Strip asset tags - location ~ ^/(images|javascripts|openlayers|stylesheets|user/image)/ { - # Strip asset tags - rewrite ^/(.*)/[0-9]+$ /$1; - - # Set expiry to the maximum - the asset tag will change - # when there is a new version - expires max; - - # Only cache OpenLayers for seven days though - if ($uri ~ ^/openlayers/) { - expires 7d; - } - } - - # Cache the embedded map page for seven days - location ~ ^/export/embed.html$ { - expires 7d; - } - - # Include fastcgi configuration - include /etc/nginx/fastcgi_params; - fastcgi_param REQUEST_URI $uri; - - # Handle tiles@home requests - location /api/ { - if ($http_user_agent ~ "^tilesAtHome") { - #deny all; - fastcgi_pass tah_backend; - break; - } - } - - # Handle bulk api requests - location ~ ^/api/0\.6/(map|relation|trackpoints|amf|amf/read|swf/trackpoints|trace/[0-9]+/data)$ { - fastcgi_read_timeout 300; - fastcgi_pass bulkapi_backend; - break; - } - - # Send search requests to the bulk api backend - location ~ ^/api/0\.6/.*/search$ { - fastcgi_read_timeout 300; - fastcgi_pass bulkapi_backend; - break; - } - - # Send requests for full objects to the bulk api backend - location ~ ^/api/0\.6/.*/full$ { - fastcgi_read_timeout 300; - fastcgi_pass bulkapi_backend; - break; - } - - # Handle the remaining api requests - location ~ ^/api/0\.6/ { - fastcgi_pass api_backend; - break; - } - - # Deny old and unknown API versions - location ~ ^/api/0\.[0-9]+/ { - return 404; - } - - # Send unversioned capabilities requests to the api backend - location = /api/capabilities { - fastcgi_pass api_backend; - break; - } - - # Send geocoder searches to the geocoder backend - location /geocoder/ { - fastcgi_pass geocoder_backend; - break; - } - - # Send everything else to the web backend unless it exists - # in the rails public tree - location / { - fastcgi_index index.html; - - if (!-f $request_filename) { - fastcgi_pass web_backend; - break; - } - } - - # Set the MIME type for crossdomain.xml policy files - # or flash will ignore it - location ~ /crossdomain\.xml$ { - types { - text/x-cross-domain-policy xml; - } - } - - # Give munin access to some statistics - location /server-status { - stub_status on; - access_log off; - allow 127.0.0.1; - deny all; - } - } -}