1
0
Commit Graph

7 Commits

Author SHA1 Message Date
Yves Blusseau
1f678ed2c2 Revert "Set /.well-known/acme-challenge nginx location path as prefix string (#192)"
Don't need to use a regexp because the vhost.d/default configuration must be include
specificaly in each server configurations by the nginx.tmpl template file.
Something like:

{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
include {{ printf "/etc/nginx/vhost.d/%s" $host }};
{{ else if (exists "/etc/nginx/vhost.d/default") }}
include /etc/nginx/vhost.d/default;
{{ end }}
2017-07-02 11:26:10 +02:00
Julien Blondeau
a9b9c74c07 Set /.well-known/acme-challenge nginx location path as prefix string (#192)
In nginx.tmpl, vhosts.d are included before the 'location /' target, and last basic location wins.
If our /.well-known location is defined as a prefix string (or as a regex), it takes priority over basic locations
Details on http://nginx.org/en/docs/http/ngx_http_core_module.html#location
2017-04-13 12:08:32 +02:00
Ben Smith
e2f0abfa3e enable public access to validation endpoints despite existing IP whitelisting or basic auth settings 2016-05-23 15:04:38 -04:00
MrsKensington
76ed161b35 break in location in case the upstream is protected
Add a break into the letsencrypt block so that no more rules are executed otherwise if you have a block like...

    ## Start of configuration add by letsencrypt container
    location /.well-known/acme-challenge/ {
        auth_basic off;
        root /usr/share/nginx/html;
        try_files $uri =404;
    }
    ## End of configuration add by letsencrypt container

    if (!-f /code/home/cookies/$cookie_AUTH_COOKIE) {
        rewrite ^ https://auth.example.org break;
    }

Then lets encrypt never manages to verify the domain as the request gets re-written to the authentication URL.
2016-05-06 18:47:50 +01:00
Yves Blusseau
ae21e245e3 Change default location to only manage .well-known/acme-challenge 2016-05-01 11:30:30 +02:00
JSurf
9bb159be51 Disable basic auth for letsencrypt challenge 2016-01-27 14:55:24 +01:00
JrCs
459b1ed3c9 Create location configurations automatically 2016-01-01 14:35:03 +01:00