From e9e3644d71ff6c89810a305231484b5021e0f3f4 Mon Sep 17 00:00:00 2001 From: "root@culturestrings" Date: Wed, 3 Jun 2020 11:28:02 +0000 Subject: file-system layout: move /home/webroot to the (now encrypted) /srv directory. --- public/fs/etc/nginx/nginx.conf | 6 +++--- public/fs/etc/nginx/vhosts.d/culturestrings.org.conf | 6 +++--- public/fs/etc/nginx/vhosts.d/dev.midipix.org.conf | 6 +++--- public/fs/etc/nginx/vhosts.d/dl.foss21.org.conf | 6 +++--- public/fs/etc/nginx/vhosts.d/dl.midipix.org.conf | 6 +++--- public/fs/etc/nginx/vhosts.d/docs.foss21.org.conf | 6 +++--- public/fs/etc/nginx/vhosts.d/git.foss21.org.conf | 6 +++--- public/fs/etc/nginx/vhosts.d/git.midipix.org.conf | 6 +++--- public/fs/etc/nginx/vhosts.d/midipix.org.conf | 4 ++-- public/fs/etc/nginx/vhosts.d/mirror.midipix.org.conf | 6 +++--- public/fs/etc/nginx/vhosts.d/srcbase.foss21.org.conf | 6 +++--- public/fs/etc/nginx/vhosts.d/srcbase.midipix.org.conf | 6 +++--- public/fs/etc/nginx/vhosts.d/typography.culturestrings.org.conf | 6 +++--- public/fs/etc/nginx/vhosts.d/www.culturestrings.org.conf | 6 +++--- public/fs/etc/nginx/vhosts.d/www.midipix.org.conf | 4 ++-- public/fs/etc/openvpn/culturestrings.conf.in | 2 +- public/fs/etc/postfix/main.cf.in | 8 ++++---- 17 files changed, 48 insertions(+), 48 deletions(-) (limited to 'public/fs/etc') diff --git a/public/fs/etc/nginx/nginx.conf b/public/fs/etc/nginx/nginx.conf index 95c0731..cc7b95a 100644 --- a/public/fs/etc/nginx/nginx.conf +++ b/public/fs/etc/nginx/nginx.conf @@ -39,9 +39,9 @@ http { listen [::]:443 default_server ssl http2 ipv6only=off reuseport; server_name localhost; - ssl_certificate /home/webroot/culturestrings.org/ssl/fullchain.pem; - ssl_certificate_key /home/webroot/culturestrings.org/ssl/privkey.pem; - ssl_trusted_certificate /home/webroot/culturestrings.org/ssl/chain.pem; + ssl_certificate /srv/webroot/culturestrings.org/ssl/fullchain.pem; + ssl_certificate_key /srv/webroot/culturestrings.org/ssl/privkey.pem; + ssl_trusted_certificate /srv/webroot/culturestrings.org/ssl/chain.pem; location / { root /srv/www/htdocs/; diff --git a/public/fs/etc/nginx/vhosts.d/culturestrings.org.conf b/public/fs/etc/nginx/vhosts.d/culturestrings.org.conf index 37d50c4..1cd1362 100644 --- a/public/fs/etc/nginx/vhosts.d/culturestrings.org.conf +++ b/public/fs/etc/nginx/vhosts.d/culturestrings.org.conf @@ -20,9 +20,9 @@ server { ssi on; } - ssl_certificate /home/webroot/culturestrings.org/ssl/fullchain.pem; - ssl_certificate_key /home/webroot/culturestrings.org/ssl/privkey.pem; - ssl_trusted_certificate /home/webroot/culturestrings.org/ssl/chain.pem; + ssl_certificate /srv/webroot/culturestrings.org/ssl/fullchain.pem; + ssl_certificate_key /srv/webroot/culturestrings.org/ssl/privkey.pem; + ssl_trusted_certificate /srv/webroot/culturestrings.org/ssl/chain.pem; include conf.d/ssl_params; } diff --git a/public/fs/etc/nginx/vhosts.d/dev.midipix.org.conf b/public/fs/etc/nginx/vhosts.d/dev.midipix.org.conf index 2a47b07..bca8852 100644 --- a/public/fs/etc/nginx/vhosts.d/dev.midipix.org.conf +++ b/public/fs/etc/nginx/vhosts.d/dev.midipix.org.conf @@ -35,9 +35,9 @@ server { autoindex on; } - ssl_certificate /home/webroot/midipix.org/ssl/fullchain.pem; - ssl_certificate_key /home/webroot/midipix.org/ssl/privkey.pem; - ssl_trusted_certificate /home/webroot/midipix.org/ssl/chain.pem; + ssl_certificate /srv/webroot/midipix.org/ssl/fullchain.pem; + ssl_certificate_key /srv/webroot/midipix.org/ssl/privkey.pem; + ssl_trusted_certificate /srv/webroot/midipix.org/ssl/chain.pem; include conf.d/ssl_params; } diff --git a/public/fs/etc/nginx/vhosts.d/dl.foss21.org.conf b/public/fs/etc/nginx/vhosts.d/dl.foss21.org.conf index 241cca1..36dd0bd 100644 --- a/public/fs/etc/nginx/vhosts.d/dl.foss21.org.conf +++ b/public/fs/etc/nginx/vhosts.d/dl.foss21.org.conf @@ -14,9 +14,9 @@ server { ssi on; } - ssl_certificate /home/webroot/foss21.org/ssl/fullchain.pem; - ssl_certificate_key /home/webroot/foss21.org/ssl/privkey.pem; - ssl_trusted_certificate /home/webroot/foss21.org/ssl/chain.pem; + ssl_certificate /srv/webroot/foss21.org/ssl/fullchain.pem; + ssl_certificate_key /srv/webroot/foss21.org/ssl/privkey.pem; + ssl_trusted_certificate /srv/webroot/foss21.org/ssl/chain.pem; include conf.d/ssl_params; } diff --git a/public/fs/etc/nginx/vhosts.d/dl.midipix.org.conf b/public/fs/etc/nginx/vhosts.d/dl.midipix.org.conf index 6e00c1c..1b51e5a 100644 --- a/public/fs/etc/nginx/vhosts.d/dl.midipix.org.conf +++ b/public/fs/etc/nginx/vhosts.d/dl.midipix.org.conf @@ -14,9 +14,9 @@ server { ssi on; } - ssl_certificate /home/webroot/midipix.org/ssl/fullchain.pem; - ssl_certificate_key /home/webroot/midipix.org/ssl/privkey.pem; - ssl_trusted_certificate /home/webroot/midipix.org/ssl/chain.pem; + ssl_certificate /srv/webroot/midipix.org/ssl/fullchain.pem; + ssl_certificate_key /srv/webroot/midipix.org/ssl/privkey.pem; + ssl_trusted_certificate /srv/webroot/midipix.org/ssl/chain.pem; include conf.d/ssl_params; } diff --git a/public/fs/etc/nginx/vhosts.d/docs.foss21.org.conf b/public/fs/etc/nginx/vhosts.d/docs.foss21.org.conf index 797df4e..bddbcd2 100644 --- a/public/fs/etc/nginx/vhosts.d/docs.foss21.org.conf +++ b/public/fs/etc/nginx/vhosts.d/docs.foss21.org.conf @@ -30,9 +30,9 @@ server { alias /usr/lib/python3.6/site-packages/pagure/static/; } - ssl_certificate /home/webroot/foss21.org/ssl/fullchain.pem; - ssl_certificate_key /home/webroot/foss21.org/ssl/privkey.pem; - ssl_trusted_certificate /home/webroot/foss21.org/ssl/chain.pem; + ssl_certificate /srv/webroot/foss21.org/ssl/fullchain.pem; + ssl_certificate_key /srv/webroot/foss21.org/ssl/privkey.pem; + ssl_trusted_certificate /srv/webroot/foss21.org/ssl/chain.pem; include conf.d/ssl_params; } diff --git a/public/fs/etc/nginx/vhosts.d/git.foss21.org.conf b/public/fs/etc/nginx/vhosts.d/git.foss21.org.conf index 8205e6e..39a7d46 100644 --- a/public/fs/etc/nginx/vhosts.d/git.foss21.org.conf +++ b/public/fs/etc/nginx/vhosts.d/git.foss21.org.conf @@ -52,9 +52,9 @@ server { uwsgi_param QUERY_STRING $args; } - ssl_certificate /home/webroot/foss21.org/ssl/fullchain.pem; - ssl_certificate_key /home/webroot/foss21.org/ssl/privkey.pem; - ssl_trusted_certificate /home/webroot/foss21.org/ssl/chain.pem; + ssl_certificate /srv/webroot/foss21.org/ssl/fullchain.pem; + ssl_certificate_key /srv/webroot/foss21.org/ssl/privkey.pem; + ssl_trusted_certificate /srv/webroot/foss21.org/ssl/chain.pem; include conf.d/ssl_params; } diff --git a/public/fs/etc/nginx/vhosts.d/git.midipix.org.conf b/public/fs/etc/nginx/vhosts.d/git.midipix.org.conf index 48e2d62..da9030a 100644 --- a/public/fs/etc/nginx/vhosts.d/git.midipix.org.conf +++ b/public/fs/etc/nginx/vhosts.d/git.midipix.org.conf @@ -52,9 +52,9 @@ server { uwsgi_param QUERY_STRING $args; } - ssl_certificate /home/webroot/midipix.org/ssl/fullchain.pem; - ssl_certificate_key /home/webroot/midipix.org/ssl/privkey.pem; - ssl_trusted_certificate /home/webroot/midipix.org/ssl/chain.pem; + ssl_certificate /srv/webroot/midipix.org/ssl/fullchain.pem; + ssl_certificate_key /srv/webroot/midipix.org/ssl/privkey.pem; + ssl_trusted_certificate /srv/webroot/midipix.org/ssl/chain.pem; include conf.d/ssl_params; } diff --git a/public/fs/etc/nginx/vhosts.d/midipix.org.conf b/public/fs/etc/nginx/vhosts.d/midipix.org.conf index 978b767..6ab2cb4 100644 --- a/public/fs/etc/nginx/vhosts.d/midipix.org.conf +++ b/public/fs/etc/nginx/vhosts.d/midipix.org.conf @@ -26,8 +26,8 @@ server { ssi on; } - ssl_certificate /home/webroot/midipix.org/ssl/gandi/midipix.org.pem; - ssl_certificate_key /home/webroot/midipix.org/ssl/gandi/midipix.org.key; + ssl_certificate /srv/webroot/midipix.org/ssl/gandi/midipix.org.pem; + ssl_certificate_key /srv/webroot/midipix.org/ssl/gandi/midipix.org.key; include conf.d/ssl_params; } diff --git a/public/fs/etc/nginx/vhosts.d/mirror.midipix.org.conf b/public/fs/etc/nginx/vhosts.d/mirror.midipix.org.conf index 7a6a1e2..9bf532b 100644 --- a/public/fs/etc/nginx/vhosts.d/mirror.midipix.org.conf +++ b/public/fs/etc/nginx/vhosts.d/mirror.midipix.org.conf @@ -14,9 +14,9 @@ server { ssi on; } - ssl_certificate /home/webroot/midipix.org/ssl/fullchain.pem; - ssl_certificate_key /home/webroot/midipix.org/ssl/privkey.pem; - ssl_trusted_certificate /home/webroot/midipix.org/ssl/chain.pem; + ssl_certificate /srv/webroot/midipix.org/ssl/fullchain.pem; + ssl_certificate_key /srv/webroot/midipix.org/ssl/privkey.pem; + ssl_trusted_certificate /srv/webroot/midipix.org/ssl/chain.pem; include conf.d/ssl_params; } diff --git a/public/fs/etc/nginx/vhosts.d/srcbase.foss21.org.conf b/public/fs/etc/nginx/vhosts.d/srcbase.foss21.org.conf index 20a302d..ac9dafc 100644 --- a/public/fs/etc/nginx/vhosts.d/srcbase.foss21.org.conf +++ b/public/fs/etc/nginx/vhosts.d/srcbase.foss21.org.conf @@ -14,9 +14,9 @@ server { ssi on; } - ssl_certificate /home/webroot/foss21.org/ssl/fullchain.pem; - ssl_certificate_key /home/webroot/foss21.org/ssl/privkey.pem; - ssl_trusted_certificate /home/webroot/foss21.org/ssl/chain.pem; + ssl_certificate /srv/webroot/foss21.org/ssl/fullchain.pem; + ssl_certificate_key /srv/webroot/foss21.org/ssl/privkey.pem; + ssl_trusted_certificate /srv/webroot/foss21.org/ssl/chain.pem; include conf.d/ssl_params; } diff --git a/public/fs/etc/nginx/vhosts.d/srcbase.midipix.org.conf b/public/fs/etc/nginx/vhosts.d/srcbase.midipix.org.conf index 2b8b39c..cee190b 100644 --- a/public/fs/etc/nginx/vhosts.d/srcbase.midipix.org.conf +++ b/public/fs/etc/nginx/vhosts.d/srcbase.midipix.org.conf @@ -14,9 +14,9 @@ server { ssi on; } - ssl_certificate /home/webroot/midipix.org/ssl/fullchain.pem; - ssl_certificate_key /home/webroot/midipix.org/ssl/privkey.pem; - ssl_trusted_certificate /home/webroot/midipix.org/ssl/chain.pem; + ssl_certificate /srv/webroot/midipix.org/ssl/fullchain.pem; + ssl_certificate_key /srv/webroot/midipix.org/ssl/privkey.pem; + ssl_trusted_certificate /srv/webroot/midipix.org/ssl/chain.pem; include conf.d/ssl_params; } diff --git a/public/fs/etc/nginx/vhosts.d/typography.culturestrings.org.conf b/public/fs/etc/nginx/vhosts.d/typography.culturestrings.org.conf index ff0f39d..d44ac11 100644 --- a/public/fs/etc/nginx/vhosts.d/typography.culturestrings.org.conf +++ b/public/fs/etc/nginx/vhosts.d/typography.culturestrings.org.conf @@ -14,9 +14,9 @@ server { ssi on; } - ssl_certificate /home/webroot/culturestrings.org/ssl/fullchain.pem; - ssl_certificate_key /home/webroot/culturestrings.org/ssl/privkey.pem; - ssl_trusted_certificate /home/webroot/culturestrings.org/ssl/chain.pem; + ssl_certificate /srv/webroot/culturestrings.org/ssl/fullchain.pem; + ssl_certificate_key /srv/webroot/culturestrings.org/ssl/privkey.pem; + ssl_trusted_certificate /srv/webroot/culturestrings.org/ssl/chain.pem; include conf.d/ssl_params; } diff --git a/public/fs/etc/nginx/vhosts.d/www.culturestrings.org.conf b/public/fs/etc/nginx/vhosts.d/www.culturestrings.org.conf index 00a0621..7d17cfc 100644 --- a/public/fs/etc/nginx/vhosts.d/www.culturestrings.org.conf +++ b/public/fs/etc/nginx/vhosts.d/www.culturestrings.org.conf @@ -20,9 +20,9 @@ server { ssi on; } - ssl_certificate /home/webroot/culturestrings.org/ssl/fullchain.pem; - ssl_certificate_key /home/webroot/culturestrings.org/ssl/privkey.pem; - ssl_trusted_certificate /home/webroot/culturestrings.org/ssl/chain.pem; + ssl_certificate /srv/webroot/culturestrings.org/ssl/fullchain.pem; + ssl_certificate_key /srv/webroot/culturestrings.org/ssl/privkey.pem; + ssl_trusted_certificate /srv/webroot/culturestrings.org/ssl/chain.pem; include conf.d/ssl_params; } diff --git a/public/fs/etc/nginx/vhosts.d/www.midipix.org.conf b/public/fs/etc/nginx/vhosts.d/www.midipix.org.conf index 1a4a9bb..304212c 100644 --- a/public/fs/etc/nginx/vhosts.d/www.midipix.org.conf +++ b/public/fs/etc/nginx/vhosts.d/www.midipix.org.conf @@ -26,8 +26,8 @@ server { ssi on; } - ssl_certificate /home/webroot/midipix.org/ssl/gandi/midipix.org.pem; - ssl_certificate_key /home/webroot/midipix.org/ssl/gandi/midipix.org.key; + ssl_certificate /srv/webroot/midipix.org/ssl/gandi/midipix.org.pem; + ssl_certificate_key /srv/webroot/midipix.org/ssl/gandi/midipix.org.key; include conf.d/ssl_params; } diff --git a/public/fs/etc/openvpn/culturestrings.conf.in b/public/fs/etc/openvpn/culturestrings.conf.in index 9598f5d..eaea36b 100644 --- a/public/fs/etc/openvpn/culturestrings.conf.in +++ b/public/fs/etc/openvpn/culturestrings.conf.in @@ -9,7 +9,7 @@ cipher AES-256-CBC ca /etc/easy-rsa/pki/ca.crt cert /etc/easy-rsa/pki/issued/culturestrings.crt -askpass /home/webroot/openvpn/culturestrings.pass +askpass /srv/webroot/openvpn/culturestrings.pass key /etc/easy-rsa/pki/private/culturestrings.key dh /etc/easy-rsa/pki/dh.pem diff --git a/public/fs/etc/postfix/main.cf.in b/public/fs/etc/postfix/main.cf.in index 4ed819e..bcae80e 100644 --- a/public/fs/etc/postfix/main.cf.in +++ b/public/fs/etc/postfix/main.cf.in @@ -36,10 +36,10 @@ smtp_tls_loglevel = 3 smtp_tls_security_level = encrypt smtp_tls_CApath = /etc/ssl/certs -smtp_tls_CAfile = /home/webroot/culturestrings.org/ssl/cert.pem +smtp_tls_CAfile = /srv/webroot/culturestrings.org/ssl/cert.pem -smtpd_tls_key_file = /home/webroot/culturestrings.org/ssl/privkey.pem -smtpd_tls_cert_file = /home/webroot/culturestrings.org/ssl/fullchain.pem +smtpd_tls_key_file = /srv/webroot/culturestrings.org/ssl/privkey.pem +smtpd_tls_cert_file = /srv/webroot/culturestrings.org/ssl/fullchain.pem smtpd_tls_loglevel = 3 smtpd_tls_security_level = encrypt @@ -50,7 +50,7 @@ smtpd_tls_auth_only = yes smtpd_tls_received_header = yes smtpd_tls_CApath = /etc/ssl/certs -smtpd_tls_CAfile = /home/webroot/culturestrings.org/ssl/cert.pem +smtpd_tls_CAfile = /srv/webroot/culturestrings.org/ssl/cert.pem meta_directory = /usr/lib/postfix setgid_group = maildrop -- cgit v1.2.3