Jazzy Jones samjaninf

README

This gist assumes you are migrating an existing site for www.example.com — ideally WordPress — to a new server — ideally Ubuntu Server 16.04 LTS — and wish to enable HTTP/2 (backwards compatibile with HTTP/1.1) with always-on HTTPS, caching, compression, and more. Although these instructions are geared towards WordPress, they should be trivially extensible to other PHP frameworks, other FastCGI backends, and even non-FastCGI backends (using proxy in lieu of fastcgi in the terminal Caddyfile stanza).

Quickstart: Use your own naked and canonical domain names instead of example.com and www.example.com and customize the Caddyfile and VCL provided in this gist to your preferences!

These instructions target Varnish Cache 4.1, PHP-FPM 7.0, and Caddy 0.10. (I'm using MariaDB 10.1 as well, but that's not relevant to this guide.)

	using SHA

	"""
	An individual block structure
	"""
	struct Block
	index::Int
	timestamp::DateTime
	data::String
	previous_hash::String

	<?xml version="1.0" encoding="UTF-8"?>
	<!DOCTYPE MudletPackage>
	<MudletPackage version="1.0">
	<TriggerPackage>
	<TriggerGroup isActive="yes" isFolder="yes" isTempTrigger="no" isMultiline="no" isPerlSlashGOption="no" isColorizerTrigger="no" isFilterTrigger="no" isSoundTrigger="no" isColorTrigger="no" isColorTriggerFg="no" isColorTriggerBg="no">
	<name>DBI Triggers Group</name>
	<script></script>
	<triggerType>0</triggerType>
	<conditonLineDelta>0</conditonLineDelta>
	<mStayOpen>0</mStayOpen>

	https://www.google.com/fusiontables/DataSource?docid=1qwHuS2zIBqK_xxTtg-j_loRHqCVpcld-a2Q6kM0#rows:id=1

	Emergency Preparedness

	Pioneering Wireless

	Offbeat Internet

	Application Software

	/etc/systemd/system/renew-letsencrypt.service

	[Unit]
	Description=Renew Let's Encrypt certificates
	After=network-online.target

	[Service]
	Type=oneshot
	# check for renewal, only start/stop nginx if certs need to be renewed
	ExecStart=/usr/bin/certbot renew --quiet --agree-tos

	# Advanced config for NGINX
	server_tokens off;
	add_header X-XSS-Protection "1; mode=block";
	add_header X-Content-Type-Options nosniff;

	# Redirect all HTTP traffic to HTTPS
	server {
	listen 80;
	server_name www.domain.com domain.com;
	return 301 https://$host$request_uri;

	[Unit]
	Description=WS02 Identity Server

	[Service]
	Type=simple
	PIDFile=/opt/WSO2/wso2is-5.4.0/wso2carbon.pid
	Environment=JAVA_HOME=/usr/java/jdk1.8.0_161
	Environment=CARBON_HOME=/opt/WSO2/wso2is-5.4.0
	User=wso2
	PermissionsStartOnly=true

	{
	"kind": "Template",
	"apiVersion": "v1",
	"metadata": {
	"name": "gitlab-ce",
	"annotations": {
	"iconClass": "icon-gitlab",
	"description": "GitLab. Collaboration and source control management: code, test, and deploy together! \n\n GitLab requries that the serviceaccount for the main GitLab app be added to the anyuid security context. The service account name is: <application name>-user",
	"tags": "instant-app,gitlab,VCS,ci-cd"
	}

	This was located at: https://blog.nousefreak.be/blog/letsencrypt-nginx-reverse-proxy

	Letsencrypt: nginx reverse proxy
	TLS certificates (or SSL certificates) is something lots of people might have wanted, but they rarely were willing to spend their money on it. Since a few days letsencrypt solves this problem. At least for those who run their own server. Letsencrypt comes with a different approach to certificate request and certificate require times, aiming for a more automated future.

	Letsencrypt
	Now that letsencrypt is in public beta everyone can benifit from it and provide a secure connection for their website users.
	Because letsencrypt will only provide certificates that are valid for a maximum of 90 days, you will likely want to automate the renewal process.

	Nginx