server { listen 80; listen [::]:80; server_name demo.taler.net bank.demo.taler.net shop.demo.taler.net sync.demo.taler.net donations.demo.taler.net survey.demo.taler.net auditor.demo.taler.net exchange.demo.taler.net backoffice.demo.taler.net woocommerce.demo.taler.net; # 301-based ridirects allows the user agent to *change* the # method used in the second request. This breaks all the API # using POST, as some user agents do the second request using # GET. 307 is meant to tell the user agent to not change the # method in the second request. include conf.d/acme-challenge.conf; if ($request_method = POST) { return 307 https://$host$request_uri; } return 301 https://$host$request_uri; } server { server_name demo.taler.net; listen 443 ssl; listen [::]:443 ssl; include conf.d/talerssl.conf; include conf.d/acme-challenge.conf; location @green { add_header X-Taler-Deployment-Color green; root /home/demo-green/local/share/taler-landing; } location @blue { add_header X-Taler-Deployment-Color blue; root /home/demo-blue/local/share/taler-landing; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; rewrite ^/$ /en/ redirect; rewrite ^/(..)/$ /$1/index.html break; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } root /home/demo/active-home/local/share/taler-landing; } include conf.d/favicon_robots.conf; } server { server_name auditor.demo.taler.net; listen 443 ssl; listen [::]:443 ssl; root /dev/null; include conf.d/talerssl.conf; include conf.d/acme-challenge.conf; location @green { add_header X-Taler-Deployment-Color green; root /home/demo-green/local/share/taler-auditor; proxy_pass http://unix:/home/demo-green/sockets/auditor.http; } location @blue { add_header X-Taler-Deployment-Color blue; root /home/demo-blue/local/share/taler-auditor; proxy_pass http://unix:/home/demo-blue/sockets/auditor.http; } location /service { rewrite "^/service/(.*)" /$1 break; proxy_pass http://unix:/home/demo/active-home/sockets/auditor.http:/; } location /reports { autoindex on; root /home/demo-auditor/taler-data/auditor; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; rewrite ^/$ /en/ redirect; rewrite ^/(..)/$ /$1/index.html break; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } root /home/demo/auditor; } include conf.d/favicon_robots.conf; } server { server_name exchange.demo.taler.net; listen 443 ssl; listen [::]:443 ssl; root /dev/null; include conf.d/talerssl.conf; include conf.d/acme-challenge.conf; location @blue-admin { add_header X-Taler-Deployment-Color blue; proxy_pass http://unix:/home/demo-blue/sockets/exchange-admin.http; proxy_redirect off; proxy_set_header Host $host; } location @green-admin { add_header X-Taler-Deployment-Color green; proxy_pass http://unix:/home/demo-green/sockets/exchange-admin.http; proxy_redirect off; proxy_set_header Host $host; } location @blue { add_header X-Taler-Deployment-Color blue; proxy_pass http://unix:/home/demo-blue/sockets/exchange.http; proxy_redirect off; proxy_set_header Host $host; } location @green { add_header X-Taler-Deployment-Color green; proxy_pass http://unix:/home/demo-green/sockets/exchange.http; proxy_redirect off; proxy_set_header Host $host; } location /admin { error_page 418 = @blue-admin; error_page 419 = @green-admin; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } proxy_pass http://unix:/home/demo/active-home/sockets/exchange-admin.http; proxy_redirect off; proxy_set_header Host $host; } location / { error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } proxy_pass http://unix:/home/demo/active-home/sockets/exchange.http:/; proxy_redirect off; proxy_set_header Host $host; } } server { server_name sync.demo.taler.net; listen 443 ssl; listen [::]:443 ssl; root /dev/null; include conf.d/talerssl.conf; include conf.d/acme-challenge.conf; location @blue { add_header X-Taler-Deployment-Color blue; proxy_pass http://unix:/home/demo-blue/sockets/sync.http; proxy_redirect off; proxy_set_header Host $host; } location @green { add_header X-Taler-Deployment-Color green; proxy_pass http://unix:/home/demo-green/sockets/sync.http; proxy_redirect off; proxy_set_header Host $host; } location / { error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } proxy_pass http://unix:/home/demo/active-home/sockets/sync.http:/; proxy_redirect off; proxy_set_header Host $host; } } server { server_name shop.demo.taler.net; listen 443 ssl; listen [::]:443 ssl; root /dev/null; include conf.d/talerssl.conf; include conf.d/acme-challenge.conf; location @blue { add_header X-Taler-Deployment-Color blue; uwsgi_pass unix:/home/demo-blue/sockets/shop.uwsgi; include conf.d/uwsgi_params; } location @green { add_header X-Taler-Deployment-Color green; uwsgi_pass unix:/home/demo-green/sockets/shop.uwsgi; include conf.d/uwsgi_params; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } uwsgi_pass unix:/home/demo/active-home/sockets/shop.uwsgi; include conf.d/uwsgi_params; } include conf.d/favicon_robots.conf; } server { server_name playground.demo.taler.net; listen 443 ssl; listen [::]:443 ssl; root /dev/null; include conf.d/talerssl.conf; include conf.d/acme-challenge.conf; location @blue { add_header X-Taler-Deployment-Color blue; uwsgi_pass unix:/home/demo-blue/sockets/playground.uwsgi; include conf.d/uwsgi_params; } location @green { add_header X-Taler-Deployment-Color green; uwsgi_pass unix:/home/demo-green/sockets/playground.uwsgi; include conf.d/uwsgi_params; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } uwsgi_pass unix:/home/demo/active-home/sockets/playground.uwsgi; include conf.d/uwsgi_params; } include conf.d/favicon_robots.conf; } server { server_name backend.demo.taler.net; listen 443 ssl; listen 80; listen [::]:443 ssl; listen [::]:80; include conf.d/talerssl.conf; include conf.d/acme-challenge.conf; location @blue { add_header X-Taler-Deployment-Color blue; proxy_pass http://unix:/home/demo-blue/sockets/merchant.http; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host "backend.demo.taler.net"; proxy_set_header X-Forwarded-Proto "https"; } location @green { add_header X-Taler-Deployment-Color green; proxy_pass http://unix:/home/demo-green/sockets/merchant.http; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host "backend.demo.taler.net"; proxy_set_header X-Forwarded-Proto "https"; } location /public { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } proxy_set_header X-Forwarded-Host "backend.demo.taler.net"; proxy_set_header X-Forwarded-Proto "https"; proxy_pass http://unix:/home/demo/active-home/sockets/merchant.http:/public; proxy_redirect off; proxy_set_header Host $host; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; # match the ApiKey part ignoring case, and the actual key # with case-sensitivity on. if ($http_authorization !~ "(?i)ApiKey (?-i)sandbox") { return 401; } if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } proxy_set_header X-Forwarded-Host "backend.demo.taler.net"; proxy_set_header X-Forwarded-Proto "https"; proxy_pass http://unix:/home/demo/active-home/sockets/merchant.http:/; proxy_redirect off; proxy_set_header Host $host; } } server { server_name survey.demo.taler.net; listen 443 ssl; listen [::]:443 ssl; include conf.d/talerssl.conf; include conf.d/acme-challenge.conf; location / { uwsgi_pass unix:/home/demo/active-home/sockets/survey.uwsgi; include conf.d/uwsgi_params; } } server { server_name donations.demo.taler.net; listen 443 ssl; listen [::]:443 ssl; include conf.d/talerssl.conf; include conf.d/acme-challenge.conf; location @blue { add_header X-Taler-Deployment-Color blue; uwsgi_pass unix:/home/demo-blue/sockets/donations.uwsgi; include conf.d/uwsgi_params; } location @green { add_header X-Taler-Deployment-Color green; uwsgi_pass unix:/home/demo-green/sockets/donations.uwsgi; include conf.d/uwsgi_params; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } uwsgi_pass unix:/home/demo/active-home/sockets/donations.uwsgi; include conf.d/uwsgi_params; } include conf.d/favicon_robots.conf; } server { server_name bank.demo.taler.net; listen 443 ssl; listen [::]:443 ssl; include conf.d/talerssl.conf; include conf.d/acme-challenge.conf; location @blue { add_header X-Taler-Deployment-Color blue; uwsgi_pass unix:/home/demo-blue/sockets/bank.uwsgi; include conf.d/uwsgi_params; } location @green { add_header X-Taler-Deployment-Color green; uwsgi_pass unix:/home/demo-green/sockets/bank.uwsgi; include conf.d/uwsgi_params; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } uwsgi_pass unix:/home/demo/active-home/sockets/bank.uwsgi; include conf.d/uwsgi_params; } include conf.d/favicon_robots.conf; } server { server_name backoffice.demo.taler.net; listen 443 ssl; listen [::]:443 ssl; include conf.d/talerssl.conf; include conf.d/acme-challenge.conf; location @blue { add_header X-Taler-Deployment-Color blue; uwsgi_pass unix:/home/demo-blue/sockets/backoffice.uwsgi; include conf.d/uwsgi_params; } location @green { add_header X-Taler-Deployment-Color green; uwsgi_pass unix:/home/demo-green/sockets/backoffice.uwsgi; include conf.d/uwsgi_params; } location / { # Redirection technique explainted at # https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ error_page 418 = @blue; error_page 419 = @green; recursive_error_pages on; if ($http_x_taler_deployment_color ~ "blue") { return 418; } if ($http_x_taler_deployment_color ~ "green") { return 419; } uwsgi_pass unix:/home/demo/active-home/sockets/backoffice.uwsgi; include conf.d/uwsgi_params; } include conf.d/favicon_robots.conf; } server { server_name woocommerce.demo.taler.net; listen [::]:443 ssl; include conf.d/talerssl.conf; include conf.d/acme-challenge.conf; include conf.d/favicon_robots.conf; root /dev/null; }