Permalink
Browse files

* IPv6 setup and Redmine config redmine reference on README.

  • Loading branch information...
perusio committed Apr 15, 2012
1 parent 0f819dc commit f948044d588c57fa747edab15066ea63dda726aa
Showing with 35 additions and 11 deletions.
  1. +9 −2 README.md
  2. +13 −5 sites-available/secure.webmail.example.com.conf
  3. +13 −4 sites-available/webmail.example.com.conf
View
@@ -33,9 +33,13 @@ written in PHP.
The configuration of the example vhosts uses **separate** sockets for
IPv6 and IPv4. This way is simpler for those not (yet) having IPv6
-support to disabli it by commenting out the
+support to disable it by commenting out the
[`listen`](http://nginx.org/en/docs/http/ngx_http_core_module.html#listen)
-directive relative to IPv6.
+directive with the `ipv6only=on` parameter.
+
+Note that the IPv6 address uses an IP _stolen_ from the
+[IPv6 Wikipedia page](https://en.wikipedia.org/wiki/IPv6). You **must
+replace** the indicated address by **your** address.
## Installation
@@ -155,6 +159,9 @@ directive relative to IPv6.
+ [Piwik](https://github.com/perusio/piwik-nginx "Piwik Nginx configuration")
+ + [Redmine](https://github.com/perusio/redmine-nginx "Redmine Nginx
+ configuration")
+
## Securing your PHP configuration
There's a small shell script that parses your `php.ini` and
@@ -5,10 +5,15 @@
server {
## This is to avoid the spurious if for sub-domain name
## rewriting. See http://wiki.nginx.org/Pitfalls#Server_Name.
+
listen 80;
- listen [::]:80 ipv6only=on;
- listen 443 ssl;
- listen [::]:443 ssl ipv6only=on; # ipv6
+ listen 443;
+
+ ## Replace the IPv6 address by your own address. The address below
+ ## was stolen from the wikipedia page on IPv6.
+ listen [fe80::202:b3ff:fe1e:8329]:80 ipv6only=on;
+ listen [fe80::202:b3ff:fe1e:8329]:443 ssl ipv6only=on;
+
server_name www.webmail.example.com;
## Server certificate and key.
@@ -21,8 +26,11 @@ server {
} # server domain rewrite.
server {
- listen 443 ssl;
- listen [::]:443 ssl ipv6only=on; # ipv6
+ listen 443 ssl; # IPv4 socket listening on all addresses.
+ ## Replace the IPv6 address by your own address. The address below
+ ## was stolen from the wikipedia page on IPv6.
+ listen [fe80::202:b3ff:fe1e:8329]:443 ssl ipv6only=on;
+
limit_conn arbeit 32;
server_name webmail.example.com;
@@ -5,16 +5,25 @@
server {
## This is to avoid the spurious if for sub-domain name
## rewriting. See http://wiki.nginx.org/Pitfalls#Server_Name.
- listen 80;
- listen [::]:80 ipv6only=on;
+ listen 80; # IPv4
+
+ ## Replace the IPv6 address by your own address. The address below
+ ## was stolen from the wikipedia page on IPv6.
+ listen [fe80::202:b3ff:fe1e:8329]:80 ipv6only=on;
+
server_name www.webmail.example.com;
+
return 301 https://webmail.example.com$request_uri;
} # server domain rewrite.
server {
- listen 80;
- listen [::]:80 ipv6only=on;
+ listen 80;# IPv4
+
+ ## Replace the IPv6 address by your own address. The address below
+ ## was stolen from the wikipedia page on IPv6.
+ listen [fe80::202:b3ff:fe1e:8329]:80 ipv6only=on;
+
server_name webmail.example.conf;
limit_conn arbeit 32;

0 comments on commit f948044

Please sign in to comment.