diff --git a/.github/workflows/molecule_tests.yml b/.github/workflows/molecule_tests.yml index a30b32a9d1..54e3a29dfd 100644 --- a/.github/workflows/molecule_tests.yml +++ b/.github/workflows/molecule_tests.yml @@ -36,7 +36,6 @@ jobs: - figgy_pubsub_worker - fits - freetds - - geaccirc - gitlab # - geoserver - hr_share diff --git a/group_vars/geaccirc/common.yml b/group_vars/geaccirc/common.yml deleted file mode 100644 index db9895ef9e..0000000000 --- a/group_vars/geaccirc/common.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -desired_nodejs_version: "v20.11.1" -postgresql_is_local: false -postgres_admin_user: "postgres" -postgres_admin_password: '{{ vault_postgres_admin_password }}' -postgres_version: 15 -postgres_port: "5432" -pg_hba_contype: "host" -pg_hba_postgresql_user: "all" -pg_hba_postgresql_database: "all" -pg_hba_method: "md5" -pg_hba_source: "{{ ansible_host }}/32" -postgres_is_local: false -passenger_app_env: "production" -rails_app_env: "production" -app_db_host: '{{ postgres_host }}' -application_dbuser_password: "{{ app_db_password }}" -application_db_name: '{{ app_db_name }}' -application_dbuser_name: '{{ app_db_user }}' -application_dbuser_role_attr_flags: 'CREATEDB' -application_host_protocol: 'https' -running_on_server: true -ruby_version_override: "ruby-3.3.6" -install_ruby_from_source: true -passenger_ruby: "/usr/local/bin/ruby" -passenger_extra_http_config: - - "passenger_preload_bundler on;" diff --git a/group_vars/geaccirc/production.yml b/group_vars/geaccirc/production.yml deleted file mode 100644 index 1451a49b94..0000000000 --- a/group_vars/geaccirc/production.yml +++ /dev/null @@ -1,39 +0,0 @@ ---- -postgres_host: "lib-postgres-prod1.princeton.edu" -passenger_server_name: "geaccirc1.princeton.edu" -app_db_name: 'geaccirc_production' -app_db_user: 'geaccirc_production' -app_db_password: '{{ vault_geaccirc_prod_db_password }}' -app_secret_key: '{{ vault_geaccirc_prod_secret_key }}' -app_secret_key_base: '{{ vault_geaccirc_prod_secret_key_base }}' -app_host_name: 'geaccirc.princeton.edu' - -datadog_api_key: "{{ vault_datadog_key }}" - -datadog_config: - log_enabled: true - apm_enabled: true - process_config: - enabled: true - apm_config: - analyzed_spans: - geaccirc|rack.request: 1 - filter_tags: - reject: ["http.useragent:nginx/1.23.4 (health check)", "operation:heartbeat", "operation:job_fetch", "operation:scheduled_push", "operation:scheduled_poller_wait"] -datadog_checks: - tls: - init_config: - instances: - - server: geaccirc.princeton.edu - port: 443 - tags: - - 'tls_service:geaccirc' - approval_datadog_ruby_check: - init_config: - logs: - - type: file - path: /opt/geaccirc/current/log/production.log - service: geaccirc - source: ruby - sourcecategory: sourcecode - tags: "geaccirc, environment:production, role:geaccirc" diff --git a/group_vars/geaccirc/staging.yml b/group_vars/geaccirc/staging.yml deleted file mode 100644 index 44e6d819b8..0000000000 --- a/group_vars/geaccirc/staging.yml +++ /dev/null @@ -1,9 +0,0 @@ ---- -postgres_host: "lib-postgres-staging1.princeton.edu" -passenger_server_name: "geaccirc-staging1.princeton.edu" -app_db_name: 'geaccirc_staging' -app_db_user: 'geaccirc_staging' -app_db_password: '{{ vault_geaccirc_staging_db_password }}' -app_secret_key: '{{ vault_geaccirc_staging_secret_key }}' -app_secret_key_base: '{{ vault_geaccirc_staging_secret_key_base }}' -app_host_name: 'geaccirc-staging.princeton.edu' diff --git a/group_vars/geaccirc/vault.yml b/group_vars/geaccirc/vault.yml deleted file mode 100644 index b57e7449cc..0000000000 --- a/group_vars/geaccirc/vault.yml +++ /dev/null @@ -1,45 +0,0 @@ -$ANSIBLE_VAULT;1.1;AES256 -66643137333565353734343663363632396538343337343761303231643966366431643361373266 -6137343539623638613136336230616435646664353533300a303831303766393165333339383265 -35333337383435623830373834373537316131336565656633663138316534303235363737346262 -3866366237323461350a613161626466323734633034356661346666303164623037663866356661 -64323531643031313732623662326361663137373363623832346633306134373463316631623566 -62633235316636353332616530316362633333633763363937313230613534356366336336653637 -36343339373530393332376663653539343931363763363031323038333862383334326230643565 -33623334663564623736623164363730666566343263323634376632313633323162666332333665 -30633239323530666530366564386564613831376434666163663032333633396139616662653339 -38356134303065383635373865643433653934313734353362313565353165363338623163653631 -36353061636337396663623563353531613164333936333862643663303431343962353562383234 -35623633376563323761633032376462623137323837333239643537373330353065303564656138 -37663330656565333736653033623933396236343730363232393039306231633033333262623835 -63633833386461366264653166626361356630616662663835666436636236666337633262306230 -30623465393763663638643036363863356539303362303331363039386337353864353234323838 -64646163333838336234333631373436363239663431643565383162393130666561613664626661 -33393539626565636236313235613534373363656431373730623837623930616532393438656333 -63363735373434613261316135643732643965613963313866366366616664313764393662316136 -66316537653163643832613431653036613034633462336338636538633431383362663331326138 -65663764393965666566303537333463366233363230636561303638623839383530623831333034 -37333338376262363938356233333664313431623239656463633733326362623263383461336639 -37346333363664663761656133623937623765373261333335373262373262376339313238393238 -37613134363532366539303137663465343034383239343864623839386361633962343731386637 -66666135373635633830333630643563666536346661643730333233343336376363636433613063 -37643637383864346365323239646463656465643661396362386565623061323739326335376465 -61386637326437343338366134343630346335346262393936633734343431396234646265336136 -30376663633361303231323933393435663066623336623064306666333133393163333332353364 -34303038633037346238633534636664643036643533326437666263656232376234353831653663 -38373239323866653266643139343934393166343232396561643934613666336233333739626334 -39623637643663653764626563613436663834356230383839316562326637353336336162383530 -37393038363439366662646465616463323537353762306235383832373064633365306263373232 -31363339623562313665613930323063383761303130313733666534376663323638326639316634 -61626539383461653336353033656366346365316435313937396264353562633663663039313864 -33346334363862393565623132636131663564393633306666623535646165356566653139393238 -39353266396630326437663434633138643130653739393865363437363661363038656137326230 -63303836653439313938613735373538636335633432626662356662663863646263663137396362 -66643034353932663766356365386439636237303164653066633438326464333534316234323737 -34333463336265653431336461356135303534653963666164323062373236313135323865613063 -32653062653462363561333838376234653464336335303030303962336537353531303665616165 -32373131353739353861343437626431366462333036636664363234643033386262383336313331 -34636531326637396130326465666566323439643563643639643465363232333539313062373834 -38383563343034663239356134613563363161653336626433393861666336306465333431643730 -31653739303233616233363364366563616339643666313539636233303430313961613036396336 -33346537373539383962 diff --git a/inventory/all_projects/geaccirc b/inventory/all_projects/geaccirc deleted file mode 100644 index a6b08fbac3..0000000000 --- a/inventory/all_projects/geaccirc +++ /dev/null @@ -1,6 +0,0 @@ -[geaccirc_staging] -# geaccirc-staging1.princeton.edu -geaccirc-staging2.princeton.edu -[geaccirc_production] -# geaccirc1.princeton.edu -geaccirc2.princeton.edu diff --git a/inventory/by_environment/production b/inventory/by_environment/production index bc276efde7..1cd2998975 100644 --- a/inventory/by_environment/production +++ b/inventory/by_environment/production @@ -17,7 +17,6 @@ eal_production ealapps_production ezproxy_production figgy_production -geaccirc_production geniza_production gitlab_production lae_production diff --git a/inventory/by_environment/staging b/inventory/by_environment/staging index 422149fecd..2f6882018e 100644 --- a/inventory/by_environment/staging +++ b/inventory/by_environment/staging @@ -16,7 +16,6 @@ eal_staging ealapps_staging ezproxy_testing figgy_staging -geaccirc_staging geniza_staging gitlab_staging lae_staging diff --git a/inventory/by_team/dacs b/inventory/by_team/dacs index d6062bda5d..23884c21de 100644 --- a/inventory/by_team/dacs +++ b/inventory/by_team/dacs @@ -12,8 +12,6 @@ byzantine_production byzantine_staging dss_production dss_staging -geaccirc_production -geaccirc_staging lib_jobs_production lib_jobs_staging libwww_production diff --git a/playbooks/dacs_playbooks.yml b/playbooks/dacs_playbooks.yml index d83b245570..9722fcd147 100644 --- a/playbooks/dacs_playbooks.yml +++ b/playbooks/dacs_playbooks.yml @@ -17,9 +17,6 @@ - ansible.builtin.import_playbook: dss.yml runtime_env={{runtime_env|default('staging')}} tags: - rails -- ansible.builtin.import_playbook: geaccirc.yml runtime_env={{runtime_env|default('staging')}} - tags: - - rails - ansible.builtin.import_playbook: lib_jobs.yml runtime_env={{runtime_env|default('staging')}} tags: - rails diff --git a/playbooks/geaccirc.yml b/playbooks/geaccirc.yml deleted file mode 100644 index 1e2d051d25..0000000000 --- a/playbooks/geaccirc.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- -# by default this playbook runs in the staging environment -# to run in production, pass '-e runtime_env=production' -- name: build the geac app - hosts: geaccirc_{{ runtime_env | default('staging') }} - remote_user: pulsys - become: true - vars_files: - - ../group_vars/geaccirc/common.yml - - ../group_vars/geaccirc/{{ runtime_env | default('staging') }}.yml - - ../group_vars/geaccirc/vault.yml - roles: - - role: roles/geaccirc - - role: datadog - when: runtime_env | default('staging') == 'production' - - post_tasks: - - name: restart nginx - service: - name: nginx - state: restarted - - - name: tell everyone on slack you ran an ansible playbook - community.general.slack: - token: "{{ vault_pul_slack_token }}" - msg: "Ansible ran `{{ ansible_play_name }}` on {{ inventory_hostname }}" - channel: "{{ slack_alerts_channel }}" diff --git a/playbooks/utils/create_wapiti_report.yml b/playbooks/utils/create_wapiti_report.yml index 9dd9243f7e..b27b25c3f1 100644 --- a/playbooks/utils/create_wapiti_report.yml +++ b/playbooks/utils/create_wapiti_report.yml @@ -21,6 +21,5 @@ - "https://allsearch-api-staging.princeton.edu/" - "https://slavery-staging.princeton.edu/" - "https://repec-staging.princeton.edu/" - - "https://geaccirc-staging.princeton.edu/" - "https://videoreserves-staging.princeton.edu/hrc/vod/clip.php?file=HIS/Days-Of-Heaven-H.mp4" diff --git a/roles/geaccirc/.ansible-lint b/roles/geaccirc/.ansible-lint deleted file mode 100644 index 2fa23367de..0000000000 --- a/roles/geaccirc/.ansible-lint +++ /dev/null @@ -1,14 +0,0 @@ ---- -skip_list: - - ANSIBLE0002 - - ANSIBLE0006 - - ANSIBLE0010 - - ANSIBLE0016 - - '303' - - '305' - - '306' - - '403' - - '503' - - '204' -use_default_rules: true -verbosity: 1 diff --git a/roles/geaccirc/.travis.yml b/roles/geaccirc/.travis.yml deleted file mode 100644 index 121cc49935..0000000000 --- a/roles/geaccirc/.travis.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -language: python -python: "2.7" - -# Use the new container infrastructure -sudo: false - -# Install ansible -addons: - apt: - packages: - - python-pip - -install: - # Install ansible - - pip install ansible - - # Check ansible version - - ansible --version - - # Create ansible.cfg with correct roles_path - - printf '[defaults]\nroles_path=../' >ansible.cfg - -script: - # Basic role syntax check - - ansible-playbook tests/test.yml -i tests/inventory --syntax-check - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/roles/geaccirc/.yamllint b/roles/geaccirc/.yamllint deleted file mode 100644 index 8bb60ab5e3..0000000000 --- a/roles/geaccirc/.yamllint +++ /dev/null @@ -1,14 +0,0 @@ ---- -extends: default - -rules: - braces: - max-spaces-inside: 1 - level: error - brackets: - max-spaces-inside: 1 - level: error - line-length: disable - # NOTE(retr0h): Templates no longer fail this lint rule. - # Uncomment if running old Molecule templates. - # truthy: disable diff --git a/roles/geaccirc/README.md b/roles/geaccirc/README.md deleted file mode 100644 index 225dd44b9f..0000000000 --- a/roles/geaccirc/README.md +++ /dev/null @@ -1,38 +0,0 @@ -Role Name -========= - -A brief description of the role goes here. - -Requirements ------------- - -Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. - -Role Variables --------------- - -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. - -Dependencies ------------- - -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. - -Example Playbook ----------------- - -Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: - - - hosts: servers - roles: - - { role: username.rolename, x: 42 } - -License -------- - -BSD - -Author Information ------------------- - -An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/geaccirc/defaults/main.yml b/roles/geaccirc/defaults/main.yml deleted file mode 100644 index e4c5bd57ba..0000000000 --- a/roles/geaccirc/defaults/main.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -# defaults file for roles/geaccirc -rails_app_env: "production" -install_mailcatcher: false -app_secret_key: 'key' -app_db_name: 'geaccirc' -app_db_user: 'geaccirc' -app_db_password: 'geaccirc' -app_db_host: 'localhost' -app_host_name: 'localhost' -application_host_protocol: 'http' -app_secret_key_base: 'test_secret_key_base' diff --git a/roles/geaccirc/handlers/main.yml b/roles/geaccirc/handlers/main.yml deleted file mode 100644 index f5aa936795..0000000000 --- a/roles/geaccirc/handlers/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# handlers file for roles/geaccirc diff --git a/roles/geaccirc/meta/main.yml b/roles/geaccirc/meta/main.yml deleted file mode 100644 index 685f24d7b0..0000000000 --- a/roles/geaccirc/meta/main.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -galaxy_info: - role_name: geaccirc - company: Princeton University Library - description: GeacCirc - author: pulibrary - - license: MIT - - min_ansible_version: 2.2 - - platforms: - - name: Ubuntu - versions: - - 18.04 -dependencies: - - role: 'rails_app' diff --git a/roles/geaccirc/molecule/default/converge.yml b/roles/geaccirc/molecule/default/converge.yml deleted file mode 100644 index 586315525d..0000000000 --- a/roles/geaccirc/molecule/default/converge.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -- name: Converge - hosts: all - vars: - - running_on_server: false - pre_tasks: - - name: update cache - apt: - update_cache: true - cache_valid_time: 600 - tasks: - - name: "Include roles/geaccirc" - include_role: - name: "geaccirc" diff --git a/roles/geaccirc/molecule/default/molecule.yml b/roles/geaccirc/molecule/default/molecule.yml deleted file mode 100644 index 0e1659c89a..0000000000 --- a/roles/geaccirc/molecule/default/molecule.yml +++ /dev/null @@ -1,22 +0,0 @@ ---- -scenario: - name: default -driver: - name: docker -lint: | - set -e - yamllint . - ansible-lint -platforms: - - name: instance - image: "quay.io/pulibrary/jammy-ansible:latest" - command: "" - volumes: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - privileged: true - pre_build_image: true -provisioner: - name: ansible - log: true -verifier: - name: ansible diff --git a/roles/geaccirc/molecule/default/verify.yml b/roles/geaccirc/molecule/default/verify.yml deleted file mode 100644 index 26cc8b0c9f..0000000000 --- a/roles/geaccirc/molecule/default/verify.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -# This is an example playbook to execute Ansible tests. - -- name: Verify - hosts: all - gather_facts: false - tasks: - - name: test for geaccirc rails conf - stat: - path: "/home/deploy/app_configs/geaccirc" - register: geaccirc_rails_conf - failed_when: - - not geaccirc_rails_conf.stat.exists - - not geaccirc_rails_conf.stat.isreg - - not geaccirc_rails_conf.stat.pw_name == deploy - - not geaccirc_rails_conf.stat.gr_name == deploy - - - name: test for geaccirc app dir - stat: - path: "/opt/geaccirc/shared/tmp" - register: geaccirc_app - failed_when: - - not geaccirc_app.stat.exists - - not geaccirc_app.stat.isdir - - not geaccirc_app.stat.pw_name == deploy - - not geaccirc_app.stat.gr_name == deploy - - - name: test for geaccirc logrotate - stat: - path: "/etc/logrotate.d/geaccirc" - register: logrotate - failed_when: - - not logrotate.stat.exists - - not logrotate.stat.isreg - - not logrotate.stat.pw_name == root - - not logrotate.stat.gr_name == root diff --git a/roles/geaccirc/tasks/main.yml b/roles/geaccirc/tasks/main.yml deleted file mode 100644 index 7f8937d815..0000000000 --- a/roles/geaccirc/tasks/main.yml +++ /dev/null @@ -1,15 +0,0 @@ ---- -# tasks file for roles/geaccirc -- name: geaccirc | update rubygems - ansible.builtin.command: gem update --system 3.5.13 - become: true - register: update_rubygems - changed_when: '"Latest version already installed. Done." not in update_rubygems.stdout' - tags: rubygems - -- name: geaccirc | install default bundler - ansible.builtin.command: gem install --default bundler:2.5.13 - become: true - register: install_default_bundler - changed_when: '"Fetching bundler-2.5.13.gem" in install_default_bundler.stdout' - tags: rubygems \ No newline at end of file diff --git a/roles/geaccirc/tests/inventory b/roles/geaccirc/tests/inventory deleted file mode 100644 index 878877b077..0000000000 --- a/roles/geaccirc/tests/inventory +++ /dev/null @@ -1,2 +0,0 @@ -localhost - diff --git a/roles/geaccirc/tests/test.yml b/roles/geaccirc/tests/test.yml deleted file mode 100644 index c2afa71a33..0000000000 --- a/roles/geaccirc/tests/test.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -- hosts: localhost - remote_user: root - roles: - - roles/geaccirc diff --git a/roles/geaccirc/vars/main.yml b/roles/geaccirc/vars/main.yml deleted file mode 100644 index caccdd1a72..0000000000 --- a/roles/geaccirc/vars/main.yml +++ /dev/null @@ -1,28 +0,0 @@ ---- -# vars file for roles/geaccirc -passenger_app_root: "/opt/geaccirc/current/public" -passenger_ruby: "/usr/bin/ruby2.6" -nginx_remove_default_vhost: true -rails_app_name: "geaccirc" -rails_app_directory: "geaccirc" -rails_app_symlinks: [] -rails_app_dependencies: - - zlib1g-dev - - nodejs -rails_app_vars: - - name: APP_SECRET_KEY_BASE - value: '{{ app_secret_key }}' - - name: APP_DB - value: '{{ app_db_name }}' - - name: APP_DB_USERNAME - value: '{{ app_db_user }}' - - name: APP_DB_PASSWORD - value: '{{ app_db_password }}' - - name: APP_DB_HOST - value: '{{ app_db_host }}' - - name: APPLICATION_HOST - value: '{{ app_host_name }}' - - name: APPLICATION_HOST_PROTOCOL - value: '{{ application_host_protocol }}' - - name: SECRET_KEY_BASE - value: '{{ app_secret_key_base }}' diff --git a/roles/nginxplus/files/conf/http/geaccirc.conf b/roles/nginxplus/files/conf/http/geaccirc.conf deleted file mode 100644 index 96944d5d5e..0000000000 --- a/roles/nginxplus/files/conf/http/geaccirc.conf +++ /dev/null @@ -1,53 +0,0 @@ -# Ansible managed -proxy_cache_path /var/cache/nginx/geaccirc-prod/ keys_zone=geaccirc-prodcache:10m; - -map $limit $external_traffic { - 0 ""; - 1 $binary_remote_addr; -} - -# zone: 10mb can hold 160K IP addresses in memory -limit_req_zone $external_traffic zone=geaccirc-prod-ratelimit:10m rate=10r/s; - -upstream geaccirc-prod { - zone geaccirc-prod 64k; - # server geaccirc1.princeton.edu resolve; - server geaccirc2.princeton.edu resolve; - sticky learn - create=$upstream_cookie_geaccircprodcookie - lookup=$cookie_geaccircprodcookie - zone=geaccircprodclient_sessions:1m; -} - -server { - listen 80; - server_name geaccirc.princeton.edu; - - location / { - return 301 https://$server_name$request_uri; - } -} - -server { - listen 443 ssl; - http2 on; - server_name geaccirc.princeton.edu; - - ssl_certificate /etc/letsencrypt/live/geaccirc/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/geaccirc/privkey.pem; - ssl_session_cache shared:SSL:1m; - ssl_prefer_server_ciphers on; - - location / { - proxy_pass http://geaccirc-prod; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Proto https; - proxy_cache geaccirc-prodcache; - limit_req zone=geaccirc-prod-ratelimit burst=20 nodelay; - proxy_intercept_errors on; - health_check uri=/health.json interval=10 fails=3 passes=2; - } - - include /etc/nginx/conf.d/templates/errors.conf; - -} diff --git a/roles/nginxplus/files/conf/http/geaccirc_staging.conf b/roles/nginxplus/files/conf/http/geaccirc_staging.conf deleted file mode 100644 index f8d4fd0b32..0000000000 --- a/roles/nginxplus/files/conf/http/geaccirc_staging.conf +++ /dev/null @@ -1,53 +0,0 @@ -# Ansible managed -proxy_cache_path /var/cache/nginx/geaccirc-staging/ keys_zone=geaccirc-stagingcache:10m; - -map $limit $external_traffic { - 0 ""; - 1 $binary_remote_addr; -} - -# zone: 10mb can hold 160K IP addresses in memory -limit_req_zone $external_traffic zone=geaccirc-staging-ratelimit:10m rate=10r/s; - -upstream geaccirc-staging { - zone geaccirc-staging 64k; - # server geaccirc-staging1.princeton.edu resolve; - server geaccirc-staging2.princeton.edu resolve; - sticky learn - create=$upstream_cookie_geaccirc-stagingprodcookie - lookup=$cookie_geaccirc-stagingprodcookie - zone=geaccirc-stagingprodclient_sessions:1m; -} - -server { - listen 80; - server_name geaccirc-staging.princeton.edu; - - location / { - return 301 https://$server_name$request_uri; - } -} - -server { - listen 443 ssl; - http2 on; - server_name geaccirc-staging.princeton.edu; - - ssl_certificate /etc/letsencrypt/live/geaccirc-staging/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/geaccirc-staging/privkey.pem; - ssl_session_cache shared:SSL:1m; - ssl_prefer_server_ciphers on; - - location / { - proxy_pass http://geaccirc-staging; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Proto https; - proxy_intercept_errors on; - proxy_cache geaccirc-stagingcache; - limit_req zone=geaccirc-staging-ratelimit burst=20 nodelay; - health_check uri=/health.json interval=10 fails=3 passes=2; - } - - include /etc/nginx/conf.d/templates/errors.conf; - -}