From 89c544a9e8d9d2a783e12d7328ab619b2eee3f09 Mon Sep 17 00:00:00 2001 From: nokonoko Date: Sat, 5 Jun 2021 16:19:47 +0200 Subject: [PATCH] add nginx example confs --- templates/nginx_confs/A.Y.conf | 13 ++++++ templates/nginx_confs/X.Y.conf | 37 ++++++++++++++++ templates/nginx_confs/nginx.conf | 72 ++++++++++++++++++++++++++++++++ 3 files changed, 122 insertions(+) create mode 100644 templates/nginx_confs/A.Y.conf create mode 100644 templates/nginx_confs/X.Y.conf create mode 100644 templates/nginx_confs/nginx.conf diff --git a/templates/nginx_confs/A.Y.conf b/templates/nginx_confs/A.Y.conf new file mode 100644 index 0000000..4b8b448 --- /dev/null +++ b/templates/nginx_confs/A.Y.conf @@ -0,0 +1,13 @@ +server{ +listen 443 ssl http2; +server_name A.Y www.A.Y; +ssl on; +ssl_certificate /etc/letsencrypt/live/A.Y/fullchain.pem; +ssl_certificate_key /etc/letsencrypt/live/A.Y/privkey.pem; +ssl_protocols TLSv1.2 TLSv1.3; + +root /home/neku/www/files/files; +autoindex off; +access_log off; +index index.html; +} \ No newline at end of file diff --git a/templates/nginx_confs/X.Y.conf b/templates/nginx_confs/X.Y.conf new file mode 100644 index 0000000..cb3b034 --- /dev/null +++ b/templates/nginx_confs/X.Y.conf @@ -0,0 +1,37 @@ +server{ +listen 443 ssl http2; +server_name www.X.Y X.Y; +ssl on; +ssl_certificate /etc/letsencrypt/live/X.Y/fullchain.pem; +ssl_certificate_key /etc/letsencrypt/live/X.Y/privkey.pem; +ssl_protocols TLSv1.2 TLSv1.3; +ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; +ssl_ecdh_curve secp384r1; +ssl_buffer_size 2k; +ssl_session_tickets off; + +root /var/www/uguu/dist/; +autoindex off; +access_log off; +index index.html index.php; + +gzip on; +gzip_min_length 1000; +gzip_comp_level 6; +gzip_proxied any; +gzip_types text/css text/js text/javascript application/javascript image/png application/x-javascript; + +location ~* \.(ico|css|js|ttf|png|gif)$ { +expires 7d; +} + +location ~* \.php$ { +fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; +fastcgi_intercept_errors on; +fastcgi_index index.php; +fastcgi_split_path_info ^(.+\.php)(.*)$; +include fastcgi_params; +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +} + +} \ No newline at end of file diff --git a/templates/nginx_confs/nginx.conf b/templates/nginx_confs/nginx.conf new file mode 100644 index 0000000..52a6cfe --- /dev/null +++ b/templates/nginx_confs/nginx.conf @@ -0,0 +1,72 @@ +user www-data; +worker_processes auto; +worker_rlimit_nofile 40000; +pid /run/nginx.pid; +include /etc/nginx/modules-enabled/*.conf; + +events { + worker_connections 2048; + multi_accept on; + use epoll; + +} + +http { +ssl_session_cache shared:SSL:5m; +ssl_session_timeout 12h; +ssl_session_tickets off; + +## +# Basic Settings +## + +sendfile on; +tcp_nopush on; +tcp_nodelay on; +keepalive_timeout 10; +types_hash_max_size 2048; +server_tokens off; +client_max_body_size 128m; + +## +# Mime Settings +## + +include /etc/nginx/mime.types; +default_type application/octet-stream; + +## +# SSL Settings +## + +ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE +ssl_prefer_server_ciphers on; + +## +# Logging Settings +## + +#access_log /var/log/nginx/access.log; +#error_log /var/log/nginx/error.log; +error_log off; +access_log off; + +## +# Gzip Settings +## + +gzip off; +gzip_vary on; +gzip_proxied any; +gzip_comp_level 6; +gzip_buffers 16 8k; +gzip_http_version 1.1; +gzip_types application/javascript application/rss+xml application/vnd.ms-fontobject application/x-font application/x-font-opentype application/x-font-otf application/x-font-truetype application/x-font-ttf application/x-javascript application/xhtml+xml application/xml font/opentype font/otf font/ttf image/svg+xml image/x-icon text/css text/javascript text/xml; + +## +# Virtual Host Configs +## + +include /etc/nginx/conf.d/*.conf; +include /etc/nginx/sites-enabled/*; +} \ No newline at end of file