push to fix it locally and shit

logrotate.d/nginx

@@ -2,7 +2,7 @@
 	daily
 	missingok
 	notifempty
-	maxage 2
+	maxage 1
 	create 640 http root
 	sharedscripts
 	compress

nginx/nginx.conf

@@ -5,69 +5,69 @@ worker_rlimit_nofile 65535;
 include /etc/nginx/modules-enabled/*.conf;
 load_module /usr/lib/nginx/modules/ngx_http_brotli_filter_module.so; # for compressing responses on-the-fly
 load_module /usr/lib/nginx/modules/ngx_http_brotli_static_module.so; # for serving pre-compressed files
-load_module /usr/lib/nginx/modules/ngx_http_headers_more_filter_module.so;
+#load_module /usr/lib/nginx/modules/ngx_http_headers_more_filter_module.so;
 
 #Include external config
 include /etc/nginx/conf.d/*.conf;
 
 events {
-    worker_connections 65535;
+	worker_connections 65535;
 	multi_accept on;
 }
 
 http {
 	log_format limited '$remote_addr - $remote_user [$time_local] '
-                    '"$request_method /bogus $server_protocol" $status $body_bytes_sent '
-                    '"-" "Bogus/66.6"';
-    access_log off;
-    error_log /dev/null;
-    disable_symlinks off;
+		'"$request_method /bogus $server_protocol" $status $body_bytes_sent '
+		'"-" "Bogus/66.6"';
+	access_log off;
+	error_log /dev/null;
+	disable_symlinks off;
 
-    # Basic Settings
-    charset utf-8;
-    sendfile on;
-    tcp_nopush on;
-    tcp_nodelay on;
-    server_tokens off;
-    more_clear_headers Server;
-    log_not_found off;
-    types_hash_max_size 1024;
-    types_hash_bucket_size 128;
-    server_names_hash_bucket_size 128;
+	# Basic Settings
+	charset utf-8;
+	sendfile on;
+	tcp_nopush on;
+	tcp_nodelay on;
+	server_tokens off;
+	#more_clear_headers Server;
+	log_not_found off;
+	types_hash_max_size 1024;
+	types_hash_bucket_size 128;
+	server_names_hash_bucket_size 128;
 
-    # MIME
-    include mime.types;
-    default_type application/octet-stream;
+	# MIME
+	include mime.types;
+	default_type application/octet-stream;
 
-    # SSL
-    include configs/sslConfig.conf;
+	# SSL
+	include configs/sslConfig.conf;
 
-    # reset timed out connections freeing ram
-    reset_timedout_connection on;
-    # maximum time between packets the client can pause when sending nginx any data
-    client_body_timeout 10s;
-    # maximum time the client has to send the entire header to nginx
-    client_header_timeout 10s;
-    # timeout which a single keep-alive client connection will stay open
-    keepalive_timeout 60s;
-    # maximum time between packets nginx is allowed to pause when sending the client data
-    send_timeout 10s;
+	# reset timed out connections freeing ram
+	reset_timedout_connection on;
+	# maximum time between packets the client can pause when sending nginx any data
+	client_body_timeout 10s;
+	# maximum time the client has to send the entire header to nginx
+	client_header_timeout 10s;
+	# timeout which a single keep-alive client connection will stay open
+	keepalive_timeout 60s;
+	# maximum time between packets nginx is allowed to pause when sending the client data
+	send_timeout 10s;
 
-    # QUIC AND HTTP3 SHIT
-    http3 on;
-    quic_retry on;
-    quic_gso on;
+	# QUIC AND HTTP3 SHIT
+	http3 on;
+	quic_retry on;
+	quic_gso on;
 
-    # PERFORMANCE / ASYNC I/O
-    aio threads=default;
-    aio_write on;
-    directio 2m;
+	# PERFORMANCE / ASYNC I/O
+	aio threads=default;
+	aio_write on;
+	directio 2m;
 
-    # Maps
-    include /etc/nginx/snippets/maps.conf;
-    include /etc/nginx/snippets/poop.conf;
+	# Maps
+	include /etc/nginx/snippets/maps.conf;
+	include /etc/nginx/snippets/poop.conf;
 
-    # Virtual Host Configs
-    include /etc/nginx/sites-enabled/*.conf;
+	# Virtual Host Configs
+	include /etc/nginx/sites-enabled/*.conf;
 
 }

nginx/sites-available/4get.zzls.xyz.conf

@@ -1,12 +1,11 @@
-# FUCK BOTS
-limit_req_zone $binary_remote_addr zone=4get:10m rate=2r/s;
+limit_req_zone $binary_remote_addr zone=4get:10m rate=4r/s;
 
 # CLEARNET
 server {
 	access_log /var/log/nginx/4get.access.log limited;
 	error_log /var/log/nginx/4get.error.log;
 	server_name 4get.zzls.xyz;
-	root /var/www/4get;
+	root /var/www/4get-zzls;
 	include configs/general.conf;
 	include configs/robotsNone.conf;
 	include configs/security.conf;
@@ -25,17 +24,17 @@ server {
 
 	location /web { 
 		try_files $uri @upstream;
-		limit_req zone=4get;
-		limit_req_status 444;
+		limit_req zone=4get nodelay;
+		limit_req_status 429;
+
 		if ($server_protocol ~* "HTTP/1.1") {
 			return 444;
 		}
-		if ($http_referer ~* farside\.link) {
-			return 444;
-		}
+
 		include snippets/torblacklist.conf;
 		include snippets/spys.me.proxies.blacklist.conf;
 		error_page 403 =302 /torisblocked;
+		error_page 429 =302 /rl;
 	}
 	location /torisblocked {
 		add_header Content-Type text/plain;
@@ -47,6 +46,11 @@ server {
 			Revisa si este servicio ofrece una version para Tor, si es asi, usalo, si no, pues no hay forma de usar este servicio.";
 	}
 
+	location /rl {
+		add_header Content-Type text/plain;
+		return 200 "Rate Limited, don't spam searches to prevent errors";
+	}
+
 	location /data {
 		return 444;
 	}

nginx/sites-available/debug.inv.zzls.xyz.conf

@@ -47,7 +47,7 @@ server {
 		proxy_set_header Connection keep-alive;
 		proxy_max_temp_file_size 32m;
 		access_log /var/log/nginx/http3-ytproxy.log;
-		proxy_pass http://unix:/opt/http3-ytproxy/socket/http-proxy.sock;
+		proxy_pass http://unix:/opt/http3-ytproxy/socket/http-proxy-1.sock;
 		add_header Cache-Control private always;
 	}
 

nginx/sites-available/git.zzls.xyz.conf

@@ -1,3 +1,7 @@
+upstream forgejo {
+	server unix:/run/forgejo/forgejo.sock;
+}
+
 server {
 	access_log /var/log/nginx/git.access.log combined;
 	server_name git.zzls.xyz;
@@ -6,9 +10,9 @@ server {
 	include configs/robots.conf;
 
 	location / {
-		proxy_pass http://unix:/run/forgejo/forgejo.socket;
+		proxy_pass http://forgejo;
 		include configs/proxy.conf;
-		client_max_body_size 64M;
+		client_max_body_size 128M;
 	}
 
 	# QUIC
@@ -20,6 +24,7 @@ server {
 	include configs/ssl.conf;
 
 }
+
 server {
 	if ($host = git.zzls.xyz) {
 		return 301 https://$host$request_uri;

nginx/sites-available/i.ayaya.beauty.conf

@@ -1,7 +1,7 @@
 server {
 	access_log /var/log/nginx/i.ayaya.beauty.access.log;
 	server_name i.ayaya.beauty;
-	root /var/www/files2;
+	root /mnt/ssd/i.ayaya.beauty/;
 	autoindex off;
 	index index.html;
 	include configs/general.conf;

nginx/sites-available/inv.zzls.xyz.conf

@@ -2,7 +2,7 @@
 limit_req_zone $binary_remote_addr zone=invidious:10m rate=5r/s;
 # Rate limit api requests, just 60 per sec, wathcing a normal video does like 
 # 3 to 4 api requests so you don't need more than 30 in a second unless is a bot spamming shit lol
-limit_req_zone $binary_remote_addr zone=invidiousapi:10m rate=30r/s;
+limit_req_zone $binary_remote_addr zone=invidiousapi:10m rate=40r/s;
 
 upstream inv {
 	server 127.0.0.1:40015 max_fails=3 fail_timeout=3s;
@@ -52,6 +52,7 @@ server {
                 proxy_max_temp_file_size 32m;
                 proxy_pass http://http3-ytproxy;
                 add_header Cache-Control private always;
+
         }
 
 	location / {
@@ -65,7 +66,11 @@ server {
 
 	location /api {
 		try_files $uri @upstream;
-		limit_req zone=invidiousapi;
+		#limit_req zone=invidiousapi;
+	}
+
+	location /api/v1/storyboards {
+		try_files $uri @upstream;
 	}
 
 	location /api/v1/captions {
@@ -76,6 +81,10 @@ server {
 		try_files $uri @upstream;
 	}
 
+	location ~ ^/api/v1/channels/(.+)/shorts {
+		try_files $uri @upstream;
+	}
+
 	location @fallback {
 		root /etc/nginx/errors;
 		try_files $uri /502.html = 502;

nginx/sites-available/selfhost.zzls.xyz.conf

@@ -13,8 +13,8 @@ server {
     # QUIC
     add_header Alt-Svc 'h3=":443"; ma=86400';
 
-    listen 443 ssl;
-    listen 443 quic;
+    listen 443 ssl default_server;
+    listen 443 quic default_server;
     http2 on;
     include configs/ssl.conf;
 }

nginx/sites-available/spanixdev.zzls.xyz.conf

@@ -0,0 +1,27 @@
+server {
+	server_name spanixdev.zzls.xyz;
+	include configs/general.conf;
+	include configs/security.conf;
+	include configs/robotsNone.conf;
+
+	location / {
+		proxy_pass http://localhost:40080;
+		include configs/proxy.conf;
+	}
+
+	# QUIC
+	add_header Alt-Svc 'h3=":443"; ma=86400';
+
+	listen 443 ssl;
+	listen 443 quic;
+	http2 on;
+	include configs/ssl.conf;
+
+}
+server {
+	if ($host = spanixdev.zzls.xyz) {
+		return 301 https://$host$request_uri;
+	}
+	listen 80;
+	server_name spanixdev.zzls.xyz;
+}

nginx/sites-available/twtich.zzls.xyz.conf

@@ -0,0 +1,28 @@
+server {
+	access_log /var/log/nginx/twitch.zzls.xyz.access.log;
+    server_name twitch.zzls.xyz;
+    include configs/general.conf;
+    include configs/security.conf;
+    include configs/robotsNone.conf;
+
+    location / {
+        proxy_pass http://127.0.0.1:9595;
+        include configs/proxy.conf;
+    }
+
+    # QUIC
+    add_header Alt-Svc 'h3=":443"; ma=86400';
+    
+    listen 443 ssl;
+    listen 443 quic;
+    http2 on;
+    include configs/ssl.conf;
+
+}
+server {
+    if ($host = twitch.zzls.xyz) {
+        return 301 https://$host$request_uri;
+    }
+    listen 80;
+    server_name twitch.zzls.xyz;
+}

nginx/sites-enabled/debug-4get.zzls.xyz.conf

@@ -0,0 +1,106 @@
+# FUCK BOTS
+limit_req_zone $binary_remote_addr zone=debug-4get:10m rate=1r/s;
+
+# CLEARNET
+server {
+	access_log /var/log/nginx/debug-4get.access.log;
+	error_log /var/log/nginx/debug-4get.error.log;
+	server_name debug-4get.zzls.xyz;
+	root /var/www/4get;
+	include configs/general.conf;
+	include configs/robotsNone.conf;
+	include configs/security.conf;
+
+	location @upstream {
+		try_files $uri.php $uri/index.php =404;
+		fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
+		fastcgi_index index.php;
+		include fastcgi.conf;
+		fastcgi_intercept_errors on;
+	}
+
+	location / {
+		try_files $uri @upstream;
+	}
+
+	location /web { 
+		try_files $uri @upstream;
+		limit_req zone=debug-4get nodelay;
+		limit_req_status 429;
+
+		if ($server_protocol ~* "HTTP/1.1") {
+			return 444;
+		}
+
+		include snippets/torblacklist.conf;
+		include snippets/spys.me.proxies.blacklist.conf;
+		error_page 403 =302 /torisblocked;
+		error_page 429 =302 /rl;
+	}
+	location /torisblocked {
+		add_header Content-Type text/plain;
+		return 200 "
+			Tor and Proxies are not allowed in this service, sorry. 
+			Check if this service offers a Tor version instead, if yes, use it, if not, well, there is no way to use this service.
+
+			Tor y Proxies no estan permitidos en este servicio, lo siento. 
+			Revisa si este servicio ofrece una version para Tor, si es asi, usalo, si no, pues no hay forma de usar este servicio.";
+	}
+
+	location /rl {
+		add_header Content-Type text/plain;
+		return 200 "Rate Limited, don't spam searches to prevent errors";
+	}
+
+	location /data {
+		return 444;
+	}
+
+	location ~* ^(.*)\.php$ {
+		return 301 $1;
+	}
+	# Tor Header
+	add_header Onion-Location http://debug-4get.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion$request_uri;
+
+	# QUIC
+	add_header Alt-Svc 'h3=":443";ma=86400';
+
+	listen 443 ssl;
+	listen 443 quic;
+	http2 on;
+	include configs/ssl.conf;
+}
+
+# TOR
+server {
+	listen 80;
+	server_name debug-4get.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
+
+	root /var/www/4get;
+
+	location @upstream {
+		try_files $uri.php $uri/index.php =404;
+		fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
+		fastcgi_index index.php;
+		include fastcgi.conf;
+		fastcgi_intercept_errors on;
+	}
+
+	location / {
+		try_files $uri @upstream;
+	}
+
+	location ~* ^(.*)\.php$ {
+		return 301 $1;
+	}
+
+
+}
+
+server {
+	if ($host = debug-4get.zzls.xyz) {
+		return 301 https://$host$request_uri;
+	}
+	listen 80;
+	server_name debug-4get.zzls.xyz;
+}

nginx/sites-enabled/librex.zzls.xyz.conf

@@ -1 +0,0 @@
-../sites-available/librex.zzls.xyz.conf

nginx/sites-enabled/spanixdev.zzls.xyz.conf

@@ -0,0 +1 @@
+../sites-available/spanixdev.zzls.xyz.conf

nginx/sites-enabled/twtich.zzls.xyz.conf

@@ -0,0 +1 @@
+../sites-available/twtich.zzls.xyz.conf

systemd/system/invidious@.service

@@ -13,7 +13,7 @@ ExecStart=/opt/invidious/invidious/invidious -o invidious%i.log -p %i
 StandardOutput=null
 #StandardError=null
 Restart=always
-RuntimeMaxSec=1h
+#RuntimeMaxSec=1h
 LimitNOFILE=16384
 
 # Security

systemd/system/minecraft.service

@@ -7,9 +7,9 @@ Wants=network-online.target
 Type=forking
 User=mc
 Group=mc
-Environment=JAVA_HOME=/usr/lib/jvm/java-8-openjdk/bin/
+Environment=JAVA_HOME=/usr/lib/jvm/java-8-openjdk
 WorkingDirectory=/opt/mc/server/
-ExecStart=/usr/bin/tmux new-session -s minecraft -d 'java -Xmx512M -Xms512M -jar project-poseidon-1.1.8.jar nogui'
+ExecStart=/usr/bin/tmux new-session -s minecraft -d '/usr/lib/jvm/java-8-openjdk/bin/java -Xmx512M -Xms512M -jar project-poseidon-1.1.8.jar nogui'
 ExecStop=/usr/bin/tmux send -t minecraft.0 stop ENTER
 #ExecRestart=/usr/bin/tmux send -t minecraft.0 stop ENTER; sleep 10; /usr/bin/tmux new-session -s minecraft -d 'java -Xmx512M -Xms512M -jar project-poseidon-1.1.8.jar nogui'
 TimeoutStopSec=10