push to fix it locally and shit
This commit is contained in:
parent
7af06ae359
commit
5800a5a604
|
@ -2,7 +2,7 @@
|
||||||
daily
|
daily
|
||||||
missingok
|
missingok
|
||||||
notifempty
|
notifempty
|
||||||
maxage 2
|
maxage 1
|
||||||
create 640 http root
|
create 640 http root
|
||||||
sharedscripts
|
sharedscripts
|
||||||
compress
|
compress
|
||||||
|
|
|
@ -5,69 +5,69 @@ worker_rlimit_nofile 65535;
|
||||||
include /etc/nginx/modules-enabled/*.conf;
|
include /etc/nginx/modules-enabled/*.conf;
|
||||||
load_module /usr/lib/nginx/modules/ngx_http_brotli_filter_module.so; # for compressing responses on-the-fly
|
load_module /usr/lib/nginx/modules/ngx_http_brotli_filter_module.so; # for compressing responses on-the-fly
|
||||||
load_module /usr/lib/nginx/modules/ngx_http_brotli_static_module.so; # for serving pre-compressed files
|
load_module /usr/lib/nginx/modules/ngx_http_brotli_static_module.so; # for serving pre-compressed files
|
||||||
load_module /usr/lib/nginx/modules/ngx_http_headers_more_filter_module.so;
|
#load_module /usr/lib/nginx/modules/ngx_http_headers_more_filter_module.so;
|
||||||
|
|
||||||
#Include external config
|
#Include external config
|
||||||
include /etc/nginx/conf.d/*.conf;
|
include /etc/nginx/conf.d/*.conf;
|
||||||
|
|
||||||
events {
|
events {
|
||||||
worker_connections 65535;
|
worker_connections 65535;
|
||||||
multi_accept on;
|
multi_accept on;
|
||||||
}
|
}
|
||||||
|
|
||||||
http {
|
http {
|
||||||
log_format limited '$remote_addr - $remote_user [$time_local] '
|
log_format limited '$remote_addr - $remote_user [$time_local] '
|
||||||
'"$request_method /bogus $server_protocol" $status $body_bytes_sent '
|
'"$request_method /bogus $server_protocol" $status $body_bytes_sent '
|
||||||
'"-" "Bogus/66.6"';
|
'"-" "Bogus/66.6"';
|
||||||
access_log off;
|
access_log off;
|
||||||
error_log /dev/null;
|
error_log /dev/null;
|
||||||
disable_symlinks off;
|
disable_symlinks off;
|
||||||
|
|
||||||
# Basic Settings
|
# Basic Settings
|
||||||
charset utf-8;
|
charset utf-8;
|
||||||
sendfile on;
|
sendfile on;
|
||||||
tcp_nopush on;
|
tcp_nopush on;
|
||||||
tcp_nodelay on;
|
tcp_nodelay on;
|
||||||
server_tokens off;
|
server_tokens off;
|
||||||
more_clear_headers Server;
|
#more_clear_headers Server;
|
||||||
log_not_found off;
|
log_not_found off;
|
||||||
types_hash_max_size 1024;
|
types_hash_max_size 1024;
|
||||||
types_hash_bucket_size 128;
|
types_hash_bucket_size 128;
|
||||||
server_names_hash_bucket_size 128;
|
server_names_hash_bucket_size 128;
|
||||||
|
|
||||||
# MIME
|
# MIME
|
||||||
include mime.types;
|
include mime.types;
|
||||||
default_type application/octet-stream;
|
default_type application/octet-stream;
|
||||||
|
|
||||||
# SSL
|
# SSL
|
||||||
include configs/sslConfig.conf;
|
include configs/sslConfig.conf;
|
||||||
|
|
||||||
# reset timed out connections freeing ram
|
# reset timed out connections freeing ram
|
||||||
reset_timedout_connection on;
|
reset_timedout_connection on;
|
||||||
# maximum time between packets the client can pause when sending nginx any data
|
# maximum time between packets the client can pause when sending nginx any data
|
||||||
client_body_timeout 10s;
|
client_body_timeout 10s;
|
||||||
# maximum time the client has to send the entire header to nginx
|
# maximum time the client has to send the entire header to nginx
|
||||||
client_header_timeout 10s;
|
client_header_timeout 10s;
|
||||||
# timeout which a single keep-alive client connection will stay open
|
# timeout which a single keep-alive client connection will stay open
|
||||||
keepalive_timeout 60s;
|
keepalive_timeout 60s;
|
||||||
# maximum time between packets nginx is allowed to pause when sending the client data
|
# maximum time between packets nginx is allowed to pause when sending the client data
|
||||||
send_timeout 10s;
|
send_timeout 10s;
|
||||||
|
|
||||||
# QUIC AND HTTP3 SHIT
|
# QUIC AND HTTP3 SHIT
|
||||||
http3 on;
|
http3 on;
|
||||||
quic_retry on;
|
quic_retry on;
|
||||||
quic_gso on;
|
quic_gso on;
|
||||||
|
|
||||||
# PERFORMANCE / ASYNC I/O
|
# PERFORMANCE / ASYNC I/O
|
||||||
aio threads=default;
|
aio threads=default;
|
||||||
aio_write on;
|
aio_write on;
|
||||||
directio 2m;
|
directio 2m;
|
||||||
|
|
||||||
# Maps
|
# Maps
|
||||||
include /etc/nginx/snippets/maps.conf;
|
include /etc/nginx/snippets/maps.conf;
|
||||||
include /etc/nginx/snippets/poop.conf;
|
include /etc/nginx/snippets/poop.conf;
|
||||||
|
|
||||||
# Virtual Host Configs
|
# Virtual Host Configs
|
||||||
include /etc/nginx/sites-enabled/*.conf;
|
include /etc/nginx/sites-enabled/*.conf;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,12 +1,11 @@
|
||||||
# FUCK BOTS
|
limit_req_zone $binary_remote_addr zone=4get:10m rate=4r/s;
|
||||||
limit_req_zone $binary_remote_addr zone=4get:10m rate=2r/s;
|
|
||||||
|
|
||||||
# CLEARNET
|
# CLEARNET
|
||||||
server {
|
server {
|
||||||
access_log /var/log/nginx/4get.access.log limited;
|
access_log /var/log/nginx/4get.access.log limited;
|
||||||
error_log /var/log/nginx/4get.error.log;
|
error_log /var/log/nginx/4get.error.log;
|
||||||
server_name 4get.zzls.xyz;
|
server_name 4get.zzls.xyz;
|
||||||
root /var/www/4get;
|
root /var/www/4get-zzls;
|
||||||
include configs/general.conf;
|
include configs/general.conf;
|
||||||
include configs/robotsNone.conf;
|
include configs/robotsNone.conf;
|
||||||
include configs/security.conf;
|
include configs/security.conf;
|
||||||
|
@ -25,17 +24,17 @@ server {
|
||||||
|
|
||||||
location /web {
|
location /web {
|
||||||
try_files $uri @upstream;
|
try_files $uri @upstream;
|
||||||
limit_req zone=4get;
|
limit_req zone=4get nodelay;
|
||||||
limit_req_status 444;
|
limit_req_status 429;
|
||||||
|
|
||||||
if ($server_protocol ~* "HTTP/1.1") {
|
if ($server_protocol ~* "HTTP/1.1") {
|
||||||
return 444;
|
return 444;
|
||||||
}
|
}
|
||||||
if ($http_referer ~* farside\.link) {
|
|
||||||
return 444;
|
|
||||||
}
|
|
||||||
include snippets/torblacklist.conf;
|
include snippets/torblacklist.conf;
|
||||||
include snippets/spys.me.proxies.blacklist.conf;
|
include snippets/spys.me.proxies.blacklist.conf;
|
||||||
error_page 403 =302 /torisblocked;
|
error_page 403 =302 /torisblocked;
|
||||||
|
error_page 429 =302 /rl;
|
||||||
}
|
}
|
||||||
location /torisblocked {
|
location /torisblocked {
|
||||||
add_header Content-Type text/plain;
|
add_header Content-Type text/plain;
|
||||||
|
@ -47,6 +46,11 @@ server {
|
||||||
Revisa si este servicio ofrece una version para Tor, si es asi, usalo, si no, pues no hay forma de usar este servicio.";
|
Revisa si este servicio ofrece una version para Tor, si es asi, usalo, si no, pues no hay forma de usar este servicio.";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
location /rl {
|
||||||
|
add_header Content-Type text/plain;
|
||||||
|
return 200 "Rate Limited, don't spam searches to prevent errors";
|
||||||
|
}
|
||||||
|
|
||||||
location /data {
|
location /data {
|
||||||
return 444;
|
return 444;
|
||||||
}
|
}
|
||||||
|
|
|
@ -47,7 +47,7 @@ server {
|
||||||
proxy_set_header Connection keep-alive;
|
proxy_set_header Connection keep-alive;
|
||||||
proxy_max_temp_file_size 32m;
|
proxy_max_temp_file_size 32m;
|
||||||
access_log /var/log/nginx/http3-ytproxy.log;
|
access_log /var/log/nginx/http3-ytproxy.log;
|
||||||
proxy_pass http://unix:/opt/http3-ytproxy/socket/http-proxy.sock;
|
proxy_pass http://unix:/opt/http3-ytproxy/socket/http-proxy-1.sock;
|
||||||
add_header Cache-Control private always;
|
add_header Cache-Control private always;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,3 +1,7 @@
|
||||||
|
upstream forgejo {
|
||||||
|
server unix:/run/forgejo/forgejo.sock;
|
||||||
|
}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
access_log /var/log/nginx/git.access.log combined;
|
access_log /var/log/nginx/git.access.log combined;
|
||||||
server_name git.zzls.xyz;
|
server_name git.zzls.xyz;
|
||||||
|
@ -6,9 +10,9 @@ server {
|
||||||
include configs/robots.conf;
|
include configs/robots.conf;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_pass http://unix:/run/forgejo/forgejo.socket;
|
proxy_pass http://forgejo;
|
||||||
include configs/proxy.conf;
|
include configs/proxy.conf;
|
||||||
client_max_body_size 64M;
|
client_max_body_size 128M;
|
||||||
}
|
}
|
||||||
|
|
||||||
# QUIC
|
# QUIC
|
||||||
|
@ -20,6 +24,7 @@ server {
|
||||||
include configs/ssl.conf;
|
include configs/ssl.conf;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
if ($host = git.zzls.xyz) {
|
if ($host = git.zzls.xyz) {
|
||||||
return 301 https://$host$request_uri;
|
return 301 https://$host$request_uri;
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
server {
|
server {
|
||||||
access_log /var/log/nginx/i.ayaya.beauty.access.log;
|
access_log /var/log/nginx/i.ayaya.beauty.access.log;
|
||||||
server_name i.ayaya.beauty;
|
server_name i.ayaya.beauty;
|
||||||
root /var/www/files2;
|
root /mnt/ssd/i.ayaya.beauty/;
|
||||||
autoindex off;
|
autoindex off;
|
||||||
index index.html;
|
index index.html;
|
||||||
include configs/general.conf;
|
include configs/general.conf;
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
limit_req_zone $binary_remote_addr zone=invidious:10m rate=5r/s;
|
limit_req_zone $binary_remote_addr zone=invidious:10m rate=5r/s;
|
||||||
# Rate limit api requests, just 60 per sec, wathcing a normal video does like
|
# Rate limit api requests, just 60 per sec, wathcing a normal video does like
|
||||||
# 3 to 4 api requests so you don't need more than 30 in a second unless is a bot spamming shit lol
|
# 3 to 4 api requests so you don't need more than 30 in a second unless is a bot spamming shit lol
|
||||||
limit_req_zone $binary_remote_addr zone=invidiousapi:10m rate=30r/s;
|
limit_req_zone $binary_remote_addr zone=invidiousapi:10m rate=40r/s;
|
||||||
|
|
||||||
upstream inv {
|
upstream inv {
|
||||||
server 127.0.0.1:40015 max_fails=3 fail_timeout=3s;
|
server 127.0.0.1:40015 max_fails=3 fail_timeout=3s;
|
||||||
|
@ -52,6 +52,7 @@ server {
|
||||||
proxy_max_temp_file_size 32m;
|
proxy_max_temp_file_size 32m;
|
||||||
proxy_pass http://http3-ytproxy;
|
proxy_pass http://http3-ytproxy;
|
||||||
add_header Cache-Control private always;
|
add_header Cache-Control private always;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
|
@ -65,7 +66,11 @@ server {
|
||||||
|
|
||||||
location /api {
|
location /api {
|
||||||
try_files $uri @upstream;
|
try_files $uri @upstream;
|
||||||
limit_req zone=invidiousapi;
|
#limit_req zone=invidiousapi;
|
||||||
|
}
|
||||||
|
|
||||||
|
location /api/v1/storyboards {
|
||||||
|
try_files $uri @upstream;
|
||||||
}
|
}
|
||||||
|
|
||||||
location /api/v1/captions {
|
location /api/v1/captions {
|
||||||
|
@ -76,6 +81,10 @@ server {
|
||||||
try_files $uri @upstream;
|
try_files $uri @upstream;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
location ~ ^/api/v1/channels/(.+)/shorts {
|
||||||
|
try_files $uri @upstream;
|
||||||
|
}
|
||||||
|
|
||||||
location @fallback {
|
location @fallback {
|
||||||
root /etc/nginx/errors;
|
root /etc/nginx/errors;
|
||||||
try_files $uri /502.html = 502;
|
try_files $uri /502.html = 502;
|
||||||
|
|
|
@ -13,8 +13,8 @@ server {
|
||||||
# QUIC
|
# QUIC
|
||||||
add_header Alt-Svc 'h3=":443"; ma=86400';
|
add_header Alt-Svc 'h3=":443"; ma=86400';
|
||||||
|
|
||||||
listen 443 ssl;
|
listen 443 ssl default_server;
|
||||||
listen 443 quic;
|
listen 443 quic default_server;
|
||||||
http2 on;
|
http2 on;
|
||||||
include configs/ssl.conf;
|
include configs/ssl.conf;
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,27 @@
|
||||||
|
server {
|
||||||
|
server_name spanixdev.zzls.xyz;
|
||||||
|
include configs/general.conf;
|
||||||
|
include configs/security.conf;
|
||||||
|
include configs/robotsNone.conf;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://localhost:40080;
|
||||||
|
include configs/proxy.conf;
|
||||||
|
}
|
||||||
|
|
||||||
|
# QUIC
|
||||||
|
add_header Alt-Svc 'h3=":443"; ma=86400';
|
||||||
|
|
||||||
|
listen 443 ssl;
|
||||||
|
listen 443 quic;
|
||||||
|
http2 on;
|
||||||
|
include configs/ssl.conf;
|
||||||
|
|
||||||
|
}
|
||||||
|
server {
|
||||||
|
if ($host = spanixdev.zzls.xyz) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
}
|
||||||
|
listen 80;
|
||||||
|
server_name spanixdev.zzls.xyz;
|
||||||
|
}
|
|
@ -0,0 +1,28 @@
|
||||||
|
server {
|
||||||
|
access_log /var/log/nginx/twitch.zzls.xyz.access.log;
|
||||||
|
server_name twitch.zzls.xyz;
|
||||||
|
include configs/general.conf;
|
||||||
|
include configs/security.conf;
|
||||||
|
include configs/robotsNone.conf;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://127.0.0.1:9595;
|
||||||
|
include configs/proxy.conf;
|
||||||
|
}
|
||||||
|
|
||||||
|
# QUIC
|
||||||
|
add_header Alt-Svc 'h3=":443"; ma=86400';
|
||||||
|
|
||||||
|
listen 443 ssl;
|
||||||
|
listen 443 quic;
|
||||||
|
http2 on;
|
||||||
|
include configs/ssl.conf;
|
||||||
|
|
||||||
|
}
|
||||||
|
server {
|
||||||
|
if ($host = twitch.zzls.xyz) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
}
|
||||||
|
listen 80;
|
||||||
|
server_name twitch.zzls.xyz;
|
||||||
|
}
|
|
@ -0,0 +1,106 @@
|
||||||
|
# FUCK BOTS
|
||||||
|
limit_req_zone $binary_remote_addr zone=debug-4get:10m rate=1r/s;
|
||||||
|
|
||||||
|
# CLEARNET
|
||||||
|
server {
|
||||||
|
access_log /var/log/nginx/debug-4get.access.log;
|
||||||
|
error_log /var/log/nginx/debug-4get.error.log;
|
||||||
|
server_name debug-4get.zzls.xyz;
|
||||||
|
root /var/www/4get;
|
||||||
|
include configs/general.conf;
|
||||||
|
include configs/robotsNone.conf;
|
||||||
|
include configs/security.conf;
|
||||||
|
|
||||||
|
location @upstream {
|
||||||
|
try_files $uri.php $uri/index.php =404;
|
||||||
|
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
|
||||||
|
fastcgi_index index.php;
|
||||||
|
include fastcgi.conf;
|
||||||
|
fastcgi_intercept_errors on;
|
||||||
|
}
|
||||||
|
|
||||||
|
location / {
|
||||||
|
try_files $uri @upstream;
|
||||||
|
}
|
||||||
|
|
||||||
|
location /web {
|
||||||
|
try_files $uri @upstream;
|
||||||
|
limit_req zone=debug-4get nodelay;
|
||||||
|
limit_req_status 429;
|
||||||
|
|
||||||
|
if ($server_protocol ~* "HTTP/1.1") {
|
||||||
|
return 444;
|
||||||
|
}
|
||||||
|
|
||||||
|
include snippets/torblacklist.conf;
|
||||||
|
include snippets/spys.me.proxies.blacklist.conf;
|
||||||
|
error_page 403 =302 /torisblocked;
|
||||||
|
error_page 429 =302 /rl;
|
||||||
|
}
|
||||||
|
location /torisblocked {
|
||||||
|
add_header Content-Type text/plain;
|
||||||
|
return 200 "
|
||||||
|
Tor and Proxies are not allowed in this service, sorry.
|
||||||
|
Check if this service offers a Tor version instead, if yes, use it, if not, well, there is no way to use this service.
|
||||||
|
|
||||||
|
Tor y Proxies no estan permitidos en este servicio, lo siento.
|
||||||
|
Revisa si este servicio ofrece una version para Tor, si es asi, usalo, si no, pues no hay forma de usar este servicio.";
|
||||||
|
}
|
||||||
|
|
||||||
|
location /rl {
|
||||||
|
add_header Content-Type text/plain;
|
||||||
|
return 200 "Rate Limited, don't spam searches to prevent errors";
|
||||||
|
}
|
||||||
|
|
||||||
|
location /data {
|
||||||
|
return 444;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~* ^(.*)\.php$ {
|
||||||
|
return 301 $1;
|
||||||
|
}
|
||||||
|
# Tor Header
|
||||||
|
add_header Onion-Location http://debug-4get.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion$request_uri;
|
||||||
|
|
||||||
|
# QUIC
|
||||||
|
add_header Alt-Svc 'h3=":443";ma=86400';
|
||||||
|
|
||||||
|
listen 443 ssl;
|
||||||
|
listen 443 quic;
|
||||||
|
http2 on;
|
||||||
|
include configs/ssl.conf;
|
||||||
|
}
|
||||||
|
|
||||||
|
# TOR
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
server_name debug-4get.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
|
||||||
|
|
||||||
|
root /var/www/4get;
|
||||||
|
|
||||||
|
location @upstream {
|
||||||
|
try_files $uri.php $uri/index.php =404;
|
||||||
|
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
|
||||||
|
fastcgi_index index.php;
|
||||||
|
include fastcgi.conf;
|
||||||
|
fastcgi_intercept_errors on;
|
||||||
|
}
|
||||||
|
|
||||||
|
location / {
|
||||||
|
try_files $uri @upstream;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~* ^(.*)\.php$ {
|
||||||
|
return 301 $1;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = debug-4get.zzls.xyz) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
}
|
||||||
|
listen 80;
|
||||||
|
server_name debug-4get.zzls.xyz;
|
||||||
|
}
|
|
@ -1 +0,0 @@
|
||||||
../sites-available/librex.zzls.xyz.conf
|
|
|
@ -0,0 +1 @@
|
||||||
|
../sites-available/spanixdev.zzls.xyz.conf
|
|
@ -0,0 +1 @@
|
||||||
|
../sites-available/twtich.zzls.xyz.conf
|
|
@ -13,7 +13,7 @@ ExecStart=/opt/invidious/invidious/invidious -o invidious%i.log -p %i
|
||||||
StandardOutput=null
|
StandardOutput=null
|
||||||
#StandardError=null
|
#StandardError=null
|
||||||
Restart=always
|
Restart=always
|
||||||
RuntimeMaxSec=1h
|
#RuntimeMaxSec=1h
|
||||||
LimitNOFILE=16384
|
LimitNOFILE=16384
|
||||||
|
|
||||||
# Security
|
# Security
|
||||||
|
|
|
@ -7,9 +7,9 @@ Wants=network-online.target
|
||||||
Type=forking
|
Type=forking
|
||||||
User=mc
|
User=mc
|
||||||
Group=mc
|
Group=mc
|
||||||
Environment=JAVA_HOME=/usr/lib/jvm/java-8-openjdk/bin/
|
Environment=JAVA_HOME=/usr/lib/jvm/java-8-openjdk
|
||||||
WorkingDirectory=/opt/mc/server/
|
WorkingDirectory=/opt/mc/server/
|
||||||
ExecStart=/usr/bin/tmux new-session -s minecraft -d 'java -Xmx512M -Xms512M -jar project-poseidon-1.1.8.jar nogui'
|
ExecStart=/usr/bin/tmux new-session -s minecraft -d '/usr/lib/jvm/java-8-openjdk/bin/java -Xmx512M -Xms512M -jar project-poseidon-1.1.8.jar nogui'
|
||||||
ExecStop=/usr/bin/tmux send -t minecraft.0 stop ENTER
|
ExecStop=/usr/bin/tmux send -t minecraft.0 stop ENTER
|
||||||
#ExecRestart=/usr/bin/tmux send -t minecraft.0 stop ENTER; sleep 10; /usr/bin/tmux new-session -s minecraft -d 'java -Xmx512M -Xms512M -jar project-poseidon-1.1.8.jar nogui'
|
#ExecRestart=/usr/bin/tmux send -t minecraft.0 stop ENTER; sleep 10; /usr/bin/tmux new-session -s minecraft -d 'java -Xmx512M -Xms512M -jar project-poseidon-1.1.8.jar nogui'
|
||||||
TimeoutStopSec=10
|
TimeoutStopSec=10
|
||||||
|
|
Loading…
Reference in New Issue