add new searxng shit in other server

2023-03-29 21:48:25 +00:00 · 2023-03-29 21:48:25 +00:00 · 6f9e7593c8
parent ff8a4e13ec
commit 6f9e7593c8
1 changed files with 68 additions and 0 deletions
--- a/nginx/sites-available/search.zzls.xyz.conf
+++ b/nginx/sites-available/search.zzls.xyz.conf
@ -0,0 +1,68 @@
+server {
+    access_log /var/log/nginx/search.access.log;
+    error_log /var/log/nginx/search.error.log;
+
+    server_name search.zzls.xyz;
+    #include configs/general.conf;
+
+    location / {
+	
+	uwsgi_pass unix:///usr/local/searxng/run/socket;
+
+    include uwsgi_params;
+
+    uwsgi_param    HTTP_HOST             $host;
+    uwsgi_param    HTTP_CONNECTION       $http_connection;
+
+    # see flaskfix.py
+    uwsgi_param    HTTP_X_SCHEME         $scheme;
+    uwsgi_param    HTTP_X_SCRIPT_NAME    /searxng;
+
+    # see limiter.py
+    uwsgi_param    HTTP_X_REAL_IP        $remote_addr;
+    uwsgi_param    HTTP_X_FORWARDED_FOR  $proxy_add_x_forwarded_for;
+    }
+
+   # location /searx/static/ {
+   #     alias /usr/local/searxng/searxng-src/searx/static/;
+   # }
+
+    # Onion Service Header
+    # add_header Onion-Location http://searxdr3pqz4nydgnqocsia2xbywptxbkympa2emn7zlgggrir4bkfad.onion$request_uri;
+
+    # QUIC
+    add_header Alt-Svc 'h3=":443"; ma=86400';
+
+    # CSP + Security Headers
+    # include configs/securityheaders.conf;
+    add_header Permissions-Policy        "interest-cohort=()" always;
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+    add_header Content-Security-Policy "default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'self' https://github.com/tiekoetter/searxng/issues/new; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self' https://overpass-api.de; img-src 'self' data: https://*.tile.openstreetmap.org; frame-src 'self' https://www.youtube-nocookie.com https://invidious.tiekoetter.com https://player.vimeo.com https://www.dailymotion.com https://www.deezer.com https://www.mixcloud.com https://w.soundcloud.com https://embed.spotify.com https://open.spotify.com/" always;
+
+    #quic_retry on;
+    #quic_gso on;
+    #ssl_early_data on;
+    #ssl_session_ticket_key /etc/nginx/http3key.key;
+
+
+    #listen 443 http3;
+    listen 443 http2 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/search.zzls.xyz/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/search.zzls.xyz/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    if ($host = search.zzls.xyz) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+	listen 80;
+
+    server_name search.zzls.xyz;
+    return 404; # managed by Certbot
+
+
+}