Fijxu
/
etc-configs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

xD

This commit is contained in:
sf.nadeko.net 2024-01-30 02:39:30 -03:00
parent 64fc6cc77e
commit 894362e50d
71 changed files with 75 additions and 2734 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
nginx/conf.d/4get.zzls.xyz.conf → nginx/conf.d/4get.conf
View File

@ -62,13 +62,13 @@ server {
# TOR
server {
listen 80;
server_name 4get.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
root /var/www/4get-zzls/;
listen 10040;
server_name 4get.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion 4get.nadekonw7plitnjuawu6ytjsl7jlglk2t6pyq6eftptmiv3dvqndwvyd.onion;
root /var/www/4get-zzls;
location @upstream {
try_files $uri.php $uri/index.php =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_pass php-fpm;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;

0
nginx/conf.d/debug4get.zzls.xyz.conf → nginx/conf.d/debug4get.conf
View File

11
nginx/conf.d/debuginv.zzls.xyz.conf → nginx/conf.d/debuginv.conf
View File

@ -1,7 +1,7 @@
# CLEARNET
server {
access_log /var/log/nginx/debuginv.access.log;
error_log /var/log/nginx/debuginv.error.log;
access_log /tmp/debuginv.access.log;
error_log /tmp/debuginv.error.log;
server_name debuginv.zzls.xyz;
include configs/general.conf;
include configs/robotsNone.conf;
@ -19,8 +19,6 @@ server {
proxy_cache off;
}
error_page 502 /502.html;
# location ~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/) {
# access_log /var/log/nginx/debuginv-proxy.access.log;
# error_log /var/log/nginx/debuginv-proxy.error.log;
@ -89,11 +87,6 @@ server {
try_files $uri @upstream;
}
location = /502.html {
alias /etc/nginx/errors/502;
index index.html;
}
# QUIC
include configs/http3.conf;

0
nginx/conf.d/ayaya.beauty.conf → nginx/conf.d/disabled/ayaya.beauty.conf
View File

0
nginx/conf.d/i.ayaya.beauty.conf → nginx/conf.d/disabled/i.ayaya.beauty.conf
View File

18
nginx/conf.d/git.zzls.xyz.conf → nginx/conf.d/git.conf
View File

@ -1,10 +1,13 @@
upstream forgejo {
server unix:/run/forgejo/forgejo.sock;
server {
server_name git.zzls.xyz;
rewrite ^ https://git.nadeko.net$request_uri? permanent;
listen 80;
listen 443 ssl;
}
server {
access_log /var/log/nginx/git.access.log combined2;
server_name git.zzls.xyz git.nadeko.net;
access_log /var/log/nginx/git.access.log;
server_name git.nadeko.net;
include configs/general.conf;
include configs/security.conf;
include configs/robots.conf;
@ -16,7 +19,7 @@ server {
}
# QUIC
include configs/http3.conf;
# include configs/http3.conf;
listen 443 ssl;
http2 on;
@ -25,9 +28,6 @@ server {
server {
set $x "";
if ($host = git.zzls.xyz) {
set $x 1;
}
if ($host = git.nadeko.net) {
set $x 1;
}
@ -35,5 +35,5 @@ server {
return 301 https://$host$request_uri;
}
listen 80;
server_name git.zzls.xyz;
server_name git.nadeko.net;
}

13
nginx/conf.d/inv.zzls.xyz.conf → nginx/conf.d/inv.conf
View File

@ -1,4 +1,5 @@
limit_req_zone $binary_remote_addr zone=invidious-apirl:1m rate=40r/s;
server {
server_name inv.zzls.xyz;
rewrite ^ https://inv.nadeko.net$request_uri? permanent;
@ -16,13 +17,13 @@ server {
# include configs/security.conf;
# The messed up invidious configuration
include conf.d/inv.zzls.xyz.locations;
include conf.d/inv.conf.locations;
# QUIC
include configs/http3.conf;
# TOR
add_header Onion-Location http://inv.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion$request_uri;
add_header Onion-Location http://inv.nadekonw7plitnjuawu6ytjsl7jlglk2t6pyq6eftptmiv3dvqndwvyd.onion$request_uri;
listen 443 ssl;
http2 on;
@ -30,12 +31,12 @@ server {
# TOR
server {
listen 80;
server_name inv.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
listen 10040;
server_name inv.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion inv.nadekonw7plitnjuawu6ytjsl7jlglk2t6pyq6eftptmiv3dvqndwvyd.onion;
include configs/general.conf;
include configs/robotsNone.conf;
include conf.d/inv.zzls.xyz.locations;
include conf.d/inv.conf.locations;
}
# I2P
@ -45,7 +46,7 @@ server {
include configs/general.conf;
include configs/robotsNone.conf;
include conf.d/inv.zzls.xyz.locations;
include conf.d/inv.conf.locations;
}
server {

4
nginx/conf.d/inv.zzls.xyz.locations → nginx/conf.d/inv.conf.locations
View File

@ -25,8 +25,8 @@ location ~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/) {
proxy_max_temp_file_size 32m;
proxy_pass http://http3-ytproxy;
add_header Cache-Control private always;
limit_rate 6000k;
limit_rate 8000k;
limit_conn addr 100;
}
location / {

0
nginx/conf.d/keygenmusic.zzls.xyz.conf → nginx/conf.d/keygenmusic.conf
View File

1
nginx/conf.d/luna.zzls.xyz.conf → nginx/conf.d/luna.conf
View File

@ -13,7 +13,6 @@ server {
include configs/general.conf;
include configs/security.conf;
add_header Access-Control-Allow-Origin *;
add_header Content-Type application/octet-stream;
location /_h5ai/private {
return 403;

0
nginx/conf.d/matrix.zzls.xyz.conf → nginx/conf.d/matrix.conf
View File

2
nginx/conf.d/pbin.zzls.xyz.conf → nginx/conf.d/pbin.conf
View File

@ -5,7 +5,7 @@ server {
include configs/robotsNone.conf;
location / {
proxy_pass http://localhost:40001;
proxy_pass http://privatebin;
include configs/proxy.conf;
}

4
nginx/conf.d/ri.zzls.xyz.conf → nginx/conf.d/ri.conf
View File

@ -20,8 +20,8 @@ server {
# TOR
server {
listen 80;
server_name rimgo.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
listen 10040;
server_name rimgo.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion rimgo.nadekonw7plitnjuawu6ytjsl7jlglk2t6pyq6eftptmiv3dvqndwvyd.onion;
include configs/general.conf;
include configs/robotsNone.conf;

33
nginx/conf.d/spanixdev.zzls.xyz.conf
View File

@ -1,33 +0,0 @@
server {
server_name spanixdev.zzls.xyz spanixdev.nadeko.net;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://localhost:40080;
include configs/proxy.conf;
}
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
}
server {
set $x "";
if ($host = spanixdev.zzls.xyz) {
set $x 1;
}
if ($host = spanixdev.nadeko.net) {
set $x 1;
}
if ($x = 1) {
return 301 https://$host$request_uri;
}
listen 80;
server_name spanixdev.zzls.xyz spanixdev.nadeko.net;
return 404;
}

26
nginx/conf.d/twtich.zzls.xyz.conf.disabled
View File

@ -1,26 +0,0 @@
server {
access_log /var/log/nginx/twitch.zzls.xyz.access.log;
server_name twitch.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://127.0.0.1:9595;
include configs/proxy.conf;
}
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
}
server {
if ($host = twitch.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name twitch.zzls.xyz;
}

21
nginx/configs/lets-encrypt.conf
View File

@ -1,21 +0,0 @@
ssl_certificate_key /etc/letsencrypt/live/zzls.xyz/privkey.pem;
ssl_certificate /etc/letsencrypt/live/zzls.xyz/fullchain.pem;
# curl https://ssl-config.mozilla.org/ffdhe2048.txt > /path/to/dhparam
ssl_dhparam /etc/letsencrypt/live/zzls.xyz/dhparam;
# verify chain of trust of OCSP response using Root CA and Intermediate certs
# ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
# intermediate configuration
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
# # HSTS (ngx_http_headers_module is required) (63072000 seconds)
# add_header Strict-Transport-Security "max-age=63072000" always;
# Based on https://git.vern.cc/vern/nginx-configs/raw/branch/master/snippets/lets-encrypt.conf

6
nginx/configs/security.conf
View File

@ -1,8 +1,6 @@
# security headers
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
#add_header Content-Security-Policy "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';" always;
add_header Permissions-Policy "interest-cohort=()" always;
add_header Referrer-Policy "same-origin" always;
add_header X-Frame-Options "sameorigin" always;
add_header Permissions-Policy "interest-cohort=()" always;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;

10
nginx/configs/ssl.conf
View File

@ -1,7 +1,5 @@
ssl_certificate /etc/letsencrypt/live/zzls.xyz/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/zzls.xyz/privkey.pem;
include configs/sslConfig.conf;
# ECDSA
ssl_certificate /etc/ssl/nadeko.net/fullchain.ec.crt;
ssl_certificate_key /etc/ssl/nadeko.net/nadeko.net.ec.key;
# OLD LETSENCRYPT SHIT XD
#include /etc/letsencrypt/options-ssl-nginx.conf;
#ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
include configs/sslConfig.conf;

13
nginx/dhparam.pem Normal file
View File

@ -0,0 +1,13 @@
-----BEGIN DH PARAMETERS-----
MIICDAKCAgEAiK/Y67KsiSrOlySdj5iBvVc64vUPIZOBWxQ05ggVhuTWJeZKGjes
/R6VA43Zh9Yo1U2cQl5semyPNzseEk5cwiK1ZOXz9WJiCmrdOFkB9uIpcL0Gz/r6
56m4F9ki1/ikJZzKRiBxvt6rQS9K4FMjkMliOFqwqVCt1Bh3EYYXebUjWrkKHb4t
kraEorQbObFodvKcBVG7dcI4EVZhL6wgznp/xZdHYG65jo1GPC7yTJHiTuvD7Ng9
EsMssnfpdss3f6SmtWGuAkH7vWht7NJse3oePiTRVRiFuW4i4wO5Omu4CJ8kKlwi
dmG8/o4eQbYWNqfMsCZFBx04i33SsUFQAPZXUQGGmLeNNFdncA0g3agN457ZQvuS
buhMpiZUw2sI13UH1D7vZBZSTvc+cleRk2w24wHqcMJ8HAuHQ4WhdrC24w8uD8H8
hJu78K4FibQ7no1syZEhHR/8AkRPAj/dGMlgJQ/dpI07cll/yMiICkytUydYPwT4
+lXbT+oN1rwA7HSttkMFt+z2Oi3RtH9VaIl3zY5bRCk28+GW2mo8+bL5JGl0qooe
OQsYn+mbZLdtUYhYaaYktJaLyPyQ6WtrssJas+gSdW/1RmT+WRkARaIC201WS+aS
guGOj0Lr0My+pW/Jj3wB8Hi6tpm+02KNaQUFubNWgcQZU33Ejj1rnfcCAQICAgFF
-----END DH PARAMETERS-----

26
nginx/fastcgi.conf Normal file
View File

@ -0,0 +1,26 @@
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;

9
nginx/nginx.conf
View File

@ -1,7 +1,6 @@
worker_processes auto;
worker_rlimit_nofile 65535;
# Include Modules
include /etc/nginx/modules-enabled/*.conf;
load_module /usr/lib/nginx/modules/ngx_http_brotli_filter_module.so; # for compressing responses on-the-fly
load_module /usr/lib/nginx/modules/ngx_http_brotli_static_module.so; # for serving pre-compressed files
@ -15,12 +14,9 @@ http {
log_format limited '$remote_addr - $remote_user [$time_local] '
'"$request_method /bogus $server_protocol" $status $body_bytes_sent '
'"-" "Bogus/66.6" - "$http_host"';
log_format combined2 '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" "$http_host"';
access_log off;
error_log /dev/null;
disable_symlinks off;
# Basic Settings
charset utf-8;
@ -35,7 +31,6 @@ http {
# MIME
include mime.types;
#default_type application/octet-stream;
# SSL
include configs/ssl.conf;
@ -67,7 +62,7 @@ http {
# Maps
include /etc/nginx/snippets/maps.conf;
include /etc/nginx/snippets/poop.conf;
limit_conn_zone $binary_remote_addr zone=addr:10m;
include /etc/nginx/configs/upstreams.conf;
include /etc/nginx/conf.d/*.conf;

106
nginx/sites-available-archive/4get.zzls.xyz.conf
View File

@ -1,106 +0,0 @@
limit_req_zone $binary_remote_addr zone=4get:10m rate=4r/s;
# CLEARNET
server {
access_log /var/log/nginx/4get.access.log limited;
error_log /var/log/nginx/4get.error.log;
server_name 4get.zzls.xyz;
root /var/www/4get-zzls;
include configs/general.conf;
include configs/robotsNone.conf;
include configs/security.conf;
location @upstream {
try_files $uri.php $uri/index.php =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;
}
location ~* ^(.*)\.php$ {
return 301 $1;
}
location / {
try_files $uri @upstream;
}
location /web {
try_files $uri @upstream;
limit_req zone=4get nodelay;
limit_req_status 429;
if ($server_protocol ~* "HTTP/1.1") {
return 444;
}
include snippets/torblacklist.conf;
error_page 403 =302 /torisblocked;
error_page 429 =302 /rl;
}
location /torisblocked {
add_header Content-Type text/plain;
return 200 "
Tor and Proxies are not allowed in this service, sorry.
Check if this service offers a Tor version instead, if yes, use it, if not, well, there is no way to use this service.
Tor y Proxies no estan permitidos en este servicio, lo siento.
Revisa si este servicio ofrece una version para Tor, si es asi, usalo, si no, pues no hay forma de usar este servicio.";
}
location /rl {
add_header Content-Type text/plain;
return 200 "Rate Limited, don't spam searches to prevent errors";
}
location /data {
return 444;
}
# Tor Header
add_header Onion-Location http://4get.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion$request_uri;
# QUIC
add_header Alt-Svc 'h3=":443";ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
# TOR
server {
listen 80;
server_name 4get.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
root /var/www/4get;
location @upstream {
try_files $uri.php $uri/index.php =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;
}
location / {
try_files $uri @upstream;
}
location ~* ^(.*)\.php$ {
return 301 $1;
}
}
server {
if ($host = 4get.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name 4get.zzls.xyz;
}

34
nginx/sites-available-archive/7tv.gay.conf
View File

@ -1,34 +0,0 @@
server {
access_log /var/log/nginx/7tv.gay.access.log combined;
root /var/www/7tv;
index index.html;
server_name 7tv.gay;
# Security headers and general settings
include configs/security.conf;
include configs/general.conf;
include configs/robots.conf;
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
ssl_certificate /etc/letsencrypt/live/7tv.gay/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/7tv.gay/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
server {
if ($host = 7tv.gay) {
return 301 https://$host$request_uri;
}
# managed by Certbo
listen 80;
server_name 7tv.gay;
return 404;
}

39
nginx/sites-available-archive/api.spacebar.zzls.xyz.conf
View File

@ -1,39 +0,0 @@
server {
server_name api.spacebar.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://127.0.0.1:3001;
proxy_set_header Host $host;
proxy_pass_request_headers on;
add_header Last-Modified $date_gmt;
add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $remote_addr;
proxy_no_cache 1;
proxy_cache_bypass 1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = api.spacebar.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name api.spacebar.zzls.xyz;
}

25
nginx/sites-available-archive/archive.zzls.xyz.conf
View File

@ -1,25 +0,0 @@
server {
access_log /var/log/nginx/archive.zzls.xyz.log combined;
server_name archive.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://127.0.0.1:40004;
include configs/proxy.conf;
}
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = archive.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name archive.zzls.xyz;
}

60
nginx/sites-available-archive/ayaya.beauty.conf
View File

@ -1,60 +0,0 @@
server {
access_log /var/log/nginx/ayaya.beauty.access.log combined;
error_log /var/log/nginx/ayaya.beauty.error.log;
server_name ayaya.beauty;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
include snippets/torblacklist.conf;
include snippets/spys.me.proxies.blacklist.conf;
error_page 403 =302 /torisblocked;
root /var/www/uguu/dist/public/;
autoindex off;
index index.html index.php;
client_max_body_size 512M;
location ~* \.(css|js|jpg|jpeg|gif|png|ico|xml|eot|woff|woff2|ttf|svg|otf|x-icon|avif|webp|apng)$ {
expires 7d;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_intercept_errors on;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location /torisblocked {
add_header Content-Type text/plain;
return 200 "
Tor is not allowed in this service, sorry.
Check if this service offers a Tor version instead, if yes, use it, if not, well, there is no way to use this service.
Tor no esta permitido en este servicio, lo siento.
Revisa si este servicio ofrece una version para Tor, si es asi, usalo, si no, pues no hay forma de usar este servicio.";
}
listen 443 ssl;
listen 443 quic;
http2 on;
ssl_certificate /etc/letsencrypt/live/ayaya.beauty/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ayaya.beauty/privkey.pem;
include configs/sslConfig.conf;
}
server {
if ($host = ayaya.beauty) {
return 301 https://$host$request_uri;
}
listen 80;
server_name ayaya.beauty;
return 404;
}

41
nginx/sites-available-archive/cdn.spacebar.zzls.xyz.conf
View File

@ -1,41 +0,0 @@
server {
server_name cdn.spacebar.zzls.xyz;
#include configs/general.conf;
location / {
proxy_pass http://localhost:3003;
#include configs/proxyheaders.conf;
proxy_set_header Host $host;
proxy_pass_request_headers on;
add_header Last-Modified $date_gmt;
add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $remote_addr;
proxy_no_cache 1;
proxy_cache_bypass 1;
}
#include configs/securityheaders.conf;
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = cdn.spacebar.zzls.xyz) {
return 301 https://$host$request_uri;
listen 80;
server_name cdn.spacebar.zzls.xyz;
}

29
nginx/sites-available-archive/cryptochat.zzls.xyz.conf
View File

@ -1,29 +0,0 @@
server {
server_name cryptochat.zzls.xyz cc.zzls.xyz;
# Security headers and general settings
include configs/security.conf;
include configs/general.conf;
location / {
proxy_pass http://127.0.0.1:40005;
include configs/proxy.conf;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
}
server {
if ($host ~ (cryptochat.zzls.xyz|cc.zzls.xyz)) {
return 301 https://$host$request_uri;
listen 80;
server_name cryptochat.zzls.xyz cc.zzls.xyz;
}

38
nginx/sites-available-archive/cytube.zzls.xyz.conf
View File

@ -1,38 +0,0 @@
server {
server_name cytube.zzls.xyz;
include configs/general.conf;
location / {
proxy_pass http://127.0.0.1:40023;
include configs/proxyheaders.conf;
}
location ^~ /socket {
proxy_pass http://localhost:40024;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
#include configs/securityheaders.conf;
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
http2 on;
}
server {
if ($host = cytube.zzls.xyz) {
return 301 https://$host$request_uri;
listen 80;
server_name cytube.zzls.xyz;
}

68
nginx/sites-available-archive/debug.inv.zzls.xyz.conf
View File

@ -1,68 +0,0 @@
limit_req_zone $binary_remote_addr zone=one:10m rate=2r/s;
upstream inv-debug {
server 127.0.0.1:40050;
}
server {
access_log /var/log/nginx/debuginv.access.log;
error_log /var/log/nginx/debuginv.error.log;
server_name debuginv.zzls.xyz;
include configs/general.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://inv-debug;
include configs/proxy.conf;
limit_rate 12000k;
# Disable buffering and cache so i don't kill my
# SSD and bandwidth usage
proxy_buffering off;
proxy_request_buffering off;
proxy_cache off;
proxy_intercept_errors on;
error_page 502 = @fallback;
}
location ~ ^/api/ {
proxy_pass http://inv-debug;
include configs/proxy.conf;
limit_rate 12000k;
# Disable buffering and cache so i don't kill my
# SSD and bandwidth usage
proxy_buffering off;
proxy_request_buffering off;
proxy_cache off;
limit_req zone=one;
}
location ~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/) {
proxy_buffers 1024 16k;
proxy_set_header X-Forwarded-For "";
proxy_hide_header "alt-svc";
sendfile_max_chunk 512k;
proxy_hide_header Cache-Control;
proxy_hide_header etag;
proxy_http_version 1.1;
proxy_set_header Connection keep-alive;
proxy_max_temp_file_size 32m;
access_log /var/log/nginx/http3-ytproxy.log;
proxy_pass http://unix:/opt/http3-ytproxy/socket/http-proxy-1.sock;
add_header Cache-Control private always;
}
location @fallback {
root /etc/nginx/errors;
try_files $uri /502.html =502;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}

106
nginx/sites-available-archive/debug4get.zzls.xyz.conf
View File

@ -1,106 +0,0 @@
limit_req_zone $binary_remote_addr zone=4get:10m rate=4r/s;
# CLEARNET
server {
access_log /var/log/nginx/4get.access.log;
error_log /var/log/nginx/4get.error.log;
server_name debug4get.zzls.xyz;
root /var/www/4get-zzls;
include configs/general.conf;
include configs/robotsNone.conf;
include configs/security.conf;
location @upstream {
try_files $uri.php $uri/index.php =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;
}
location ~* ^(.*)\.php$ {
return 301 $1;
}
location / {
try_files $uri @upstream;
}
location /web {
try_files $uri @upstream;
limit_req zone=4get nodelay;
limit_req_status 429;
if ($server_protocol ~* "HTTP/1.1") {
return 444;
}
include snippets/torblacklist.conf;
error_page 403 =302 /torisblocked;
error_page 429 =302 /rl;
}
location /torisblocked {
add_header Content-Type text/plain;
return 200 "
Tor and Proxies are not allowed in this service, sorry.
Check if this service offers a Tor version instead, if yes, use it, if not, well, there is no way to use this service.
Tor y Proxies no estan permitidos en este servicio, lo siento.
Revisa si este servicio ofrece una version para Tor, si es asi, usalo, si no, pues no hay forma de usar este servicio.";
}
location /rl {
add_header Content-Type text/plain;
return 200 "Rate Limited, don't spam searches to prevent errors";
}
location /data {
return 444;
}
# Tor Header
add_header Onion-Location http://4get.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion$request_uri;
# QUIC
add_header Alt-Svc 'h3=":443";ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
# TOR
server {
listen 80;
server_name 4get.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
root /var/www/4get;
location @upstream {
try_files $uri.php $uri/index.php =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;
}
location / {
try_files $uri @upstream;
}
location ~* ^(.*)\.php$ {
return 301 $1;
}
}
server {
if ($host = 4get.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name 4get.zzls.xyz;
}

52
nginx/sites-available-archive/files2.zzls.xyz.conf
View File

@ -1,52 +0,0 @@
server {
access_log /var/log/nginx/files2.zzls.xyz.log combined;
server_name files2.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location / {
if ($http_user_agent ~* (google) ) {
return 404;
}
root /mnt/storage/files2.zzls.xyz;
index index.html index.php /_h5ai/public/index.php;
limit_rate 5000k;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_param HTTP_PROXY "";
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location /_h5ai/private {
return 403;
}
}
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = files2.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name files2.zzls.xyz;
}

42
nginx/sites-available-archive/gateway.spacebar.zzls.xyz.conf
View File

@ -1,42 +0,0 @@
server {
server_name gateway.spacebar.zzls.xyz;
#include configs/general.conf;
location / {
proxy_pass http://localhost:3002;
#include configs/proxyheaders.conf;
proxy_set_header Host $host;
proxy_pass_request_headers on;
add_header Last-Modified $date_gmt;
add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $remote_addr;
proxy_no_cache 1;
proxy_cache_bypass 1;
# This is important. It allows Websocket connections through NGINX.
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
#include configs/securityheaders.conf;
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
http2 on;
include configs/ssl.conf;
}
server {
if ($host = gateway.spacebar.zzls.xyz) {
return 301 https://$host$request_uri;
listen 80;
server_name gateway.spacebar.zzls.xyz;
}

88
nginx/sites-available-archive/gatoculiao.ayaya.beauty.conf
View File

@ -1,88 +0,0 @@
server {
access_log /var/log/nginx/gatoculiao.ayaya.beauty.log combined;
server_name gatoculiao.ayaya.beauty;
include configs/general.conf;
include configs/security.conf;
root /var/www/gatoculiao.ayaya.beauty;
index index.html;
http2 on;
listen 443 ssl;
listen 443 quic;
ssl_certificate /etc/letsencrypt/live/gatoculiao.ayaya.beauty/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/gatoculiao.ayaya.beauty/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
server {
access_log /var/log/nginx/vids.gatoculiao.ayaya.beauty.log combined;
server_name vids.gatoculiao.ayaya.beauty;
include configs/general.conf;
include configs/security.conf;
location / {
root /mnt/storage/gatoculiaovideos;
index index.html index.php /_h5ai/public/index.php;
limit_rate 6400k;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_param HTTP_PROXY "";
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location /_h5ai/private {
return 403;
}
}
http2 on;
listen 443 ssl;
listen 443 quic;
ssl_certificate /etc/letsencrypt/live/vids.gatoculiao.ayaya.beauty/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/vids.gatoculiao.ayaya.beauty/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
server {
if ($host = gatoculiao.ayaya.beauty) {
return 301 https://$host$request_uri;
}
listen 80;
server_name gatoculiao.ayaya.beauty;
return 404;
}
server {
if ($host = vids.gatoculiao.ayaya.beauty) {
return 301 https://$host$request_uri;
}
listen 80;
server_name vids.gatoculiao.ayaya.beauty;
return 404;
}

34
nginx/sites-available-archive/git.zzls.xyz.conf
View File

@ -1,34 +0,0 @@
upstream forgejo {
server unix:/run/forgejo/forgejo.sock;
}
server {
access_log /var/log/nginx/git.access.log combined;
server_name git.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
include configs/robots.conf;
location / {
proxy_pass http://forgejo;
include configs/proxy.conf;
client_max_body_size 128M;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = git.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name git.zzls.xyz;
}

36
nginx/sites-available-archive/i.ayaya.beauty.conf
View File

@ -1,36 +0,0 @@
server {
access_log /var/log/nginx/i.ayaya.beauty.access.log;
server_name i.ayaya.beauty;
root /mnt/ssd/i.ayaya.beauty/;
autoindex off;
index index.html;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
location / {
rewrite ^/(.*)/$ /\$1 break;
try_files $uri $uri.jpg $uri.png $uri.gif $uri.css $uri.js $uri/ =404;
error_page 403 =301 https://ayaya.beauty;
error_page 404 =301 https://ayaya.beauty;
}
listen 443 ssl;
listen 443 quic;
http2 on;
ssl_certificate /etc/letsencrypt/live/i.ayaya.beauty/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/i.ayaya.beauty/privkey.pem;
include configs/sslConfig.conf;
}
server {
if ($host = i.ayaya.beauty) {
return 301 https://$host$request_uri;
}
listen 80;
server_name i.ayaya.beauty;
return 404;
}

30
nginx/sites-available-archive/ii.zzls.xyz.conf
View File

@ -1,30 +0,0 @@
server {
root /opt/ImageUpload/ifiles/;
index index.html index.htm index.nginx-debian.html;
server_name ii.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location /upload {
client_max_body_size 4096M;
auth_basic "Restricted Content";
auth_basic_user_file /etc/fileupload.htpasswd;
proxy_pass http://localhost:40006;
include configs/proxy.conf;
}
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = ii.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name ii.zzls.xyz;
}

164
nginx/sites-available-archive/inv.zzls.xyz.conf
View File

@ -1,164 +0,0 @@
# Rate limit searches, just 5 per sec
limit_req_zone $binary_remote_addr zone=invidious:10m rate=5r/s;
# Rate limit api requests, just 60 per sec, wathcing a normal video does like
# 3 to 4 api requests so you don't need more than 30 in a second unless is a bot spamming shit lol
limit_req_zone $binary_remote_addr zone=invidiousapi:10m rate=40r/s;
upstream inv {
server 127.0.0.1:40015 max_fails=3 fail_timeout=3s;
server 127.0.0.1:40016 max_fails=3 fail_timeout=3s;
server 127.0.0.1:40017 max_fails=3 fail_timeout=3s;
}
upstream http3-ytproxy {
server unix:/opt/http3-ytproxy/socket/http-proxy-1.sock;
server unix:/opt/http3-ytproxy/socket/http-proxy-2.sock;
server unix:/opt/http3-ytproxy/socket/http-proxy-3.sock;
}
# CLEARNET
server {
access_log /var/log/nginx/inv.access.log limited;
error_log /var/log/nginx/inv.error.log;
server_name inv.zzls.xyz;
include configs/general.conf;
include configs/robotsNone.conf;
include snippets/spys.me.proxies.blacklist.conf;
location @upstream {
proxy_pass http://inv;
include configs/proxy.conf;
limit_rate 8000k;
# Disable buffering and cache so i don't kill my
# SSD and bandwidth usage
proxy_buffering off;
proxy_request_buffering off;
proxy_cache off;
proxy_intercept_errors on;
error_page 502 = @fallback;
}
location ~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/) {
# Woops! Sorry. I don't want to kill my SSD lol!
proxy_buffering off;
#proxy_buffers 1024 16k;
proxy_set_header X-Forwarded-For "";
proxy_hide_header "alt-svc";
sendfile_max_chunk 512k;
proxy_hide_header Cache-Control;
proxy_hide_header etag;
proxy_http_version 1.1;
proxy_set_header Connection keep-alive;
proxy_max_temp_file_size 32m;
proxy_pass http://http3-ytproxy;
add_header Cache-Control private always;
}
location / {
try_files $uri @upstream;
}
location /search {
try_files $uri @upstream;
# limit_req zone=invidious;
}
location /api {
try_files $uri @upstream;
#limit_req zone=invidiousapi;
}
location /api/v1/storyboards {
try_files $uri @upstream;
}
location /api/v1/captions {
try_files $uri @upstream;
}
location /api/v1/comments {
try_files $uri @upstream;
}
location ~ ^/api/v1/channels/(.+)/shorts {
try_files $uri @upstream;
}
location @fallback {
root /etc/nginx/errors;
try_files $uri /502.html = 502;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
# TOR
add_header Onion-Location http://inv.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion$request_uri;
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
# TOR
server {
listen 80;
server_name inv.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
include configs/general.conf;
include configs/robotsNone.conf;
location @upstream {
proxy_pass http://inv;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host; # so Invidious knows domain
proxy_http_version 1.1; # to keep alive
proxy_set_header Connection ""; # to keep alive
limit_rate 8000k;
# Disable buffering and cache so i don't kill my
# SSD and bandwidth usage
proxy_buffering off;
proxy_request_buffering off;
proxy_cache off;
}
location / {
try_files $uri @upstream;
}
}
# I2P
server {
listen 30003;
server_name zzlsbhhfvwg3oh36tcvx4r7n6jrw7zibvyvfxqlodcwn3mfrvzuq.b32.i2p;
include configs/general.conf;
include configs/robotsNone.conf;
location @upstream {
proxy_pass http://inv;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host; # so Invidious knows domain
proxy_http_version 1.1; # to keep alive
proxy_set_header Connection ""; # to keep alive
limit_rate 8000k;
# Disable buffering and cache so i don't kill my
# SSD and bandwidth usage
proxy_buffering off;
proxy_request_buffering off;
proxy_cache off;
}
location / {
try_files $uri @upstream;
}
}
server {
if ($host = inv.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name inv.zzls.xyz;
}

101
nginx/sites-available-archive/librex.zzls.xyz.conf
View File

@ -1,101 +0,0 @@
# FUCK BOTS
limit_req_zone $binary_remote_addr zone=librex:10m rate=2r/s;
# CLEARNET
server {
access_log /var/log/nginx/librex.access.log limited;
error_log /var/log/nginx/librex.error.log;
server_name librex.zzls.xyz;
root /var/www/librex;
index index.php
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
location ~ \/search\.php {
include fastcgi.conf;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
include snippets/torblacklist.conf;
include snippets/spys.me.proxies.blacklist.conf;
error_page 403 =302 /torisblocked;
}
location /torisblocked {
add_header Content-Type text/plain;
return 200 "
Tor and Proxies are not allowed in this service, sorry.
Check if this service offers a Tor version instead, if yes, use it, if not, well, there is no way to use this service.
Tor y Proxies no estan permitidos en este servicio, lo siento.
Revisa si este servicio ofrece una version para Tor, si es asi, usalo, si no, pues no hay forma de usar este servicio.";
}
location ~ \.php$ {
include fastcgi.conf;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
}
# Onion Service Header
add_header Onion-Location http://librex.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion$request_uri;
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
# TOR
server {
listen 80;
server_name librex.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
root /var/www/librex;
index index.php;
location @upstream {
include fastcgi.conf;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
}
location ~ \.php$ {
try_files $uri.php @upstream;
}
location /search.php {
try_files $uri.php @upstream;
limit_req zone=librex;
limit_req_status 444;
}
}
# I2P
server {
listen 30002;
server_name zzlsaymhcfla7vibo3a223bybeecu3bd5z6rmw2u4y76maqeu76q.b32.i2p;
root /var/www/librex;
index index.php;
location @upstream {
include fastcgi.conf;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
}
location ~ \.php$ {
try_files $uri.php @upstream;
}
location /search.php {
try_files $uri.php @upstream;
limit_req zone=librex;
limit_req_status 444;
}
}
server {
if ($host = librex.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name librex.zzls.xyz;
}

52
nginx/sites-available-archive/matrix.zzls.xyz.conf
View File

@ -1,52 +0,0 @@
server {
server_name matrix.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
location /.well-known/matrix/server {
return 200 '{ "m.server": "matrix.zzls.xyz:8448" }';
}
location /.well-known/matrix/client {
default_type application/json;
add_header Access-Control-Allow-Origin '*';
return 200 '{ "m.homeserver": { "base_url": "https://matrix.zzls.xyz" }, "org.matrix.msc3575.proxy": {"url": "https://matrix.zzls.xyz"}}';
}
location / {
alias /var/www/cinnyclient/;
index index.html;
}
location ~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync) {
proxy_pass http://127.0.0.1:40022;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
}
location ~ ^(/_matrix|/_synapse/client|/health) {
proxy_pass http://127.0.0.1:40020;
include configs/proxy.conf;
client_max_body_size 64M;
}
# QUIC
add_header Alt-Svc 'h3=":443", h3=":8448"; ma=86400';
listen 443 quic reuseport;
listen 443 ssl reuseport;
listen 8448 ssl default_server reuseport;
listen 8448 quic default_server reuseport;
include configs/ssl.conf;
http2 on;
}
server {
if ($host = matrix.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name matrix.zzls.xyz;
}

42
nginx/sites-available-archive/mpd.ayaya.beauty.conf
View File

@ -1,42 +0,0 @@
server {
server_name mpd.ayaya.beauty;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://192.168.1.2:40420;
proxy_connect_timeout 1;
proxy_send_timeout 1;
proxy_read_timeout 1;
}
location /status {
stub_status on;
allow 192.168.1.2;
deny all;
}
listen 443 ssl;
listen 443 quic;
http2 on;
ssl_certificate /etc/letsencrypt/live/mpd.ayaya.beauty/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mpd.ayaya.beauty/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
server {
if ($host = mpd.ayaya.beauty) {
return 301 https://$host$request_uri;
}
server_name mpd.ayaya.beauty;
listen 80;
return 404;
}

24
nginx/sites-available-archive/paste.zzls.xyz.conf
View File

@ -1,24 +0,0 @@
server {
server_name paste.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://127.0.0.1:40020/;
include configs/proxy.conf;
}
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = paste.zzls.xyz) {
return 301 https://$host$request_uri;
}
server_name paste.zzls.xyz;
listen 80;
}

27
nginx/sites-available-archive/pbin.zzls.xyz.conf
View File

@ -1,27 +0,0 @@
server {
server_name pbin.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
include configs/ssl.conf;
location / {
proxy_pass http://localhost:40001;
include configs/proxy.conf;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
}
server {
if ($host = pbin.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name pbin.zzls.xyz;
}

31
nginx/sites-available-archive/pt.zzls.xyz.conf
View File

@ -1,31 +0,0 @@
server {
server_name pt.zzls.xyz;
include configs/general.conf;
location / {
proxy_pass http://127.0.0.1:40022/;
include configs/proxy.conf;
}
# security headers
include configs/security.conf;
#add_header Content-Security-Policy "default-src 'self'; script-src 'report-sample' 'self'; style-src 'report-sample' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; worker-src 'none';";
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = pt.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name pt.zzls.xyz;
}

55
nginx/sites-available-archive/ri.zzls.xyz.conf
View File

@ -1,55 +0,0 @@
# CLEARNET
server {
access_log off;
server_name ri.zzls.xyz;
include configs/general.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://127.0.0.1:40002/;
include configs/proxy.conf;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
# TOR
server {
listen 80;
server_name rimgo.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
include configs/general.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://127.0.0.1:40002/;
include configs/proxy.conf;
}
}
# I2P
server {
listen 30001;
server_name zzls3ubaix5wjfar4hskwqnh3vvwvrzoxsvcx64on2aogcxrvhoq.b32.i2p;
include configs/general.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://127.0.0.1:40002/;
include configs/proxy.conf;
}
}
server {
if ($host = ri.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name ri.zzls.xyz;
}

27
nginx/sites-available-archive/rustlog.zzls.xyz.conf
View File

@ -1,27 +0,0 @@
server {
server_name rustlog.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://localhost:40003;
include configs/proxy.conf;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = rustlog.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name rustlog.zzls.xyz;
}

27
nginx/sites-available-archive/selfhost.zzls.xyz.conf
View File

@ -1,27 +0,0 @@
server {
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
include configs/general.conf;
include configs/security.conf;
server_name selfhost.zzls.xyz;
location / {
try_files $uri $uri/ =404;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl default_server;
listen 443 quic default_server;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = selfhost.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name selfhost.zzls.xyz;
}

27
nginx/sites-available-archive/spacebar.zzls.xyz.conf
View File

@ -1,27 +0,0 @@
server {
server_name spacebar.zzls.xyz;
root /var/www/spacebar-client;
include configs/general.conf;
include configs/security.conf;
location / {
try_files $uri $uri/ /index.html;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = spacebar.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name spacebar.zzls.xyz;
}

27
nginx/sites-available-archive/spanixdev.zzls.xyz.conf
View File

@ -1,27 +0,0 @@
server {
server_name spanixdev.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://localhost:40080;
include configs/proxy.conf;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = spanixdev.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name spanixdev.zzls.xyz;
}

37
nginx/sites-available-archive/stream.ayaya.beauty.conf
View File

@ -1,37 +0,0 @@
server {
root /var/www/stream/;
index index.html;
server_name stream.ayaya.beauty;
include configs/general.conf;
include configs/security.conf;
location /stream {
proxy_pass http://localhost:8080/live/livestream/stream.flv;
include configs/proxy.conf;
}
listen 443 ssl;
listen 443 quic;
http2 on;
ssl_certificate /etc/letsencrypt/live/stream.ayaya.beauty/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/stream.ayaya.beauty/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
server {
if ($host = stream.ayaya.beauty) {
return 301 https://$host$request_uri;
}
listen 80;
server_name stream.ayaya.beauty;
return 404;
}

55
nginx/sites-available-archive/synapse.zzls.xyz.conf
View File

@ -1,55 +0,0 @@
upstream monolithh {
server 127.0.0.1:8088;
}
server {
# Common shit
include configs/general.conf;
server_name synapse.zzls.xyz;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_read_timeout 600;
location /.well-known/synapse/server {
return 200 '{ "m.server": "synapse.zzls.xyz:443" }';
}
location /.well-known/synapse/client {
# If your sever_name here doesn't match your synapse homeserver URL
# (e.g. hostname.com as server_name and synapse.hostname.com as homeserver URL)
# add_header Access-Control-Allow-Origin '*';
return 200 '{ "m.homeserver": { "base_url": "https://synapse.zzls.xyz" } }';
}
location ~ ^(/_matrix|/_synapse/client) {
proxy_pass http://monolithh;
}
location / {
alias /var/www/cinnyclient/;
index index.html;
}
# SecHeaders
include configs/security.conf;
# CSP (From tchncs.de because i am illiterate at CSP)
#add_header Content-Security-Policy "default-src 'self' zzls.xyz synapse.zzls.xyz; connect-src 'self'; font-src 'self' data:; img-src 'self' data: https://cdn.jsdelivr.net; media-src 'self' " always;
client_max_body_size 65M;
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = synapse.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name synapse.zzls.xyz;
}

40
nginx/sites-available-archive/test.zzls.xyz.conf
View File

@ -1,40 +0,0 @@
server {
## Your website name goes here.
server_name test.gaysdemierda.cl;
## Your only path reference.
root /srv/http/wordpress;
## This should be in your http block and if it is, it's not needed here.
index index.php;
location = /favicon.ico {
log_not_found off;
}
location = /robots.txt {
allow all;
log_not_found off;
}
location / {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
#The following parameter can be also included in fastcgi_params file
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}

31
nginx/sites-available-archive/turn.matrix.zzls.xyz.conf
View File

@ -1,31 +0,0 @@
server {
# Common shit
include configs/general.conf;
server_name turn.matrix.zzls.xyz;
# SecHeaders
include configs/security.conf;
# QUIC
add_header Alt-Svc 'h3=":443", h3=":8448"; ma=86400';
http2 on;
ssl_certificate /etc/ssl/certs/turn.matrix.zzls.xyz.crt;
ssl_certificate_key /etc/ssl/private/turn.matrix.zzls.xyz.key;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
server {
if ($host = matrix.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name matrix.zzls.xyz;
}

28
nginx/sites-available-archive/twtich.zzls.xyz.conf
View File

@ -1,28 +0,0 @@
server {
access_log /var/log/nginx/twitch.zzls.xyz.access.log;
server_name twitch.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://127.0.0.1:9595;
include configs/proxy.conf;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = twitch.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name twitch.zzls.xyz;
}

54
nginx/sites-available-archive/wiki.zzls.xyz.conf
View File

@ -1,54 +0,0 @@
server {
server_name wiki.zzls.xyz;
# Security headers and general settings
include configs/security.conf;
include configs/general.conf;
root /opt/dokuwiki;
index doku.php;
#Remember to comment the below out when you are installing DokuWiki, and uncomment it when you are done.
location ~ /(data/|conf/|bin/|inc/|install.php) {
deny all;
}
# secure Dokuwiki
location ~^/\.ht {
deny all;
}
# also secure the Apache .htaccess files
location @dokuwiki {
#rewrites "doku.php/" out of the URLs if you set the userewrite setting to .htaccess in dokuwiki config page
rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
rewrite ^/(.*) /doku.php?id=$1&$args last;
}
location / {
try_files $uri $uri/ @dokuwiki;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = wiki.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name wiki.zzls.xyz;
}

59
nginx/sites-available-archive/wiki.zzls.xyz.conf.orig
View File

@ -1,59 +0,0 @@
server {
server_name wiki.zzls.xyz;
# Security headers and general settings
include configs/security.conf;
include configs/general.conf;
root /opt/dokuwiki;
index doku.php;
#Remember to comment the below out when you are installing DokuWiki, and uncomment it when you are done.
location ~ /(data/|conf/|bin/|inc/|install.php) { deny all; } # secure Dokuwiki
location ~^/\.ht { deny all; } # also secure the Apache .htaccess files
location @dokuwiki {
#rewrites "doku.php/" out of the URLs if you set the userewrite setting to .htaccess in dokuwiki config page
rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
rewrite ^/(.*) /doku.php?id=$1&$args last;
}
location / { try_files $uri $uri/ @dokuwiki; }
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
<<<<<<< HEAD
listen 443 ssl;
#listen 443 quic;
=======
listen 443 ssl;
listen 443 quic;
>>>>>>> 8b6f976fe8e457df02c4ba50a64bafdf969df8dd
http2 on;
ssl_certificate /etc/letsencrypt/live/wiki.zzls.xyz/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/wiki.zzls.xyz/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
server {
if ($host = wiki.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name wiki.zzls.xyz;
return 404;
}

68
nginx/sites-available-archive/wiki2.zzls.xyz.conf
View File

@ -1,68 +0,0 @@
server {
server_name wiki2.zzls.xyz;
# Security headers and general settings
include configs/security.conf;
include configs/general.conf;
root /opt/mediawiki-1.39.1;
index index.php;
charset utf-8;
client_max_body_size 100m;
client_body_timeout 60;
location / {
index index.php;
try_files $uri $uri/ @mediawiki;
}
location @mediawiki {
rewrite ^/(.*)$ /index.php;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
try_files $uri @mediawiki;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
try_files $uri /index.php;
expires max;
log_not_found off;
}
# Restrictions based on the .htaccess files
location ~ ^/(cache|includes|maintenance|languages|serialized|tests|images/deleted)/ {
deny all;
}
#location ~ ^/(bin|docs|extensions|includes|maintenance|mw-config|resources|serialized|tests)/ {
# internal;
#}
location ^~ /images/ {
try_files $uri /index.php;
}
location ~ /\. {
log_not_found off;
deny all;
}
location /rest.php {
try_files $uri $uri/ /rest.php?$args;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = wiki2.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name wiki2.zzls.xyz;
}

99
nginx/sites-enabled-archive/4get.zzls.xyz.conf
View File

@ -1,99 +0,0 @@
limit_req_zone $binary_remote_addr zone=4get:10m rate=4r/s;
# CLEARNET
server {
access_log /var/log/nginx/4get.access.log limited;
error_log /var/log/nginx/4get.error.log;
server_name 4get.zzls.xyz;
root /var/www/4get-zzls;
include configs/general.conf;
include configs/robotsNone.conf;
include configs/security.conf;
location @upstream {
try_files $uri.php $uri/index.php =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;
}
location ~* ^(.*)\.php$ {
return 301 $1;
}
location / {
try_files $uri @upstream;
}
location /web {
try_files $uri @upstream;
limit_req zone=4get nodelay;
limit_req_status 429;
if ($server_protocol ~* "HTTP/1.1") {
return 444;
}
include snippets/torblacklist.conf;
error_page 403 =302 /torisblocked;
error_page 429 =302 /rl;
}
location /torisblocked {
alias errors/torisblocked.txt;
}
location /rl {
add_header Content-Type text/plain;
return 200 "Rate Limited, don't spam searches to prevent errors";
}
location /data {
return 444;
}
# Tor Header
add_header Onion-Location http://4get.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion$request_uri;
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
include configs/ssl.conf;
}
# TOR
server {
listen 80;
server_name 4get.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
root /var/www/4get;
location @upstream {
try_files $uri.php $uri/index.php =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;
}
location / {
try_files $uri @upstream;
}
location ~* ^(.*)\.php$ {
return 301 $1;
}
}
server {
if ($host = 4get.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name 4get.zzls.xyz;
}

57
nginx/sites-enabled-archive/ayaya.beauty.conf
View File

@ -1,57 +0,0 @@
server {
access_log /var/log/nginx/ayaya.beauty.access.log combined;
error_log /var/log/nginx/ayaya.beauty.error.log;
server_name ayaya.beauty;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
include snippets/torblacklist.conf;
root /var/www/uguu/dist/public/;
autoindex off;
index index.html index.php;
client_max_body_size 512M;
location ~* \.(css|js|jpg|jpeg|gif|png|ico|xml|eot|woff|woff2|ttf|svg|otf|x-icon|avif|webp|apng)$ {
expires 7d;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_intercept_errors on;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location /torisblocked {
alias errors/torisblocked.txt;
}
error_page 403 =302 /torisblocked;
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
ssl_certificate /etc/letsencrypt/live/ayaya.beauty/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ayaya.beauty/privkey.pem;
include configs/sslConfig.conf;
}
server {
if ($host = ayaya.beauty) {
return 301 https://$host$request_uri;
}
listen 80;
server_name ayaya.beauty;
return 404;
}

105
nginx/sites-enabled-archive/debug-4get.zzls.xyz.conf
View File

@ -1,105 +0,0 @@
# FUCK BOTS
limit_req_zone $binary_remote_addr zone=debug-4get:10m rate=1r/s;
# CLEARNET
server {
access_log /var/log/nginx/debug-4get.access.log;
error_log /var/log/nginx/debug-4get.error.log;
server_name debug4get.zzls.xyz;
root /var/www/4get;
include configs/general.conf;
include configs/robotsNone.conf;
include configs/security.conf;
location @upstream {
try_files $uri.php $uri/index.php =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;
}
location / {
try_files $uri @upstream;
}
location /web {
try_files $uri @upstream;
limit_req zone=debug-4get nodelay;
limit_req_status 429;
if ($server_protocol ~* "HTTP/1.1") {
return 444;
}
include snippets/torblacklist.conf;
include snippets/spys.me.proxies.blacklist.conf;
error_page 403 =302 /torisblocked;
error_page 429 =302 /rl;
}
location /torisblocked {
add_header Content-Type text/plain;
return 200 "
Tor and Proxies are not allowed in this service, sorry.
Check if this service offers a Tor version instead, if yes, use it, if not, well, there is no way to use this service.
Tor y Proxies no estan permitidos en este servicio, lo siento.
Revisa si este servicio ofrece una version para Tor, si es asi, usalo, si no, pues no hay forma de usar este servicio.";
}
location /rl {
add_header Content-Type text/plain;
return 200 "Rate Limited, don't spam searches to prevent errors";
}
location /data {
return 444;
}
location ~* ^(.*)\.php$ {
return 301 $1;
}
# Tor Header
add_header Onion-Location http://debug-4get.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion$request_uri;
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
include configs/ssl.conf;
}
# TOR
server {
listen 80;
server_name debug-4get.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
root /var/www/4get;
location @upstream {
try_files $uri.php $uri/index.php =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;
}
location / {
try_files $uri @upstream;
}
location ~* ^(.*)\.php$ {
return 301 $1;
}
}
server {
if ($host = debug-4get.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name debug-4get.zzls.xyz;
}

67
nginx/sites-enabled-archive/debug.inv.zzls.xyz.conf
View File

@ -1,67 +0,0 @@
limit_req_zone $binary_remote_addr zone=one:10m rate=2r/s;
upstream inv-debug {
server 127.0.0.1:40050;
}
server {
access_log /var/log/nginx/debuginv.access.log;
error_log /var/log/nginx/debuginv.error.log;
server_name debuginv.zzls.xyz;
include configs/general.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://inv-debug;
include configs/proxy.conf;
limit_rate 12000k;
# Disable buffering and cache so i don't kill my
# SSD and bandwidth usage
proxy_buffering off;
proxy_request_buffering off;
proxy_cache off;
proxy_intercept_errors on;
error_page 502 = @fallback;
}
location ~ ^/api/ {
proxy_pass http://inv-debug;
include configs/proxy.conf;
limit_rate 12000k;
# Disable buffering and cache so i don't kill my
# SSD and bandwidth usage
proxy_buffering off;
proxy_request_buffering off;
proxy_cache off;
limit_req zone=one;
}
location ~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/) {
proxy_buffers 1024 16k;
proxy_set_header X-Forwarded-For "";
proxy_hide_header "alt-svc";
sendfile_max_chunk 512k;
proxy_hide_header Cache-Control;
proxy_hide_header etag;
proxy_http_version 1.1;
proxy_set_header Connection keep-alive;
proxy_max_temp_file_size 32m;
access_log /var/log/nginx/http3-ytproxy.log;
proxy_pass http://unix:/opt/http3-ytproxy/socket/http-proxy-1.sock;
add_header Cache-Control private always;
}
location @fallback {
root /etc/nginx/errors;
try_files $uri /502.html =502;
}
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
include configs/ssl.conf;
}

33
nginx/sites-enabled-archive/git.zzls.xyz.conf
View File

@ -1,33 +0,0 @@
upstream forgejo {
server unix:/run/forgejo/forgejo.sock;
}
server {
access_log /var/log/nginx/git.access.log combined;
server_name git.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
include configs/robots.conf;
location / {
proxy_pass http://forgejo;
include configs/proxy.conf;
client_max_body_size 128M;
}
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = git.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name git.zzls.xyz;
}

37
nginx/sites-enabled-archive/i.ayaya.beauty.conf
View File

@ -1,37 +0,0 @@
server {
access_log /var/log/nginx/i.ayaya.beauty.access.log;
server_name i.ayaya.beauty;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
root /mnt/ssd/i.ayaya.beauty/;
autoindex off;
index index.html;
location / {
rewrite ^/(.*)/$ /\$1 break;
try_files $uri $uri.jpg $uri.png $uri.gif $uri.css $uri.js $uri/ =404;
error_page 401 402 403 404 =301 https://ayaya.beauty;
}
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
ssl_certificate /etc/letsencrypt/live/i.ayaya.beauty/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/i.ayaya.beauty/privkey.pem;
include configs/sslConfig.conf;
}
server {
if ($host = i.ayaya.beauty) {
return 301 https://$host$request_uri;
}
listen 80;
server_name i.ayaya.beauty;
return 404;
}

193
nginx/sites-enabled-archive/inv.zzls.xyz.conf
View File

@ -1,193 +0,0 @@
# Rate limit searches, just 5 per sec
limit_req_zone $binary_remote_addr zone=invidious:10m rate=5r/s;
# Rate limit api requests, just 60 per sec, wathcing a normal video does like
# 10 to 30 api requests so you don't need more than 30 in a second unless is a bot spamming shit lol
limit_req_zone $binary_remote_addr zone=invidiousapi:10m rate=40r/s;
upstream inv {
server 127.0.0.1:40015 max_fails=2 fail_timeout=2s;
server 127.0.0.1:40016 max_fails=2 fail_timeout=2s;
server 127.0.0.1:40017 max_fails=2 fail_timeout=2s;
}
upstream http3-ytproxy {
server unix:/opt/http3-ytproxy/socket/http-proxy-1.sock max_fails=2 fail_timeout=1s;
server unix:/opt/http3-ytproxy/socket/http-proxy-2.sock max_fails=2 fail_timeout=1s;
server unix:/opt/http3-ytproxy/socket/http-proxy-3.sock max_fails=2 fail_timeout=1s;
}
# CLEARNET
server {
access_log /var/log/nginx/inv.access.log limited;
error_log /var/log/nginx/inv.error.log;
server_name inv.zzls.xyz;
include configs/general.conf;
include configs/robotsNone.conf;
# SECURITY HEADERS ADDED BY Invidious
# include configs/security.conf;
location @upstream {
proxy_pass http://inv;
include configs/proxy.conf;
limit_rate 8000k;
# Disable buffering and cache so i don't kill my
# SSD and bandwidth usage
proxy_buffering off;
proxy_request_buffering off;
proxy_cache off;
proxy_intercept_errors on;
error_page 502 = @fallback;
}
location ~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/) {
# Woops! Sorry. I don't want to kill my SSD lol!
proxy_buffering off;
#proxy_buffers 1024 16k;
proxy_set_header X-Forwarded-For "";
proxy_hide_header "alt-svc";
sendfile_max_chunk 512k;
proxy_hide_header Cache-Control;
proxy_hide_header etag;
proxy_http_version 1.1;
proxy_set_header Connection keep-alive;
proxy_max_temp_file_size 32m;
proxy_pass http://http3-ytproxy;
add_header Cache-Control private always;
}
location / {
try_files $uri @upstream;
}
location /search {
try_files $uri @upstream;
}
location /api {
try_files $uri @upstream;
}
location /api/v1/storyboards {
try_files $uri @upstream;
}
location /api/v1/captions {
try_files $uri @upstream;
}
location /api/v1/comments {
try_files $uri @upstream;
}
location ~ ^/api/v1/channels/(.+)/shorts {
try_files $uri @upstream;
}
location @fallback {
root /etc/nginx/errors;
try_files $uri /502.html = 502;
}
# QUIC
include configs/http3.conf;
# TOR
add_header Onion-Location http://inv.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion$request_uri;
listen 443 ssl;
http2 on;
include configs/ssl.conf;
}
# TOR
server {
listen 80;
server_name inv.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
include configs/general.conf;
include configs/robotsNone.conf;
location @upstream {
proxy_pass http://inv;
include configs/proxy.conf;
limit_rate 8000k;
# Disable buffering and cache so i don't kill my
# SSD and bandwidth usage
proxy_buffering off;
proxy_request_buffering off;
proxy_cache off;
proxy_intercept_errors on;
}
location ~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/) {
# Woops! Sorry. I don't want to kill my SSD lol!
proxy_buffering off;
#proxy_buffers 1024 16k;
proxy_set_header X-Forwarded-For "";
proxy_hide_header "alt-svc";
sendfile_max_chunk 512k;
proxy_hide_header Cache-Control;
proxy_hide_header etag;
proxy_http_version 1.1;
proxy_set_header Connection keep-alive;
proxy_max_temp_file_size 32m;
proxy_pass http://http3-ytproxy;
add_header Cache-Control private always;
}
location / {
try_files $uri @upstream;
}
}
# I2P
server {
listen 30003;
server_name zzlsbhhfvwg3oh36tcvx4r7n6jrw7zibvyvfxqlodcwn3mfrvzuq.b32.i2p;
include configs/general.conf;
include configs/robotsNone.conf;
location @upstream {
proxy_pass http://inv;
include configs/proxy.conf;
limit_rate 8000k;
# Disable buffering and cache so i don't kill my
# SSD and bandwidth usage
proxy_buffering off;
proxy_request_buffering off;
proxy_cache off;
proxy_intercept_errors on;
error_page 502 = @fallback;
}
location ~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/) {
# Woops! Sorry. I don't want to kill my SSD lol!
proxy_buffering off;
#proxy_buffers 1024 16k;
proxy_set_header X-Forwarded-For "";
proxy_hide_header "alt-svc";
sendfile_max_chunk 512k;
proxy_hide_header Cache-Control;
proxy_hide_header etag;
proxy_http_version 1.1;
proxy_set_header Connection keep-alive;
proxy_max_temp_file_size 32m;
proxy_pass http://http3-ytproxy;
add_header Cache-Control private always;
}
location / {
try_files $uri @upstream;
}
}
server {
if ($host = inv.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name inv.zzls.xyz;
}

46
nginx/sites-enabled-archive/matrix.zzls.xyz.conf
View File

@ -1,46 +0,0 @@
server {
server_name matrix.zzls.xyz;
include configs/general.conf;
include configs/robotsNone.conf;
include configs/security.conf;
location /.well-known/matrix/server {
return 200 '{ "m.server": "matrix.zzls.xyz:8448" }';
}
location /.well-known/matrix/client {
default_type application/json;
add_header Access-Control-Allow-Origin '*';
return 200 '{ "m.homeserver": { "base_url": "https://matrix.zzls.xyz" }, "org.matrix.msc3575.proxy": {"url": "https://matrix.zzls.xyz"}}';
}
#location ~ ^/(client/|_matrix/client/unstable/org.matrix.msc3575/sync) {
# proxy_pass http://127.0.0.1:40022;
# proxy_set_header X-Forwarded-For $remote_addr;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header Host $host;
#}
location ~ ^(/_matrix|/_synapse/client|/health) {
proxy_pass http://127.0.0.1:40020;
include configs/proxy.conf;
client_max_body_size 64M;
}
# QUIC
include configs/http3.conf;
listen 443 ssl reuseport;
listen 8448 ssl default_server reuseport;
listen 8448 quic default_server reuseport;
include configs/ssl.conf;
http2 on;
}
server {
if ($host = matrix.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name matrix.zzls.xyz;
}

26
nginx/sites-enabled-archive/pbin.zzls.xyz.conf
View File

@ -1,26 +0,0 @@
server {
server_name pbin.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://localhost:40001;
include configs/proxy.conf;
}
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = pbin.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name pbin.zzls.xyz;
}

54
nginx/sites-enabled-archive/ri.zzls.xyz.conf
View File

@ -1,54 +0,0 @@
# CLEARNET
server {
access_log off;
server_name ri.zzls.xyz;
include configs/general.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://127.0.0.1:40002/;
include configs/proxy.conf;
}
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
include configs/ssl.conf;
}
# TOR
server {
listen 80;
server_name rimgo.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
include configs/general.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://127.0.0.1:40002/;
include configs/proxy.conf;
}
}
# I2P
server {
listen 30001;
server_name zzls3ubaix5wjfar4hskwqnh3vvwvrzoxsvcx64on2aogcxrvhoq.b32.i2p;
include configs/general.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://127.0.0.1:40002/;
include configs/proxy.conf;
}
}
server {
if ($host = ri.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name ri.zzls.xyz;
}

28
nginx/sites-enabled-archive/selfhost.zzls.xyz.conf
View File

@ -1,28 +0,0 @@
server {
root /var/www/html;
index index.html;
include configs/general.conf;
include configs/robotsNone.conf;
include configs/security.conf;
server_name selfhost.zzls.xyz;
location / {
try_files $uri $uri/ =404;
}
# QUIC
include configs/http3.conf;
listen 443 ssl default_server;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = selfhost.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name selfhost.zzls.xyz;
}

27
nginx/sites-enabled-archive/spanixdev.zzls.xyz.conf
View File

@ -1,27 +0,0 @@
server {
server_name spanixdev.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://localhost:40080;
include configs/proxy.conf;
}
# QUIC
include configs/http3.conf;
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = spanixdev.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name spanixdev.zzls.xyz;
}

27
nginx/sites-enabled-archive/twtich.zzls.xyz.conf
View File

@ -1,27 +0,0 @@
server {
access_log /var/log/nginx/twitch.zzls.xyz.access.log;
server_name twitch.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://127.0.0.1:9595;
include configs/proxy.conf;
}
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = twitch.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name twitch.zzls.xyz;
}

1
nginx/snippets/poop.conf
View File

@ -6,4 +6,5 @@ map $http_user_agent $poop {
~*Bytespider 1;
~*PetalBot 1;
~*Amazonbot 1;
~*FriendlyCrawler 1;
}