Fijxu
/
etc-configs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Big changes and little mistakes

This commit is contained in:
Fijxu 2023-01-30 20:09:04 -03:00
parent 93d0be1ea2
commit 956ef3f681
16 changed files with 274 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nginx/configs/general.conf
View File

@ -9,3 +9,5 @@ gzip_types text/plain text/css text/xml application/json application/java
#brotli on;
#brotli_comp_level 6;
#brotli_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;
location /robots.txt { alias /var/www/html/robots.txt; }

1
nginx/nginx.conf
View File

@ -30,6 +30,7 @@ http {
log_not_found off;
types_hash_max_size 4096;
types_hash_bucket_size 64;
server_names_hash_bucket_size 256;
# Virtual Host Configs
include /etc/nginx/sites-enabled/*.conf;

2
nginx/sites-available/archive.zzls.xyz.conf
View File

@ -7,7 +7,7 @@ server {
include configs/securityheaders.conf;
location / {
proxy_pass http://127.0.0.1:40015;
proxy_pass http://127.0.0.1:40004;
include configs/proxyheaders.conf;
}

2
nginx/sites-available/ayaya.beauty.conf
View File

@ -11,7 +11,7 @@ server {
# access_log off;
index index.html index.php;
client_max_body_size 64M;
client_max_body_size 192M;
location ~* \.(css|js|jpg|jpeg|gif|png|ico|xml|eot|woff|woff2|ttf|svg|otf|x-icon|avif|webp|apng)$ {
expires 30d;

7
nginx/sites-available/cryptochat.zzls.xyz.conf
View File

@ -1,14 +1,17 @@
server {
access_log /var/log/nginx/cryptochat.zzls.xyz.access.log combined;
error_log /var/log/nginx/cryptochat.zzls.xyz.error.log;
root /var/www/cryptochat;
index index.html;
server_name cryptochat.zzls.xyz cc.zzls.xyz;
# Security headers and general settings
include configs/securityheaders.conf;
include configs/general.conf;
location / {
proxy_pass http://127.0.0.1:40005;
include configs/proxyheaders.conf;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';

40
nginx/sites-available/inv.zzls.xyz.conf Executable file
View File

@ -0,0 +1,40 @@
server {
access_log /dev/null;
error_log /dev/null;
server_name inv.zzls.xyz;
include configs/general.conf;
location / {
proxy_pass http://127.0.0.1:40015/;
include configs/proxyheaders.conf;
}
# security headers
include configs/securityheaders.conf;
#add_header Content-Security-Policy "default-src 'self'; script-src 'report-sample' 'self'; style-src 'report-sample' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; worker-src 'none';";
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 http3;
listen 443 http2 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/inv.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/inv.zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = inv.zzls.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name inv.zzls.xyz;
return 404; # managed by Certbot
}

40
nginx/sites-available/pt.zzls.xyz.conf Executable file
View File

@ -0,0 +1,40 @@
server {
access_log /dev/null;
error_log /dev/null;
server_name pt.zzls.xyz;
include configs/general.conf;
location / {
proxy_pass http://127.0.0.1:40022/;
include configs/proxyheaders.conf;
}
# security headers
include configs/securityheaders.conf;
#add_header Content-Security-Policy "default-src 'self'; script-src 'report-sample' 'self'; style-src 'report-sample' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self'; font-src 'self'; frame-src 'self'; img-src 'self'; manifest-src 'self'; media-src 'self'; worker-src 'none';";
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 http3;
listen 443 http2 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/pt.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/pt.zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = pt.zzls.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name pt.zzls.xyz;
return 404; # managed by Certbot
}

10
nginx/sites-available/ri.zzls.xyz.conf
View File

@ -25,6 +25,16 @@ server {
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
listen 80;
server_name rimgo.zzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion;
location / {
proxy_pass http://127.0.0.1:40002/;
include configs/proxyheaders.conf;
}
}
server {
if ($host = ri.zzls.xyz) {
return 301 https://$host$request_uri;

37
nginx/sites-available/rustlog.zzls.xyz.conf Executable file
View File

@ -0,0 +1,37 @@
server {
access_log /var/log/nginx/rustlog.access.log combined;
server_name rustlog.zzls.xyz;
include configs/general.conf;
location / {
proxy_pass http://localhost:40003;
include configs/proxyheaders.conf;
}
#include configs/securityheaders.conf;
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl http2;
listen 443 http3; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/rustlog.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/rustlog.zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = rustlog.zzls.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name rustlog.zzls.xyz;
return 404; # managed by Certbot
}

55
nginx/sites-available/wiki.zzls.xyz.conf Normal file
View File

@ -0,0 +1,55 @@
server {
access_log /var/log/nginx/wiki.zzls.xyz.access.log combined;
error_log /var/log/nginx/wiki.zzls.xyz.error.log;
server_name wiki.zzls.xyz;
# Security headers and general settings
include configs/securityheaders.conf;
include configs/general.conf;
root /opt/dokuwiki;
index doku.php;
#Remember to comment the below out when you are installing DokuWiki, and uncomment it when you are done.
location ~ /(data/|conf/|bin/|inc/|install.php) { deny all; } # secure Dokuwiki
location ~^/\.ht { deny all; } # also secure the Apache .htaccess files
location @dokuwiki {
#rewrites "doku.php/" out of the URLs if you set the userewrite setting to .htaccess in dokuwiki config page
rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
rewrite ^/(.*) /doku.php?id=$1&$args last;
}
location / { try_files $uri $uri/ @dokuwiki; }
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
#listen 443 http3;
listen 443 http2 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/wiki.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/wiki.zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = wiki.zzls.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name wiki.zzls.xyz;
return 404; # managed by Certbot
}

77
nginx/sites-available/wiki2.zzls.xyz.conf Normal file
View File

@ -0,0 +1,77 @@
server {
access_log /var/log/nginx/wiki2.zzls.xyz.access.log combined;
error_log /var/log/nginx/wiki2.zzls.xyz.error.log;
server_name wiki2.zzls.xyz;
# Security headers and general settings
include configs/securityheaders.conf;
include configs/general.conf;
root /opt/mediawiki-1.39.1;
index index.php;
charset utf-8;
client_max_body_size 100m;
client_body_timeout 60;
location / {
index index.php;
try_files $uri $uri/ @mediawiki;
}
location @mediawiki {
rewrite ^/(.*)$ /index.php;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
try_files $uri @mediawiki;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
try_files $uri /index.php;
expires max;
log_not_found off;
}
# Restrictions based on the .htaccess files
location ~ ^/(cache|includes|maintenance|languages|serialized|tests|images/deleted)/ {
deny all;
}
#location ~ ^/(bin|docs|extensions|includes|maintenance|mw-config|resources|serialized|tests)/ {
# internal;
#}
location ^~ /images/ {
try_files $uri /index.php;
}
location ~ /\. {
access_log off;
log_not_found off;
deny all;
}
location /rest.php {
try_files $uri $uri/ /rest.php?$args;
}
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 http3;
listen 443 http2 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/wiki2.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/wiki2.zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = wiki2.zzls.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name wiki2.zzls.xyz;
return 404; # managed by Certbot
}

1
nginx/sites-enabled/inv.zzls.xyz.conf Symbolic link
View File

@ -0,0 +1 @@
../sites-available/inv.zzls.xyz.conf

1
nginx/sites-enabled/pt.zzls.xyz.conf Symbolic link
View File

@ -0,0 +1 @@
../sites-available/pt.zzls.xyz.conf

1
nginx/sites-enabled/rustlog.zzls.xyz.conf Symbolic link
View File

@ -0,0 +1 @@
../sites-available/rustlog.zzls.xyz.conf

1
nginx/sites-enabled/wiki.zzls.xyz.conf Symbolic link
View File

@ -0,0 +1 @@
../sites-available/wiki.zzls.xyz.conf

1
nginx/sites-enabled/wiki2.zzls.xyz.conf Symbolic link
View File

@ -0,0 +1 @@
../sites-available/wiki2.zzls.xyz.conf