Compare commits
3 Commits
7452220e19
...
4c9a11279f
Author | SHA1 | Date |
---|---|---|
sf.nadeko.net | 4c9a11279f | |
Fijxu | 3fbad0d471 | |
sf.nadeko.net | 1db108526b |
|
@ -0,0 +1,287 @@
|
|||
## Configuration file for a typical i2pd user
|
||||
## See https://i2pd.readthedocs.io/en/latest/user-guide/configuration/
|
||||
## for more options you can use in this file.
|
||||
|
||||
## Lines that begin with "## " try to explain what's going on. Lines
|
||||
## that begin with just "#" are disabled commands: you can enable them
|
||||
## by removing the "#" symbol.
|
||||
|
||||
## Tunnels config file
|
||||
## Default: ~/.i2pd/tunnels.conf or /var/lib/i2pd/tunnels.conf
|
||||
## Note: /var/lib/i2pd/tunnels.conf is a symlink to /etc/i2pd/tunnels.conf (use the latter)
|
||||
# tunconf = /var/lib/i2pd/tunnels.conf
|
||||
|
||||
## Tunnels config files path
|
||||
## Use that path to store separated tunnels in different config files.
|
||||
## Default: ~/.i2pd/tunnels.d or /var/lib/i2pd/tunnels.d
|
||||
## Note: /var/lib/i2pd/tunnels.d is a symlink to /etc/i2pd/tunnels.d (use the latter)
|
||||
# tunnelsdir = /var/lib/i2pd/tunnels.d
|
||||
|
||||
## Path to certificates used for verifying .su3, families
|
||||
## Default: ~/.i2pd/certificates or /var/lib/i2pd/certificates
|
||||
## Note: /var/lib/i2pd/certificates is a symlink to /usr/share/i2pd/certificates (use the latter)
|
||||
# certsdir = /var/lib/i2pd/certificates
|
||||
|
||||
## Where to write pidfile (default: i2pd.pid, not used in Windows)
|
||||
# pidfile = /run/i2pd/i2pd.pid
|
||||
|
||||
## Logging configuration section
|
||||
## By default logs go to stdout with level 'info' and higher
|
||||
## For Windows OS by default logs go to file with level 'warn' and higher
|
||||
##
|
||||
## Logs destination (valid values: stdout, file, syslog)
|
||||
## * stdout - print log entries to stdout
|
||||
## * file - log entries to a file
|
||||
## * syslog - use syslog, see man 3 syslog
|
||||
# log = file
|
||||
## Path to logfile (default - autodetect)
|
||||
logfile = /var/log/i2pd/i2pd.log
|
||||
## Log messages above this level (debug, info, *warn, error, none)
|
||||
## If you set it to none, logging will be disabled
|
||||
# loglevel = warn
|
||||
## Write full CLF-formatted date and time to log (default: write only time)
|
||||
# logclftime = true
|
||||
|
||||
## Daemon mode. Router will go to background after start. Ignored on Windows
|
||||
# daemon = true
|
||||
|
||||
## Specify a family, router belongs to (default - none)
|
||||
# family =
|
||||
|
||||
## Network interface to bind to
|
||||
## Updates address4/6 options if they are not set
|
||||
# ifname =
|
||||
## You can specify different interfaces for IPv4 and IPv6
|
||||
# ifname4 =
|
||||
# ifname6 =
|
||||
|
||||
## Local address to bind transport sockets to
|
||||
## Overrides host option if:
|
||||
## For ipv4: if ipv4 = true and nat = false
|
||||
## For ipv6: if 'host' is not set or ipv4 = true
|
||||
# address4 =
|
||||
# address6 =
|
||||
|
||||
## External IPv4 or IPv6 address to listen for connections
|
||||
## By default i2pd sets IP automatically
|
||||
## Sets published NTCP2v4/SSUv4 address to 'host' value if nat = true
|
||||
## Sets published NTCP2v6/SSUv6 address to 'host' value if ipv4 = false
|
||||
# host = 1.2.3.4
|
||||
|
||||
## Port to listen for connections
|
||||
## By default i2pd picks random port. You MUST pick a random number too,
|
||||
## don't just uncomment this
|
||||
port = 12999
|
||||
|
||||
## Enable communication through ipv4
|
||||
ipv4 = true
|
||||
## Enable communication through ipv6
|
||||
ipv6 = false
|
||||
|
||||
## Enable SSU transport
|
||||
ssu = false
|
||||
|
||||
## Bandwidth configuration
|
||||
## L limit bandwidth to 32KBs/sec, O - to 256KBs/sec, P - to 2048KBs/sec,
|
||||
## X - unlimited
|
||||
## Default is L (regular node) and X if floodfill mode enabled. If you want to
|
||||
## share more bandwidth without floodfill mode, uncomment that line and adjust
|
||||
## value to your possibilities
|
||||
bandwidth = X
|
||||
## Max % of bandwidth limit for transit. 0-100. 100 by default
|
||||
share = 100
|
||||
|
||||
## Router will not accept transit tunnels, disabling transit traffic completely
|
||||
## (default = false)
|
||||
# notransit = true
|
||||
|
||||
## Router will be floodfill
|
||||
## Note: that mode uses much more network connections and CPU!
|
||||
# floodfill = true
|
||||
|
||||
[ntcp2]
|
||||
## Enable NTCP2 transport (default = true)
|
||||
# enabled = true
|
||||
## Publish address in RouterInfo (default = true)
|
||||
# published = true
|
||||
## Port for incoming connections (default is global port option value)
|
||||
# port = 4567
|
||||
|
||||
[ssu2]
|
||||
## Enable SSU2 transport
|
||||
# enabled = true
|
||||
## Publish address in RouterInfo
|
||||
# published = true
|
||||
## Port for incoming connections (default is global port option value or port + 1 if SSU is enabled)
|
||||
# port = 4567
|
||||
|
||||
[http]
|
||||
## Web Console settings
|
||||
## Uncomment and set to 'false' to disable Web Console
|
||||
# enabled = true
|
||||
## Address and port service will listen on
|
||||
address = 127.0.0.1
|
||||
port = 7070
|
||||
## Path to web console, default "/"
|
||||
# webroot = /
|
||||
## Uncomment following lines to enable Web Console authentication
|
||||
## You should not use Web Console via public networks without additional encryption.
|
||||
## HTTP authentication is not encryption layer!
|
||||
# auth = true
|
||||
# user = i2pd
|
||||
# pass = changeme
|
||||
## Select webconsole language
|
||||
## Currently supported english (default), afrikaans, armenian, chinese, czech, french,
|
||||
## german, italian, polish, portuguese, russian, spanish, turkish, turkmen, ukrainian
|
||||
## and uzbek languages
|
||||
# lang = english
|
||||
|
||||
[httpproxy]
|
||||
## Uncomment and set to 'false' to disable HTTP Proxy
|
||||
# enabled = true
|
||||
## Address and port service will listen on
|
||||
address = 127.0.0.1
|
||||
port = 4444
|
||||
## Optional keys file for proxy local destination
|
||||
# keys = http-proxy-keys.dat
|
||||
## Enable address helper for adding .i2p domains with "jump URLs" (default: true)
|
||||
## You should disable this feature if your i2pd HTTP Proxy is public,
|
||||
## because anyone could spoof the short domain via addresshelper and forward other users to phishing links
|
||||
# addresshelper = true
|
||||
## Address of a proxy server inside I2P, which is used to visit regular Internet
|
||||
# outproxy = http://false.i2p
|
||||
## httpproxy section also accepts I2CP parameters, like "inbound.length" etc.
|
||||
|
||||
[socksproxy]
|
||||
## Uncomment and set to 'false' to disable SOCKS Proxy
|
||||
# enabled = true
|
||||
## Address and port service will listen on
|
||||
address = 127.0.0.1
|
||||
port = 4447
|
||||
## Optional keys file for proxy local destination
|
||||
# keys = socks-proxy-keys.dat
|
||||
## Socks outproxy. Example below is set to use Tor for all connections except i2p
|
||||
## Uncomment and set to 'true' to enable using of SOCKS outproxy
|
||||
# outproxy.enabled = false
|
||||
## Address and port of outproxy
|
||||
# outproxy = 127.0.0.1
|
||||
# outproxyport = 9050
|
||||
## socksproxy section also accepts I2CP parameters, like "inbound.length" etc.
|
||||
|
||||
[sam]
|
||||
## Comment or set to 'false' to disable SAM Bridge
|
||||
enabled = true
|
||||
## Address and ports service will listen on
|
||||
# address = 127.0.0.1
|
||||
# port = 7656
|
||||
# portudp = 7655
|
||||
|
||||
[bob]
|
||||
## Uncomment and set to 'true' to enable BOB command channel
|
||||
# enabled = false
|
||||
## Address and port service will listen on
|
||||
# address = 127.0.0.1
|
||||
# port = 2827
|
||||
|
||||
[i2cp]
|
||||
## Uncomment and set to 'true' to enable I2CP protocol
|
||||
# enabled = false
|
||||
## Address and port service will listen on
|
||||
# address = 127.0.0.1
|
||||
# port = 7654
|
||||
|
||||
[i2pcontrol]
|
||||
## Uncomment and set to 'true' to enable I2PControl protocol
|
||||
# enabled = false
|
||||
## Address and port service will listen on
|
||||
# address = 127.0.0.1
|
||||
# port = 7650
|
||||
## Authentication password. "itoopie" by default
|
||||
# password = itoopie
|
||||
|
||||
[precomputation]
|
||||
## Enable or disable elgamal precomputation table
|
||||
## By default, enabled on i386 hosts
|
||||
# elgamal = true
|
||||
|
||||
[upnp]
|
||||
## Enable or disable UPnP: automatic port forwarding (enabled by default in WINDOWS, ANDROID)
|
||||
# enabled = false
|
||||
## Name i2pd appears in UPnP forwardings list (default = I2Pd)
|
||||
# name = I2Pd
|
||||
|
||||
[meshnets]
|
||||
## Enable connectivity over the Yggdrasil network
|
||||
# yggdrasil = false
|
||||
## You can bind address from your Yggdrasil subnet 300::/64
|
||||
## The address must first be added to the network interface
|
||||
# yggaddress =
|
||||
|
||||
[reseed]
|
||||
## Options for bootstrapping into I2P network, aka reseeding
|
||||
## Enable or disable reseed data verification.
|
||||
verify = true
|
||||
## URLs to request reseed data from, separated by comma
|
||||
## Default: "mainline" I2P Network reseeds
|
||||
# urls = https://reseed.i2p-projekt.de/,https://i2p.mooo.com/netDb/,https://netdb.i2p2.no/
|
||||
## Reseed URLs through the Yggdrasil, separated by comma
|
||||
# yggurls = http://[324:9de3:fea4:f6ac::ace]:7070/
|
||||
## Path to local reseed data file (.su3) for manual reseeding
|
||||
# file = /path/to/i2pseeds.su3
|
||||
## or HTTPS URL to reseed from
|
||||
# file = https://legit-website.com/i2pseeds.su3
|
||||
## Path to local ZIP file or HTTPS URL to reseed from
|
||||
# zipfile = /path/to/netDb.zip
|
||||
## If you run i2pd behind a proxy server, set proxy server for reseeding here
|
||||
## Should be http://address:port or socks://address:port
|
||||
# proxy = http://127.0.0.1:8118
|
||||
## Minimum number of known routers, below which i2pd triggers reseeding. 25 by default
|
||||
# threshold = 25
|
||||
|
||||
[addressbook]
|
||||
## AddressBook subscription URL for initial setup
|
||||
## Default: reg.i2p at "mainline" I2P Network
|
||||
# defaulturl = http://shx5vqsw7usdaunyzr2qmes2fq37oumybpudrd4jjj4e4vk4uusa.b32.i2p/hosts.txt
|
||||
## Optional subscriptions URLs, separated by comma
|
||||
# subscriptions = http://reg.i2p/hosts.txt,http://identiguy.i2p/hosts.txt,http://stats.i2p/cgi-bin/newhosts.txt,http://rus.i2p/hosts.txt
|
||||
|
||||
[limits]
|
||||
## Maximum active transit sessions (default: 5000)
|
||||
## This value is doubled if floodfill mode is enabled!
|
||||
# transittunnels = 5000
|
||||
## Limit number of open file descriptors (0 - use system limit)
|
||||
# openfiles = 0
|
||||
## Maximum size of corefile in Kb (0 - use system limit)
|
||||
# coresize = 0
|
||||
|
||||
[trust]
|
||||
## Enable explicit trust options. false by default
|
||||
# enabled = true
|
||||
## Make direct I2P connections only to routers in specified Family.
|
||||
# family = MyFamily
|
||||
## Make direct I2P connections only to routers specified here. Comma separated list of base64 identities.
|
||||
# routers =
|
||||
## Should we hide our router from other routers? false by default
|
||||
# hidden = true
|
||||
|
||||
[exploratory]
|
||||
## Exploratory tunnels settings with default values
|
||||
# inbound.length = 2
|
||||
# inbound.quantity = 3
|
||||
# outbound.length = 2
|
||||
# outbound.quantity = 3
|
||||
|
||||
[persist]
|
||||
## Save peer profiles on disk (default: true)
|
||||
# profiles = true
|
||||
## Save full addresses on disk (default: true)
|
||||
# addressbook = true
|
||||
|
||||
[cpuext]
|
||||
## Use CPU AES-NI instructions set when work with cryptography when available (default: true)
|
||||
# aesni = true
|
||||
## Use CPU AVX instructions set when work with cryptography when available (default: true)
|
||||
# avx = true
|
||||
## Force usage of CPU instructions set, even if they not found
|
||||
## DO NOT TOUCH that option if you really don't know what are you doing!
|
||||
# force = false
|
|
@ -0,0 +1,288 @@
|
|||
## Configuration file for a typical i2pd user
|
||||
## See https://i2pd.readthedocs.io/en/latest/user-guide/configuration/
|
||||
## for more options you can use in this file.
|
||||
|
||||
## Lines that begin with "## " try to explain what's going on. Lines
|
||||
## that begin with just "#" are disabled commands: you can enable them
|
||||
## by removing the "#" symbol.
|
||||
|
||||
## Tunnels config file
|
||||
## Default: ~/.i2pd/tunnels.conf or /var/lib/i2pd/tunnels.conf
|
||||
## Note: /var/lib/i2pd/tunnels.conf is a symlink to /etc/i2pd/tunnels.conf (use the latter)
|
||||
# tunconf = /var/lib/i2pd/tunnels.conf
|
||||
|
||||
## Tunnels config files path
|
||||
## Use that path to store separated tunnels in different config files.
|
||||
## Default: ~/.i2pd/tunnels.d or /var/lib/i2pd/tunnels.d
|
||||
## Note: /var/lib/i2pd/tunnels.d is a symlink to /etc/i2pd/tunnels.d (use the latter)
|
||||
# tunnelsdir = /var/lib/i2pd/tunnels.d
|
||||
|
||||
## Path to certificates used for verifying .su3, families
|
||||
## Default: ~/.i2pd/certificates or /var/lib/i2pd/certificates
|
||||
## Note: /var/lib/i2pd/certificates is a symlink to /usr/share/i2pd/certificates (use the latter)
|
||||
# certsdir = /var/lib/i2pd/certificates
|
||||
|
||||
## Where to write pidfile (default: /run/i2pd.pid, not used in Windows)
|
||||
# pidfile = /run/i2pd/i2pd.pid
|
||||
|
||||
## Logging configuration section
|
||||
## By default logs go to stdout with level 'info' and higher
|
||||
## For Windows OS by default logs go to file with level 'warn' and higher
|
||||
##
|
||||
## Logs destination (valid values: stdout, file, syslog)
|
||||
## * stdout - print log entries to stdout
|
||||
## * file - log entries to a file
|
||||
## * syslog - use syslog, see man 3 syslog
|
||||
# log = file
|
||||
## Path to logfile (default: autodetect)
|
||||
logfile = /var/log/i2pd/i2pd.log
|
||||
## Log messages above this level (debug, info, *warn, error, critical, none)
|
||||
## If you set it to none, logging will be disabled
|
||||
# loglevel = warn
|
||||
## Write full CLF-formatted date and time to log (default: write only time)
|
||||
# logclftime = true
|
||||
|
||||
## Daemon mode. Router will go to background after start. Ignored on Windows
|
||||
## (default: true)
|
||||
# daemon = true
|
||||
|
||||
## Specify a family, router belongs to (default - none)
|
||||
# family =
|
||||
|
||||
## Network interface to bind to
|
||||
## Updates address4/6 options if they are not set
|
||||
# ifname =
|
||||
## You can specify different interfaces for IPv4 and IPv6
|
||||
# ifname4 =
|
||||
# ifname6 =
|
||||
|
||||
## Local address to bind transport sockets to
|
||||
## Overrides host option if:
|
||||
## For ipv4: if ipv4 = true and nat = false
|
||||
## For ipv6: if 'host' is not set or ipv4 = true
|
||||
# address4 =
|
||||
# address6 =
|
||||
|
||||
## External IPv4 or IPv6 address to listen for connections
|
||||
## By default i2pd sets IP automatically
|
||||
## Sets published NTCP2v4/SSUv4 address to 'host' value if nat = true
|
||||
## Sets published NTCP2v6/SSUv6 address to 'host' value if ipv4 = false
|
||||
# host = 1.2.3.4
|
||||
|
||||
## Port to listen for connections
|
||||
## By default i2pd picks random port. You MUST pick a random number too,
|
||||
## don't just uncomment this
|
||||
# port = 4567
|
||||
|
||||
## Enable communication through ipv4 (default: true)
|
||||
ipv4 = true
|
||||
## Enable communication through ipv6 (default: false)
|
||||
ipv6 = false
|
||||
|
||||
## Bandwidth configuration
|
||||
## L limit bandwidth to 32 KB/sec, O - to 256 KB/sec, P - to 2048 KB/sec,
|
||||
## X - unlimited
|
||||
## Default is L (regular node) and X if floodfill mode enabled.
|
||||
## If you want to share more bandwidth without floodfill mode, uncomment
|
||||
## that line and adjust value to your possibilities. Value can be set to
|
||||
## integer in kilobytes, it will apply that limit and flag will be used
|
||||
## from next upper limit (example: if you set 4096 flag will be X, but real
|
||||
## limit will be 4096 KB/s). Same can be done when floodfill mode is used,
|
||||
## but keep in mind that low values may be negatively evaluated by Java
|
||||
## router algorithms.
|
||||
# bandwidth = L
|
||||
## Max % of bandwidth limit for transit. 0-100 (default: 100)
|
||||
# share = 100
|
||||
|
||||
## Router will not accept transit tunnels, disabling transit traffic completely
|
||||
## (default: false)
|
||||
# notransit = true
|
||||
|
||||
## Router will be floodfill (default: false)
|
||||
## Note: that mode uses much more network connections and CPU!
|
||||
# floodfill = true
|
||||
|
||||
[ntcp2]
|
||||
## Enable NTCP2 transport (default: true)
|
||||
# enabled = true
|
||||
## Publish address in RouterInfo (default: true)
|
||||
# published = true
|
||||
## Port for incoming connections (default is global port option value)
|
||||
# port = 4567
|
||||
|
||||
[ssu2]
|
||||
## Enable SSU2 transport (default: true)
|
||||
# enabled = true
|
||||
## Publish address in RouterInfo (default: true)
|
||||
# published = true
|
||||
## Port for incoming connections (default is global port option value)
|
||||
# port = 4567
|
||||
|
||||
[http]
|
||||
## Web Console settings
|
||||
## Enable the Web Console (default: true)
|
||||
# enabled = true
|
||||
## Address and port service will listen on (default: 127.0.0.1:7070)
|
||||
# address = 127.0.0.1
|
||||
# port = 7070
|
||||
## Path to web console (default: /)
|
||||
# webroot = /
|
||||
## Enable Web Console authentication (default: false)
|
||||
## You should not use Web Console via public networks without additional encryption.
|
||||
## HTTP authentication is not encryption layer!
|
||||
# auth = true
|
||||
# user = i2pd
|
||||
# pass = changeme
|
||||
## Select webconsole language
|
||||
## Currently supported english (default), afrikaans, armenian, chinese, czech, french,
|
||||
## german, italian, polish, portuguese, russian, spanish, turkish, turkmen, ukrainian
|
||||
## and uzbek languages
|
||||
# lang = english
|
||||
|
||||
[httpproxy]
|
||||
## Enable the HTTP proxy (default: true)
|
||||
# enabled = true
|
||||
## Address and port service will listen on (default: 127.0.0.1:4444)
|
||||
# address = 127.0.0.1
|
||||
# port = 4444
|
||||
## Optional keys file for proxy local destination (default: http-proxy-keys.dat)
|
||||
# keys = http-proxy-keys.dat
|
||||
## Enable address helper for adding .i2p domains with "jump URLs" (default: true)
|
||||
## You should disable this feature if your i2pd HTTP Proxy is public,
|
||||
## because anyone could spoof the short domain via addresshelper and forward other users to phishing links
|
||||
# addresshelper = true
|
||||
## Address of a proxy server inside I2P, which is used to visit regular Internet
|
||||
# outproxy = http://false.i2p
|
||||
## httpproxy section also accepts I2CP parameters, like "inbound.length" etc.
|
||||
|
||||
[socksproxy]
|
||||
## Enable the SOCKS proxy (default: true)
|
||||
# enabled = true
|
||||
## Address and port service will listen on (default: 127.0.0.1:4447)
|
||||
# address = 127.0.0.1
|
||||
# port = 4447
|
||||
## Optional keys file for proxy local destination (default: socks-proxy-keys.dat)
|
||||
# keys = socks-proxy-keys.dat
|
||||
## Socks outproxy. Example below is set to use Tor for all connections except i2p
|
||||
## Enable using of SOCKS outproxy (works only with SOCKS4, default: false)
|
||||
# outproxy.enabled = false
|
||||
## Address and port of outproxy
|
||||
# outproxy = 127.0.0.1
|
||||
# outproxyport = 9050
|
||||
## socksproxy section also accepts I2CP parameters, like "inbound.length" etc.
|
||||
|
||||
[sam]
|
||||
## Enable the SAM bridge (default: true)
|
||||
# enabled = false
|
||||
## Address and ports service will listen on (default: 127.0.0.1:7656, udp: 7655)
|
||||
# address = 127.0.0.1
|
||||
# port = 7656
|
||||
# portudp = 7655
|
||||
|
||||
[bob]
|
||||
## Enable the BOB command channel (default: false)
|
||||
# enabled = false
|
||||
## Address and port service will listen on (default: 127.0.0.1:2827)
|
||||
# address = 127.0.0.1
|
||||
# port = 2827
|
||||
|
||||
[i2cp]
|
||||
## Enable the I2CP protocol (default: false)
|
||||
# enabled = false
|
||||
## Address and port service will listen on (default: 127.0.0.1:7654)
|
||||
# address = 127.0.0.1
|
||||
# port = 7654
|
||||
|
||||
[i2pcontrol]
|
||||
## Enable the I2PControl protocol (default: false)
|
||||
# enabled = false
|
||||
## Address and port service will listen on (default: 127.0.0.1:7650)
|
||||
# address = 127.0.0.1
|
||||
# port = 7650
|
||||
## Authentication password (default: itoopie)
|
||||
# password = itoopie
|
||||
|
||||
[precomputation]
|
||||
## Enable or disable elgamal precomputation table
|
||||
## By default, enabled on i386 hosts
|
||||
# elgamal = true
|
||||
|
||||
[upnp]
|
||||
## Enable or disable UPnP: automatic port forwarding (enabled by default in WINDOWS, ANDROID)
|
||||
# enabled = false
|
||||
## Name i2pd appears in UPnP forwardings list (default: I2Pd)
|
||||
# name = I2Pd
|
||||
|
||||
[meshnets]
|
||||
## Enable connectivity over the Yggdrasil network (default: false)
|
||||
# yggdrasil = false
|
||||
## You can bind address from your Yggdrasil subnet 300::/64
|
||||
## The address must first be added to the network interface
|
||||
# yggaddress =
|
||||
|
||||
[reseed]
|
||||
## Options for bootstrapping into I2P network, aka reseeding
|
||||
## Enable reseed data verification (default: true)
|
||||
verify = true
|
||||
## URLs to request reseed data from, separated by comma
|
||||
## Default: "mainline" I2P Network reseeds
|
||||
# urls = https://reseed.i2p-projekt.de/,https://i2p.mooo.com/netDb/,https://netdb.i2p2.no/
|
||||
## Reseed URLs through the Yggdrasil, separated by comma
|
||||
# yggurls = http://[324:71e:281a:9ed3::ace]:7070/
|
||||
## Path to local reseed data file (.su3) for manual reseeding
|
||||
# file = /path/to/i2pseeds.su3
|
||||
## or HTTPS URL to reseed from
|
||||
# file = https://legit-website.com/i2pseeds.su3
|
||||
## Path to local ZIP file or HTTPS URL to reseed from
|
||||
# zipfile = /path/to/netDb.zip
|
||||
## If you run i2pd behind a proxy server, set proxy server for reseeding here
|
||||
## Should be http://address:port or socks://address:port
|
||||
# proxy = http://127.0.0.1:8118
|
||||
## Minimum number of known routers, below which i2pd triggers reseeding (default: 25)
|
||||
# threshold = 25
|
||||
|
||||
[addressbook]
|
||||
## AddressBook subscription URL for initial setup
|
||||
## Default: reg.i2p at "mainline" I2P Network
|
||||
# defaulturl = http://shx5vqsw7usdaunyzr2qmes2fq37oumybpudrd4jjj4e4vk4uusa.b32.i2p/hosts.txt
|
||||
## Optional subscriptions URLs, separated by comma
|
||||
# subscriptions = http://reg.i2p/hosts.txt,http://identiguy.i2p/hosts.txt,http://stats.i2p/cgi-bin/newhosts.txt,http://rus.i2p/hosts.txt
|
||||
|
||||
[limits]
|
||||
## Maximum active transit sessions (default: 5000)
|
||||
## This value is doubled if floodfill mode is enabled!
|
||||
# transittunnels = 5000
|
||||
## Limit number of open file descriptors (0 - use system limit)
|
||||
# openfiles = 0
|
||||
## Maximum size of corefile in Kb (0 - use system limit)
|
||||
# coresize = 0
|
||||
|
||||
[trust]
|
||||
## Enable explicit trust options. (default: false)
|
||||
# enabled = true
|
||||
## Make direct I2P connections only to routers in specified Family.
|
||||
# family = MyFamily
|
||||
## Make direct I2P connections only to routers specified here. Comma separated list of base64 identities.
|
||||
# routers =
|
||||
## Should we hide our router from other routers? (default: false)
|
||||
# hidden = true
|
||||
|
||||
[exploratory]
|
||||
## Exploratory tunnels settings with default values
|
||||
# inbound.length = 2
|
||||
# inbound.quantity = 3
|
||||
# outbound.length = 2
|
||||
# outbound.quantity = 3
|
||||
|
||||
[persist]
|
||||
## Save peer profiles on disk (default: true)
|
||||
# profiles = true
|
||||
## Save full addresses on disk (default: true)
|
||||
# addressbook = true
|
||||
|
||||
[cpuext]
|
||||
## Use CPU AES-NI instructions set when work with cryptography when available (default: true)
|
||||
# aesni = true
|
||||
## Force usage of CPU instructions set, even if they not found (default: false)
|
||||
## DO NOT TOUCH that option if you really don't know what are you doing!
|
||||
# force = false
|
|
@ -0,0 +1,33 @@
|
|||
[IRC-ILITA]
|
||||
type = client
|
||||
address = 127.0.0.1
|
||||
port = 6668
|
||||
destination = irc.ilita.i2p
|
||||
destinationport = 6667
|
||||
keys = irc-keys.dat
|
||||
|
||||
#[IRC-IRC2P]
|
||||
#type = client
|
||||
#address = 127.0.0.1
|
||||
#port = 6669
|
||||
#destination = irc.postman.i2p
|
||||
#destinationport = 6667
|
||||
#keys = irc-keys.dat
|
||||
|
||||
#[SMTP]
|
||||
#type = client
|
||||
#address = 127.0.0.1
|
||||
#port = 7659
|
||||
#destination = smtp.postman.i2p
|
||||
#destinationport = 25
|
||||
#keys = smtp-keys.dat
|
||||
|
||||
#[POP3]
|
||||
#type = client
|
||||
#address = 127.0.0.1
|
||||
#port = 7660
|
||||
#destination = pop.postman.i2p
|
||||
#destinationport = 110
|
||||
#keys = pop3-keys.dat
|
||||
|
||||
# see more examples at https://i2pd.readthedocs.io/en/latest/user-guide/tunnels/
|
|
@ -0,0 +1,5 @@
|
|||
[librex]
|
||||
type=http
|
||||
host=127.0.0.1
|
||||
port=10051
|
||||
keys=inv.dat
|
|
@ -0,0 +1,5 @@
|
|||
[librex]
|
||||
type=http
|
||||
host=127.0.0.1
|
||||
port=30002
|
||||
keys=librex.dat
|
|
@ -0,0 +1,5 @@
|
|||
[rimgo]
|
||||
type=http
|
||||
host=127.0.0.1
|
||||
port=10050
|
||||
keys=rimgo-real.dat
|
|
@ -4,7 +4,7 @@ limit_req_zone $binary_remote_addr zone=4get:10m rate=4r/s;
|
|||
server {
|
||||
access_log /var/log/nginx/4get.access.log limited;
|
||||
error_log /var/log/nginx/4get.error.log;
|
||||
server_name 4get.zzls.xyz;
|
||||
server_name 4get.zzls.xyz 4get.nadeko.net;
|
||||
root /var/www/4get-zzls;
|
||||
include configs/general.conf;
|
||||
include configs/robotsNone.conf;
|
||||
|
@ -82,14 +82,19 @@ server {
|
|||
location ~* ^(.*)\.php$ {
|
||||
return 301 $1;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
server {
|
||||
set $x "";
|
||||
if ($host = 4get.zzls.xyz) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($host = 4get.nadeko.net) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($x = 1) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
listen 80;
|
||||
server_name 4get.zzls.xyz;
|
||||
server_name 4get.zzls.xyz 4get.nadeko.net;
|
||||
}
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
server {
|
||||
access_log /var/log/nginx/4get.access.log limited;
|
||||
error_log /var/log/nginx/4get.error.log;
|
||||
server_name debug4get.zzls.xyz;
|
||||
server_name debug4get.zzls.xyz debug4get.nadeko.net;
|
||||
root /var/www/;
|
||||
include configs/general.conf;
|
||||
include configs/robotsNone.conf;
|
||||
|
@ -85,7 +85,14 @@ server {
|
|||
}
|
||||
|
||||
server {
|
||||
set $x "";
|
||||
if ($host = debug4get.zzls.xyz) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($host = debug4get.nadeko.net) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($x = 1) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
listen 80;
|
||||
|
|
|
@ -1,66 +1,130 @@
|
|||
limit_req_zone $binary_remote_addr zone=one:10m rate=2r/s;
|
||||
|
||||
upstream inv-debug {
|
||||
server 127.0.0.1:40050;
|
||||
upstream debuginv{
|
||||
server 127.0.0.1:40050 max_fails=2 fail_timeout=2s;
|
||||
}
|
||||
|
||||
upstream http3-ytproxy-debug {
|
||||
server 127.0.0.1:8080 max_fails=2 fail_timeout=1s;
|
||||
}
|
||||
|
||||
# CLEARNET
|
||||
server {
|
||||
access_log /var/log/nginx/debuginv.access.log;
|
||||
error_log /var/log/nginx/debuginv.error.log;
|
||||
server_name debuginv.zzls.xyz;
|
||||
include configs/general.conf;
|
||||
include configs/robotsNone.conf;
|
||||
# SECURITY HEADERS ADDED BY Invidious
|
||||
# include configs/security.conf;
|
||||
|
||||
location / {
|
||||
proxy_pass http://inv-debug;
|
||||
location @upstream {
|
||||
proxy_pass http://debuginv;
|
||||
include configs/proxy.conf;
|
||||
limit_rate 12000k;
|
||||
limit_rate 1000k;
|
||||
# Disable buffering and cache so i don't kill my
|
||||
# SSD and bandwidth usage
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
proxy_cache off;
|
||||
proxy_intercept_errors on;
|
||||
error_page 502 = @fallback;
|
||||
}
|
||||
|
||||
location ~ ^/api/ {
|
||||
proxy_pass http://inv-debug;
|
||||
include configs/proxy.conf;
|
||||
limit_rate 12000k;
|
||||
# Disable buffering and cache so i don't kill my
|
||||
# SSD and bandwidth usage
|
||||
error_page 502 /502.html;
|
||||
|
||||
# location ~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/) {
|
||||
# access_log /var/log/nginx/debuginv-proxy.access.log;
|
||||
# error_log /var/log/nginx/debuginv-proxy.error.log;
|
||||
# # Woops! Sorry. I don't want to kill my SSD lol!
|
||||
# proxy_buffering off;
|
||||
# #proxy_buffers 1024 16k;
|
||||
# proxy_set_header X-Forwarded-For "";
|
||||
# proxy_hide_header "alt-svc";
|
||||
# sendfile_max_chunk 512k;
|
||||
# proxy_hide_header Cache-Control;
|
||||
# proxy_hide_header etag;
|
||||
# proxy_http_version 1.1;
|
||||
# proxy_intercept_errors on;
|
||||
# proxy_set_header Connection keep-alive;
|
||||
# proxy_max_temp_file_size 32m;
|
||||
# proxy_pass http://http3-ytproxy-debug;
|
||||
# add_header Cache-Control private always;
|
||||
# limit_rate 6000k;
|
||||
# }
|
||||
location ~ (^/videoplayback) {
|
||||
access_log /var/log/nginx/debuginv-proxy.access.log;
|
||||
error_log /var/log/nginx/debuginv-proxy.error.log;
|
||||
# Woops! Sorry. I don't want to kill my SSD lol!
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
proxy_cache off;
|
||||
limit_req zone=one;
|
||||
}
|
||||
|
||||
location ~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/) {
|
||||
proxy_buffers 1024 16k;
|
||||
#proxy_buffers 1024 16k;
|
||||
proxy_set_header X-Forwarded-For "";
|
||||
proxy_hide_header "alt-svc";
|
||||
sendfile_max_chunk 512k;
|
||||
proxy_hide_header Cache-Control;
|
||||
proxy_hide_header etag;
|
||||
proxy_http_version 1.1;
|
||||
proxy_intercept_errors on;
|
||||
proxy_set_header Connection keep-alive;
|
||||
proxy_max_temp_file_size 32m;
|
||||
access_log /var/log/nginx/http3-ytproxy.log;
|
||||
proxy_pass http://unix:/opt/http3-ytproxy/socket/http-proxy-1.sock;
|
||||
proxy_pass http://http3-ytproxy-debug;
|
||||
add_header Cache-Control private always;
|
||||
limit_rate 6000k;
|
||||
}
|
||||
|
||||
location @fallback {
|
||||
root /etc/nginx/errors;
|
||||
try_files $uri /502.html =502;
|
||||
|
||||
location / {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /search {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /api/v1/ {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /api/v1/storyboards {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /api/v1/captions {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /api/v1/comments {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location ~ ^/api/v1/channels/(.+)/shorts {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location = /502.html {
|
||||
alias /etc/nginx/errors/502;
|
||||
index index.html;
|
||||
}
|
||||
|
||||
# QUIC
|
||||
include configs/http3.conf;
|
||||
|
||||
# TOR
|
||||
add_header Onion-Location http://debuginvzzlsghu6mvvwyy75mvga6gaf4znbp3erk5xwfzedb4gg6qqh2j6rlvid.onion$request_uri;
|
||||
|
||||
listen 443 ssl;
|
||||
http2 on;
|
||||
include configs/ssl.conf;
|
||||
|
||||
}
|
||||
|
||||
server {
|
||||
set $x "";
|
||||
if ($host = debuginv.zzls.xyz) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($host = debuginv.nadeko.net) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($x = 1) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
listen 80;
|
||||
server_name debuginv.zzls.xyz;
|
||||
}
|
||||
|
|
|
@ -3,8 +3,8 @@ upstream forgejo {
|
|||
}
|
||||
|
||||
server {
|
||||
access_log /var/log/nginx/git.access.log combined;
|
||||
server_name git.zzls.xyz;
|
||||
access_log /var/log/nginx/git.access.log combined2;
|
||||
server_name git.zzls.xyz git.nadeko.net;
|
||||
include configs/general.conf;
|
||||
include configs/security.conf;
|
||||
include configs/robots.conf;
|
||||
|
@ -25,7 +25,14 @@ server {
|
|||
}
|
||||
|
||||
server {
|
||||
set $x "";
|
||||
if ($host = git.zzls.xyz) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($host = git.nadeko.net) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($x = 1) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
listen 80;
|
||||
|
|
|
@ -1,93 +1,38 @@
|
|||
# Rate limit searches, just 5 per sec
|
||||
limit_req_zone $binary_remote_addr zone=invidious:10m rate=5r/s;
|
||||
# Rate limit api requests, just 60 per sec, wathcing a normal video does like
|
||||
# 10 to 30 api requests so you don't need more than 30 in a second unless is a bot spamming shit lol
|
||||
limit_req_zone $binary_remote_addr zone=invidiousapi:10m rate=40r/s;
|
||||
limit_req_zone $binary_remote_addr zone=invidious-apirl:1m rate=40r/s;
|
||||
|
||||
upstream inv {
|
||||
server 127.0.0.1:40015 max_fails=2 fail_timeout=2s;
|
||||
server 127.0.0.1:40016 max_fails=2 fail_timeout=2s;
|
||||
server 127.0.0.1:40017 max_fails=2 fail_timeout=2s;
|
||||
server 127.0.0.1:10011 max_fails=2 fail_timeout=2s;
|
||||
server 127.0.0.1:10012 max_fails=2 fail_timeout=2s;
|
||||
server 127.0.0.1:10013 max_fails=2 fail_timeout=2s;
|
||||
}
|
||||
|
||||
# Just add more lol
|
||||
upstream http3-ytproxy {
|
||||
server unix:/opt/http3-ytproxy/socket/http-proxy-1.sock max_fails=2 fail_timeout=1s;
|
||||
server unix:/opt/http3-ytproxy/socket/http-proxy-2.sock max_fails=2 fail_timeout=1s;
|
||||
server unix:/opt/http3-ytproxy/socket/http-proxy-3.sock max_fails=2 fail_timeout=1s;
|
||||
server unix:/opt/http3-ytproxy/socket/http-proxy-4.sock max_fails=2 fail_timeout=1s;
|
||||
server unix:/opt/http3-ytproxy/socket/http-proxy-5.sock max_fails=2 fail_timeout=1s;
|
||||
}
|
||||
|
||||
server {
|
||||
server_name inv.zzls.xyz;
|
||||
rewrite ^ https://inv.nadeko.net$request_uri? permanent;
|
||||
include configs/ssl.conf;
|
||||
listen 443 ssl;
|
||||
}
|
||||
|
||||
# CLEARNET
|
||||
server {
|
||||
access_log /var/log/nginx/inv.access.log limited;
|
||||
error_log /var/log/nginx/inv.error.log;
|
||||
server_name inv.zzls.xyz;
|
||||
server_name inv.nadeko.net;
|
||||
include configs/general.conf;
|
||||
include configs/robotsNone.conf;
|
||||
# SECURITY HEADERS ADDED BY Invidious
|
||||
# include configs/security.conf;
|
||||
|
||||
location @upstream {
|
||||
proxy_pass http://inv;
|
||||
include configs/proxy.conf;
|
||||
limit_rate 8000k;
|
||||
# Disable buffering and cache so i don't kill my
|
||||
# SSD and bandwidth usage
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
proxy_cache off;
|
||||
proxy_intercept_errors on;
|
||||
error_page 502 = @fallback;
|
||||
}
|
||||
|
||||
location ~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/) {
|
||||
# Woops! Sorry. I don't want to kill my SSD lol!
|
||||
proxy_buffering off;
|
||||
#proxy_buffers 1024 16k;
|
||||
proxy_set_header X-Forwarded-For "";
|
||||
proxy_hide_header "alt-svc";
|
||||
sendfile_max_chunk 512k;
|
||||
proxy_hide_header Cache-Control;
|
||||
proxy_hide_header etag;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Connection keep-alive;
|
||||
proxy_max_temp_file_size 32m;
|
||||
proxy_pass http://http3-ytproxy;
|
||||
add_header Cache-Control private always;
|
||||
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /search {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /api {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /api/v1/storyboards {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /api/v1/captions {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /api/v1/comments {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location ~ ^/api/v1/channels/(.+)/shorts {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location @fallback {
|
||||
root /etc/nginx/errors;
|
||||
try_files $uri /502.html = 502;
|
||||
}
|
||||
# The messed up invidious configuration
|
||||
include conf.d/inv.zzls.xyz.locations;
|
||||
|
||||
# QUIC
|
||||
include configs/http3.conf;
|
||||
|
@ -98,7 +43,6 @@ server {
|
|||
listen 443 ssl;
|
||||
http2 on;
|
||||
include configs/ssl.conf;
|
||||
|
||||
}
|
||||
|
||||
# TOR
|
||||
|
@ -108,86 +52,31 @@ server {
|
|||
include configs/general.conf;
|
||||
include configs/robotsNone.conf;
|
||||
|
||||
location @upstream {
|
||||
proxy_pass http://inv;
|
||||
include configs/proxy.conf;
|
||||
limit_rate 8000k;
|
||||
# Disable buffering and cache so i don't kill my
|
||||
# SSD and bandwidth usage
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
proxy_cache off;
|
||||
proxy_intercept_errors on;
|
||||
}
|
||||
|
||||
location ~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/) {
|
||||
# Woops! Sorry. I don't want to kill my SSD lol!
|
||||
proxy_buffering off;
|
||||
#proxy_buffers 1024 16k;
|
||||
proxy_set_header X-Forwarded-For "";
|
||||
proxy_hide_header "alt-svc";
|
||||
sendfile_max_chunk 512k;
|
||||
proxy_hide_header Cache-Control;
|
||||
proxy_hide_header etag;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Connection keep-alive;
|
||||
proxy_max_temp_file_size 32m;
|
||||
proxy_pass http://http3-ytproxy;
|
||||
add_header Cache-Control private always;
|
||||
}
|
||||
|
||||
|
||||
location / {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
include conf.d/inv.zzls.xyz.locations;
|
||||
}
|
||||
|
||||
# I2P
|
||||
server {
|
||||
listen 30003;
|
||||
listen 10051;
|
||||
server_name zzlsbhhfvwg3oh36tcvx4r7n6jrw7zibvyvfxqlodcwn3mfrvzuq.b32.i2p;
|
||||
include configs/general.conf;
|
||||
include configs/robotsNone.conf;
|
||||
|
||||
location @upstream {
|
||||
proxy_pass http://inv;
|
||||
include configs/proxy.conf;
|
||||
limit_rate 8000k;
|
||||
# Disable buffering and cache so i don't kill my
|
||||
# SSD and bandwidth usage
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
proxy_cache off;
|
||||
proxy_intercept_errors on;
|
||||
error_page 502 = @fallback;
|
||||
}
|
||||
|
||||
location ~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/) {
|
||||
# Woops! Sorry. I don't want to kill my SSD lol!
|
||||
proxy_buffering off;
|
||||
#proxy_buffers 1024 16k;
|
||||
proxy_set_header X-Forwarded-For "";
|
||||
proxy_hide_header "alt-svc";
|
||||
sendfile_max_chunk 512k;
|
||||
proxy_hide_header Cache-Control;
|
||||
proxy_hide_header etag;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Connection keep-alive;
|
||||
proxy_max_temp_file_size 32m;
|
||||
proxy_pass http://http3-ytproxy;
|
||||
add_header Cache-Control private always;
|
||||
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
include conf.d/inv.zzls.xyz.locations;
|
||||
}
|
||||
|
||||
server {
|
||||
set $x "";
|
||||
if ($host = inv.zzls.xyz) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($host = inv.nadeko.net) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($x = 1) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
listen 80;
|
||||
server_name inv.zzls.xyz;
|
||||
server_name inv.zzls.xyz inv.nadeko.net;
|
||||
return 404;
|
||||
}
|
||||
|
|
|
@ -0,0 +1,64 @@
|
|||
location @upstream {
|
||||
proxy_pass http://inv;
|
||||
include configs/proxy.conf;
|
||||
limit_rate 1000k;
|
||||
# Disable buffering and cache so i don't kill my
|
||||
# SSD and bandwidth usage
|
||||
proxy_buffering off;
|
||||
proxy_request_buffering off;
|
||||
proxy_cache off;
|
||||
proxy_intercept_errors on;
|
||||
error_page 502 = @fallback;
|
||||
}
|
||||
|
||||
location ~ (^/videoplayback|^/vi/|^/ggpht/|^/sb/) {
|
||||
# Woops! Sorry. I don't want to kill my SSD lol!
|
||||
proxy_buffering off;
|
||||
#proxy_buffers 1024 16k;
|
||||
proxy_set_header X-Forwarded-For "";
|
||||
proxy_hide_header "alt-svc";
|
||||
sendfile_max_chunk 512k;
|
||||
proxy_hide_header Cache-Control;
|
||||
proxy_hide_header etag;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Connection keep-alive;
|
||||
proxy_max_temp_file_size 32m;
|
||||
proxy_pass http://http3-ytproxy;
|
||||
add_header Cache-Control private always;
|
||||
limit_rate 6000k;
|
||||
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /search {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /api/v1 {
|
||||
limit_req zone=invidious-apirl nodelay burst=10;
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /api/v1/storyboards {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /api/v1/captions {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location /api/v1/comments {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location ~ ^/api/v1/channels/(.+)/shorts {
|
||||
try_files $uri @upstream;
|
||||
}
|
||||
|
||||
location @fallback {
|
||||
root /etc/nginx/errors;
|
||||
try_files $uri /502.html = 502;
|
||||
}
|
|
@ -0,0 +1,47 @@
|
|||
server {
|
||||
access_log /var/log/nginx/keygenmusic.zzls.xyz.access.log;
|
||||
root /var/www/keygenmusic.tk-mirror;
|
||||
index index.html;
|
||||
server_name keygenmusic.zzls.xyz keygenmusic.nadeko.net;
|
||||
include configs/general.conf;
|
||||
include configs/security.conf;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
|
||||
location /kgm {
|
||||
alias /mnt/ssd/luna.zzls.xyz/keygenmusic.tk/kgm;
|
||||
}
|
||||
|
||||
location /kgm/ver.txt {
|
||||
alias /var/www/keygenmusic.tk-mirror/kgm/ver.txt;
|
||||
}
|
||||
|
||||
location /kgm/lib.txt {
|
||||
alias /var/www/keygenmusic.tk-mirror/kgm/lib.txt;
|
||||
}
|
||||
|
||||
# QUIC
|
||||
include configs/http3.conf;
|
||||
|
||||
listen 443 ssl;
|
||||
http2 on;
|
||||
include configs/ssl.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
set $x "";
|
||||
if ($host = keygenmusic.zzls.xyz) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($host = keygenmusic.nadeko.net) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($x = 1) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
listen 80;
|
||||
server_name keygenmusic.zzls.xyz keygenmusic.nadeko.net;
|
||||
return 404;
|
||||
}
|
|
@ -0,0 +1,52 @@
|
|||
server {
|
||||
server_name luna.zzls.xyz;
|
||||
rewrite ^ https://luna.nadeko.net$request_uri? permanent;
|
||||
include configs/ssl.conf;
|
||||
listen 443 ssl;
|
||||
}
|
||||
|
||||
server {
|
||||
access_log /var/log/nginx/luna.zzls.xyz.access.log combined;
|
||||
error_log /var/log/nginx/luna.zzls.xyz.error.log;
|
||||
server_name luna.nadeko.net;
|
||||
index index.php /_h5ai/public/index.php;
|
||||
root /mnt/ssd/luna.zzls.xyz/;
|
||||
include configs/general.conf;
|
||||
include configs/security.conf;
|
||||
add_header Access-Control-Allow-Origin *;
|
||||
|
||||
location /_h5ai/private {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||
if (!-f $document_root$fastcgi_script_name) {
|
||||
return 404;
|
||||
}
|
||||
fastcgi_param HTTP_PROXY "";
|
||||
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
add_header Access-Control-Allow-Origin *;
|
||||
}
|
||||
|
||||
listen 443 ssl;
|
||||
http2 on;
|
||||
include configs/ssl.conf;
|
||||
|
||||
}
|
||||
server {
|
||||
set $x "";
|
||||
if ($host = luna.nadeko.net) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($x = 1) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
listen 80;
|
||||
server_name luna.nadeko.net;
|
||||
return 404;
|
||||
}
|
|
@ -1,5 +1,5 @@
|
|||
server {
|
||||
server_name matrix.zzls.xyz;
|
||||
server_name matrix.zzls.xyz matrix.nadeko.net;
|
||||
include configs/general.conf;
|
||||
include configs/robotsNone.conf;
|
||||
include configs/security.conf;
|
||||
|
@ -22,7 +22,7 @@ server {
|
|||
#}
|
||||
|
||||
location ~ ^(/_matrix|/_synapse/client|/health) {
|
||||
proxy_pass http://127.0.0.1:40020;
|
||||
proxy_pass http://127.0.0.1:10020;
|
||||
include configs/proxy.conf;
|
||||
client_max_body_size 64M;
|
||||
}
|
||||
|
@ -38,9 +38,17 @@ server {
|
|||
}
|
||||
|
||||
server {
|
||||
set $x "";
|
||||
if ($host = matrix.zzls.xyz) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($host = matrix.nadeko.net) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($x = 1) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
listen 80;
|
||||
server_name matrix.zzls.xyz;
|
||||
return 404;
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
server {
|
||||
server_name pbin.zzls.xyz;
|
||||
server_name pbin.zzls.xyz pbin.nadeko.net;
|
||||
include configs/general.conf;
|
||||
include configs/security.conf;
|
||||
include configs/robotsNone.conf;
|
||||
|
@ -18,9 +18,17 @@ server {
|
|||
|
||||
}
|
||||
server {
|
||||
set $x "";
|
||||
if ($host = pbin.zzls.xyz) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($host = pbin.nadeko.net) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($x = 1) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
listen 80;
|
||||
server_name pbin.zzls.xyz;
|
||||
return 404;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# CLEARNET
|
||||
server {
|
||||
access_log off;
|
||||
server_name ri.zzls.xyz;
|
||||
server_name ri.zzls.xyz ri.nadeko.net;
|
||||
include configs/general.conf;
|
||||
include configs/robotsNone.conf;
|
||||
|
||||
|
@ -46,9 +46,17 @@ server {
|
|||
}
|
||||
|
||||
server {
|
||||
set $x "";
|
||||
if ($host = ri.zzls.xyz) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($host = ri.nadeko.net) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($x = 1) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
listen 80;
|
||||
server_name ri.zzls.xyz;
|
||||
server_name ri.zzls.xyz ri.nadeko.net;
|
||||
return 404;
|
||||
}
|
||||
|
|
|
@ -1,28 +0,0 @@
|
|||
server {
|
||||
root /var/www/html;
|
||||
index index.html;
|
||||
include configs/general.conf;
|
||||
include configs/robotsNone.conf;
|
||||
include configs/security.conf;
|
||||
|
||||
server_name selfhost.zzls.xyz;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
|
||||
# QUIC
|
||||
include configs/http3.conf;
|
||||
|
||||
listen 443 ssl default_server;
|
||||
http2 on;
|
||||
include configs/ssl.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
if ($host = selfhost.zzls.xyz) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
listen 80;
|
||||
server_name selfhost.zzls.xyz;
|
||||
}
|
|
@ -1,5 +1,5 @@
|
|||
server {
|
||||
server_name spanixdev.zzls.xyz;
|
||||
server_name spanixdev.zzls.xyz spanixdev.nadeko.net;
|
||||
include configs/general.conf;
|
||||
include configs/security.conf;
|
||||
include configs/robotsNone.conf;
|
||||
|
@ -13,15 +13,22 @@ server {
|
|||
include configs/http3.conf;
|
||||
|
||||
listen 443 ssl;
|
||||
listen 443 quic;
|
||||
http2 on;
|
||||
include configs/ssl.conf;
|
||||
|
||||
}
|
||||
server {
|
||||
set $x "";
|
||||
if ($host = spanixdev.zzls.xyz) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($host = spanixdev.nadeko.net) {
|
||||
set $x 1;
|
||||
}
|
||||
if ($x = 1) {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
listen 80;
|
||||
server_name spanixdev.zzls.xyz;
|
||||
server_name spanixdev.zzls.xyz spanixdev.nadeko.net;
|
||||
return 404;
|
||||
}
|
||||
|
|
|
@ -1,4 +1,2 @@
|
|||
# Disable HTTP/3 for now.
|
||||
|
||||
#add_header Alt-Svc: h2=":443"; ma=2592000;
|
||||
#listen 443 quic;
|
||||
add_header Alt-Svc 'h3=":443"; ma=86400';
|
||||
listen 443 quic;
|
||||
|
|
|
@ -14,7 +14,10 @@ events {
|
|||
http {
|
||||
log_format limited '$remote_addr - $remote_user [$time_local] '
|
||||
'"$request_method /bogus $server_protocol" $status $body_bytes_sent '
|
||||
'"-" "Bogus/66.6"';
|
||||
'"-" "Bogus/66.6" - "$http_host"';
|
||||
log_format combined2 '$remote_addr - $remote_user [$time_local] '
|
||||
'"$request" $status $body_bytes_sent '
|
||||
'"$http_referer" "$http_user_agent" "$http_host"';
|
||||
access_log off;
|
||||
error_log /dev/null;
|
||||
disable_symlinks off;
|
||||
|
@ -65,5 +68,6 @@ http {
|
|||
include /etc/nginx/snippets/maps.conf;
|
||||
include /etc/nginx/snippets/poop.conf;
|
||||
|
||||
limit_conn_zone $binary_remote_addr zone=addr:10m;
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue