Initial nginx run 03/05
Signed-off-by: Georg <georg@lysergic.dev>
This commit is contained in:
parent
c9e34fd1e1
commit
247dc78649
|
|
@ -0,0 +1,31 @@
|
|||
server {
|
||||
listen 202.61.255.100:443 ssl http2;
|
||||
listen [2a03:4000:55:d1d::]:443 ssl http2;
|
||||
|
||||
server_name 3gy.de;
|
||||
|
||||
ssl_certificate /etc/ssl/mail/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/mail/private/privkey.pem;
|
||||
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
|
||||
ssl_session_tickets off;
|
||||
|
||||
ssl_protocols TLSv1.3;
|
||||
ssl_prefer_server_ciphers off;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
|
||||
ssl_trusted_certificate /etc/ssl/ca-bundle.pem;
|
||||
|
||||
resolver 172.168.100.2;
|
||||
|
||||
location / {
|
||||
root /srv/www/htdocs/3gy/;
|
||||
index index.html;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,34 @@
|
|||
server {
|
||||
listen 202.61.255.100:443 ssl http2;
|
||||
listen [2a03:4000:55:d1d::]:443 ssl http2;
|
||||
|
||||
server_name hugz.io up.hugz.io www.hugz.io;
|
||||
|
||||
ssl_certificate /etc/ssl/hugz/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/hugz/private/privkey.pem;
|
||||
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
|
||||
ssl_prefer_server_ciphers off;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
|
||||
error_page 403 /beauties-ip.html;
|
||||
location = /beauties-ip.html {
|
||||
root /srv/www/error;
|
||||
allow all;
|
||||
}
|
||||
|
||||
location / {
|
||||
proxy_pass http://192.168.0.120:8922;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-Host $host:$server_port;
|
||||
proxy_set_header X-Forwarded-Server $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
client_max_body_size 200M;
|
||||
types {} default_type "text/plain; charset=utf-8";
|
||||
deny 2a01:7e00::f03c:91ff:feae:d55;
|
||||
deny 176.58.107.169;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,31 @@
|
|||
server {
|
||||
listen 202.61.255.100:443 ssl http2;
|
||||
listen [2a03:4000:55:d1d::]:443 ssl http2;
|
||||
listen 192.168.0.120:443 ssl http2;
|
||||
|
||||
server_name party.lysergic.dev;
|
||||
|
||||
ssl_certificate /etc/ssl/lysergic/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/lysergic/private/privkey.pem;
|
||||
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
|
||||
ssl_session_tickets off;
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_prefer_server_ciphers off;
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
ssl_trusted_certificate /etc/ssl/ca-bundle.pem;
|
||||
resolver 127.0.0.4;
|
||||
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:8250;
|
||||
proxy_set_header X-Forwarded-Host $host:$server_port;
|
||||
}
|
||||
|
||||
location /jsxc {
|
||||
root /srv/www/jsxc.party;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,16 @@
|
|||
#server {
|
||||
# listen 202.61.255.100:80 default_server;
|
||||
#
|
||||
# root /srv/www/htdocs/default;
|
||||
# index index.html;
|
||||
#}
|
||||
server {
|
||||
listen 202.61.255.100:443 ssl http2 default_server;
|
||||
listen [2a03:4000:55:d1d::]:443 ssl http2 default_server;
|
||||
|
||||
root /srv/www/htdocs/default;
|
||||
index index.html;
|
||||
|
||||
ssl_certificate /etc/ssl/parking/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/parking/private/privkey.pem;
|
||||
}
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
server {
|
||||
listen 202.61.255.100:80;
|
||||
listen 192.168.0.120:80;
|
||||
server_name deploy.squirrelcube.xyz;
|
||||
root /srv/www/deploy;
|
||||
|
||||
location / {
|
||||
autoindex on;
|
||||
}
|
||||
|
||||
location /secret {
|
||||
auth_basic "Lysergic Deployment Services";
|
||||
auth_basic_user_file /etc/nginx/auth/deployment;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,27 @@
|
|||
server {
|
||||
listen 192.168.0.120:8084 ssl;
|
||||
server_name dnsui-local.secure.squirrelcube.xyz;
|
||||
root /mnt/gluster01/web/dnsui3/public_html;
|
||||
index init.php;
|
||||
|
||||
ssl_certificate /etc/ssl/tp/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/tp/private/privkey.pem;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ @php;
|
||||
auth_basic "NS1 Intranet";
|
||||
auth_basic_user_file /mnt/gluster01/web/auth/dnsui;
|
||||
}
|
||||
location @php {
|
||||
rewrite ^/(.*)$ /init.php/$1 last;
|
||||
auth_basic "NS1 Intranet";
|
||||
auth_basic_user_file /mnt/gluster01/web/auth/dnsui;
|
||||
}
|
||||
location /init.php {
|
||||
fastcgi_pass 172.168.100.3:9100;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
|
||||
auth_basic "NS1 Intranet";
|
||||
auth_basic_user_file /mnt/gluster01/web/auth/dnsui;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,6 @@
|
|||
server {
|
||||
listen 202.61.255.100:80 default_server;
|
||||
listen [2a03:4000:55:d1d::]:80 default_server;
|
||||
listen 81.16.18.137:80 default_server;
|
||||
return 302 https://$host$request_uri;
|
||||
}
|
||||
|
|
@ -0,0 +1,43 @@
|
|||
##
|
||||
## PRODUCTION CONFIG
|
||||
## Keycloak Frontend Load Balancer
|
||||
## Instance: selene
|
||||
##
|
||||
proxy_cache_path /tmp/NGINX_cache/ keys_zone=backcache:10m;
|
||||
|
||||
upstream jboss {
|
||||
ip_hash;
|
||||
server 192.168.0.110:8843;
|
||||
server 192.168.0.115:8843;
|
||||
server 192.168.0.120:8843;
|
||||
}
|
||||
server {
|
||||
listen 202.61.255.100:443 ssl http2;
|
||||
listen [2a03:4000:55:d1d::]:443 ssl http2;
|
||||
server_name sso.casa;
|
||||
|
||||
ssl_certificate /etc/ssl/libertacasa.net/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/libertacasa.net/private/privkey.pem;
|
||||
ssl_session_cache shared:SSL:1m;
|
||||
ssl_prefer_server_ciphers on;
|
||||
|
||||
#location = / {
|
||||
# return 302 /auth/;
|
||||
#}
|
||||
|
||||
location / {
|
||||
proxy_pass https://jboss;
|
||||
proxy_cache backcache;
|
||||
proxy_ssl_verify off;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
}
|
||||
proxy_buffer_size 256k;
|
||||
proxy_buffers 4 512k;
|
||||
proxy_busy_buffers_size 512k;
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
server {
|
||||
listen 192.168.0.120:80;
|
||||
root /srv/www/local;
|
||||
}
|
||||
|
|
@ -0,0 +1,124 @@
|
|||
server {
|
||||
listen 192.168.0.120:443 ssl http2;
|
||||
|
||||
server_name zz0.email;
|
||||
|
||||
ssl_certificate /etc/ssl/mail/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/mail/private/privkey.pem;
|
||||
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
|
||||
ssl_session_tickets off;
|
||||
|
||||
ssl_protocols TLSv1.3;
|
||||
ssl_prefer_server_ciphers off;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
|
||||
ssl_trusted_certificate /etc/ssl/ca-bundle.pem;
|
||||
|
||||
resolver 172.168.100.2;
|
||||
|
||||
location /Microsoft-Server-ActiveSync {
|
||||
proxy_pass http://127.0.0.2:8080/Microsoft-Server-ActiveSync;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_connect_timeout 75;
|
||||
proxy_send_timeout 3650;
|
||||
proxy_read_timeout 3650;
|
||||
proxy_buffers 64 256k;
|
||||
client_body_buffer_size 512k;
|
||||
client_max_body_size 0;
|
||||
}
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.2:8080/;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
client_max_body_size 0;
|
||||
}
|
||||
}
|
||||
server {
|
||||
listen 202.61.255.100:443 ssl http2;
|
||||
listen [2a03:4000:55:d1d::]:443 ssl http2;
|
||||
|
||||
server_name sogo.zz0.email zz0.email;
|
||||
|
||||
ssl_certificate /etc/ssl/mail/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/mail/private/privkey.pem;
|
||||
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
|
||||
ssl_session_tickets off;
|
||||
|
||||
ssl_protocols TLSv1.3;
|
||||
ssl_prefer_server_ciphers off;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
|
||||
ssl_trusted_certificate /etc/ssl/ca-bundle.pem;
|
||||
|
||||
resolver 172.168.100.2;
|
||||
|
||||
location / {
|
||||
return 302 /SOGo;
|
||||
}
|
||||
|
||||
location /SOGo {
|
||||
proxy_pass http://127.0.0.2:20000;
|
||||
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
|
||||
proxy_set_header x-webobjects-remote-host $remote_addr;
|
||||
proxy_set_header x-webobjects-server-name $server_name;
|
||||
proxy_set_header x-webobjects-server-url https://$http_host;
|
||||
proxy_set_header x-webobjects-server-port $server_port;
|
||||
proxy_send_timeout 3600;
|
||||
proxy_read_timeout 3600;
|
||||
client_body_buffer_size 128k;
|
||||
client_max_body_size 0;
|
||||
break;
|
||||
|
||||
}
|
||||
|
||||
|
||||
location /SOGo.woa/WebServerResources/ {
|
||||
alias /opt/GNUstep/SOGo/WebServerResources/;
|
||||
}
|
||||
|
||||
location /.woa/WebServerResources/ {
|
||||
alias /opt/GNUstep/SOGo/WebServerResources/;
|
||||
}
|
||||
|
||||
location /SOGo/WebServerResources/ {
|
||||
alias /opt/GNUstep/SOGo/WebServerResources/;
|
||||
}
|
||||
|
||||
location (^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$) {
|
||||
alias /opt/GNUstep/SOGo/$1.SOGo/Resources/$2;
|
||||
}
|
||||
|
||||
#trying to make / serve SOGo with no fuzz....
|
||||
# location /WebServerResources/ {
|
||||
# alias /opt/GNUstep/SOGo/WebServerResources/;
|
||||
# }
|
||||
|
||||
# location (^/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$) {
|
||||
# alias /opt/GNUstep/SOGo/$1.SOGo/Resources/$2;
|
||||
# }
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
|
@ -0,0 +1,71 @@
|
|||
server {
|
||||
server_name ts.lsd25.xyz;
|
||||
listen 202.61.255.100:443 ssl;
|
||||
listen [2a03:4000:55:d1d::]:443 ssl;
|
||||
|
||||
root /opt/matterbridge/tripsit/bridgemedia;
|
||||
|
||||
ssl_certificate /etc/ssl/lysergic/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/lysergic/private/privkey.pem;
|
||||
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:MozSSL:10m;
|
||||
ssl_session_tickets off;
|
||||
ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1;
|
||||
#ssl_ciphers
|
||||
#ssl_prefer_server_ciphers
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
#ssl_stapling on;
|
||||
#ssl_stapling_verify on;
|
||||
|
||||
location / {
|
||||
}
|
||||
}
|
||||
server {
|
||||
server_name lc.lsd25.xyz;
|
||||
listen 202.61.255.100:443 ssl;
|
||||
listen [2a03:4000:55:d1d::]:443 ssl;
|
||||
|
||||
root /opt/matterbridge/libertacasa/bridgemedia;
|
||||
|
||||
ssl_certificate /etc/ssl/lysergic/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/lysergic/private/privkey.pem;
|
||||
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:MozSSL:10m;
|
||||
ssl_session_tickets off;
|
||||
ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1;
|
||||
#ssl_ciphers
|
||||
#ssl_prefer_server_ciphers
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
#ssl_stapling on;
|
||||
#ssl_stapling_verify on;
|
||||
|
||||
location / {
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
server_name lsd.airforce;
|
||||
listen 202.61.255.100:443 ssl;
|
||||
listen [2a03:4000:55:d1d::]:443 ssl;
|
||||
|
||||
root /opt/matterbridge/tripsit/bridgemedia2;
|
||||
|
||||
ssl_certificate /etc/ssl/parking/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/parking/private/privkey.pem;
|
||||
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:MozSSL:10m;
|
||||
ssl_session_tickets off;
|
||||
ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1;
|
||||
#ssl_ciphers
|
||||
#ssl_prefer_server_ciphers
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
#ssl_stapling on;
|
||||
#ssl_stapling_verify on;
|
||||
|
||||
location / {
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -0,0 +1,15 @@
|
|||
server {
|
||||
listen 202.61.255.100:443 ssl http2;
|
||||
listen [2a03:4000:55:d1d::]:443 ssl http2;
|
||||
|
||||
server_name 3zy.de;
|
||||
|
||||
ssl_certificate /etc/ssl/3zy.de/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/3zy.de/private/privkey.pem;
|
||||
|
||||
location / {
|
||||
root /mnt/gluster01/mirror;
|
||||
fancyindex on;
|
||||
fancyindex_exact_size on;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,32 @@
|
|||
server {
|
||||
include listen01_80;
|
||||
include listen01_443;
|
||||
server_name armed.airforce drugs.airforce official.airforce *.armed.airforce *.drugs.airforce *.official.airforce;
|
||||
|
||||
root /srv/www/parking;
|
||||
index index.html;
|
||||
}
|
||||
server {
|
||||
include listen01_443;
|
||||
ssl_certificate /etc/ssl/parking/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/parking/private/privkey.pem;
|
||||
server_name libera.airforce libera.fail libera.wtf libera.fun libera.run *.libera.airforce *.libera.fail *.libera.wtf *.libera.fun *.libera.run zware.net *.zware.net wien.lol *.wien.lol freunde.eu *.freunde.eu schrak.com *.schrak.com angelamerkl.de dachundfa.ch multimillionai.re lsd.monster lsd-25.monster lsd25.monster naked.monster drugged.monster l0ve.io casey-neistat.com casey-neistat.xyz caseyneistat.us siemens.health clouded-cloud.com broadband-cloud.com fuckdress.fashion fuckdress.com amex.rest americanexpress.rest americanexpress.fun strong-chemicals.com mcdonalds.pw fantastrip.de *.fantastrip.de *.naked.monster *.drugged.monster *.dachundfa.ch *.l0ve.io *.casey-neistat.com *.casey-neistat.xyz *.caseyneistat.us *.siemens.health *.clouded-cloud.com *.broadband-cloud.com *.fuckdress.fashion *.fuckdress.com *.amex.rest *.americanexpress.fun;
|
||||
root /srv/www/parking;
|
||||
index index.html;
|
||||
}
|
||||
server {
|
||||
include listen01_80;
|
||||
server_name tripsit.at tripsit.eu tripsit.net *.tripsit.at *.tripsit.eu *.tripsit.net tripsit.pw *.tripsit.pw tripsit.biz *.tripsit.biz tripsit.army *.tripsit.army lsd.tips *.lsd.tips drugs.chat drug.chat lsd.chat lsd.help *.drugs.chat *.drug.chat *.lsd.chat *.lsd.help tripsit.chat *.tripsit.chat tripsit.buzz *.tripsit.buzz chat.lsd.tips tripsit.gay *.tripsit.gay tripsit.lgbt *.tripsit.lgbt tripsit.yoga *.tripsit.yoga lsd.fyi *.lsd.fyi lsd.dog *.lsd.dog lsd.ooo *.lsd.ooo chat.lsd.ooo tripsit.wiki www.tripsit.wiki tripsit.info www.tripsit.info tripsit.app *.tripsit.app;
|
||||
root /srv/www/parking;
|
||||
index index.html;
|
||||
}
|
||||
server {
|
||||
include listen01_443;
|
||||
server_name tripsit.at tripsit.eu tripsit.net *.tripsit.at *.tripsit.eu *.tripsit.net tripsit.pw *.tripsit.pw tripsit.biz *.tripsit.biz tripsit.army *.tripsit.army lsd.tips *.lsd.tips drugs.chat drug.chat lsd.chat lsd.help *.drugs.chat *.drug.chat *.lsd.chat *.lsd.help tripsit.chat *.tripsit.chat tripsit.buzz *.tripsit.buzz chat.lsd.tips tripsit.gay *.tripsit.gay tripsit.lgbt *.tripsit.lgbt tripsit.yoga *.tripsit.yoga lsd.fyi *.lsd.fyi lsd.dog *.lsd.dog lsd.ooo *.lsd.ooo chat.lsd.ooo tripsit.wiki www.tripsit.wiki tripsit.info www.tripsit.info tripsit.app *.tripsit.app;
|
||||
|
||||
ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
|
||||
root /srv/www/parking;
|
||||
index index.html;
|
||||
}
|
||||
|
|
@ -0,0 +1,26 @@
|
|||
server {
|
||||
include listen01_80;
|
||||
server_name psy.wiki www.psy.wiki;
|
||||
root /srv/www/parking/psy;
|
||||
index index.html;
|
||||
}
|
||||
server {
|
||||
include listen01_80;
|
||||
server_name ~^(?<subdomain>[\w-]+)\.psy\.wiki$;
|
||||
return 302 'https://psychonautwiki.org/wiki/?search=$subdomain';
|
||||
}
|
||||
server {
|
||||
include listen01_443;
|
||||
server_name psy.wiki www.psy.wiki;
|
||||
ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
root /srv/www/parking/psy;
|
||||
index index.html;
|
||||
}
|
||||
server {
|
||||
include listen01_443;
|
||||
server_name ~^(?<subdomain>[\w-]+)\.psy\.wiki$;
|
||||
ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
return 302 'https://psychonautwiki.org/wiki/?search=$subdomain';
|
||||
}
|
||||
|
|
@ -0,0 +1,11 @@
|
|||
server {
|
||||
include listen01_443;
|
||||
ssl_certificate /etc/ssl/parking/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/parking/private/privkey.pem;
|
||||
server_name pub.libera.fun;
|
||||
root /srv/www/pub;
|
||||
# index index.html;
|
||||
location / {
|
||||
autoindex on;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,59 @@
|
|||
server {
|
||||
listen 202.61.255.100:443 ssl http2;
|
||||
|
||||
server_name web.lib.radio.fm www.lib.radio.fm;
|
||||
|
||||
ssl_certificate /etc/ssl/radio/crt.crt;
|
||||
ssl_certificate_key /etc/ssl/radio/private/key.key;
|
||||
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
|
||||
ssl_session_tickets off;
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_prefer_server_ciphers off;
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
ssl_trusted_certificate /etc/ssl/ca-bundle.pem;
|
||||
resolver 127.0.0.4;
|
||||
|
||||
location / {
|
||||
root /srv/www/radio;
|
||||
index index.php;
|
||||
}
|
||||
|
||||
location ~ [^/]\.php(/|$) {
|
||||
root /srv/www/radio;
|
||||
index index.php;
|
||||
fastcgi_pass 172.168.100.3:9100;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME /srv/www/radio/$fastcgi_script_name;
|
||||
fastcgi_index index.php;
|
||||
}
|
||||
}
|
||||
server {
|
||||
listen 202.61.255.100:443 ssl http2;
|
||||
|
||||
server_name lib.radio.am web.lib.radio.am www.lib.radio.am;
|
||||
|
||||
ssl_certificate /etc/ssl/radio/crt.crt;
|
||||
ssl_certificate_key /etc/ssl/radio/private/key.key;
|
||||
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
|
||||
ssl_session_tickets off;
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_prefer_server_ciphers off;
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
ssl_trusted_certificate /etc/ssl/ca-bundle.pem;
|
||||
resolver 127.0.0.4;
|
||||
|
||||
location / {
|
||||
root /srv/www/icedrop-master;
|
||||
index index.html;
|
||||
add_header Access-Control-Allow-Origin '*' always;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -0,0 +1,173 @@
|
|||
#TRIPSIT
|
||||
#server {
|
||||
# include listen01_80;
|
||||
# server_name tripsit.at tripsit.eu tripsit.net *.tripsit.at *.tripsit.eu *.tripsit.net tripsit.pw *.tripsit.pw tripsit.biz *.tripsit.biz tripsit.army *.tripsit.army lsd.tips *.lsd.tips;
|
||||
# return 302 https://tripsit.me/;
|
||||
#}
|
||||
#server {
|
||||
# include listen01_80;
|
||||
# server_name drugs.chat drug.chat lsd.chat lsd.help *.drugs.chat *.drug.chat *.lsd.chat *.lsd.help tripsit.chat *.tripsit.chat tripsit.buzz *.tripsit.buzz chat.lsd.tips;
|
||||
# return 302 https://chat.tripsit.me/;
|
||||
#}
|
||||
#server {
|
||||
# include listen01_80;
|
||||
# server_name tripsit.gay *.tripsit.gay tripsit.lgbt *.tripsit.lgbt;
|
||||
# return 302 'https://chat.tripsit.me/chat/##LGBT';
|
||||
#}
|
||||
#server {
|
||||
# include listen01_80;
|
||||
# server_name tripsit.yoga *.tripsit.yoga;
|
||||
# return 302 'https://chat.tripsit.me/chat/#meditation';
|
||||
#}
|
||||
#server {
|
||||
# include listen01_443;
|
||||
# server_name tripsit.at tripsit.eu tripsit.net *.tripsit.at *.tripsit.eu *.tripsit.net tripsit.pw *.tripsit.pw tripsit.biz *.tripsit.biz tripsit.army *.tripsit.army lsd.tips *.lsd.tips;
|
||||
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
# return 302 https://tripsit.me/;
|
||||
#}
|
||||
#server {
|
||||
# include listen01_443;
|
||||
# server_name drugs.chat drug.chat lsd.chat lsd.help *.drugs.chat *.drug.chat *.lsd.chat *.lsd.help tripsit.chat *.tripsit.chat tripsit.buzz *.tripsit.buzz chat.lsd.tips;
|
||||
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
# return 302 https://chat.tripsit.me/;
|
||||
#}
|
||||
#server {
|
||||
# include listen01_443;
|
||||
#
|
||||
# server_name tripsit.gay *.tripsit.gay tripsit.lgbt *.tripsit.lgbt;
|
||||
#
|
||||
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
#
|
||||
# return 302 'https://chat.tripsit.me/chat/##LGBT';
|
||||
#}
|
||||
#server {
|
||||
# include listen01_443;
|
||||
# server_name tripsit.yoga *.tripsit.yoga;
|
||||
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
# return 302 'https://chat.tripsit.me/chat/#meditation';
|
||||
#}
|
||||
#
|
||||
#server {
|
||||
# include listen01_80;
|
||||
# server_name lsd.fyi *.lsd.fyi lsd.dog *.lsd.dog lsd.ooo *.lsd.ooo;
|
||||
# return 302 https://drugs.tripsit.me/lsd;
|
||||
#}
|
||||
#server {
|
||||
# include listen01_80;
|
||||
# server_name chat.lsd.ooo;
|
||||
# return 302 'https://chat.tripsit.me/chat/#sanctuary';
|
||||
#}
|
||||
#server {
|
||||
# include listen01_443;
|
||||
# server_name chat.lsd.ooo;
|
||||
# return 302 'https://chat.tripsit.me/chat/#sanctuary';
|
||||
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
#}
|
||||
#server {
|
||||
# include listen01_443;
|
||||
# server_name lsd.fyi *.lsd.fyi lsd.dog *.lsd.dog lsd.ooo *.lsd.ooo;
|
||||
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
# return 302 https://drugs.tripsit.me/lsd;
|
||||
#}
|
||||
#server {
|
||||
# include listen01_80;
|
||||
# server_name tripsit.wiki www.tripsit.wiki;
|
||||
# return 302 https://wiki.tripsit.me/;
|
||||
#}
|
||||
#server {
|
||||
# include listen01_80;
|
||||
# server_name ~^(?<subdomain>[\w-]+)\.tripsit\.wiki$;
|
||||
# return 302 'https://wiki.tripsit.me/wiki/?search=$subdomain';
|
||||
#}
|
||||
#server {
|
||||
# include listen01_443;
|
||||
# server_name tripsit.wiki www.tripsit.wiki;
|
||||
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
# return 302 https://wiki.tripsit.me/;
|
||||
#}
|
||||
#server {
|
||||
# include listen01_443;
|
||||
# server_name ~^(?<subdomain>[\w-]+)\.tripsit\.wiki$;
|
||||
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
# return 302 'https://wiki.tripsit.me/wiki/?search=$subdomain';
|
||||
#}
|
||||
#server {
|
||||
# include listen01_80;
|
||||
# server_name tripsit.info www.tripsit.info;
|
||||
# return 302 https://drugs.tripsit.me/;
|
||||
#}
|
||||
#server {
|
||||
# include listen01_80;
|
||||
# server_name ~^(?<subdomain>[\w-]+)\.tripsit\.info$;
|
||||
# return 302 'https://drugs.tripsit.me/$subdomain';
|
||||
#}
|
||||
#server {
|
||||
# include listen01_443;
|
||||
# server_name tripsit.info www.tripsit.info;
|
||||
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
# return 302 https://drugs.tripsit.me/;
|
||||
#}
|
||||
#server {
|
||||
# include listen01_443;
|
||||
# server_name ~^(?<subdomain>[\w-]+)\.tripsit\.info$;
|
||||
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
# return 302 'https://drugs.tripsit.me/$subdomain';
|
||||
#}
|
||||
#server {
|
||||
# include listen01_80;
|
||||
# server_name tripsit.app *.tripsit.app;
|
||||
# return 302 'https://play.google.com/store/apps/details?id=me.tripsit.tripmobile';
|
||||
#}
|
||||
#server {
|
||||
# include listen01_443;
|
||||
# server_name tripsit.app *.tripsit.app;
|
||||
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
# return 302 'https://play.google.com/store/apps/details?id=me.tripsit.tripmobile';
|
||||
#}
|
||||
server {
|
||||
include listen01_80;
|
||||
server_name tripsit.email;
|
||||
root /srv/www/error;
|
||||
index beauties-ip.html;
|
||||
# return 302 https://mail.tripsit.dev/SOGo/;
|
||||
}
|
||||
server {
|
||||
include listen01_443;
|
||||
server_name tripsit.email;
|
||||
ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
root /srv/www/error;
|
||||
index beauties-ip.html;
|
||||
# return 302 https://mail.tripsit.dev/SOGo/;
|
||||
}
|
||||
|
||||
|
||||
#LIBERTACASA
|
||||
server {
|
||||
include listen01_80;
|
||||
|
||||
server_name liberta.network libera.network libera.wiki libera.gay libera.casa *.liberta.network *.libera.network *.libera.wiki *.libera.gay *.libera.casa libera.world libera.love libera.lol libera.guru *.libera.world *.libera.love *.libera.lol *.libera.guru libera.monster *.libera.monster;
|
||||
|
||||
return 302 https://liberta.casa/;
|
||||
}
|
||||
server {
|
||||
include listen01_443;
|
||||
|
||||
server_name liberta.network libera.network libera.wiki libera.gay libera.casa *.liberta.network *.libera.network *.libera.wiki *.libera.gay *.libera.casa libera.world libera.love libera.lol libera.guru *.libera.world *.libera.love *.libera.lol *.libera.guru libera.monster *.libera.monster git.casa *.git.casa;
|
||||
|
||||
ssl_certificate /etc/ssl/parking/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/parking/private/privkey.pem;
|
||||
|
||||
return 302 https://liberta.casa/;
|
||||
}
|
||||
|
|
@ -0,0 +1,27 @@
|
|||
server {
|
||||
server_name tp.3gy.de three.tp.3gy.de *.three.secure.squirrelcube.xyz;
|
||||
listen 202.61.255.100:443 ssl;
|
||||
listen [2a03:4000:55:d1d::]:443 ssl;
|
||||
|
||||
ssl_certificate /etc/ssl/tp/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/tp/private/privkey.pem;
|
||||
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:MozSSL:10m;
|
||||
ssl_session_tickets off;
|
||||
ssl_protocols TLSv1.3;
|
||||
#ssl_ciphers
|
||||
#ssl_prefer_server_ciphers
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
|
||||
location / {
|
||||
proxy_pass https://[::1]:3080/;
|
||||
proxy_ssl_verify off;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_read_timeout 3600;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,44 @@
|
|||
server {
|
||||
listen 202.61.255.100:443 ssl http2;
|
||||
listen [2a03:4000:55:d1d::]:443 ssl http2;
|
||||
|
||||
server_name vdi.three.secure.squirrelcube.xyz;
|
||||
|
||||
ssl_certificate /etc/ssl/tp/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/tp/private/privkey.pem;
|
||||
|
||||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
|
||||
ssl_session_tickets off;
|
||||
|
||||
ssl_protocols TLSv1.3;
|
||||
ssl_prefer_server_ciphers off;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
|
||||
ssl_trusted_certificate /etc/ssl/ca-bundle.pem;
|
||||
|
||||
resolver 172.168.100.2;
|
||||
|
||||
location / {
|
||||
proxy_pass https://127.0.0.1:4435;
|
||||
proxy_ssl_verify off;
|
||||
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
|
||||
proxy_set_header x-webobjects-remote-host $remote_addr;
|
||||
proxy_set_header x-webobjects-server-name $server_name;
|
||||
proxy_set_header x-webobjects-server-url https://$http_host;
|
||||
proxy_set_header x-webobjects-server-port $server_port;
|
||||
proxy_send_timeout 3600;
|
||||
proxy_read_timeout 3600;
|
||||
client_body_buffer_size 128k;
|
||||
client_max_body_size 0;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -0,0 +1,30 @@
|
|||
include php-fpm;
|
||||
|
||||
server {
|
||||
server_name vizzare.com www.vizzare.com;
|
||||
listen 202.61.255.100:443 ssl;
|
||||
listen [2a03:4000:55:d1d::]:443 ssl;
|
||||
root /mnt/gluster01/web/vizzare;
|
||||
index index.php;
|
||||
|
||||
ssl_certificate /etc/ssl/vizzare/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/vizzare/private/privkey.pem;
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ /index.php?$args;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
include fastcgi_params;
|
||||
fastcgi_intercept_errors on;
|
||||
fastcgi_pass php-fpm;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
}
|
||||
|
||||
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
|
||||
expires max;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
server {
|
||||
listen 202.61.255.100:443 ssl http2;
|
||||
listen [2a03:4000:55:d1d::]:443 ssl http2;
|
||||
server_name znc.lsd.dog;
|
||||
ssl_certificate /etc/ssl/drugs/fullchain.pem;
|
||||
ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
|
||||
ssl_protocols TLSv1.1 TLSv1.2;
|
||||
ssl_ciphers HIGH:!aNULL:!MD5;
|
||||
# ssl_session_cache shared:SSL:10m;
|
||||
ssl_session_timeout 1d;
|
||||
large_client_header_buffers 4 32k;
|
||||
location / {
|
||||
proxy_pass http://[::1]:54658;
|
||||
proxy_set_header X-Forwarded-Host \$host;
|
||||
proxy_set_header X-Forwarded-Server \$host;
|
||||
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue