LibertaCasa/system
9
0
Fork 0
Code Issues 3 Pull Requests Projects Releases Wiki Activity

Initial nginx run 03/05

Browse Source 
Signed-off-by: Georg <georg@lysergic.dev>
This commit is contained in:
Georg Pfuetzenreuter 2021-08-30 20:57:05 +02:00
parent aea3a1cc60
commit 4048b8c556
Signed by: Georg
GPG Key ID: 1DAF57F49F8E8F22
21 changed files with 837 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
nginx/03/3gy.conf Normal file
View File

@ -0,0 +1,31 @@
server {
listen 202.61.255.100:443 ssl http2;
listen [2a03:4000:55:d1d::]:443 ssl http2;
server_name 3gy.de;
ssl_certificate /etc/ssl/mail/fullchain.pem;
ssl_certificate_key /etc/ssl/mail/private/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=63072000" always;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/ssl/ca-bundle.pem;
resolver 172.168.100.2;
location / {
root /srv/www/htdocs/3gy/;
index index.html;
}
}

34
nginx/03/beauties.conf Normal file
View File

@ -0,0 +1,34 @@
server {
listen 202.61.255.100:443 ssl http2;
listen [2a03:4000:55:d1d::]:443 ssl http2;
server_name hugz.io up.hugz.io www.hugz.io;
ssl_certificate /etc/ssl/hugz/fullchain.pem;
ssl_certificate_key /etc/ssl/hugz/private/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=63072000" always;
error_page 403 /beauties-ip.html;
location = /beauties-ip.html {
root /srv/www/error;
allow all;
}
location / {
proxy_pass http://192.168.0.120:8922;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 200M;
types {} default_type "text/plain; charset=utf-8";
deny 2a01:7e00::f03c:91ff:feae:d55;
deny 176.58.107.169;
}
}

31
nginx/03/cytube.conf Normal file
View File

@ -0,0 +1,31 @@
server {
listen 202.61.255.100:443 ssl http2;
listen [2a03:4000:55:d1d::]:443 ssl http2;
listen 192.168.0.120:443 ssl http2;
server_name party.lysergic.dev;
ssl_certificate /etc/ssl/lysergic/fullchain.pem;
ssl_certificate_key /etc/ssl/lysergic/private/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=63072000" always;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/ssl/ca-bundle.pem;
resolver 127.0.0.4;
location / {
proxy_pass http://127.0.0.1:8250;
proxy_set_header X-Forwarded-Host $host:$server_port;
}
location /jsxc {
root /srv/www/jsxc.party;
}
}

16
nginx/03/default.conf Normal file
View File

@ -0,0 +1,16 @@
#server {
# listen 202.61.255.100:80 default_server;
#
# root /srv/www/htdocs/default;
# index index.html;
#}
server {
listen 202.61.255.100:443 ssl http2 default_server;
listen [2a03:4000:55:d1d::]:443 ssl http2 default_server;
root /srv/www/htdocs/default;
index index.html;
ssl_certificate /etc/ssl/parking/fullchain.pem;
ssl_certificate_key /etc/ssl/parking/private/privkey.pem;
}

15
nginx/03/deploy.conf Normal file
View File

@ -0,0 +1,15 @@
server {
listen 202.61.255.100:80;
listen 192.168.0.120:80;
server_name deploy.squirrelcube.xyz;
root /srv/www/deploy;
location / {
autoindex on;
}
location /secret {
auth_basic "Lysergic Deployment Services";
auth_basic_user_file /etc/nginx/auth/deployment;
}
}

27
nginx/03/dnsui.conf Normal file
View File

@ -0,0 +1,27 @@
server {
listen 192.168.0.120:8084 ssl;
server_name dnsui-local.secure.squirrelcube.xyz;
root /mnt/gluster01/web/dnsui3/public_html;
index init.php;
ssl_certificate /etc/ssl/tp/fullchain.pem;
ssl_certificate_key /etc/ssl/tp/private/privkey.pem;
location / {
try_files $uri $uri/ @php;
auth_basic "NS1 Intranet";
auth_basic_user_file /mnt/gluster01/web/auth/dnsui;
}
location @php {
rewrite ^/(.*)$ /init.php/$1 last;
auth_basic "NS1 Intranet";
auth_basic_user_file /mnt/gluster01/web/auth/dnsui;
}
location /init.php {
fastcgi_pass 172.168.100.3:9100;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
auth_basic "NS1 Intranet";
auth_basic_user_file /mnt/gluster01/web/auth/dnsui;
}
}

6
nginx/03/http.conf Normal file
View File

@ -0,0 +1,6 @@
server {
listen 202.61.255.100:80 default_server;
listen [2a03:4000:55:d1d::]:80 default_server;
listen 81.16.18.137:80 default_server;
return 302 https://$host$request_uri;
}

43
nginx/03/keycloak.conf Normal file
View File

@ -0,0 +1,43 @@
##
## PRODUCTION CONFIG
## Keycloak Frontend Load Balancer
## Instance: selene
##
proxy_cache_path /tmp/NGINX_cache/ keys_zone=backcache:10m;
upstream jboss {
ip_hash;
server 192.168.0.110:8843;
server 192.168.0.115:8843;
server 192.168.0.120:8843;
}
server {
listen 202.61.255.100:443 ssl http2;
listen [2a03:4000:55:d1d::]:443 ssl http2;
server_name sso.casa;
ssl_certificate /etc/ssl/libertacasa.net/fullchain.pem;
ssl_certificate_key /etc/ssl/libertacasa.net/private/privkey.pem;
ssl_session_cache shared:SSL:1m;
ssl_prefer_server_ciphers on;
#location = / {
# return 302 /auth/;
#}
location / {
proxy_pass https://jboss;
proxy_cache backcache;
proxy_ssl_verify off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
proxy_buffer_size 256k;
proxy_buffers 4 512k;
proxy_busy_buffers_size 512k;
}

4
nginx/03/local.conf Normal file
View File

@ -0,0 +1,4 @@
server {
listen 192.168.0.120:80;
root /srv/www/local;
}

124
nginx/03/mail.conf Normal file
View File

@ -0,0 +1,124 @@
server {
listen 192.168.0.120:443 ssl http2;
server_name zz0.email;
ssl_certificate /etc/ssl/mail/fullchain.pem;
ssl_certificate_key /etc/ssl/mail/private/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=63072000" always;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/ssl/ca-bundle.pem;
resolver 172.168.100.2;
location /Microsoft-Server-ActiveSync {
proxy_pass http://127.0.0.2:8080/Microsoft-Server-ActiveSync;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 75;
proxy_send_timeout 3650;
proxy_read_timeout 3650;
proxy_buffers 64 256k;
client_body_buffer_size 512k;
client_max_body_size 0;
}
location / {
proxy_pass http://127.0.0.2:8080/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 0;
}
}
server {
listen 202.61.255.100:443 ssl http2;
listen [2a03:4000:55:d1d::]:443 ssl http2;
server_name sogo.zz0.email zz0.email;
ssl_certificate /etc/ssl/mail/fullchain.pem;
ssl_certificate_key /etc/ssl/mail/private/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=63072000" always;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/ssl/ca-bundle.pem;
resolver 172.168.100.2;
location / {
return 302 /SOGo;
}
location /SOGo {
proxy_pass http://127.0.0.2:20000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
proxy_set_header x-webobjects-remote-host $remote_addr;
proxy_set_header x-webobjects-server-name $server_name;
proxy_set_header x-webobjects-server-url https://$http_host;
proxy_set_header x-webobjects-server-port $server_port;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
client_body_buffer_size 128k;
client_max_body_size 0;
break;
}
location /SOGo.woa/WebServerResources/ {
alias /opt/GNUstep/SOGo/WebServerResources/;
}
location /.woa/WebServerResources/ {
alias /opt/GNUstep/SOGo/WebServerResources/;
}
location /SOGo/WebServerResources/ {
alias /opt/GNUstep/SOGo/WebServerResources/;
}
location (^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$) {
alias /opt/GNUstep/SOGo/$1.SOGo/Resources/$2;
}
#trying to make / serve SOGo with no fuzz....
# location /WebServerResources/ {
# alias /opt/GNUstep/SOGo/WebServerResources/;
# }
# location (^/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$) {
# alias /opt/GNUstep/SOGo/$1.SOGo/Resources/$2;
# }
}

71
nginx/03/matterbridge.conf Normal file
View File

@ -0,0 +1,71 @@
server {
server_name ts.lsd25.xyz;
listen 202.61.255.100:443 ssl;
listen [2a03:4000:55:d1d::]:443 ssl;
root /opt/matterbridge/tripsit/bridgemedia;
ssl_certificate /etc/ssl/lysergic/fullchain.pem;
ssl_certificate_key /etc/ssl/lysergic/private/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1;
#ssl_ciphers
#ssl_prefer_server_ciphers
add_header Strict-Transport-Security "max-age=63072000" always;
#ssl_stapling on;
#ssl_stapling_verify on;
location / {
}
}
server {
server_name lc.lsd25.xyz;
listen 202.61.255.100:443 ssl;
listen [2a03:4000:55:d1d::]:443 ssl;
root /opt/matterbridge/libertacasa/bridgemedia;
ssl_certificate /etc/ssl/lysergic/fullchain.pem;
ssl_certificate_key /etc/ssl/lysergic/private/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1;
#ssl_ciphers
#ssl_prefer_server_ciphers
add_header Strict-Transport-Security "max-age=63072000" always;
#ssl_stapling on;
#ssl_stapling_verify on;
location / {
}
}
server {
server_name lsd.airforce;
listen 202.61.255.100:443 ssl;
listen [2a03:4000:55:d1d::]:443 ssl;
root /opt/matterbridge/tripsit/bridgemedia2;
ssl_certificate /etc/ssl/parking/fullchain.pem;
ssl_certificate_key /etc/ssl/parking/private/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1;
#ssl_ciphers
#ssl_prefer_server_ciphers
add_header Strict-Transport-Security "max-age=63072000" always;
#ssl_stapling on;
#ssl_stapling_verify on;
location / {
}
}

15
nginx/03/mirror.conf Normal file
View File

@ -0,0 +1,15 @@
server {
listen 202.61.255.100:443 ssl http2;
listen [2a03:4000:55:d1d::]:443 ssl http2;
server_name 3zy.de;
ssl_certificate /etc/ssl/3zy.de/fullchain.pem;
ssl_certificate_key /etc/ssl/3zy.de/private/privkey.pem;
location / {
root /mnt/gluster01/mirror;
fancyindex on;
fancyindex_exact_size on;
}
}

32
nginx/03/parking.conf Normal file
View File

@ -0,0 +1,32 @@
server {
include listen01_80;
include listen01_443;
server_name armed.airforce drugs.airforce official.airforce *.armed.airforce *.drugs.airforce *.official.airforce;
root /srv/www/parking;
index index.html;
}
server {
include listen01_443;
ssl_certificate /etc/ssl/parking/fullchain.pem;
ssl_certificate_key /etc/ssl/parking/private/privkey.pem;
server_name libera.airforce libera.fail libera.wtf libera.fun libera.run *.libera.airforce *.libera.fail *.libera.wtf *.libera.fun *.libera.run zware.net *.zware.net wien.lol *.wien.lol freunde.eu *.freunde.eu schrak.com *.schrak.com angelamerkl.de dachundfa.ch multimillionai.re lsd.monster lsd-25.monster lsd25.monster naked.monster drugged.monster l0ve.io casey-neistat.com casey-neistat.xyz caseyneistat.us siemens.health clouded-cloud.com broadband-cloud.com fuckdress.fashion fuckdress.com amex.rest americanexpress.rest americanexpress.fun strong-chemicals.com mcdonalds.pw fantastrip.de *.fantastrip.de *.naked.monster *.drugged.monster *.dachundfa.ch *.l0ve.io *.casey-neistat.com *.casey-neistat.xyz *.caseyneistat.us *.siemens.health *.clouded-cloud.com *.broadband-cloud.com *.fuckdress.fashion *.fuckdress.com *.amex.rest *.americanexpress.fun;
root /srv/www/parking;
index index.html;
}
server {
include listen01_80;
server_name tripsit.at tripsit.eu tripsit.net *.tripsit.at *.tripsit.eu *.tripsit.net tripsit.pw *.tripsit.pw tripsit.biz *.tripsit.biz tripsit.army *.tripsit.army lsd.tips *.lsd.tips drugs.chat drug.chat lsd.chat lsd.help *.drugs.chat *.drug.chat *.lsd.chat *.lsd.help tripsit.chat *.tripsit.chat tripsit.buzz *.tripsit.buzz chat.lsd.tips tripsit.gay *.tripsit.gay tripsit.lgbt *.tripsit.lgbt tripsit.yoga *.tripsit.yoga lsd.fyi *.lsd.fyi lsd.dog *.lsd.dog lsd.ooo *.lsd.ooo chat.lsd.ooo tripsit.wiki www.tripsit.wiki tripsit.info www.tripsit.info tripsit.app *.tripsit.app;
root /srv/www/parking;
index index.html;
}
server {
include listen01_443;
server_name tripsit.at tripsit.eu tripsit.net *.tripsit.at *.tripsit.eu *.tripsit.net tripsit.pw *.tripsit.pw tripsit.biz *.tripsit.biz tripsit.army *.tripsit.army lsd.tips *.lsd.tips drugs.chat drug.chat lsd.chat lsd.help *.drugs.chat *.drug.chat *.lsd.chat *.lsd.help tripsit.chat *.tripsit.chat tripsit.buzz *.tripsit.buzz chat.lsd.tips tripsit.gay *.tripsit.gay tripsit.lgbt *.tripsit.lgbt tripsit.yoga *.tripsit.yoga lsd.fyi *.lsd.fyi lsd.dog *.lsd.dog lsd.ooo *.lsd.ooo chat.lsd.ooo tripsit.wiki www.tripsit.wiki tripsit.info www.tripsit.info tripsit.app *.tripsit.app;
ssl_certificate /etc/ssl/drugs/fullchain.pem;
ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
root /srv/www/parking;
index index.html;
}

26
nginx/03/psy.conf Normal file
View File

@ -0,0 +1,26 @@
server {
include listen01_80;
server_name psy.wiki www.psy.wiki;
root /srv/www/parking/psy;
index index.html;
}
server {
include listen01_80;
server_name ~^(?<subdomain>[\w-]+)\.psy\.wiki$;
return 302 'https://psychonautwiki.org/wiki/?search=$subdomain';
}
server {
include listen01_443;
server_name psy.wiki www.psy.wiki;
ssl_certificate /etc/ssl/drugs/fullchain.pem;
ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
root /srv/www/parking/psy;
index index.html;
}
server {
include listen01_443;
server_name ~^(?<subdomain>[\w-]+)\.psy\.wiki$;
ssl_certificate /etc/ssl/drugs/fullchain.pem;
ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
return 302 'https://psychonautwiki.org/wiki/?search=$subdomain';
}

11
nginx/03/pub.conf Normal file
View File

@ -0,0 +1,11 @@
server {
include listen01_443;
ssl_certificate /etc/ssl/parking/fullchain.pem;
ssl_certificate_key /etc/ssl/parking/private/privkey.pem;
server_name pub.libera.fun;
root /srv/www/pub;
# index index.html;
location / {
autoindex on;
}
}

59
nginx/03/radio.conf Normal file
View File

@ -0,0 +1,59 @@
server {
listen 202.61.255.100:443 ssl http2;
server_name web.lib.radio.fm www.lib.radio.fm;
ssl_certificate /etc/ssl/radio/crt.crt;
ssl_certificate_key /etc/ssl/radio/private/key.key;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=63072000" always;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/ssl/ca-bundle.pem;
resolver 127.0.0.4;
location / {
root /srv/www/radio;
index index.php;
}
location ~ [^/]\.php(/|$) {
root /srv/www/radio;
index index.php;
fastcgi_pass 172.168.100.3:9100;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /srv/www/radio/$fastcgi_script_name;
fastcgi_index index.php;
}
}
server {
listen 202.61.255.100:443 ssl http2;
server_name lib.radio.am web.lib.radio.am www.lib.radio.am;
ssl_certificate /etc/ssl/radio/crt.crt;
ssl_certificate_key /etc/ssl/radio/private/key.key;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=63072000" always;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/ssl/ca-bundle.pem;
resolver 127.0.0.4;
location / {
root /srv/www/icedrop-master;
index index.html;
add_header Access-Control-Allow-Origin '*' always;
}
}

173
nginx/03/redirects.conf Normal file
View File

@ -0,0 +1,173 @@
#TRIPSIT
#server {
# include listen01_80;
# server_name tripsit.at tripsit.eu tripsit.net *.tripsit.at *.tripsit.eu *.tripsit.net tripsit.pw *.tripsit.pw tripsit.biz *.tripsit.biz tripsit.army *.tripsit.army lsd.tips *.lsd.tips;
# return 302 https://tripsit.me/;
#}
#server {
# include listen01_80;
# server_name drugs.chat drug.chat lsd.chat lsd.help *.drugs.chat *.drug.chat *.lsd.chat *.lsd.help tripsit.chat *.tripsit.chat tripsit.buzz *.tripsit.buzz chat.lsd.tips;
# return 302 https://chat.tripsit.me/;
#}
#server {
# include listen01_80;
# server_name tripsit.gay *.tripsit.gay tripsit.lgbt *.tripsit.lgbt;
# return 302 'https://chat.tripsit.me/chat/##LGBT';
#}
#server {
# include listen01_80;
# server_name tripsit.yoga *.tripsit.yoga;
# return 302 'https://chat.tripsit.me/chat/#meditation';
#}
#server {
# include listen01_443;
# server_name tripsit.at tripsit.eu tripsit.net *.tripsit.at *.tripsit.eu *.tripsit.net tripsit.pw *.tripsit.pw tripsit.biz *.tripsit.biz tripsit.army *.tripsit.army lsd.tips *.lsd.tips;
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
# return 302 https://tripsit.me/;
#}
#server {
# include listen01_443;
# server_name drugs.chat drug.chat lsd.chat lsd.help *.drugs.chat *.drug.chat *.lsd.chat *.lsd.help tripsit.chat *.tripsit.chat tripsit.buzz *.tripsit.buzz chat.lsd.tips;
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
# return 302 https://chat.tripsit.me/;
#}
#server {
# include listen01_443;
#
# server_name tripsit.gay *.tripsit.gay tripsit.lgbt *.tripsit.lgbt;
#
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
#
# return 302 'https://chat.tripsit.me/chat/##LGBT';
#}
#server {
# include listen01_443;
# server_name tripsit.yoga *.tripsit.yoga;
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
# return 302 'https://chat.tripsit.me/chat/#meditation';
#}
#
#server {
# include listen01_80;
# server_name lsd.fyi *.lsd.fyi lsd.dog *.lsd.dog lsd.ooo *.lsd.ooo;
# return 302 https://drugs.tripsit.me/lsd;
#}
#server {
# include listen01_80;
# server_name chat.lsd.ooo;
# return 302 'https://chat.tripsit.me/chat/#sanctuary';
#}
#server {
# include listen01_443;
# server_name chat.lsd.ooo;
# return 302 'https://chat.tripsit.me/chat/#sanctuary';
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
#}
#server {
# include listen01_443;
# server_name lsd.fyi *.lsd.fyi lsd.dog *.lsd.dog lsd.ooo *.lsd.ooo;
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
# return 302 https://drugs.tripsit.me/lsd;
#}
#server {
# include listen01_80;
# server_name tripsit.wiki www.tripsit.wiki;
# return 302 https://wiki.tripsit.me/;
#}
#server {
# include listen01_80;
# server_name ~^(?<subdomain>[\w-]+)\.tripsit\.wiki$;
# return 302 'https://wiki.tripsit.me/wiki/?search=$subdomain';
#}
#server {
# include listen01_443;
# server_name tripsit.wiki www.tripsit.wiki;
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
# return 302 https://wiki.tripsit.me/;
#}
#server {
# include listen01_443;
# server_name ~^(?<subdomain>[\w-]+)\.tripsit\.wiki$;
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
# return 302 'https://wiki.tripsit.me/wiki/?search=$subdomain';
#}
#server {
# include listen01_80;
# server_name tripsit.info www.tripsit.info;
# return 302 https://drugs.tripsit.me/;
#}
#server {
# include listen01_80;
# server_name ~^(?<subdomain>[\w-]+)\.tripsit\.info$;
# return 302 'https://drugs.tripsit.me/$subdomain';
#}
#server {
# include listen01_443;
# server_name tripsit.info www.tripsit.info;
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
# return 302 https://drugs.tripsit.me/;
#}
#server {
# include listen01_443;
# server_name ~^(?<subdomain>[\w-]+)\.tripsit\.info$;
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
# return 302 'https://drugs.tripsit.me/$subdomain';
#}
#server {
# include listen01_80;
# server_name tripsit.app *.tripsit.app;
# return 302 'https://play.google.com/store/apps/details?id=me.tripsit.tripmobile';
#}
#server {
# include listen01_443;
# server_name tripsit.app *.tripsit.app;
# ssl_certificate /etc/ssl/drugs/fullchain.pem;
# ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
# return 302 'https://play.google.com/store/apps/details?id=me.tripsit.tripmobile';
#}
server {
include listen01_80;
server_name tripsit.email;
root /srv/www/error;
index beauties-ip.html;
# return 302 https://mail.tripsit.dev/SOGo/;
}
server {
include listen01_443;
server_name tripsit.email;
ssl_certificate /etc/ssl/drugs/fullchain.pem;
ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
root /srv/www/error;
index beauties-ip.html;
# return 302 https://mail.tripsit.dev/SOGo/;
}
#LIBERTACASA
server {
include listen01_80;
server_name liberta.network libera.network libera.wiki libera.gay libera.casa *.liberta.network *.libera.network *.libera.wiki *.libera.gay *.libera.casa libera.world libera.love libera.lol libera.guru *.libera.world *.libera.love *.libera.lol *.libera.guru libera.monster *.libera.monster;
return 302 https://liberta.casa/;
}
server {
include listen01_443;
server_name liberta.network libera.network libera.wiki libera.gay libera.casa *.liberta.network *.libera.network *.libera.wiki *.libera.gay *.libera.casa libera.world libera.love libera.lol libera.guru *.libera.world *.libera.love *.libera.lol *.libera.guru libera.monster *.libera.monster git.casa *.git.casa;
ssl_certificate /etc/ssl/parking/fullchain.pem;
ssl_certificate_key /etc/ssl/parking/private/privkey.pem;
return 302 https://liberta.casa/;
}

27
nginx/03/tp.3gy.de.conf Normal file
View File

@ -0,0 +1,27 @@
server {
server_name tp.3gy.de three.tp.3gy.de *.three.secure.squirrelcube.xyz;
listen 202.61.255.100:443 ssl;
listen [2a03:4000:55:d1d::]:443 ssl;
ssl_certificate /etc/ssl/tp/fullchain.pem;
ssl_certificate_key /etc/ssl/tp/private/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.3;
#ssl_ciphers
#ssl_prefer_server_ciphers
add_header Strict-Transport-Security "max-age=63072000" always;
ssl_stapling on;
ssl_stapling_verify on;
location / {
proxy_pass https://[::1]:3080/;
proxy_ssl_verify off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_read_timeout 3600;
}
}

44
nginx/03/vdi.conf Normal file
View File

@ -0,0 +1,44 @@
server {
listen 202.61.255.100:443 ssl http2;
listen [2a03:4000:55:d1d::]:443 ssl http2;
server_name vdi.three.secure.squirrelcube.xyz;
ssl_certificate /etc/ssl/tp/fullchain.pem;
ssl_certificate_key /etc/ssl/tp/private/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=63072000" always;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/ssl/ca-bundle.pem;
resolver 172.168.100.2;
location / {
proxy_pass https://127.0.0.1:4435;
proxy_ssl_verify off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
proxy_set_header x-webobjects-remote-host $remote_addr;
proxy_set_header x-webobjects-server-name $server_name;
proxy_set_header x-webobjects-server-url https://$http_host;
proxy_set_header x-webobjects-server-port $server_port;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
client_body_buffer_size 128k;
client_max_body_size 0;
}
}

30
nginx/03/vizzare.conf Normal file
View File

@ -0,0 +1,30 @@
include php-fpm;
server {
server_name vizzare.com www.vizzare.com;
listen 202.61.255.100:443 ssl;
listen [2a03:4000:55:d1d::]:443 ssl;
root /mnt/gluster01/web/vizzare;
index index.php;
ssl_certificate /etc/ssl/vizzare/fullchain.pem;
ssl_certificate_key /etc/ssl/vizzare/private/privkey.pem;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_pass php-fpm;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}

18
nginx/03/znc.conf Normal file
View File

@ -0,0 +1,18 @@
server {
listen 202.61.255.100:443 ssl http2;
listen [2a03:4000:55:d1d::]:443 ssl http2;
server_name znc.lsd.dog;
ssl_certificate /etc/ssl/drugs/fullchain.pem;
ssl_certificate_key /etc/ssl/drugs/private/privkey.pem;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
large_client_header_buffers 4 32k;
location / {
proxy_pass http://[::1]:54658;
proxy_set_header X-Forwarded-Host \$host;
proxy_set_header X-Forwarded-Server \$host;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
}
}