Compare commits
No commits in common. "main" and "master" have entirely different histories.
|
|
@ -0,0 +1,41 @@
|
||||||
|
server {
|
||||||
|
server_name al.ert.space;
|
||||||
|
root /srv/www/al.ert.space/app;
|
||||||
|
index index.html /server/index.php;
|
||||||
|
|
||||||
|
auth_basic "Authentication Required";
|
||||||
|
auth_basic_user_file /etc/apache2/.htpasswd;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
try_files $uri $uri/ =404;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ \.php$ {
|
||||||
|
include snippets/fastcgi-php.conf;
|
||||||
|
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ~ /\.ht {
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
|
||||||
|
listen [::]:443 ssl; # managed by Certbot
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = al.ert.space) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
|
||||||
|
server_name al.ert.space;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
|
@ -0,0 +1,40 @@
|
||||||
|
upstream fw {
|
||||||
|
# depending on your setup, you may want to update this
|
||||||
|
server 0.0.0.0:5000;
|
||||||
|
}
|
||||||
|
map $http_upgrade $connection_upgrade {
|
||||||
|
default upgrade;
|
||||||
|
'' close;
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
server_name conc.ert.space;
|
||||||
|
client_max_body_size 512M;
|
||||||
|
|
||||||
|
# HSTS
|
||||||
|
add_header Strict-Transport-Security "max-age=31536000";
|
||||||
|
|
||||||
|
location / {
|
||||||
|
include /etc/nginx/funkwhale_proxy.conf;
|
||||||
|
proxy_pass http://fw/;
|
||||||
|
}
|
||||||
|
|
||||||
|
listen [::]:443 ssl; # managed by Certbot
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = conc.ert.space) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
server_name conc.ert.space;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
22
default
22
default
|
|
@ -1,23 +1,7 @@
|
||||||
server {
|
server {
|
||||||
server_name _; # managed by Certbot
|
|
||||||
|
|
||||||
return 302 https://ionathan.ch;
|
|
||||||
|
|
||||||
listen [::]:443 ssl ipv6only=on; # managed by Certbot
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/git.ionchy.ca/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/git.ionchy.ca/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = ionchy.ca) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
listen 80 default_server;
|
listen 80 default_server;
|
||||||
listen [::]:80 default_server;
|
listen [::]:80 default_server;
|
||||||
server_name _;
|
server_name localhost;
|
||||||
return 404; # managed by Certbot
|
|
||||||
|
return 301 https://ionathan.ch;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,24 @@
|
||||||
|
server {
|
||||||
|
root /srv/www/doi.ionathan.ch;
|
||||||
|
server_name doi.ionathan.ch;
|
||||||
|
error_page 404 /index.html;
|
||||||
|
location ~/.* {
|
||||||
|
try_files $uri $uri/ =404;
|
||||||
|
}
|
||||||
|
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = doi.ionathan.ch) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
|
||||||
|
server_name doi.ionathan.ch;
|
||||||
|
listen 80;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,29 @@
|
||||||
|
server {
|
||||||
|
server_name ert.space;
|
||||||
|
root /srv/www/ert.space;
|
||||||
|
location / {
|
||||||
|
try_files $uri $uri/ =404;
|
||||||
|
}
|
||||||
|
server_name ert.space;
|
||||||
|
|
||||||
|
listen [::]:443 ssl ipv6only=on; # managed by Certbot
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = ert.space) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
|
||||||
|
server_name ert.space;
|
||||||
|
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
server_name ert.space;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
|
@ -0,0 +1,38 @@
|
||||||
|
server {
|
||||||
|
server_name ex.ert.space;
|
||||||
|
client_max_body_size 512M;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://localhost:8080;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
}
|
||||||
|
|
||||||
|
location = /.well-known/carddav {
|
||||||
|
return 301 http://localhost:8080/remote.php/dav;
|
||||||
|
}
|
||||||
|
location = /.well-known/caldav {
|
||||||
|
return 301 http://localhost:8080/remote.php/dav;
|
||||||
|
}
|
||||||
|
server_name ex.ert.space;
|
||||||
|
|
||||||
|
listen [::]:443 ssl; # managed by Certbot
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = ex.ert.space) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
|
||||||
|
server_name ex.ert.space;
|
||||||
|
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
server_name ex.ert.space;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
|
@ -7,12 +7,10 @@ server {
|
||||||
}
|
}
|
||||||
|
|
||||||
listen 443 ssl; # managed by Certbot
|
listen 443 ssl; # managed by Certbot
|
||||||
listen [::]:443 ssl;
|
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
|
||||||
ssl_certificate /etc/letsencrypt/live/next.ionathan.ch/fullchain.pem; # managed by Certbot
|
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
|
||||||
ssl_certificate_key /etc/letsencrypt/live/next.ionathan.ch/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
|
|
@ -22,6 +20,5 @@ server {
|
||||||
|
|
||||||
server_name git.ionathan.ch;
|
server_name git.ionathan.ch;
|
||||||
listen 80;
|
listen 80;
|
||||||
listen [::]:80;
|
|
||||||
return 404; # managed by Certbot
|
return 404; # managed by Certbot
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,29 +1,30 @@
|
||||||
server {
|
server {
|
||||||
server_name git.ionchy.ca;
|
server_name gitb.ert.space;
|
||||||
location / {
|
location / {
|
||||||
proxy_pass http://localhost:3000;
|
proxy_pass http://localhost:3000;
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
}
|
}
|
||||||
|
server_name gitb.ert.space;
|
||||||
|
|
||||||
|
listen [::]:443 ssl; # managed by Certbot
|
||||||
listen 443 ssl; # managed by Certbot
|
listen 443 ssl; # managed by Certbot
|
||||||
listen [::]:443 ssl;
|
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
ssl_certificate /etc/letsencrypt/live/git.ionchy.ca/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/git.ionchy.ca/privkey.pem; # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
if ($host = git.ionchy.ca) {
|
if ($host = gitb.ert.space) {
|
||||||
return 301 https://$host$request_uri;
|
return 301 https://$host$request_uri;
|
||||||
} # managed by Certbot
|
} # managed by Certbot
|
||||||
|
|
||||||
server_name git.ionchy.ca;
|
server_name gitb.ert.space;
|
||||||
|
|
||||||
listen 80;
|
listen 80;
|
||||||
listen [::]:80;
|
listen [::]:80;
|
||||||
|
server_name gitb.ert.space;
|
||||||
return 404; # managed by Certbot
|
return 404; # managed by Certbot
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -0,0 +1,30 @@
|
||||||
|
server {
|
||||||
|
server_name hilb.ert.space;
|
||||||
|
client_max_body_size 5M;
|
||||||
|
root /srv/www/ert.space;
|
||||||
|
location / {
|
||||||
|
try_files $uri $uri/ =404;
|
||||||
|
}
|
||||||
|
server_name hilb.ert.space;
|
||||||
|
|
||||||
|
listen [::]:443 ssl; # managed by Certbot
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = hilb.ert.space) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
|
||||||
|
server_name hilb.ert.space;
|
||||||
|
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
server_name hilb.ert.space;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
|
@ -0,0 +1,27 @@
|
||||||
|
server {
|
||||||
|
root /srv/www/ert.space;
|
||||||
|
server_name in.ert.space;
|
||||||
|
error_page 404 /404.html;
|
||||||
|
location / {
|
||||||
|
try_files $uri $uri/ =404;
|
||||||
|
}
|
||||||
|
|
||||||
|
listen [::]:443 ssl; # managed by Certbot
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = in.ert.space) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
server_name in.ert.space;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
|
@ -14,19 +14,10 @@ server {
|
||||||
location = /.well-known/caldav {
|
location = /.well-known/caldav {
|
||||||
return 301 $scheme://$host/remote.php/dav;
|
return 301 $scheme://$host/remote.php/dav;
|
||||||
}
|
}
|
||||||
location = /.well-known/webfinger {
|
|
||||||
return 301 $scheme://$host/index.php/.well-known/webfinger;
|
|
||||||
}
|
|
||||||
location = /.well-known/nodeinfo {
|
|
||||||
return 301 $scheme://$host/index.php/.well-known/nodeinfo;
|
|
||||||
}
|
|
||||||
|
|
||||||
include mime.types;
|
|
||||||
|
|
||||||
listen 443 ssl; # managed by Certbot
|
listen 443 ssl; # managed by Certbot
|
||||||
listen [::]:443 ssl;
|
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
|
||||||
ssl_certificate /etc/letsencrypt/live/next.ionathan.ch/fullchain.pem; # managed by Certbot
|
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
|
||||||
ssl_certificate_key /etc/letsencrypt/live/next.ionathan.ch/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
}
|
}
|
||||||
|
|
@ -38,6 +29,5 @@ server {
|
||||||
|
|
||||||
server_name next.ionathan.ch;
|
server_name next.ionathan.ch;
|
||||||
listen 80;
|
listen 80;
|
||||||
listen [::]:80;
|
|
||||||
return 404; # managed by Certbot
|
return 404; # managed by Certbot
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,45 +0,0 @@
|
||||||
server {
|
|
||||||
server_name next.ionchy.ca;
|
|
||||||
client_max_body_size 512M;
|
|
||||||
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
proxy_pass http://localhost:8000;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
}
|
|
||||||
location = /.well-known/carddav {
|
|
||||||
return 301 $scheme://$host/remote.php/dav;
|
|
||||||
}
|
|
||||||
location = /.well-known/caldav {
|
|
||||||
return 301 $scheme://$host/remote.php/dav;
|
|
||||||
}
|
|
||||||
location = /.well-known/webfinger {
|
|
||||||
return 301 $scheme://$host/index.php/.well-known/webfinger;
|
|
||||||
}
|
|
||||||
location = /.well-known/nodeinfo {
|
|
||||||
return 301 $scheme://$host/index.php/.well-known/nodeinfo;
|
|
||||||
}
|
|
||||||
|
|
||||||
include mime.types;
|
|
||||||
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
listen [::]:443 ssl;
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/git.ionchy.ca/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/git.ionchy.ca/privkey.pem; # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = next.ionchy.ca) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
server_name next.ionchy.ca;
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
@ -38,7 +38,7 @@ server {
|
||||||
#
|
#
|
||||||
# include snippets/snakeoil.conf;
|
# include snippets/snakeoil.conf;
|
||||||
|
|
||||||
root /var/www/html;
|
root /srv/www/html;
|
||||||
|
|
||||||
# Add index.php to the list if you are using PHP
|
# Add index.php to the list if you are using PHP
|
||||||
index index.html index.htm index.nginx-debian.html;
|
index index.html index.htm index.nginx-debian.html;
|
||||||
|
|
@ -57,7 +57,7 @@ server {
|
||||||
# include snippets/fastcgi-php.conf;
|
# include snippets/fastcgi-php.conf;
|
||||||
#
|
#
|
||||||
# # With php-fpm (or other unix sockets):
|
# # With php-fpm (or other unix sockets):
|
||||||
# fastcgi_pass unix:/run/php/php7.4-fpm.sock;
|
# fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
|
||||||
# # With php-cgi (or other tcp sockets):
|
# # With php-cgi (or other tcp sockets):
|
||||||
# fastcgi_pass 127.0.0.1:9000;
|
# fastcgi_pass 127.0.0.1:9000;
|
||||||
#}
|
#}
|
||||||
|
|
@ -0,0 +1,23 @@
|
||||||
|
server {
|
||||||
|
server_name nitter.ionathan.ch;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://localhost:8888;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
}
|
||||||
|
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
}
|
||||||
|
server {
|
||||||
|
if ($host = nitter.ionathan.ch) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
|
||||||
|
listen 80;
|
||||||
|
server_name nitter.ionathan.ch;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,28 @@
|
||||||
|
server {
|
||||||
|
server_name pix.ert.space;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://localhost:8008;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
}
|
||||||
|
|
||||||
|
listen [::]:443 ssl; # managed by Certbot
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = pix.ert.space) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
|
||||||
|
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
server_name pix.ert.space;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
|
@ -0,0 +1,29 @@
|
||||||
|
server {
|
||||||
|
server_name ress.ert.space;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://localhost:8181;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
}
|
||||||
|
server_name ress.ert.space;
|
||||||
|
|
||||||
|
listen [::]:443 ssl; # managed by Certbot
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = ress.ert.space) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
server_name ress.ert.space;
|
||||||
|
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
server_name ress.ert.space;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
|
@ -1,34 +1,15 @@
|
||||||
upstream freshrss {
|
|
||||||
server localhost:8080;
|
|
||||||
keepalive 64;
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
server {
|
||||||
server_name rss.ionathan.ch;
|
server_name rss.ionathan.ch;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
# The final `/` is important.
|
proxy_pass http://localhost:8080;
|
||||||
proxy_pass http://freshrss/;
|
|
||||||
add_header X-Frame-Options SAMEORIGIN;
|
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
|
||||||
proxy_redirect off;
|
|
||||||
proxy_buffering off;
|
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
proxy_set_header X-Forwarded-Port $server_port;
|
|
||||||
proxy_read_timeout 90;
|
|
||||||
|
|
||||||
# Forward the Authorization header for the Google Reader API.
|
|
||||||
proxy_set_header Authorization $http_authorization;
|
|
||||||
proxy_pass_header Authorization;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
listen 443 ssl; # managed by Certbot
|
listen 443 ssl; # managed by Certbot
|
||||||
listen [::]:443 ssl;
|
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
|
||||||
ssl_certificate /etc/letsencrypt/live/next.ionathan.ch/fullchain.pem; # managed by Certbot
|
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
|
||||||
ssl_certificate_key /etc/letsencrypt/live/next.ionathan.ch/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
}
|
}
|
||||||
|
|
@ -40,6 +21,5 @@ server {
|
||||||
|
|
||||||
server_name rss.ionathan.ch;
|
server_name rss.ionathan.ch;
|
||||||
listen 80;
|
listen 80;
|
||||||
listen [::]:80;
|
|
||||||
return 404; # managed by Certbot
|
return 404; # managed by Certbot
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,48 +0,0 @@
|
||||||
upstream freshrss {
|
|
||||||
server localhost:8080;
|
|
||||||
keepalive 64;
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
server_name rss.ionchy.ca;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
# The final `/` is important.
|
|
||||||
proxy_pass http://freshrss/;
|
|
||||||
add_header X-Frame-Options SAMEORIGIN;
|
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
|
||||||
proxy_redirect off;
|
|
||||||
proxy_buffering off;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
proxy_set_header X-Forwarded-Port $server_port;
|
|
||||||
proxy_read_timeout 90;
|
|
||||||
|
|
||||||
# Forward the Authorization header for the Google Reader API.
|
|
||||||
proxy_set_header Authorization $http_authorization;
|
|
||||||
proxy_pass_header Authorization;
|
|
||||||
}
|
|
||||||
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
listen [::]:443 ssl;
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/git.ionchy.ca/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/git.ionchy.ca/privkey.pem; # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = rss.ionchy.ca) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
server_name rss.ionchy.ca;
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
@ -0,0 +1,14 @@
|
||||||
|
server {
|
||||||
|
server_name sea.ionathan.ch;
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
client_max_body_size 512M;
|
||||||
|
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://localhost:8008;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
@ -0,0 +1,26 @@
|
||||||
|
server {
|
||||||
|
server_name stand.ert.space;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://localhost:3030;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real_IP $remote_addr;
|
||||||
|
}
|
||||||
|
|
||||||
|
listen [::]:443 ssl; # managed by Certbot
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = stand.ert.space) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
server_name stand.ert.space;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,27 @@
|
||||||
|
server {
|
||||||
|
server_name wiki.ert.space;
|
||||||
|
location / {
|
||||||
|
proxy_pass https://github.com/ionathanch/ionathanch/wiki;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
}
|
||||||
|
|
||||||
|
listen [::]:443 ssl; # managed by Certbot
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = wiki.ert.space) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
server_name wiki.ert.space;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
Loading…
Reference in New Issue