Compare commits
7 Commits
| Author | SHA1 | Date |
|---|---|---|
Jonathan Chan
|
cc1efe9441 | |
|
Jonathan Chan
|
08e3567d5b | |
|
Jonathan Chan
|
7509b1e900 | |
|
Jonathan Chan
|
465da8ba5f | |
|
Jonathan Chan
|
954303cf90 | |
|
Jonathan Chan
|
cbd3c525c5 | |
|
Jonathan Chan
|
41054ea972 |
41
al.ert.space
41
al.ert.space
|
|
@ -1,41 +0,0 @@
|
||||||
server {
|
|
||||||
server_name al.ert.space;
|
|
||||||
root /srv/www/al.ert.space/app;
|
|
||||||
index index.html /server/index.php;
|
|
||||||
|
|
||||||
auth_basic "Authentication Required";
|
|
||||||
auth_basic_user_file /etc/apache2/.htpasswd;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ =404;
|
|
||||||
}
|
|
||||||
|
|
||||||
location ~ \.php$ {
|
|
||||||
include snippets/fastcgi-php.conf;
|
|
||||||
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
|
|
||||||
}
|
|
||||||
|
|
||||||
location ~ /\.ht {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
|
|
||||||
listen [::]:443 ssl; # managed by Certbot
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = al.ert.space) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
|
|
||||||
server_name al.ert.space;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
@ -1,40 +0,0 @@
|
||||||
upstream fw {
|
|
||||||
# depending on your setup, you may want to update this
|
|
||||||
server 0.0.0.0:5000;
|
|
||||||
}
|
|
||||||
map $http_upgrade $connection_upgrade {
|
|
||||||
default upgrade;
|
|
||||||
'' close;
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
server_name conc.ert.space;
|
|
||||||
client_max_body_size 512M;
|
|
||||||
|
|
||||||
# HSTS
|
|
||||||
add_header Strict-Transport-Security "max-age=31536000";
|
|
||||||
|
|
||||||
location / {
|
|
||||||
include /etc/nginx/funkwhale_proxy.conf;
|
|
||||||
proxy_pass http://fw/;
|
|
||||||
}
|
|
||||||
|
|
||||||
listen [::]:443 ssl; # managed by Certbot
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = conc.ert.space) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
server_name conc.ert.space;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
22
default
22
default
|
|
@ -1,7 +1,23 @@
|
||||||
server {
|
server {
|
||||||
|
server_name _; # managed by Certbot
|
||||||
|
|
||||||
|
return 302 https://ionathan.ch;
|
||||||
|
|
||||||
|
listen [::]:443 ssl ipv6only=on; # managed by Certbot
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/git.ionchy.ca/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/git.ionchy.ca/privkey.pem; # managed by Certbot
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = ionchy.ca) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
|
||||||
listen 80 default_server;
|
listen 80 default_server;
|
||||||
listen [::]:80 default_server;
|
listen [::]:80 default_server;
|
||||||
server_name localhost;
|
server_name _;
|
||||||
|
return 404; # managed by Certbot
|
||||||
return 301 https://ionathan.ch;
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -38,7 +38,7 @@ server {
|
||||||
#
|
#
|
||||||
# include snippets/snakeoil.conf;
|
# include snippets/snakeoil.conf;
|
||||||
|
|
||||||
root /srv/www/html;
|
root /var/www/html;
|
||||||
|
|
||||||
# Add index.php to the list if you are using PHP
|
# Add index.php to the list if you are using PHP
|
||||||
index index.html index.htm index.nginx-debian.html;
|
index index.html index.htm index.nginx-debian.html;
|
||||||
|
|
@ -57,7 +57,7 @@ server {
|
||||||
# include snippets/fastcgi-php.conf;
|
# include snippets/fastcgi-php.conf;
|
||||||
#
|
#
|
||||||
# # With php-fpm (or other unix sockets):
|
# # With php-fpm (or other unix sockets):
|
||||||
# fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
|
# fastcgi_pass unix:/run/php/php7.4-fpm.sock;
|
||||||
# # With php-cgi (or other tcp sockets):
|
# # With php-cgi (or other tcp sockets):
|
||||||
# fastcgi_pass 127.0.0.1:9000;
|
# fastcgi_pass 127.0.0.1:9000;
|
||||||
#}
|
#}
|
||||||
|
|
@ -1,24 +0,0 @@
|
||||||
server {
|
|
||||||
root /srv/www/doi.ionathan.ch;
|
|
||||||
server_name doi.ionathan.ch;
|
|
||||||
error_page 404 /index.html;
|
|
||||||
location ~/.* {
|
|
||||||
try_files $uri $uri/ =404;
|
|
||||||
}
|
|
||||||
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = doi.ionathan.ch) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
server_name doi.ionathan.ch;
|
|
||||||
listen 80;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
}
|
|
||||||
29
ert.space
29
ert.space
|
|
@ -1,29 +0,0 @@
|
||||||
server {
|
|
||||||
server_name ert.space;
|
|
||||||
root /srv/www/ert.space;
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ =404;
|
|
||||||
}
|
|
||||||
server_name ert.space;
|
|
||||||
|
|
||||||
listen [::]:443 ssl ipv6only=on; # managed by Certbot
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = ert.space) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
server_name ert.space;
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
server_name ert.space;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
38
ex.ert.space
38
ex.ert.space
|
|
@ -1,38 +0,0 @@
|
||||||
server {
|
|
||||||
server_name ex.ert.space;
|
|
||||||
client_max_body_size 512M;
|
|
||||||
location / {
|
|
||||||
proxy_pass http://localhost:8080;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
}
|
|
||||||
|
|
||||||
location = /.well-known/carddav {
|
|
||||||
return 301 http://localhost:8080/remote.php/dav;
|
|
||||||
}
|
|
||||||
location = /.well-known/caldav {
|
|
||||||
return 301 http://localhost:8080/remote.php/dav;
|
|
||||||
}
|
|
||||||
server_name ex.ert.space;
|
|
||||||
|
|
||||||
listen [::]:443 ssl; # managed by Certbot
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = ex.ert.space) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
server_name ex.ert.space;
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
server_name ex.ert.space;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
@ -7,10 +7,12 @@ server {
|
||||||
}
|
}
|
||||||
|
|
||||||
listen 443 ssl; # managed by Certbot
|
listen 443 ssl; # managed by Certbot
|
||||||
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
|
listen [::]:443 ssl;
|
||||||
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
|
ssl_certificate /etc/letsencrypt/live/next.ionathan.ch/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/next.ionathan.ch/privkey.pem; # managed by Certbot
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
|
|
@ -20,5 +22,6 @@ server {
|
||||||
|
|
||||||
server_name git.ionathan.ch;
|
server_name git.ionathan.ch;
|
||||||
listen 80;
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
return 404; # managed by Certbot
|
return 404; # managed by Certbot
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,30 +1,29 @@
|
||||||
server {
|
server {
|
||||||
server_name gitb.ert.space;
|
server_name git.ionchy.ca;
|
||||||
location / {
|
location / {
|
||||||
proxy_pass http://localhost:3000;
|
proxy_pass http://localhost:3000;
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
}
|
}
|
||||||
server_name gitb.ert.space;
|
|
||||||
|
|
||||||
listen [::]:443 ssl; # managed by Certbot
|
|
||||||
listen 443 ssl; # managed by Certbot
|
listen 443 ssl; # managed by Certbot
|
||||||
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
listen [::]:443 ssl;
|
||||||
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/git.ionchy.ca/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/git.ionchy.ca/privkey.pem; # managed by Certbot
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
if ($host = gitb.ert.space) {
|
if ($host = git.ionchy.ca) {
|
||||||
return 301 https://$host$request_uri;
|
return 301 https://$host$request_uri;
|
||||||
} # managed by Certbot
|
} # managed by Certbot
|
||||||
|
|
||||||
server_name gitb.ert.space;
|
server_name git.ionchy.ca;
|
||||||
|
|
||||||
listen 80;
|
listen 80;
|
||||||
listen [::]:80;
|
listen [::]:80;
|
||||||
server_name gitb.ert.space;
|
|
||||||
return 404; # managed by Certbot
|
return 404; # managed by Certbot
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1,30 +0,0 @@
|
||||||
server {
|
|
||||||
server_name hilb.ert.space;
|
|
||||||
client_max_body_size 5M;
|
|
||||||
root /srv/www/ert.space;
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ =404;
|
|
||||||
}
|
|
||||||
server_name hilb.ert.space;
|
|
||||||
|
|
||||||
listen [::]:443 ssl; # managed by Certbot
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = hilb.ert.space) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
server_name hilb.ert.space;
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
server_name hilb.ert.space;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
27
in.ert.space
27
in.ert.space
|
|
@ -1,27 +0,0 @@
|
||||||
server {
|
|
||||||
root /srv/www/ert.space;
|
|
||||||
server_name in.ert.space;
|
|
||||||
error_page 404 /404.html;
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ =404;
|
|
||||||
}
|
|
||||||
|
|
||||||
listen [::]:443 ssl; # managed by Certbot
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = in.ert.space) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
server_name in.ert.space;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
@ -14,10 +14,19 @@ server {
|
||||||
location = /.well-known/caldav {
|
location = /.well-known/caldav {
|
||||||
return 301 $scheme://$host/remote.php/dav;
|
return 301 $scheme://$host/remote.php/dav;
|
||||||
}
|
}
|
||||||
|
location = /.well-known/webfinger {
|
||||||
|
return 301 $scheme://$host/index.php/.well-known/webfinger;
|
||||||
|
}
|
||||||
|
location = /.well-known/nodeinfo {
|
||||||
|
return 301 $scheme://$host/index.php/.well-known/nodeinfo;
|
||||||
|
}
|
||||||
|
|
||||||
|
include mime.types;
|
||||||
|
|
||||||
listen 443 ssl; # managed by Certbot
|
listen 443 ssl; # managed by Certbot
|
||||||
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
|
listen [::]:443 ssl;
|
||||||
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
|
ssl_certificate /etc/letsencrypt/live/next.ionathan.ch/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/next.ionathan.ch/privkey.pem; # managed by Certbot
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
}
|
}
|
||||||
|
|
@ -29,5 +38,6 @@ server {
|
||||||
|
|
||||||
server_name next.ionathan.ch;
|
server_name next.ionathan.ch;
|
||||||
listen 80;
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
return 404; # managed by Certbot
|
return 404; # managed by Certbot
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,45 @@
|
||||||
|
server {
|
||||||
|
server_name next.ionchy.ca;
|
||||||
|
client_max_body_size 512M;
|
||||||
|
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://localhost:8000;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
}
|
||||||
|
location = /.well-known/carddav {
|
||||||
|
return 301 $scheme://$host/remote.php/dav;
|
||||||
|
}
|
||||||
|
location = /.well-known/caldav {
|
||||||
|
return 301 $scheme://$host/remote.php/dav;
|
||||||
|
}
|
||||||
|
location = /.well-known/webfinger {
|
||||||
|
return 301 $scheme://$host/index.php/.well-known/webfinger;
|
||||||
|
}
|
||||||
|
location = /.well-known/nodeinfo {
|
||||||
|
return 301 $scheme://$host/index.php/.well-known/nodeinfo;
|
||||||
|
}
|
||||||
|
|
||||||
|
include mime.types;
|
||||||
|
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
listen [::]:443 ssl;
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/git.ionchy.ca/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/git.ionchy.ca/privkey.pem; # managed by Certbot
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = next.ionchy.ca) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
|
||||||
|
server_name next.ionchy.ca;
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
@ -1,23 +0,0 @@
|
||||||
server {
|
|
||||||
server_name nitter.ionathan.ch;
|
|
||||||
location / {
|
|
||||||
proxy_pass http://localhost:8888;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
}
|
|
||||||
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
}
|
|
||||||
server {
|
|
||||||
if ($host = nitter.ionathan.ch) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
server_name nitter.ionathan.ch;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
@ -1,28 +0,0 @@
|
||||||
server {
|
|
||||||
server_name pix.ert.space;
|
|
||||||
location / {
|
|
||||||
proxy_pass http://localhost:8008;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
}
|
|
||||||
|
|
||||||
listen [::]:443 ssl; # managed by Certbot
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = pix.ert.space) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
server_name pix.ert.space;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
@ -1,29 +0,0 @@
|
||||||
server {
|
|
||||||
server_name ress.ert.space;
|
|
||||||
location / {
|
|
||||||
proxy_pass http://localhost:8181;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
}
|
|
||||||
server_name ress.ert.space;
|
|
||||||
|
|
||||||
listen [::]:443 ssl; # managed by Certbot
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = ress.ert.space) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
server_name ress.ert.space;
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
server_name ress.ert.space;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
@ -1,15 +1,34 @@
|
||||||
|
upstream freshrss {
|
||||||
|
server localhost:8080;
|
||||||
|
keepalive 64;
|
||||||
|
}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
server_name rss.ionathan.ch;
|
server_name rss.ionathan.ch;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_pass http://localhost:8080;
|
# The final `/` is important.
|
||||||
|
proxy_pass http://freshrss/;
|
||||||
|
add_header X-Frame-Options SAMEORIGIN;
|
||||||
|
add_header X-XSS-Protection "1; mode=block";
|
||||||
|
proxy_redirect off;
|
||||||
|
proxy_buffering off;
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Port $server_port;
|
||||||
|
proxy_read_timeout 90;
|
||||||
|
|
||||||
|
# Forward the Authorization header for the Google Reader API.
|
||||||
|
proxy_set_header Authorization $http_authorization;
|
||||||
|
proxy_pass_header Authorization;
|
||||||
}
|
}
|
||||||
|
|
||||||
listen 443 ssl; # managed by Certbot
|
listen 443 ssl; # managed by Certbot
|
||||||
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
|
listen [::]:443 ssl;
|
||||||
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
|
ssl_certificate /etc/letsencrypt/live/next.ionathan.ch/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/next.ionathan.ch/privkey.pem; # managed by Certbot
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
}
|
}
|
||||||
|
|
@ -21,5 +40,6 @@ server {
|
||||||
|
|
||||||
server_name rss.ionathan.ch;
|
server_name rss.ionathan.ch;
|
||||||
listen 80;
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
return 404; # managed by Certbot
|
return 404; # managed by Certbot
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,48 @@
|
||||||
|
upstream freshrss {
|
||||||
|
server localhost:8080;
|
||||||
|
keepalive 64;
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
server_name rss.ionchy.ca;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
# The final `/` is important.
|
||||||
|
proxy_pass http://freshrss/;
|
||||||
|
add_header X-Frame-Options SAMEORIGIN;
|
||||||
|
add_header X-XSS-Protection "1; mode=block";
|
||||||
|
proxy_redirect off;
|
||||||
|
proxy_buffering off;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
proxy_set_header X-Forwarded-Port $server_port;
|
||||||
|
proxy_read_timeout 90;
|
||||||
|
|
||||||
|
# Forward the Authorization header for the Google Reader API.
|
||||||
|
proxy_set_header Authorization $http_authorization;
|
||||||
|
proxy_pass_header Authorization;
|
||||||
|
}
|
||||||
|
|
||||||
|
listen 443 ssl; # managed by Certbot
|
||||||
|
listen [::]:443 ssl;
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
ssl_certificate /etc/letsencrypt/live/git.ionchy.ca/fullchain.pem; # managed by Certbot
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/git.ionchy.ca/privkey.pem; # managed by Certbot
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
if ($host = rss.ionchy.ca) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
} # managed by Certbot
|
||||||
|
|
||||||
|
server_name rss.ionchy.ca;
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
return 404; # managed by Certbot
|
||||||
|
}
|
||||||
|
|
@ -1,14 +0,0 @@
|
||||||
server {
|
|
||||||
server_name sea.ionathan.ch;
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
client_max_body_size 512M;
|
|
||||||
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
proxy_pass http://localhost:8008;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
@ -1,26 +0,0 @@
|
||||||
server {
|
|
||||||
server_name stand.ert.space;
|
|
||||||
location / {
|
|
||||||
proxy_pass http://localhost:3030;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real_IP $remote_addr;
|
|
||||||
}
|
|
||||||
|
|
||||||
listen [::]:443 ssl; # managed by Certbot
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = stand.ert.space) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
server_name stand.ert.space;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
@ -1,27 +0,0 @@
|
||||||
server {
|
|
||||||
server_name wiki.ert.space;
|
|
||||||
location / {
|
|
||||||
proxy_pass https://github.com/ionathanch/ionathanch/wiki;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
}
|
|
||||||
|
|
||||||
listen [::]:443 ssl; # managed by Certbot
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = wiki.ert.space) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
server_name wiki.ert.space;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
}
|
|
||||||
|
|
||||||
Loading…
Reference in New Issue