ionchy
/
sites-available
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: ionchy:master
Branches Tags
ionchy:main
ionchy:master
...
pull from: ionchy:main
Branches Tags
ionchy:main
ionchy:master

7 Commits
master ... main

Author SHA1 Message Date
Jonathan Chan cc1efe9441 ionathan.ch -> ionchy.ca 2025-02-23 17:22:56 +01:00
Jonathan Chan 08e3567d5b Updated default config 2025-02-23 17:22:08 +01:00
Jonathan Chan 7509b1e900 Redirect to website by default 2025-02-23 17:21:53 +01:00
Jonathan Chan 465da8ba5f Fix some Nextcloud issue with federation 2025-02-23 17:21:19 +01:00
Jonathan Chan 954303cf90 Listen also on IPv6. 2022-11-24 15:03:05 +01:00
Jonathan Chan cbd3c525c5 Aesthetic fixes. 2021-10-23 07:17:11 +02:00
Jonathan Chan 41054ea972 New sites for new server. 2021-10-23 07:12:03 +02:00
21 changed files with 181 additions and 416 deletions
Show Stats Expand all files Collapse all files

41
al.ert.space
View File

@ -1,41 +0,0 @@
server {
server_name al.ert.space;
root /srv/www/al.ert.space/app;
index index.html /server/index.php;
auth_basic "Authentication Required";
auth_basic_user_file /etc/apache2/.htpasswd;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = al.ert.space) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name al.ert.space;
return 404; # managed by Certbot
}

40
conc.ert.space
View File

@ -1,40 +0,0 @@
upstream fw {
# depending on your setup, you may want to update this
server 0.0.0.0:5000;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
server_name conc.ert.space;
client_max_body_size 512M;
# HSTS
add_header Strict-Transport-Security "max-age=31536000";
location / {
include /etc/nginx/funkwhale_proxy.conf;
proxy_pass http://fw/;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = conc.ert.space) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name conc.ert.space;
return 404; # managed by Certbot
}

24
default
View File

@ -1,7 +1,23 @@
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name localhost;
server_name _; # managed by Certbot
return 301 https://ionathan.ch;
return 302 https://ionathan.ch;
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/git.ionchy.ca/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/git.ionchy.ca/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = ionchy.ca) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 404; # managed by Certbot
}

4
nginx-default → default.bak
View File

@ -38,7 +38,7 @@ server {
#
# include snippets/snakeoil.conf;
root /srv/www/html;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
@ -57,7 +57,7 @@ server {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
# fastcgi_pass unix:/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}

24
doi.ionathan.ch
View File

@ -1,24 +0,0 @@
server {
root /srv/www/doi.ionathan.ch;
server_name doi.ionathan.ch;
error_page 404 /index.html;
location ~/.* {
try_files $uri $uri/ =404;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = doi.ionathan.ch) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name doi.ionathan.ch;
listen 80;
return 404; # managed by Certbot
}

29
ert.space
View File

@ -1,29 +0,0 @@
server {
server_name ert.space;
root /srv/www/ert.space;
location / {
try_files $uri $uri/ =404;
}
server_name ert.space;
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = ert.space) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name ert.space;
listen 80;
listen [::]:80;
server_name ert.space;
return 404; # managed by Certbot
}

38
ex.ert.space
View File

@ -1,38 +0,0 @@
server {
server_name ex.ert.space;
client_max_body_size 512M;
location / {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location = /.well-known/carddav {
return 301 http://localhost:8080/remote.php/dav;
}
location = /.well-known/caldav {
return 301 http://localhost:8080/remote.php/dav;
}
server_name ex.ert.space;
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = ex.ert.space) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name ex.ert.space;
listen 80;
listen [::]:80;
server_name ex.ert.space;
return 404; # managed by Certbot
}

7
git.ionathan.ch
View File

@ -7,10 +7,12 @@ server {
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
listen [::]:443 ssl;
ssl_certificate /etc/letsencrypt/live/next.ionathan.ch/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/next.ionathan.ch/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
@ -20,5 +22,6 @@ server {
server_name git.ionathan.ch;
listen 80;
listen [::]:80;
return 404; # managed by Certbot
}

19
gitb.ert.space → git.ionchy.ca
View File

@ -1,30 +1,29 @@
server {
server_name gitb.ert.space;
server_name git.ionchy.ca;
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
server_name gitb.ert.space;
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
listen [::]:443 ssl;
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/git.ionchy.ca/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/git.ionchy.ca/privkey.pem; # managed by Certbot
}
server {
if ($host = gitb.ert.space) {
if ($host = git.ionchy.ca) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name gitb.ert.space;
server_name git.ionchy.ca;
listen 80;
listen [::]:80;
server_name gitb.ert.space;
return 404; # managed by Certbot
}

30
hilb.ert.space
View File

@ -1,30 +0,0 @@
server {
server_name hilb.ert.space;
client_max_body_size 5M;
root /srv/www/ert.space;
location / {
try_files $uri $uri/ =404;
}
server_name hilb.ert.space;
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = hilb.ert.space) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name hilb.ert.space;
listen 80;
listen [::]:80;
server_name hilb.ert.space;
return 404; # managed by Certbot
}

27
in.ert.space
View File

@ -1,27 +0,0 @@
server {
root /srv/www/ert.space;
server_name in.ert.space;
error_page 404 /404.html;
location / {
try_files $uri $uri/ =404;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = in.ert.space) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name in.ert.space;
return 404; # managed by Certbot
}

14
next.ionathan.ch
View File

@ -14,10 +14,19 @@ server {
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/webfinger {
return 301 $scheme://$host/index.php/.well-known/webfinger;
}
location = /.well-known/nodeinfo {
return 301 $scheme://$host/index.php/.well-known/nodeinfo;
}
include mime.types;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
listen [::]:443 ssl;
ssl_certificate /etc/letsencrypt/live/next.ionathan.ch/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/next.ionathan.ch/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
@ -29,5 +38,6 @@ server {
server_name next.ionathan.ch;
listen 80;
listen [::]:80;
return 404; # managed by Certbot
}

45
next.ionchy.ca Normal file
View File

@ -0,0 +1,45 @@
server {
server_name next.ionchy.ca;
client_max_body_size 512M;
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
location / {
proxy_pass http://localhost:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/webfinger {
return 301 $scheme://$host/index.php/.well-known/webfinger;
}
location = /.well-known/nodeinfo {
return 301 $scheme://$host/index.php/.well-known/nodeinfo;
}
include mime.types;
listen 443 ssl; # managed by Certbot
listen [::]:443 ssl;
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/git.ionchy.ca/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/git.ionchy.ca/privkey.pem; # managed by Certbot
}
server {
if ($host = next.ionchy.ca) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name next.ionchy.ca;
listen 80;
listen [::]:80;
return 404; # managed by Certbot
}

23
nitter.ionathan.ch
View File

@ -1,23 +0,0 @@
server {
server_name nitter.ionathan.ch;
location / {
proxy_pass http://localhost:8888;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = nitter.ionathan.ch) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name nitter.ionathan.ch;
return 404; # managed by Certbot
}

28
pix.ert.space
View File

@ -1,28 +0,0 @@
server {
server_name pix.ert.space;
location / {
proxy_pass http://localhost:8008;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
}
server {
if ($host = pix.ert.space) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name pix.ert.space;
return 404; # managed by Certbot
}

29
ress.ert.space
View File

@ -1,29 +0,0 @@
server {
server_name ress.ert.space;
location / {
proxy_pass http://localhost:8181;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
server_name ress.ert.space;
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = ress.ert.space) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name ress.ert.space;
listen 80;
listen [::]:80;
server_name ress.ert.space;
return 404; # managed by Certbot
}

60
rss.ionathan.ch
View File

@ -1,25 +1,45 @@
server {
server_name rss.ionathan.ch;
location / {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/git.ionathan.ch/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/git.ionathan.ch/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
upstream freshrss {
server localhost:8080;
keepalive 64;
}
server {
if ($host = rss.ionathan.ch) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name rss.ionathan.ch;
server_name rss.ionathan.ch;
listen 80;
return 404; # managed by Certbot
location / {
# The final `/` is important.
proxy_pass http://freshrss/;
add_header X-Frame-Options SAMEORIGIN;
add_header X-XSS-Protection "1; mode=block";
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_read_timeout 90;
# Forward the Authorization header for the Google Reader API.
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
}
listen 443 ssl; # managed by Certbot
listen [::]:443 ssl;
ssl_certificate /etc/letsencrypt/live/next.ionathan.ch/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/next.ionathan.ch/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = rss.ionathan.ch) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name rss.ionathan.ch;
listen 80;
listen [::]:80;
return 404; # managed by Certbot
}

48
rss.ionchy.ca Normal file
View File

@ -0,0 +1,48 @@
upstream freshrss {
server localhost:8080;
keepalive 64;
}
server {
server_name rss.ionchy.ca;
location / {
# The final `/` is important.
proxy_pass http://freshrss/;
add_header X-Frame-Options SAMEORIGIN;
add_header X-XSS-Protection "1; mode=block";
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_read_timeout 90;
# Forward the Authorization header for the Google Reader API.
proxy_set_header Authorization $http_authorization;
proxy_pass_header Authorization;
}
listen 443 ssl; # managed by Certbot
listen [::]:443 ssl;
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/git.ionchy.ca/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/git.ionchy.ca/privkey.pem; # managed by Certbot
}
server {
if ($host = rss.ionchy.ca) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name rss.ionchy.ca;
listen 80;
listen [::]:80;
return 404; # managed by Certbot
}

14
sea.ionathan.ch
View File

@ -1,14 +0,0 @@
server {
server_name sea.ionathan.ch;
listen 80;
listen [::]:80;
client_max_body_size 512M;
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
location / {
proxy_pass http://localhost:8008;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}

26
stand.ert.space
View File

@ -1,26 +0,0 @@
server {
server_name stand.ert.space;
location / {
proxy_pass http://localhost:3030;
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = stand.ert.space) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name stand.ert.space;
return 404; # managed by Certbot
}

27
wiki.ert.space
View File

@ -1,27 +0,0 @@
server {
server_name wiki.ert.space;
location / {
proxy_pass https://github.com/ionathanch/ionathanch/wiki;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ert.space/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ert.space/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = wiki.ert.space) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name wiki.ert.space;
return 404; # managed by Certbot
}