diff --git a/nginx/configs/ssl.conf b/nginx/configs/ssl.conf new file mode 100644 index 0000000..03e2d4d --- /dev/null +++ b/nginx/configs/ssl.conf @@ -0,0 +1,4 @@ +ssl_certificate /etc/ssl/certs/zzlschain.pem; +ssl_certificate_key /etc/ssl/private/zzlskey.pem; +include /etc/letsencrypt/options-ssl-nginx.conf; +ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; \ No newline at end of file diff --git a/nginx/sites-available/donate.zzls.xyz.conf b/nginx/sites-available/donate.zzls.xyz.conf index fefec41..8d2cffc 100755 --- a/nginx/sites-available/donate.zzls.xyz.conf +++ b/nginx/sites-available/donate.zzls.xyz.conf @@ -1,6 +1,5 @@ server { - - access_log /var/log/nginx/donate.access.log combined; + access_log /var/log/nginx/donate.zzls.xyz.log combined; root /var/www/donate; index index.html; @@ -13,23 +12,15 @@ server { try_files $uri $uri/ =404; } - listen 443 ssl; # managed by Certbot - ssl_certificate /etc/letsencrypt/live/donate.zzls.xyz/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/donate.zzls.xyz/privkey.pem; # managed by Certbot - include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + listen 443 ssl http2; + include configs/ssl.conf; } server { if ($host = donate.zzls.xyz) { return 301 https://$host$request_uri; } - # managed by Certbot - - server_name donate.zzls.xyz; listen 80; return 404; # managed by Certbot - - } diff --git a/nginx/sites-available/files.zzls.xyz.conf b/nginx/sites-available/files.zzls.xyz.conf index 4c3b67d..80b6b0d 100755 --- a/nginx/sites-available/files.zzls.xyz.conf +++ b/nginx/sites-available/files.zzls.xyz.conf @@ -1,6 +1,5 @@ server { - - access_log /var/log/nginx/files.access.log combined; + access_log /var/log/nginx/files.zzls.xyz.log combined; server_name files.zzls.xyz; include configs/general.conf; @@ -37,22 +36,15 @@ server { } - listen 443 ssl http2; # managed by Certbot - ssl_certificate /etc/letsencrypt/live/files.zzls.xyz/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/files.zzls.xyz/privkey.pem; # managed by Certbot - include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + listen 443 ssl http2; + include configs/ssl.conf; + } server { if ($host = files.zzls.xyz) { return 301 https://$host$request_uri; } - # managed by Certbot - - listen 80; server_name files.zzls.xyz; return 404; # managed by Certbot - - } diff --git a/nginx/sites-available/i.zzls.xyz.conf b/nginx/sites-available/i.zzls.xyz.conf index af5de7c..7f16c26 100755 --- a/nginx/sites-available/i.zzls.xyz.conf +++ b/nginx/sites-available/i.zzls.xyz.conf @@ -1,5 +1,5 @@ server { - access_log /var/log/nginx/i.access.log combined; + access_log /var/log/nginx/i.zzls.xyz.log combined; server_name i.zzls.xyz; include configs/general.conf; @@ -9,20 +9,14 @@ server { rewrite ^/(.*)$ https://i.ayaya.beauty/$1 redirect; } - listen 443 ssl http2; # managed by Certbot - ssl_certificate /etc/letsencrypt/live/i.zzls.xyz/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/i.zzls.xyz/privkey.pem; # managed by Certbot - include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + listen 443 ssl http2; + include configs/ssl.conf; } server { if ($host = i.zzls.xyz) { return 301 https://$host$request_uri; } - # managed by Certbot - - server_name i.zzls.xyz; listen 80; return 404; # managed by Certbot diff --git a/nginx/sites-available/logs.spanix.xyz.conf b/nginx/sites-available/logs.spanix.team.conf similarity index 92% rename from nginx/sites-available/logs.spanix.xyz.conf rename to nginx/sites-available/logs.spanix.team.conf index 0bda55f..96f33f2 100755 --- a/nginx/sites-available/logs.spanix.xyz.conf +++ b/nginx/sites-available/logs.spanix.team.conf @@ -1,5 +1,5 @@ server { - access_log /var/log/nginx/logs.spanix.access.log combined; + access_log /var/log/nginx/logs.spanix.team.log combined; server_name logs.spanix.team; include configs/general.conf; diff --git a/nginx/sites-available/logs.zzls.xyz.conf b/nginx/sites-available/logs.zzls.xyz.conf index b2a8c18..b2b6381 100755 --- a/nginx/sites-available/logs.zzls.xyz.conf +++ b/nginx/sites-available/logs.zzls.xyz.conf @@ -1,5 +1,5 @@ server { - access_log /var/log/nginx/logs.access.log combined; + access_log /var/log/nginx/logs.zzls.xyz.log combined; server_name logs.zzls.xyz; include configs/general.conf; @@ -32,25 +32,15 @@ server { index 50x.html; } - listen 443 ssl http2; # managed by Certbot - ssl_certificate /etc/letsencrypt/live/logs.zzls.xyz/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/logs.zzls.xyz/privkey.pem; # managed by Certbot - include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + listen 443 ssl http2; + include configs/ssl.conf; } server { if ($host = logs.zzls.xyz) { return 301 https://$host$request_uri; } - # managed by Certbot - - listen 80; - listen [::]:80; - server_name logs.zzls.xyz; return 404; # managed by Certbot - - } diff --git a/nginx/sites-available/lsf.spanix.team.conf b/nginx/sites-available/lsf.spanix.team.conf index e84da19..5b3f452 100644 --- a/nginx/sites-available/lsf.spanix.team.conf +++ b/nginx/sites-available/lsf.spanix.team.conf @@ -1,5 +1,5 @@ server { - access_log /var/log/nginx/lsf.spanix.access.log combined; + access_log /var/log/nginx/lsf.spanix.team.log combined; server_name lsf.spanix.team; include configs/general.conf; diff --git a/nginx/sites-available/mail.zzls.xyz.conf b/nginx/sites-available/mail.zzls.xyz.conf index 91a7cfe..de21603 100755 --- a/nginx/sites-available/mail.zzls.xyz.conf +++ b/nginx/sites-available/mail.zzls.xyz.conf @@ -1,5 +1,5 @@ server { - access_log /var/log/nginx/mail.access.log combined; + access_log /var/log/nginx/mail.zzls.xyz.log combined; root /var/www/mail; index index.html; @@ -20,25 +20,15 @@ server { proxy_pass_header Authorization; } - listen 443 http2 ssl; # managed by Certbot - ssl_certificate /etc/letsencrypt/live/mail.zzls.xyz/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/mail.zzls.xyz/privkey.pem; # managed by Certbot - include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + listen 443 ssl http2; + include configs/ssl.conf; } server { if ($host = mail.zzls.xyz) { return 301 https://$host$request_uri; } - # managed by Certbot - - server_name mail.zzls.xyz; - - listen 80; return 404; # managed by Certbot - - } diff --git a/nginx/sites-available/posts.zzls.xyz.conf b/nginx/sites-available/posts.zzls.xyz.conf index 45958e0..f1ff751 100755 --- a/nginx/sites-available/posts.zzls.xyz.conf +++ b/nginx/sites-available/posts.zzls.xyz.conf @@ -1,5 +1,5 @@ server { - access_log /var/log/nginx/posts.access.log combined; + access_log /var/log/nginx/posts.zzls.xyz.log combined; root /var/www/posts; index index.html; @@ -8,23 +8,15 @@ server { include configs/general.conf; include configs/security.conf; - listen 443 ssl http2; # managed by Certbot - ssl_certificate /etc/letsencrypt/live/posts.zzls.xyz/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/posts.zzls.xyz/privkey.pem; # managed by Certbot - include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + listen 443 ssl http2; + include configs/ssl.conf; } server { if ($host = posts.zzls.xyz) { return 301 https://$host$request_uri; } - # managed by Certbot - - server_name posts.zzls.xyz; listen 80; return 404; # managed by Certbot - - } diff --git a/nginx/sites-available/zzls.xyz.conf b/nginx/sites-available/zzls.xyz.conf index 6fb8dc0..ad125b9 100755 --- a/nginx/sites-available/zzls.xyz.conf +++ b/nginx/sites-available/zzls.xyz.conf @@ -7,7 +7,6 @@ server { include configs/general.conf; include configs/security.conf; - location /.well-known/matrix/client { return 200 '{"m.homeserver": {"base_url": "https://matrix.zzls.xyz"}}'; default_type application/json; @@ -31,29 +30,18 @@ server { autoindex_localtime on; } - listen 443 ssl http2; # managed by Certbot - ssl_certificate /etc/letsencrypt/live/zzls.xyz/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/zzls.xyz/privkey.pem; # managed by Certbot - include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + listen 443 ssl http2; + include configs/ssl.conf; } server { if ($host = www.zzls.xyz) { return 301 https://$host$request_uri; } - # managed by Certbot - - if ($host = zzls.xyz) { return 301 https://$host$request_uri; } - # managed by Certbot - - server_name zzls.xyz www.zzls.xyz; listen 80; return 404; # managed by Certbot - - } diff --git a/nginx/sites-enabled/donate.zzls.xyz.conf b/nginx/sites-enabled/donate.zzls.xyz.conf deleted file mode 120000 index 6a4ae90..0000000 --- a/nginx/sites-enabled/donate.zzls.xyz.conf +++ /dev/null @@ -1 +0,0 @@ -/etc/nginx/sites-available/donate.zzls.xyz.conf \ No newline at end of file diff --git a/nginx/sites-enabled/logs.spanix.team.conf b/nginx/sites-enabled/logs.spanix.team.conf new file mode 120000 index 0000000..5457559 --- /dev/null +++ b/nginx/sites-enabled/logs.spanix.team.conf @@ -0,0 +1 @@ +../sites-available/logs.spanix.team.conf \ No newline at end of file diff --git a/nginx/sites-enabled/logs.spanix.xyz.conf b/nginx/sites-enabled/logs.spanix.xyz.conf deleted file mode 120000 index 91afd0c..0000000 --- a/nginx/sites-enabled/logs.spanix.xyz.conf +++ /dev/null @@ -1 +0,0 @@ -/etc/nginx/sites-available/logs.spanix.xyz.conf \ No newline at end of file diff --git a/nginx/sites-enabled/nossl.zzls.xyz.conf b/nginx/sites-enabled/nossl.zzls.xyz.conf deleted file mode 120000 index e81f2f5..0000000 --- a/nginx/sites-enabled/nossl.zzls.xyz.conf +++ /dev/null @@ -1 +0,0 @@ -/etc/nginx/sites-available/nossl.zzls.xyz.conf \ No newline at end of file