Fijxu/etc-configs
1
1
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity

Push to edit locally

Browse source
This commit is contained in:
us.nadeko.net 2024-08-14 15:58:15 -04:00
parent c7f4692e76
commit f6c1a6133d
48 changed files with 166 additions and 1652 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
nginx/conf.d/4get.zzls.xyz.fallback.conf
View file

@ -1,21 +0,0 @@
# CLEARNET
server {
server_name 4get.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location / {
return 301 https://4getus.zzls.xyz$request_uri;
}
listen 443 ssl;
http2 on;
}
server {
if ($host = 4get.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name 4get.zzls.xyz;
}

92
nginx/conf.d/4getus.zzls.xyz.conf
View file

@ -1,92 +0,0 @@
# CLEARNET
server {
access_log /var/log/nginx/4getus.access.log limited;
error_log /var/log/nginx/4getus.error.log;
server_name 4getus.zzls.xyz 4getus.nadeko.net;
root /var/www/4get-zzls/;
include configs/general.conf;
include configs/robotsNone.conf;
include configs/security.conf;
location @upstream {
try_files $uri.php $uri/index.php =404;
fastcgi_pass php-fpm;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;
}
location ~* ^(.*)\.php$ {
return 301 $1;
}
location / {
try_files $uri @upstream;
}
location /web {
try_files $uri @upstream;
include snippets/torblacklist.conf;
error_page 403 =302 /torisblocked;
error_page 429 =302 /rl;
}
location /torisblocked {
alias errors/$request_uri.txt;
}
location /rl {
alias errors/$request_uri.txt;
}
location /data {
return 444;
}
# Tor Header
add_header Onion-Location http://4getus.zzls2vhse6jeahgdz5snle37dnngmbeh4jgug5xvsdpmlchaw3ieonid.onion$request_uri;
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
}
# TOR
server {
listen 80;
server_name 4getus.zzls2vhse6jeahgdz5snle37dnngmbeh4jgug5xvsdpmlchaw3ieonid.onion;
root /var/www/4get-zzls/;
location @upstream {
try_files $uri.php $uri/index.php =404;
fastcgi_pass unix:/run/php/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;
}
location ~* ^(.*)\.php$ {
return 301 $1;
}
location / {
try_files $uri @upstream;
}
}
server {
set $x "";
if ($host = 4getus.zzls.xyz) {
set $x 1;
}
if ($host = 4getus.nadeko.net) {
set $x 1;
}
if ($x = 1) {
return 301 https://$host$request_uri;
}
listen 80;
server_name 4getus.zzls.xyz 4getus.nadeko.net;
}

54
nginx/conf.d/ayaya.beauty.conf Normal file
View file

@ -0,0 +1,54 @@
server {
access_log /var/log/nginx/ayaya.beauty.log combined;
server_name ~.ayaya.beauty ayaya.beauty;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://file-uploader;
include configs/proxy.conf;
proxy_pass_request_headers on;
}
client_max_body_size 1024M;
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
}
server {
set $x "";
if ($host = ~.ayaya.beauty||ayaya.beauty) {
set $x 1;
}
if ($x = 1) {
return 301 https://$host$request_uri;
}
listen 80;
server_name ~.ayaya.beauty ayaya.beauty ~.lamartina.gay lamartina.gay;
return 404;
}
server {
access_log /var/log/nginx/ayaya.beauty.log combined;
server_name ~.lamartina.gay lamartina.gay;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://file-uploader;
include configs/proxy.conf;
proxy_pass_request_headers on;
}
client_max_body_size 1024M;
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
ssl_certificate /etc/letsencrypt/live/lamartina.gay/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/lamartina.gay/privkey.pem;
}

17
nginx/conf.d/blog.zzls.xyz.conf
View file

@ -1,17 +0,0 @@
server {
access_log /var/log/nginx/blog.zzls.xyz.log combined;
root /var/www/blog;
index index.html;
server_name blog.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
listen 443 ssl;
}
server {
if ($host = blog.zzls.xyz) {
return 301 https://$host$request_uri;
}
server_name blog.zzls.xyz;
listen 80;
}

40
nginx/conf.d/cgit.zzls.xyz.conf
View file

@ -1,40 +0,0 @@
# CLEARNET
server {
access_log /var/log/nginx/cgit.access.log;
server_name cgit.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
root /usr/share/cgit;
try_files $uri @cgit;
# Configure HTTP transport
#location ~ /.+/(info/refs|git-upload-pack) {
# include fastcgi_params;
# fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
# fastcgi_param PATH_INFO $uri;
# fastcgi_param GIT_HTTP_EXPORT_ALL 1;
# fastcgi_param GIT_PROJECT_ROOT /srv/git;
# fastcgi_param HOME /srv/git;
# fastcgi_pass unix:/run/fcgiwrap.socket;
# }
location @cgit {
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /usr/lib/cgit/cgit.cgi;
fastcgi_param PATH_INFO $uri;
fastcgi_param QUERY_STRING $args;
fastcgi_param HTTP_HOST $server_name;
fastcgi_pass unix:/run/fcgiwrap.socket;
}
listen 443 ssl;
http2 on;
}
server {
if ($host = cgit.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name cgit.zzls.xyz;
}

44
nginx/conf.d/default.conf.bal
View file

@ -1,44 +0,0 @@
server {
listen 80;
server_name localhost;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}

34
nginx/conf.d/instances.nadeko.net
View file

@ -1,34 +0,0 @@
server {
access_log /var/log/nginx/instances.zzls.xyz.access.log;
error_log /var/log/nginx/instances.zzls.xyz.error.log;
server_name instances.zzls.xyz instances.nadeko.net;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
location / {
proxy_pass https://fijxu.github.io/justlog-instances-uptime;
include configs/proxy.conf;
}
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
}
server {
set $x "";
if ($host = instances.zzls.xyz) {
set $x 1;
}
if ($host = instances.nadeko.net) {
set $x 1;
}
if ($x = 1) {
return 301 https://$host$request_uri;
}
listen 80;
server_name instances.zzls.xyz instances.nadeko.net;
}

46
nginx/conf.d/librex.nadeko.net.conf
View file

@ -1,46 +0,0 @@
server {
server_name librex.zzls.xyz librex.nadeko.net;
include configs/general.conf;
include configs/security.conf;
location / {
access_log /var/log/nginx/librex.nadeko.net.access.log;
add_header Content-Type text/plain;
return 200 "LibreX is now deprecated, if you come from the hnhx/LibreX repository and want to try LibreX, you should use LibreY, a fork of LibreY maintained by a few individuals. hnhx just vanished without a trace.
\t https://github.com/Ahwxorg/librey
You can also try using 4get if you want something fast and simple like LibreY
\t Main instance:\t https://4get.ca
\t My Instance:\t https://4get.nadeko.net
\t Instances:\t https://4get.ca/instances
Good luck! (´ ∀ ` *)";
}
location /api.php {
# Holy shit fucking bots still pinging my server with shit requests
return 444;
}
listen 443 ssl;
}
server {
if ($host = librex.zzls.xyz) {
return 301 https://$host$request_uri;
}
if ($host = zzls.xyz) {
return 301 https://$host$request_uri;
}
if ($host = librex.nadeko.net) {
return 301 https://$host$request_uri;
}
if ($host = nadeko.net) {
return 301 https://$host$request_uri;
}
server_name librex.zzls.xyz librex.nadeko.net;
listen 80;
return 404;
}

16
nginx/conf.d/status.zzls.xyz.conf → nginx/conf.d/live.nadeko.net.conf
View file

@ -1,11 +1,13 @@
server {
access_log /var/log/nginx/status.zzls.xyz.log combined;
server_name status.zzls.xyz;
access_log /var/log/nginx/live.access.log;
error_log /var/log/nginx/live.error.log;
server_name live.nadeko.net;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
location / {
proxy_pass http://status;
proxy_pass http://127.0.0.1:8889;
include configs/proxy.conf;
}
@ -18,15 +20,13 @@ server {
}
server {
set $x "";
if ($host = status.zzls.xyz) {
set $x 1;
}
if ($host = status.nadeko.net) {
if ($host = live.nadeko.net) {
set $x 1;
}
if ($x = 1) {
return 301 https://$host$request_uri;
}
listen 80;
server_name status.zzls.xyz status.nadeko.net;
return 404;
server_name live.nadeko.net;
}

25
nginx/conf.d/logs.spanix.team.conf
View file

@ -1,25 +0,0 @@
server {
access_log /var/log/nginx/logs.spanix.team.log combined;
server_name logs.spanix.team;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://justlogspanix;
include configs/proxy.conf;
}
listen 443 ssl;
http2 on;
ssl_certificate /etc/letsencrypt/live/logs.spanix.team/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/logs.spanix.team/privkey.pem; # managed by Certbot
include configs/sslConfig.conf;
}
server {
if ($host = logs.spanix.team) {
return 301 https://$host$request_uri;
}
listen 80;
server_name logs.spanix.team;
}

63
nginx/conf.d/logs.zzls.xyz.conf
View file

@ -1,63 +0,0 @@
server {
server_name logs.zzls.xyz;
rewrite ^ https://logs.nadeko.net$request_uri? permanent;
listen 443 ssl;
}
server {
access_log /var/log/nginx/logs.zzls.xyz.log combined;
server_name logs.nadeko.net;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://justlog;
include configs/proxy.conf;
# location ~ ^/(channel/rubius|channelid/39276140)/ {
# return 401 "Los logs de Rubius han sido deshabilitados";
# }
# location ~ ^/(channel/ibai|channelid/83232866)/ {
# return 401 "Los logs de Ibai han sido deshabilitados";
# }
location ~* ^/(channel/.*/user/skybluecold|channelid/.*/user/skybluecold|channel/.*/userid/130372054|channelid/.*/userid/130372054){
return 401 "lol";
}
location ~* ^/(channel/.*/user/8nunni|channelid/.*/user/8nunni|channel/.*/userid/1011023847|channelid/.*/userid/1011023847){
return 401 "lol";
}
error_page 501 502 503 /50x.html;
proxy_intercept_errors on;
}
location = /50x.html {
root /var/www/logs;
index 50x.html;
}
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
}
server {
set $x "";
if ($host = logs.zzls.xyz) {
set $x 1;
}
if ($host = logs.nadeko.net) {
set $x 1;
}
if ($x = 1) {
return 301 https://$host$request_uri;
}
listen 80;
server_name logs.zzls.xyz logs.nadeko.net;
return 404;
}

25
nginx/conf.d/lsf.spanix.team.conf
View file

@ -1,25 +0,0 @@
server {
access_log /var/log/nginx/lsf.spanix.team.log combined;
server_name lsf.spanix.team;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://127.0.0.1:40050;
include configs/proxy.conf;
}
listen 443 ssl;
http2 on;
ssl_certificate /etc/letsencrypt/live/lsf.spanix.team/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/lsf.spanix.team/privkey.pem; # managed by Certbot
include configs/sslConfig.conf;
}
server {
if ($host = lsf.spanix.team) {
return 301 https://$host$request_uri;
}
listen 80;
server_name lsf.spanix.team;
}

19
nginx/conf.d/posts.zzls.xyz.conf
View file

@ -1,19 +0,0 @@
server {
access_log /var/log/nginx/posts.zzls.xyz.log combined;
root /var/www/posts;
index index.html;
server_name posts.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
listen 443 ssl;
http2 on;
}
server {
if ($host = posts.zzls.xyz) {
return 301 https://$host$request_uri;
}
server_name posts.zzls.xyz;
listen 80;
}

41
nginx/conf.d/search.nadeko.net.conf
View file

@ -1,41 +0,0 @@
server {
server_name search.zzls.xyz search.nadeko.net;
include configs/general.conf;
include configs/security.conf;
location / {
add_header Content-Type text/plain;
return 200 "
SearxNG is now down because Oracle deleted my account without even notifying me. Sorry. For now, please use other instance or you can use 4get, a more simple search engine.
\t https://4get.nadeko.net";
}
location /search {
add_header Content-Type text/plain;
return 200 "
SearxNG is now down because Oracle deleted my account without even notifying me. Sorry. For now, please use other instance or you can use 4get, a more simple search engine.
\t https://4get.nadeko.net";
}
listen 443 ssl;
}
server {
if ($host = search.zzls.xyz) {
return 301 https://$host$request_uri;
}
if ($host = zzls.xyz) {
return 301 https://$host$request_uri;
}
if ($host = search.nadeko.net) {
return 301 https://$host$request_uri;
}
if ($host = nadeko.net) {
return 301 https://$host$request_uri;
}
server_name search.zzls.xyz search.nadeko.net;
listen 80;
return 404;
}

59
nginx/conf.d/stream.zzls.xyz.conf
View file

@ -1,59 +0,0 @@
# CLEARNET
server {
access_log /var/log/nginx/stream.access.log;
error_log /var/log/nginx/stream.error.log;
server_name stream.zzls.xyz;
include configs/general.conf;
location /hls/ {
types { application/vnd.apple.mpegurl m3u8; video/mp2t ts; }
root /tmp/;
}
location /dash/ {
types { application/dash+xml mpd; audio/mp4 m4a; video/mp4 m4v; }
root /tmp/;
}
location = /streams {
# rtmp_stat all;
# rtmp_stat_stylesheet /stat.xsl;
}
location /stat.xsl {
root /var/www/stream/public/;
}
location /viewers/ {
default_type text/plain;
add_header Content-Type "text/plain";
add_header Refresh "30; $request_uri";
root /var/www/stream/public/;
try_files $uri /viewers.txt =404;
}
location /posters/ {
root /var/www/stream/public/;
try_files $uri /offline.png =404;
}
location / {
root /var/www/stream/public/;
try_files $uri $uri/hls.html =404;
}
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
}
server {
if ($host = stream.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name stream.zzls.xyz;
return 404;
}

40
nginx/conf.d/znc.nadeko.net.conf Normal file
View file

@ -0,0 +1,40 @@
server {
server_name znc.zzls.xyz;
rewrite ^ https://znc.nadeko.net$request_uri? permanent;
listen 443 ssl;
}
server {
access_log /var/log/nginx/znc.zzls.xyz.log combined;
server_name znc.nadeko.net;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://znc;
include configs/proxy.conf;
}
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
}
server {
set $x "";
if ($host = znc.zzls.xyz) {
set $x 1;
}
if ($host = znc.nadeko.net) {
set $x 1;
}
if ($x = 1) {
return 301 https://$host$request_uri;
}
listen 80;
server_name znc.zzls.xyz znc.nadeko.net;
return 404;
}

54
nginx/conf.d/zzls.xyz.conf
View file

@ -2,7 +2,7 @@ server {
access_log /var/log/nginx/zzls.xyz.log;
root /var/www/website;
index index.html;
server_name zzls.xyz www.zzls.xyz www.nadeko.net nadeko.net;
server_name zzls.xyz www.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
@ -33,7 +33,7 @@ server {
# QUIC
include configs/http3.conf;
listen 443 ssl default_server;
listen 443 ssl;
http2 on;
}
@ -44,12 +44,60 @@ server {
if ($host = zzls.xyz) {
return 301 https://$host$request_uri;
}
server_name zzls.xyz www.zzls.xyz;
listen 80;
}
server {
access_log /var/log/nginx/nadeko.net.log;
root /var/www/website;
index index.html;
server_name www.nadeko.net nadeko.net;
include configs/general.conf;
include configs/security.conf;
location /.well-known/matrix/client {
return 200 '{"m.homeserver": {"base_url": "https://matrix.nadeko.net"}, "org.matrix.msc3575.proxy": {"url": "https://matrix.nadeko.net"}}';
default_type application/json;
add_header Access-Control-Allow-Origin *;
}
location /.well-known/matrix/server {
return 200 '{"m.server": "matrix.nadeko.net:8448"}';
default_type application/json;
add_header Access-Control-Allow-Origin *;
}
location /.well-known/matrix/support {
return 200 '{"contacts": [{"matrix_id": "@fijxu:nadeko.net","email_address": "fijxu@nadeko.net","role": "m.role.admin"},{"email_address": "fijxu@nadeko.net","role": "m.role.security"}],"support_page": "https://nadeko.net/contact" }';
}
location / {
try_files $uri $uri/ =404;
expires 1h;
}
location /transparency {
autoindex on;
autoindex_exact_size off;
autoindex_format html;
autoindex_localtime on;
}
# QUIC
include configs/http3.conf;
listen 443 ssl default_server;
http2 on;
}
server {
if ($host = www.nadeko.net) {
return 301 https://$host$request_uri;
}
if ($host = nadeko.net) {
return 301 https://$host$request_uri;
}
server_name _ zzls.xyz www.zzls.xyz nadeko.net www.nadeko.net;
server_name _ nadeko.net www.nadeko.net;
listen 80;
}

2
nginx/configs/proxy.conf
View file

@ -13,7 +13,7 @@ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
#proxy_set_header Host $host;
# Proxy timeouts
proxy_connect_timeout 60s;
proxy_send_timeout 60s;

12
nginx/configs/upstreams.conf
View file

@ -21,3 +21,15 @@ upstream status {
upstream twitchproxy {
server 127.0.0.1:10003;
}
upstream vigil {
server 127.0.0.1:10004;
}
upstream znc {
server 127.0.0.1:10010;
}
upstream file-uploader {
server unix:/tmp/file-uploader.sock;
}

25
nginx/fastcgi_params
View file

@ -1,25 +0,0 @@
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;

33
nginx/sites-available-archive/bapi.conf
View file

@ -1,33 +0,0 @@
server {
access_log /var/log/nginx/bapi.access.log combined;
server_name bapi.zzls.xyz;
location / {
proxy_pass http://localhost:40030;
}
listen [::]:443 ssl http2; # managed by Certbot
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/bapi.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/bapi.zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = bapi.zzls.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name bapi.zzls.xyz;
return 404; # managed by Certbot
}

43
nginx/sites-available-archive/boards.conf
View file

@ -1,43 +0,0 @@
server {
client_max_body_size 64M;
access_log /var/log/nginx/boards.access.log combined;
root /var/www/boards/;
index index.html index.htm index.nginx-debian.html;
server_name boards.zzls.xyz;
location /api/socket {
proxy_pass http://localhost:8000/api/socket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
}
location / {
proxy_pass http://localhost:8000/;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/boards.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/boards.zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = boards.zzls.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name boards.zzls.xyz;
return 404; # managed by Certbot
}

18
nginx/sites-available-archive/booyahtv.conf
View file

@ -1,18 +0,0 @@
server {
listen 80;
listen [::]:80;
access_log /var/log/nginx/booyahtv.access.log combined;
root /var/www/booyahtv/;
index index.html index.htm index.nginx-debian.html;
server_name booyahtv.zzls.xyz;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

91
nginx/sites-available-archive/default
View file

@ -1,91 +0,0 @@
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}

86
nginx/sites-available-archive/default.bak
View file

@ -1,86 +0,0 @@
server {
listen 80 default_server;
listen [::]:80 default_server;
access_log /var/log/nginx/zzls.access.log combined;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
return 301 https://$host$request_uri;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
allow all;
}
}
server {
access_log /var/log/nginx/zzls.access.log combined;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name zzls.xyz www.zzls.xyz; # managed by Certbot
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
allow all;
}
location /files {
alias /mnt/blockstorage/wwwfiles;
autoindex on;
autoindex_format xml;
autoindex_exact_size off;
autoindex_localtime on;
xslt_stylesheet /var/www/html/assets/superbindex.xslt;
xslt_string_param color-base00 '#18191A';
}
location /filess {
alias /mnt/blockstorage/wwwfiles;
autoindex on;
autoindex_format xml;
autoindex_exact_size off;
autoindex_localtime on;
}
# listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/zzls.xyz/privkey.pem; # managed by Certbot
# ssl_certificate /etc/letsencrypt/live/www.zzls.xyz/fullchain.pem; # managed by Certbot
# ssl_certificate_key /etc/letsencrypt/live/www.zzls.xyz/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = zzls.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name zzls.xyz www.zzls.xyz;
return 404; # managed by Certbot
}

38
nginx/sites-available-archive/i.zzls.xyz.conf
View file

@ -1,38 +0,0 @@
server {
access_log /var/log/nginx/i.access.log combined;
#root /mnt/blockstorage/i/files/;
index index.html index.htm index.nginx-debian.html;
server_name i.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location / {
client_max_body_size 51M;
proxy_pass http://127.0.0.1:40007/;
include configs/proxy.conf;
proxy_intercept_errors on;
error_page 404 = /error;
}
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/i.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/i.zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = i.zzls.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name i.zzls.xyz;
listen 80;
return 404; # managed by Certbot
}

22
nginx/sites-available-archive/i2.conf
View file

@ -1,22 +0,0 @@
server {
listen 80;
listen [::]:80;
access_log /var/log/nginx/i.access.log combined;
# root /mnt/blockstorage/i/files/;
index index.html index.htm index.nginx-debian.html;
server_name i.zzls.xyz;
location / {
proxy_pass http://localhost:7494;
}
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/i2.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/i2.zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

38
nginx/sites-available-archive/ii.conf
View file

@ -1,38 +0,0 @@
server {
access_log /var/log/nginx/ii.access.log combined;
root /mnt/blockstorage/ifiles/;
index index.html index.htm index.nginx-debian.html;
server_name ii.zzls.xyz;
location /upload {
client_max_body_size 4096M;
auth_basic "Restricted Content";
auth_basic_user_file /etc/fileupload.htpasswd;
proxy_pass http://localhost:40002;
}
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/ii.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ii.zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}server {
if ($host = ii.zzls.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name ii.zzls.xyz;
listen 80;
return 404; # managed by Certbot
}

66
nginx/sites-available-archive/logstemp.conf
View file

@ -1,66 +0,0 @@
server {
access_log /var/log/nginx/logs.access.log combined;
server_name logs.zzls.xyz;
root /var/www/logs;
index index.html;
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/logs.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/logs.zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
access_log /var/log/nginx/notlogs.access.log combined;
server_name notlogs.zzls.xyz;
location / {
rewrite ^/(.*)$ https://logs.zzls.xyz/$1 redirect;
}
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/notlogs.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/notlogs.zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}server {
if ($host = logs.zzls.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name logs.zzls.xyz;
listen 80;
return 404; # managed by Certbot
}
server {
if ($host = notlogs.zzls.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name notlogs.zzls.xyz;
listen 80;
return 404; # managed by Certbot
}

31
nginx/sites-available-archive/paste.zzls.xyz.conf
View file

@ -1,31 +0,0 @@
server {
access_log /var/log/nginx/paste.access.log combined;
server_name paste.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://127.0.0.1:40005/;
include configs/proxy.conf;
}
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/paste.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/paste.zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = paste.zzls.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name paste.zzls.xyz;
listen 80;
return 404; # managed by Certbot
}

22
nginx/sites-available-archive/shorturl.conf
View file

@ -1,22 +0,0 @@
server {
listen 80;
listen [::]:80;
access_log /var/log/nginx/s.access.log combined;
root /var/www/s/;
index index.html index.htm index.nginx-debian.html;
server_name s.zzls.xyz;
location / {
proxy_pass http://localhost:40006/;
}
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/s.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/s.zzls.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

84
nginx/sites-available-archive/vanced.conf
View file

@ -1,84 +0,0 @@
server {
access_log /var/log/nginx/vanced.access.log combined;
server_name vanced.zzls.xyz;
#root /var/www/vanced;
#index index.php /_h5ai/public/index.php;
if ($http_user_agent ~* (google) ) {
return 404;
}
location / {
if ($http_user_agent ~* (google) ) {
return 404;
}
root /mnt/blockstorage/Vanced;
index index.html index.php /_h5ai/public/index.php;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_param HTTP_PROXY "";
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location /_h5ai/private {
return 403;
}
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_param HTTP_PROXY "";
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
listen [::]:443 ssl http2; # managed by Certbot
listen 443 ssl http2; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/vanced.zzls.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/vanced.zzls.xyz/privkey.pem; # managed by Certbot
}
server {
if ($host = vanced.zzls.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name vanced.zzls.xyz;
return 404; # managed by Certbot
}

21
nginx/sites-available/4get.zzls.xyz.fallback.conf
View file

@ -1,21 +0,0 @@
# CLEARNET
server {
server_name 4get.zzls.xyz;
include configs/general.conf;
include configs/ssl.conf;
include configs/security.conf;
location / {
return 301 https://4getus.zzls.xyz$request_uri;
}
}
server {
if ($host = 4get.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name 4get.zzls.xyz;
}

22
nginx/sites-available/blog.zzls.xyz.conf
View file

@ -1,22 +0,0 @@
server {
access_log /var/log/nginx/blog.zzls.xyz.log combined;
root /var/www/blog;
index index.html;
server_name blog.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
listen 443 ssl http2;
include configs/ssl.conf;
}
server {
if ($host = blog.zzls.xyz) {
return 301 https://$host$request_uri;
}
server_name blog.zzls.xyz;
listen 80;
return 404; # managed by Certbot
}

41
nginx/sites-available/cgit.zzls.xyz.conf
View file

@ -1,41 +0,0 @@
# CLEARNET
server {
access_log /var/log/nginx/cgit.access.log;
server_name cgit.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
root /usr/share/cgit;
try_files $uri @cgit;
# Configure HTTP transport
#location ~ /.+/(info/refs|git-upload-pack) {
# include fastcgi_params;
# fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend;
# fastcgi_param PATH_INFO $uri;
# fastcgi_param GIT_HTTP_EXPORT_ALL 1;
# fastcgi_param GIT_PROJECT_ROOT /srv/git;
# fastcgi_param HOME /srv/git;
# fastcgi_pass unix:/run/fcgiwrap.socket;
# }
location @cgit {
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /usr/lib/cgit/cgit.cgi;
fastcgi_param PATH_INFO $uri;
fastcgi_param QUERY_STRING $args;
fastcgi_param HTTP_HOST $server_name;
fastcgi_pass unix:/run/fcgiwrap.socket;
}
listen 443 ssl;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = cgit.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name cgit.zzls.xyz;
}

15
nginx/sites-available/contador.zzls.xyz.conf
View file

@ -1,15 +0,0 @@
server {
listen 80;
access_log /var/log/nginx/contador.xyz.log;
root /var/www/website;
index contador.html;
server_name contador.ayaya.beauty;
location / {
try_files $uri $uri/ =404;
add_header Access-Control-Allow-Origin *;
}
}

26
nginx/sites-available/donate.zzls.xyz.conf
View file

@ -1,26 +0,0 @@
server {
access_log /var/log/nginx/donate.zzls.xyz.log combined;
root /var/www/donate;
index index.html;
server_name donate.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location / {
try_files $uri $uri/ =404;
}
listen 443 ssl http2;
include configs/ssl.conf;
}
server {
if ($host = donate.zzls.xyz) {
return 301 https://$host$request_uri;
}
server_name donate.zzls.xyz;
listen 80;
return 404; # managed by Certbot
}

51
nginx/sites-available/files.zzls.xyz.conf
View file

@ -1,51 +0,0 @@
server {
access_log /var/log/nginx/files.zzls.xyz.log combined;
server_name files.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location / {
if ($http_user_agent ~* (google) ) {
return 404;
}
root /mnt/blockstorage/files.zzls.xyz;
index index.html index.php /_h5ai/public/index.php;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_param HTTP_PROXY "";
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location /_h5ai/private {
return 403;
}
}
listen 443 ssl;
http2 on;
include configs/ssl.conf;
}
server {
if ($host = files.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name files.zzls.xyz;
return 404; # managed by Certbot
}

24
nginx/sites-available/i.zzls.xyz.conf
View file

@ -1,24 +0,0 @@
server {
access_log /var/log/nginx/i.zzls.xyz.log combined;
server_name i.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location / {
rewrite ^/(.*)$ https://i.ayaya.beauty/$1 redirect;
}
listen 443 ssl;
http2 on
include configs/ssl.conf;
}
server {
if ($host = i.zzls.xyz) {
return 301 https://$host$request_uri;
}
server_name i.zzls.xyz;
listen 80;
return 404; # managed by Certbot
}

17
nginx/sites-available/inv.zzls.xyz.fallback.conf
View file

@ -1,17 +0,0 @@
server {
listen 80;
include configs/general.conf;
include configs/robotsNone.conf;
server_name inv.zzls.xyz;
root /var/www/website/invidious;
access_log /var/log/nginx/inv.zzls.xyz.fallback.conf.access.log;
# QUIC
add_header Alt-Svc 'h3=":443"; ma=86400';
listen 443 ssl;
listen 443 quic;
http2 on;
include configs/ssl.conf;
}

33
nginx/sites-available/logs.spanix.team.conf
View file

@ -1,33 +0,0 @@
server {
access_log /var/log/nginx/logs.spanix.team.log combined;
server_name logs.spanix.team;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://127.0.0.1:40004;
include configs/proxy.conf;
}
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/logs.spanix.team/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/logs.spanix.team/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = logs.spanix.team) {
return 301 https://$host$request_uri;
}
# managed by Certbot
listen 80;
server_name logs.spanix.team;
return 404; # managed by Certbot
}

49
nginx/sites-available/logs.zzls.xyz.conf
View file

@ -1,49 +0,0 @@
server {
access_log /var/log/nginx/logs.zzls.xyz.log combined;
server_name logs.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://127.0.0.1:40003;
include configs/proxy.conf;
location ~ ^/(channel/rubius|channelid/39276140)/ {
return 401 "Los logs de Rubius han sido deshabilitados";
}
location ~ ^/(channel/ibai|channelid/83232866)/ {
return 401 "Los logs de Ibai han sido deshabilitados";
}
#location ~ ^/(channel/*/user/zonianbot|channelid/*/user/zonianbot|channel/*/userid/670683053|channelid/*/userid/670683053|channel/*/user/skybluecold|channelid/*/user/skybluecold|channel/*/userid/130372054|channelid/*/user/skybluecold)/ {
# return 401 "XD";
# }
location ~* ^/(channel/.*/user/skybluecold|channelid/.*/user/skybluecold|channel/.*/userid/130372054|channelid/.*/userid/130372054){
return 401 "lol";
}
location ~ ^/(channel/notfijxu|channelid/664947434)/ {
return 401 "lol";
}
error_page 501 502 503 /50x.html;
proxy_intercept_errors on;
}
location = /50x.html {
root /var/www/logs;
index 50x.html;
}
listen 443 ssl;
include configs/ssl.conf;
}
server {
if ($host = logs.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name logs.zzls.xyz;
return 404; # managed by Certbot
}

34
nginx/sites-available/lsf.spanix.team.conf
View file

@ -1,34 +0,0 @@
server {
access_log /var/log/nginx/lsf.spanix.team.log combined;
server_name lsf.spanix.team;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://127.0.0.1:40050;
include configs/proxy.conf;
}
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/lsf.spanix.team/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/lsf.spanix.team/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = lsf.spanix.team) {
return 301 https://$host$request_uri;
}
# managed by Certbot
listen 80;
listen [::]:80;
server_name lsf.spanix.team;
return 404; # managed by Certbot
}

63
nginx/sites-available/mail.zzls.xyz.conf
View file

@ -1,63 +0,0 @@
server {
access_log /var/log/nginx/mail.zzls.xyz.log combined;
error_log /var/log/nginx/mail.zzls.xyz.error;
root /var/www/mail;
index index.html index.php;
server_name mail.zzls.xyz;
include configs/general.conf;
location ^~ /baikal {
root /opt/baikal/html;
index index.php;
if (!-e $request_filename) { rewrite ^ /baikal/index.php last; }
rewrite ^/.well-known/caldav /dav.php redirect;
rewrite ^/.well-known/carddav /dav.php redirect;
location ~ /(\.ht|Core|Specific|config) {
deny all;
return 404;
}
location ~ \.php$ {
if (!-f $request_filename) { return 404; }
try_files $uri =404;
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
# location @baikal {
# rewrite /baikal/(.*)$ /baikal/index.php?/$1 last;
# }
location /radicale/ {
proxy_pass http://127.0.0.1:40001/;
proxy_set_header X-Script-Name /radicale;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Remote-User $remote_user;
proxy_set_header Host $http_host;
}
listen 443 ssl http2;
include configs/ssl.conf;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "sameorigin" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
#add_header Content-Security-Policy "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';" always;
add_header Permissions-Policy "interest-cohort=()" always;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
}
server {
if ($host = mail.zzls.xyz) {
return 301 https://$host$request_uri;
}
server_name mail.zzls.xyz;
listen 80;
return 404; # managed by Certbot
}

11
nginx/sites-available/nossl.zzls.xyz.conf
View file

@ -1,11 +0,0 @@
server {
access_log /var/log/nginx/nossl.access.log combined;
root /var/www/nossl;
index index.html index.htm index.nginx-debian.html;
server_name nossl.zzls.xyz;
}

22
nginx/sites-available/posts.zzls.xyz.conf
View file

@ -1,22 +0,0 @@
server {
access_log /var/log/nginx/posts.zzls.xyz.log combined;
root /var/www/posts;
index index.html;
server_name posts.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
listen 443 ssl http2;
include configs/ssl.conf;
}
server {
if ($host = posts.zzls.xyz) {
return 301 https://$host$request_uri;
}
server_name posts.zzls.xyz;
listen 80;
return 404; # managed by Certbot
}

24
nginx/sites-available/status.zzls.xyz.conf
View file

@ -1,24 +0,0 @@
server {
access_log /var/log/nginx/status.zzls.xyz.log combined;
server_name status.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location / {
proxy_pass http://127.0.0.1:8080;
include configs/proxy.conf;
}
listen 443 ssl;
include configs/ssl.conf;
}
server {
if ($host = status.zzls.xyz) {
return 301 https://$host$request_uri;
}
listen 80;
server_name status.zzls.xyz;
return 404; # managed by Certbot
}

64
nginx/sites-available/zzls.xyz.conf
View file

@ -1,64 +0,0 @@
server {
access_log /var/log/nginx/zzls.xyz.log;
root /var/www/website;
index index.html;
server_name zzls.xyz www.zzls.xyz;
include configs/general.conf;
include configs/security.conf;
location /.well-known/matrix/client {
return 200 '{"m.homeserver": {"base_url": "https://matrix.zzls.xyz"}, "org.matrix.msc3575.proxy": {"url": "https://matrix.zzls.xyz"}}';
default_type application/json;
add_header Access-Control-Allow-Origin *;
}
location /.well-known/matrix/server {
return 200 '{"m.server": "matrix.zzls.xyz:8448"}';
default_type application/json;
add_header Access-Control-Allow-Origin *;
}
location / {
try_files $uri $uri/ =404;
add_header Access-Control-Allow-Origin *;
expires 24h;
}
location /transparency {
autoindex on;
autoindex_exact_size off;
autoindex_format html;
autoindex_localtime on;
}
listen 443 ssl http2;
include configs/ssl.conf;
}
server {
access_log /var/log/nginx/zzls.i2p.log;
listen 30001;
server_name zzlst7dauwprptpu2y7cxpetz4fl4jw73tivxhtnm7dla7m6teyq.b32.i2p;
root /var/www/website;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
server {
if ($host = www.zzls.xyz) {
return 301 https://$host$request_uri;
}
if ($host = zzls.xyz) {
return 301 https://$host$request_uri;
}
server_name zzls.xyz www.zzls.xyz;
listen 80;
return 404; # managed by Certbot
}