phantom/etc-configs
1
0
Fork 0
forked from Fijxu/etc-configs
Code Pull requests Activity

a

Browse source
This commit is contained in:
us.nadeko.net 2024-01-30 00:14:42 -03:00
parent 20b4e768d6
commit 911d491bef
6 changed files with 88 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
nginx/conf.d/instances.nadeko.net Normal file
View file

@ -0,0 +1,34 @@
server {
access_log /var/log/nginx/instances.zzls.xyz.access.log;
error_log /var/log/nginx/instances.zzls.xyz.error.log;
server_name instances.zzls.xyz instances.nadeko.net;
include configs/general.conf;
include configs/security.conf;
include configs/robotsNone.conf;
location / {
proxy_pass https://fijxu.github.io/justlog-instances-uptime;
include configs/proxy.conf;
}
# QUIC
include configs/http3.conf;
listen 443 ssl;
http2 on;
}
server {
set $x "";
if ($host = instances.zzls.xyz) {
set $x 1;
}
if ($host = instances.nadeko.net) {
set $x 1;
}
if ($x = 1) {
return 301 https://$host$request_uri;
}
listen 80;
server_name instances.zzls.xyz instances.nadeko.net;
}

4
nginx/conf.d/logs.zzls.xyz.conf
View file

@ -26,6 +26,10 @@ server {
return 401 "lol"; return 401 "lol";
} }
location ~* ^/(channel/.*/user/8nunni|channelid/.*/user/8nunni|channel/.*/userid/1011023847|channelid/.*/userid/1011023847){
return 401 "lol";
}
error_page 501 502 503 /50x.html; error_page 501 502 503 /50x.html;
proxy_intercept_errors on; proxy_intercept_errors on;
} }

41
nginx/conf.d/mail.zzls.xyz.conf
View file

@ -1,6 +1,8 @@
# mail.nadeko.net
server { server {
access_log /var/log/nginx/mail.zzls.xyz.log combined; access_log /var/log/nginx/mail.nadeko.net.log combined;
error_log /var/log/nginx/mail.zzls.xyz.error; error_log /var/log/nginx/mail.nadeko.net.error;
server_name mail.nadeko.net; server_name mail.nadeko.net;
include configs/general.conf; include configs/general.conf;
include configs/robotsNone.conf; include configs/robotsNone.conf;
@ -16,6 +18,10 @@ server {
alias /var/www/mail/favicon.png; alias /var/www/mail/favicon.png;
} }
# location ^~ /.well-known/mta-sts.txt {
# return 200 "version: STSv1\nmode: enforce\nmax_age: 1296000\nmx: mail.nadeko.net\r\n";
# }
# QUIC # QUIC
include configs/http3.conf; include configs/http3.conf;
@ -34,3 +40,34 @@ server {
listen 80; listen 80;
return 404; return 404;
} }
# mta-sts.nadeko.net
server {
access_log /var/log/nginx/mta-sts.nadeko.net.log combined;
error_log /var/log/nginx/mta-sts.nadeko.net.error;
server_name mta-sts.nadeko.net;
include configs/general.conf;
include configs/robotsNone.conf;
include configs/security.conf;
location ^~ /.well-known/mta-sts.txt {
return 200 "version: STSv1\nmode: enforce\nmax_age: 1296000\nmx: mail.nadeko.net\r\n";
}
listen 443 ssl;
http2 on;
}
server {
set $x "";
if ($host = mta-sts.nadeko.net) {
set $x 1;
}
if ($x = 1) {
return 301 https://$host$request_uri;
}
server_name mta-sts.nadeko.net;
listen 80;
return 404;
}

17
nginx/conf.d/zzls.xyz.conf
View file

@ -2,7 +2,7 @@ server {
access_log /var/log/nginx/zzls.xyz.log; access_log /var/log/nginx/zzls.xyz.log;
root /var/www/website; root /var/www/website;
index index.html; index index.html;
server_name _ zzls.xyz www.zzls.xyz www.nadeko.net nadeko.net; server_name zzls.xyz www.zzls.xyz www.nadeko.net nadeko.net;
include configs/general.conf; include configs/general.conf;
include configs/security.conf; include configs/security.conf;
@ -20,7 +20,6 @@ server {
location / { location / {
try_files $uri $uri/ =404; try_files $uri $uri/ =404;
add_header Access-Control-Allow-Origin *;
expires 1h; expires 1h;
} }
@ -38,20 +37,6 @@ server {
http2 on; http2 on;
} }
server {
access_log /var/log/nginx/zzls.i2p.log;
listen 30001;
server_name zzlst7dauwprptpu2y7cxpetz4fl4jw73tivxhtnm7dla7m6teyq.b32.i2p;
root /var/www/website;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
server { server {
if ($host = www.zzls.xyz) { if ($host = www.zzls.xyz) {
return 301 https://$host$request_uri; return 301 https://$host$request_uri;

4
nginx/configs/security.conf
View file

@ -1,8 +1,8 @@
# security headers # security headers
add_header X-XSS-Protection "1; mode=block" always; add_header X-XSS-Protection "0" always;
add_header X-Content-Type-Options "nosniff" always; add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "sameorigin" always; add_header X-Frame-Options "sameorigin" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always; add_header Referrer-Policy "same-origin" always;
#add_header Content-Security-Policy "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';" always; #add_header Content-Security-Policy "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';" always;
add_header Permissions-Policy "interest-cohort=()" always; add_header Permissions-Policy "interest-cohort=()" always;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always; add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;

10
nginx/configs/ssl.conf
View file

@ -1,3 +1,9 @@
ssl_certificate /etc/ssl/certs/fullchain.pem; # ECDSA
ssl_certificate_key /etc/ssl/private/privkey.pem; ssl_certificate /etc/ssl/nadeko.net/fullchain.ec.crt;
ssl_certificate_key /etc/ssl/nadeko.net/nadeko.net.ec.key;
# RSA
#ssl_certificate /etc/ssl/fullchain.crt;
#ssl_certificate_key /etc/ssl/nadeko.net.key;
include configs/sslConfig.conf; include configs/sslConfig.conf;