Looks nice now
This commit is contained in:
parent
7977d297ac
commit
c930c040af
11 changed files with 96 additions and 188 deletions
|
|
@ -1,73 +1,29 @@
|
||||||
#asxp.io
|
#asxp.io
|
||||||
server {
|
server {
|
||||||
if ($host = www.asxp.io) {
|
listen 443 ssl http2;
|
||||||
return 301 https://$host$request_uri;
|
listen [::]:443 ssl http2;
|
||||||
} # managed by Certbot
|
server_name asxp.io www.asxp.io;
|
||||||
|
|
||||||
|
|
||||||
if ($host = asxp.io) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
server_name www.asxp.io asxp.io;
|
|
||||||
listen [::]:80;
|
|
||||||
server_name www.asxp.io asxp.io;
|
|
||||||
|
|
||||||
root /srv/http/asxpio;
|
root /srv/http/asxpio;
|
||||||
#root /srv/http/photos;
|
|
||||||
index index.html;
|
index index.html;
|
||||||
|
|
||||||
server_name _;
|
|
||||||
return 444;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ =404;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
server {
|
|
||||||
|
|
||||||
root /srv/http/asxpio;
|
|
||||||
#root /srv/http/photos;
|
|
||||||
|
|
||||||
index index.html;
|
|
||||||
|
|
||||||
server_name asxp.io www.asxp.io; # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
# First attempt to serve request as file, then
|
# First attempt to serve request as file, then
|
||||||
# as directory, then fall back to displaying a 404.
|
# as directory, then fall back to displaying a 404.
|
||||||
try_files $uri $uri/ =404;
|
try_files $uri $uri/ =404;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
location ~ \.php$ {
|
||||||
|
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
|
||||||
|
fastcgi_index index.php;
|
||||||
|
root /srv/http/asxpio;
|
||||||
|
include fastcgi.conf;
|
||||||
|
}
|
||||||
|
|
||||||
location ~ \.php$ {
|
ssl_certificate /etc/letsencrypt/live/asxp.io/fullchain.pem;
|
||||||
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
|
ssl_certificate_key /etc/letsencrypt/live/asxp.io/privkey.pem;
|
||||||
fastcgi_index index.php;
|
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||||
root /srv/http/asxpio;
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||||
include fastcgi.conf;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
# deny access to .htaccess files, if Apache's document root
|
|
||||||
# concurs with nginx's one
|
|
||||||
#
|
|
||||||
#location ~ /\.ht {
|
|
||||||
# deny all;
|
|
||||||
#}
|
|
||||||
|
|
||||||
|
|
||||||
#listen [::]:443 ssl ipv6only=on; # managed by Certbot
|
|
||||||
#listen [::]:443;
|
|
||||||
#ssl on;
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/asxp.io/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/asxp.io/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
|
|
||||||
##
|
##
|
||||||
# Nginx Bad Bot Blocker Includes
|
# Nginx Bad Bot Blocker Includes
|
||||||
# REPO: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
|
# REPO: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
|
||||||
|
|
|
||||||
|
|
@ -1,39 +1,7 @@
|
||||||
server {
|
|
||||||
if ($host = www.git.asxp.io) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
if ($host = git.asxp.io) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
server_name www.git.asxp.io git.asxp.io;
|
|
||||||
listen [::]:80;
|
|
||||||
server_name www.git.asxp.io git.asxp.io;
|
|
||||||
|
|
||||||
server_name _;
|
|
||||||
return 444;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
proxy_pass http://localhost:3000;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
server {
|
||||||
listen 443 ssl http2;
|
listen 443 ssl http2;
|
||||||
listen [::]:443 ssl http2;
|
listen [::]:443 ssl http2;
|
||||||
server_name git.asxp.io;
|
server_name git.asxp.io www.git.asxp.io;
|
||||||
|
|
||||||
ssl_certificate /etc/letsencrypt/live/asxp.io/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/asxp.io/privkey.pem; # managed by Certbot
|
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_pass http://localhost:3000;
|
proxy_pass http://localhost:3000;
|
||||||
|
|
@ -42,4 +10,9 @@ server {
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ssl_certificate /etc/letsencrypt/live/asxp.io/fullchain.pem;
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/asxp.io/privkey.pem;
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||||
}
|
}
|
||||||
20
sites-available/https
Normal file
20
sites-available/https
Normal file
|
|
@ -0,0 +1,20 @@
|
||||||
|
server {
|
||||||
|
|
||||||
|
listen 80;
|
||||||
|
server_name _;
|
||||||
|
listen [::]:80;
|
||||||
|
server_name _;
|
||||||
|
|
||||||
|
if ($host = http://$host$request_uri) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
if ($host = http://www.$host$request_uri;) {
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
}
|
||||||
|
|
||||||
|
location / {
|
||||||
|
try_files $uri $uri/ =404;
|
||||||
|
}
|
||||||
|
}
|
||||||
34
sites-available/photos
Normal file
34
sites-available/photos
Normal file
|
|
@ -0,0 +1,34 @@
|
||||||
|
server {
|
||||||
|
listen 443 ssl http2;
|
||||||
|
listen [::]:443 ssl http2;
|
||||||
|
server_name photos.asxp.io www.photos.asxp.io;
|
||||||
|
|
||||||
|
root /srv/http/photos;
|
||||||
|
index index.html;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
# First attempt to serve request as file, then
|
||||||
|
# as directory, then fall back to displaying a 404.
|
||||||
|
try_files $uri $uri/ =404;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
location ~ \.php$ {
|
||||||
|
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
|
||||||
|
fastcgi_index index.php;
|
||||||
|
root /srv/http/photos;
|
||||||
|
include fastcgi.conf;
|
||||||
|
}
|
||||||
|
|
||||||
|
ssl_certificate /etc/letsencrypt/live/asxp.io/fullchain.pem;
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/asxp.io/privkey.pem;
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||||
|
|
||||||
|
##
|
||||||
|
# Nginx Bad Bot Blocker Includes
|
||||||
|
# REPO: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
|
||||||
|
##
|
||||||
|
#include /etc/nginx/bots.d/ddos.conf;
|
||||||
|
#include /etc/nginx/bots.d/blockbots.conf;
|
||||||
|
}
|
||||||
|
|
@ -1,75 +0,0 @@
|
||||||
#asxp.io
|
|
||||||
server {
|
|
||||||
if ($host = www.photos.asxp.io) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
if ($host = photos.asxp.io) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
server_name www.photos.asxp.io photos.asxp.io;
|
|
||||||
listen [::]:80;
|
|
||||||
server_name www.photos.asxp.io photos.asxp.io;
|
|
||||||
|
|
||||||
root /srv/http/photos;
|
|
||||||
index index.html;
|
|
||||||
|
|
||||||
server_name _;
|
|
||||||
return 444;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ =404;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
server {
|
|
||||||
|
|
||||||
root /srv/http/photos;
|
|
||||||
|
|
||||||
index index.html;
|
|
||||||
|
|
||||||
server_name photos.asxp.io www.photos.asxp.io; # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
location / {
|
|
||||||
# First attempt to serve request as file, then
|
|
||||||
# as directory, then fall back to displaying a 404.
|
|
||||||
try_files $uri $uri/ =404;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
location ~ \.php$ {
|
|
||||||
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
|
|
||||||
fastcgi_index index.php;
|
|
||||||
root /srv/http/photos;
|
|
||||||
include fastcgi.conf;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
# deny access to .htaccess files, if Apache's document root
|
|
||||||
# concurs with nginx's one
|
|
||||||
#
|
|
||||||
#location ~ /\.ht {
|
|
||||||
# deny all;
|
|
||||||
#}
|
|
||||||
|
|
||||||
|
|
||||||
#listen [::]:443 ssl ipv6only=on; # managed by Certbot
|
|
||||||
#listen [::]:443;
|
|
||||||
#ssl on;
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/asxp.io/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/asxp.io/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
|
|
||||||
##
|
|
||||||
# Nginx Bad Bot Blocker Includes
|
|
||||||
# REPO: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
|
|
||||||
##
|
|
||||||
include /etc/nginx/bots.d/ddos.conf;
|
|
||||||
include /etc/nginx/bots.d/blockbots.conf;
|
|
||||||
}
|
|
||||||
21
sites-available/uptime
Normal file
21
sites-available/uptime
Normal file
|
|
@ -0,0 +1,21 @@
|
||||||
|
server {
|
||||||
|
listen 443 ssl http2;
|
||||||
|
listen [::]:443 ssl http2;
|
||||||
|
server_name uptime.asxp.io www.uptime.asxp.io;
|
||||||
|
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://localhost:3001/;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection "upgrade";
|
||||||
|
}
|
||||||
|
|
||||||
|
ssl_certificate /etc/letsencrypt/live/asxp.io/fullchain.pem;
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/asxp.io/privkey.pem;
|
||||||
|
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||||
|
}
|
||||||
|
|
@ -1,18 +0,0 @@
|
||||||
server {
|
|
||||||
listen 443 ssl http2;
|
|
||||||
# Remove '#' in the next line to enable IPv6
|
|
||||||
# listen [::]:443 ssl http2;
|
|
||||||
server_name uptime.asxp.io;
|
|
||||||
ssl_certificate /etc/letsencrypt/live/asxp.io/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/asxp.io/privkey.pem; # managed by Certbot
|
|
||||||
|
|
||||||
location / {
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_pass http://localhost:3001/;
|
|
||||||
proxy_http_version 1.1;
|
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
|
||||||
proxy_set_header Connection "upgrade";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1 +0,0 @@
|
||||||
/etc/nginx/sites-available/asxp.io
|
|
||||||
|
|
@ -1 +0,0 @@
|
||||||
/etc/nginx/sites-available/gitea
|
|
||||||
|
|
@ -1 +0,0 @@
|
||||||
/etc/nginx/sites-available/uptime.asxp.io
|
|
||||||
Loading…
Add table
Reference in a new issue