diff --git a/fastcgi.conf.default b/fastcgi.conf.default new file mode 100644 index 0000000..091738c --- /dev/null +++ b/fastcgi.conf.default @@ -0,0 +1,26 @@ + +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/fastcgi_params.default b/fastcgi_params.default new file mode 100644 index 0000000..28decb9 --- /dev/null +++ b/fastcgi_params.default @@ -0,0 +1,25 @@ + +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/html/50x.html b/html/50x.html new file mode 100644 index 0000000..a57c2f9 --- /dev/null +++ b/html/50x.html @@ -0,0 +1,19 @@ + + + +Error + + + +

An error occurred.

+

Sorry, the page you are looking for is currently unavailable.
+Please try again later.

+

If you are the system administrator of this resource then you should check +the error log for details.

+

Faithfully yours, nginx.

+ + diff --git a/html/index.html b/html/index.html new file mode 100644 index 0000000..e8f5622 --- /dev/null +++ b/html/index.html @@ -0,0 +1,23 @@ + + + +Welcome to nginx! + + + +

Welcome to nginx!

+

If you see this page, the nginx web server is successfully installed and +working. Further configuration is required.

+ +

For online documentation and support please refer to +nginx.org.
+Commercial support is available at +nginx.com.

+ +

Thank you for using nginx.

+ + diff --git a/logs/error.log b/logs/error.log new file mode 100644 index 0000000..e69de29 diff --git a/mime.types.default b/mime.types.default new file mode 100644 index 0000000..1c00d70 --- /dev/null +++ b/mime.types.default @@ -0,0 +1,99 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/avif avif; + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/wasm wasm; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/nginx.conf b/nginx.conf index 786d9b4..548ba6e 100644 --- a/nginx.conf +++ b/nginx.conf @@ -1,3 +1,4 @@ + #user http; worker_processes 1; @@ -48,7 +49,7 @@ http { index index.html; } location /nginx_status { - stub_status on; + #stub_status on; allow 127.0.0.1; deny all; } diff --git a/nginx.conf.default b/nginx.conf.default new file mode 100644 index 0000000..29bc085 --- /dev/null +++ b/nginx.conf.default @@ -0,0 +1,117 @@ + +#user nobody; +worker_processes 1; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid logs/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + + #gzip on; + + server { + listen 80; + server_name localhost; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + location / { + root html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} + } + + + # another virtual host using mix of IP-, name-, and port-based configuration + # + #server { + # listen 8000; + # listen somename:8080; + # server_name somename alias another.alias; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + + + # HTTPS server + # + #server { + # listen 443 ssl; + # server_name localhost; + + # ssl_certificate cert.pem; + # ssl_certificate_key cert.key; + + # ssl_session_cache shared:SSL:1m; + # ssl_session_timeout 5m; + + # ssl_ciphers HIGH:!aNULL:!MD5; + # ssl_prefer_server_ciphers on; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + +} diff --git a/nginx.conf.pacsave b/nginx.conf.pacsave new file mode 100644 index 0000000..632b9f1 --- /dev/null +++ b/nginx.conf.pacsave @@ -0,0 +1,67 @@ +#user http; +worker_processes 1; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid logs/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + include /etc/nginx/sites-enabled/*; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + types_hash_max_size 4096; + types_hash_bucket_size 4096; + #gzip on; + + server { + listen 80; + server_name localhost 127.0.0.1; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + location / { + root /usr/share/nginx/html; + #root /srv/http/asxpio; + index index.html; + } + location /nginx_status { + stub_status on; + allow 127.0.0.1; + deny all; + } + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + #root /usr/share/nginx/html; + root /srv/http/; + index index.html; + } + } +} + diff --git a/nginx.conf.pacsave.1 b/nginx.conf.pacsave.1 new file mode 100644 index 0000000..786d9b4 --- /dev/null +++ b/nginx.conf.pacsave.1 @@ -0,0 +1,66 @@ +#user http; +worker_processes 1; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid logs/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + include /etc/nginx/sites-enabled/*; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + types_hash_max_size 4096; + types_hash_bucket_size 4096; + #gzip on; + + server { + listen 80; + server_name localhost 127.0.0.1; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + location / { + root /usr/share/nginx/html; + #root /srv/http/asxpio; + index index.html; + } + location /nginx_status { + stub_status on; + allow 127.0.0.1; + deny all; + } + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + #root /usr/share/nginx/html; + root /srv/http/; + index index.html; + } + } +} diff --git a/nginx.conf.pacsave.2 b/nginx.conf.pacsave.2 new file mode 100644 index 0000000..e22c07a --- /dev/null +++ b/nginx.conf.pacsave.2 @@ -0,0 +1,117 @@ + +#user http; +worker_processes 1; +error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid logs/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + types_hash_max_size 4096; + types_hash_bucket_size 128; + gzip on; + + server { + listen 80; + server_name localhost; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} + } + + + # another virtual host using mix of IP-, name-, and port-based configuration + # + #server { + # listen 8000; + # listen somename:8080; + # server_name somename alias another.alias; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + + + # HTTPS server + # + #server { + # listen 443 ssl; + # server_name localhost; + + # ssl_certificate cert.pem; + # ssl_certificate_key cert.key; + + # ssl_session_cache shared:SSL:1m; + # ssl_session_timeout 5m; + + # ssl_ciphers HIGH:!aNULL:!MD5; + # ssl_prefer_server_ciphers on; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + +} diff --git a/nginx.conf.pacsave.3 b/nginx.conf.pacsave.3 new file mode 100644 index 0000000..786d9b4 --- /dev/null +++ b/nginx.conf.pacsave.3 @@ -0,0 +1,66 @@ +#user http; +worker_processes 1; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid logs/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + include /etc/nginx/sites-enabled/*; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + types_hash_max_size 4096; + types_hash_bucket_size 4096; + #gzip on; + + server { + listen 80; + server_name localhost 127.0.0.1; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + location / { + root /usr/share/nginx/html; + #root /srv/http/asxpio; + index index.html; + } + location /nginx_status { + stub_status on; + allow 127.0.0.1; + deny all; + } + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + #root /usr/share/nginx/html; + root /srv/http/; + index index.html; + } + } +} diff --git a/scgi_params.default b/scgi_params.default new file mode 100644 index 0000000..6d4ce4f --- /dev/null +++ b/scgi_params.default @@ -0,0 +1,17 @@ + +scgi_param REQUEST_METHOD $request_method; +scgi_param REQUEST_URI $request_uri; +scgi_param QUERY_STRING $query_string; +scgi_param CONTENT_TYPE $content_type; + +scgi_param DOCUMENT_URI $document_uri; +scgi_param DOCUMENT_ROOT $document_root; +scgi_param SCGI 1; +scgi_param SERVER_PROTOCOL $server_protocol; +scgi_param REQUEST_SCHEME $scheme; +scgi_param HTTPS $https if_not_empty; + +scgi_param REMOTE_ADDR $remote_addr; +scgi_param REMOTE_PORT $remote_port; +scgi_param SERVER_PORT $server_port; +scgi_param SERVER_NAME $server_name; diff --git a/sites-available/asxp.io b/sites-available/asxp.io index 640a4d0..8401414 100644 --- a/sites-available/asxp.io +++ b/sites-available/asxp.io @@ -1,7 +1,8 @@ #asxp.io test gpg sign server { - listen 443 ssl http2; - #listen [::]:443 ssl http2; + listen 443 ssl; + listen [::]:443 ssl; + http2 on; server_name asxp.io www.asxp.io; root /srv/http/asxpio; diff --git a/sites-available/builds b/sites-available/builds index b36541f..a433fd4 100644 --- a/sites-available/builds +++ b/sites-available/builds @@ -1,9 +1,10 @@ server { server_name builds.asxp.io; - #listen [::]:443 ssl ipv6only=on; + listen [::]:443 ssl; listen 443 ssl; - + http2 on; + ssl_certificate /etc/letsencrypt/live/asxp.io/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/asxp.io/privkey.pem; @@ -12,11 +13,11 @@ server { access_log /var/log/nginx/ftp.access.log; error_log /var/log/nginx/ftp.error.log; - + location / { - autoindex on; - autoindex_exact_size off; - autoindex_format html; - autoindex_localtime on; + autoindex on; + autoindex_exact_size off; + autoindex_format html; + autoindex_localtime on; } } diff --git a/sites-available/gitea b/sites-available/gitea index d009736..e46f5f8 100644 --- a/sites-available/gitea +++ b/sites-available/gitea @@ -1,6 +1,7 @@ server { listen 443 ssl; - #listen [::]:443 ssl http2; + listen [::]:443 ssl; + http2 on; server_name git.asxp.io www.git.asxp.io; location / { diff --git a/sites-available/https b/sites-available/https index d66c5c2..5cc2354 100644 --- a/sites-available/https +++ b/sites-available/https @@ -1,6 +1,6 @@ server { listen 80; - #listen [::]:80; - server_name _; + listen [::]:80; + server_name _; return 301 https://$host$request_uri; } diff --git a/sites-available/jenkins b/sites-available/jenkins index 7d8e75f..9c0d09a 100644 --- a/sites-available/jenkins +++ b/sites-available/jenkins @@ -9,29 +9,11 @@ map $http_upgrade $connection_upgrade { '' close; } -#server { - #listen 80; - #server_name www.jenkins.asxp.io jenkins.asxp.io; - #listen [::]:80; - #server_name www.jenkins.asxp.io jenkins.asxp.io; - #root /var/run/jenkins/war/; - - #index index.html; - - #server_name _; - #return 444; - - #location / { - # try_files $uri $uri/ =404; - #} -#} - server { - server_name jenkins.asxp.io; - #listen [::]:443 ssl ipv6only=on; - listen 443 ssl; - - + server_name jenkins.asxp.io; + listen 443 ssl; + listen [::]:443 ssl; #ipv6only=on; + http2 on; ssl_certificate /etc/letsencrypt/live/asxp.io/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/asxp.io/privkey.pem; #ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; diff --git a/sites-available/uptime b/sites-available/uptime index 5557939..828a01b 100644 --- a/sites-available/uptime +++ b/sites-available/uptime @@ -1,6 +1,7 @@ server { listen 443 ssl; - #listen [::]:443 ssl http2; + listen [::]:443 ssl; + http2 on; server_name uptime.asxp.io www.uptime.asxp.io; ssl_certificate /etc/letsencrypt/live/asxp.io/fullchain.pem; diff --git a/uwsgi_params.default b/uwsgi_params.default new file mode 100644 index 0000000..09c732c --- /dev/null +++ b/uwsgi_params.default @@ -0,0 +1,17 @@ + +uwsgi_param QUERY_STRING $query_string; +uwsgi_param REQUEST_METHOD $request_method; +uwsgi_param CONTENT_TYPE $content_type; +uwsgi_param CONTENT_LENGTH $content_length; + +uwsgi_param REQUEST_URI $request_uri; +uwsgi_param PATH_INFO $document_uri; +uwsgi_param DOCUMENT_ROOT $document_root; +uwsgi_param SERVER_PROTOCOL $server_protocol; +uwsgi_param REQUEST_SCHEME $scheme; +uwsgi_param HTTPS $https if_not_empty; + +uwsgi_param REMOTE_ADDR $remote_addr; +uwsgi_param REMOTE_PORT $remote_port; +uwsgi_param SERVER_PORT $server_port; +uwsgi_param SERVER_NAME $server_name;