@@ -0,0 +1,55 @@ | |||
server { | |||
listen 80; | |||
# listen [::]:80; | |||
server_name pkginfo.devuan.org; | |||
location ~ ^/.well-known/acme-challenge { | |||
root /home/pkginfo.devuan.org/letsencrypt; | |||
} | |||
location / { | |||
return 301 https://$server_name$request_uri; | |||
} | |||
} | |||
server { | |||
listen 443 ssl; | |||
# listen [::]:443; | |||
server_name pkginfo.devuan.org; | |||
root /home/pkginfo.devuan.org/public; | |||
location / { | |||
autoindex off; | |||
} | |||
location /cgi-bin/ { | |||
gzip off; | |||
autoindex off; | |||
#root /home/info.devuan.org/cgi-bin; | |||
# Fastcgi socket | |||
fastcgi_pass unix:/var/run/fcgiwrap.socket; | |||
# Fastcgi parameters, include the standard ones | |||
include /etc/nginx/fastcgi_params; | |||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |||
fastcgi_param SCRIPT_NAME $fastcgi_script_name; | |||
} | |||
ssl on; | |||
ssl_certificate /etc/letsencrypt/live/pkginfo.devuan.org/fullchain.pem; | |||
ssl_certificate_key /etc/letsencrypt/live/pkginfo.devuan.org/privkey.pem; | |||
ssl_protocols TLSv1.2 TLSv1.1 TLSv1; | |||
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; | |||
ssl_ecdh_curve secp384r1; | |||
ssl_prefer_server_ciphers on; | |||
ssl_session_cache builtin:1000 shared:SSL:10m; | |||
resolver 213.186.33.99 valid=300s; | |||
resolver_timeout 3s; | |||
} |
@@ -0,0 +1,49 @@ | |||
server { | |||
listen 80; | |||
# listen [::]:80; | |||
server_name www.devuan.org dev-1.org dev-one.org devuan.org; | |||
location ~ ^/.well-known/acme-challenge { | |||
root /var/www/devuan-www/letsencrypt; | |||
} | |||
# try_files $uri $uri/index.html $uri.htm $uri.html; | |||
##root /var/www/devuan-www/public; | |||
location / { | |||
return 301 https://www.devuan.org$request_uri; | |||
} | |||
} | |||
server { | |||
listen 80; | |||
server_name devuanzuwu3xoqwp.onion; | |||
root /var/www/devuan-www/public.current; | |||
include /etc/nginx/snippets/devuan-web.conf; | |||
} | |||
server { | |||
listen 443 ssl; | |||
# listen [::]:443; | |||
server_name www.devuan.org dev-1.org dev-one.org devuan.org; | |||
root /var/www/devuan-www/public.current; | |||
include /etc/nginx/snippets/devuan-web.conf; | |||
ssl on; | |||
ssl_certificate /etc/letsencrypt/live/dev-1.org/fullchain.pem; # managed by Certbot | |||
ssl_certificate_key /etc/letsencrypt/live/dev-1.org/privkey.pem; # managed by Certbot | |||
ssl_protocols TLSv1.2 TLSv1.1 TLSv1; | |||
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; | |||
ssl_ecdh_curve secp384r1; | |||
ssl_prefer_server_ciphers on; | |||
ssl_session_cache builtin:1000 shared:SSL:10m; | |||
resolver 213.186.33.99 valid=300s; | |||
resolver_timeout 3s; | |||
} |
@@ -0,0 +1,42 @@ | |||
server { | |||
listen 80; | |||
# listen [::]:80; | |||
server_name beta.devuan.org; | |||
location ~ ^/.well-known/acme-challenge { | |||
root /var/www/devuan-www/letsencrypt; | |||
} | |||
# try_files $uri $uri/index.html $uri.htm $uri.html; | |||
##root /var/www/devuan-www/public; | |||
location / { | |||
return 301 https://$server_name$request_uri; | |||
} | |||
} | |||
server { | |||
listen 443 ssl; | |||
# listen [::]:443; | |||
server_name beta.devuan.org; | |||
root /var/www/devuan-www.beta/public.current; | |||
include /etc/nginx/snippets/devuan-web.conf; | |||
ssl on; | |||
ssl_certificate /etc/letsencrypt/live/dev-1.org/fullchain.pem; # managed by Certbot | |||
ssl_certificate_key /etc/letsencrypt/live/dev-1.org/privkey.pem; # managed by Certbot | |||
ssl_protocols TLSv1.2 TLSv1.1 TLSv1; | |||
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; | |||
ssl_ecdh_curve secp384r1; | |||
ssl_prefer_server_ciphers on; | |||
ssl_session_cache builtin:1000 shared:SSL:10m; | |||
resolver 213.186.33.99 valid=300s; | |||
resolver_timeout 3s; | |||
} |
@@ -0,0 +1,21 @@ | |||
# Default server configuration | |||
# | |||
server { | |||
listen 80 default_server; | |||
listen [::]:80 default_server; | |||
location / { | |||
return 301 https://www.devuan.org$request_uri; | |||
} | |||
} | |||
server { | |||
listen 443 ssl; | |||
# listen [::]:443; | |||
location / { | |||
return 301 https://www.devuan.org$request_uri; | |||
} | |||
} |
@@ -1,22 +0,0 @@ | |||
# | |||
# Basic nginx config. | |||
# TLS support, redirects, are missing here. | |||
# | |||
server { | |||
listen 80; | |||
server_name devuanzuwu3xoqwp.onion; | |||
root /var/www/devuan-www/public.current; | |||
include /etc/nginx/snippets/devuan-web.conf; | |||
} | |||
server { | |||
listen 80; | |||
server_name devuan.org www.devuan.org; | |||
root /var/www/devuan-www; | |||
include /etc/nginx/snippets/devuan-web.conf; | |||
} |
@@ -10,6 +10,8 @@ | |||
# rewrite ^/releases.*$ https://files.devuan.org permanent; | |||
rewrite ^/os/releases/.*$ /os/releases permanent; | |||
rewrite ^/os/mirror.*$ /#download permanent; | |||
rewrite ^/os/download$ /get-devuan permanent; | |||
rewrite ^/os/download/$ /get-devuan permanent; | |||
# https://files.devuan.org permanent; | |||
# rewrite ^/os/releases/jessie.*$ https://files.devuan.org permanent; | |||
rewrite ^/donate.*$ /os/donate permanent; | |||
@@ -38,14 +40,15 @@ location ~ ^/d1conf(|/)$ { | |||
location ~ ^/os/packages/(.+)$ { | |||
return 301 https://pkginfo.devuan.org/cgi-bin/d1pkgweb-query?search=$1; | |||
} | |||
location ~ ^/os/packages(|/)$ { | |||
return 301 https://pkginfo.devuan.org; | |||
} | |||
## LeePen: disabled 20200306 for website restructure. | |||
#location ~ ^/os/packages(|/)$ { | |||
# return 301 https://pkginfo.devuan.org; | |||
#} | |||
# Mirror: change 'en' with your language | |||
# Localize error pages, English default | |||
error_page 403 /error/403.html; | |||
error_page 404 /error/404.html; | |||
error_page 403 /error/403.html; | |||
error_page 404 /error/404.html; | |||
error_page 500 501 502 503 /error/50x.html; | |||
location /error { | |||
internal; | |||
@@ -58,5 +61,5 @@ rewrite ^/en/(.*)$ /$1 last; # Mirror: comment out if you mirror a translatio | |||
location / { | |||
autoindex off; | |||
try_files $uri $uri/index.html $uri.htm $uri.html =404; | |||
try_files $uri $uri.html $uri/index.html $uri.htm =404; | |||
} |
@@ -0,0 +1,13 @@ | |||
# regex to split $uri to $fastcgi_script_name and $fastcgi_path | |||
fastcgi_split_path_info ^(.+\.php)(/.+)$; | |||
# Check that the PHP script exists before passing it | |||
try_files $fastcgi_script_name =404; | |||
# Bypass the fact that try_files resets $fastcgi_path_info | |||
# see: http://trac.nginx.org/nginx/ticket/321 | |||
set $path_info $fastcgi_path_info; | |||
fastcgi_param PATH_INFO $path_info; | |||
fastcgi_index index.php; | |||
include fastcgi.conf; |
@@ -0,0 +1,5 @@ | |||
# Self signed certificates generated by the ssl-cert package | |||
# Don't use them in a production server! | |||
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; | |||
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; |