8 changed files with 194 additions and 28 deletions
@ -0,0 +1,55 @@ |
|||
server { |
|||
listen 80; |
|||
# listen [::]:80; |
|||
|
|||
server_name pkginfo.devuan.org; |
|||
|
|||
location ~ ^/.well-known/acme-challenge { |
|||
root /home/pkginfo.devuan.org/letsencrypt; |
|||
} |
|||
|
|||
location / { |
|||
return 301 https://$server_name$request_uri; |
|||
} |
|||
|
|||
|
|||
} |
|||
|
|||
server { |
|||
|
|||
listen 443 ssl; |
|||
# listen [::]:443; |
|||
|
|||
server_name pkginfo.devuan.org; |
|||
root /home/pkginfo.devuan.org/public; |
|||
|
|||
|
|||
|
|||
location / { |
|||
autoindex off; |
|||
} |
|||
|
|||
location /cgi-bin/ { |
|||
gzip off; |
|||
autoindex off; |
|||
#root /home/info.devuan.org/cgi-bin; |
|||
# Fastcgi socket |
|||
fastcgi_pass unix:/var/run/fcgiwrap.socket; |
|||
# Fastcgi parameters, include the standard ones |
|||
include /etc/nginx/fastcgi_params; |
|||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; |
|||
fastcgi_param SCRIPT_NAME $fastcgi_script_name; |
|||
} |
|||
|
|||
ssl on; |
|||
|
|||
ssl_certificate /etc/letsencrypt/live/pkginfo.devuan.org/fullchain.pem; |
|||
ssl_certificate_key /etc/letsencrypt/live/pkginfo.devuan.org/privkey.pem; |
|||
ssl_protocols TLSv1.2 TLSv1.1 TLSv1; |
|||
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; |
|||
ssl_ecdh_curve secp384r1; |
|||
ssl_prefer_server_ciphers on; |
|||
ssl_session_cache builtin:1000 shared:SSL:10m; |
|||
resolver 213.186.33.99 valid=300s; |
|||
resolver_timeout 3s; |
|||
} |
|||
@ -0,0 +1,49 @@ |
|||
server { |
|||
listen 80; |
|||
# listen [::]:80; |
|||
|
|||
server_name www.devuan.org dev-1.org dev-one.org devuan.org; |
|||
|
|||
location ~ ^/.well-known/acme-challenge { |
|||
root /var/www/devuan-www/letsencrypt; |
|||
} |
|||
# try_files $uri $uri/index.html $uri.htm $uri.html; |
|||
|
|||
##root /var/www/devuan-www/public; |
|||
|
|||
location / { |
|||
return 301 https://www.devuan.org$request_uri; |
|||
} |
|||
|
|||
|
|||
} |
|||
|
|||
server { |
|||
listen 80; |
|||
server_name devuanzuwu3xoqwp.onion; |
|||
root /var/www/devuan-www/public.current; |
|||
|
|||
include /etc/nginx/snippets/devuan-web.conf; |
|||
} |
|||
|
|||
server { |
|||
|
|||
listen 443 ssl; |
|||
# listen [::]:443; |
|||
|
|||
server_name www.devuan.org dev-1.org dev-one.org devuan.org; |
|||
root /var/www/devuan-www/public.current; |
|||
|
|||
include /etc/nginx/snippets/devuan-web.conf; |
|||
|
|||
ssl on; |
|||
ssl_certificate /etc/letsencrypt/live/dev-1.org/fullchain.pem; # managed by Certbot |
|||
ssl_certificate_key /etc/letsencrypt/live/dev-1.org/privkey.pem; # managed by Certbot |
|||
ssl_protocols TLSv1.2 TLSv1.1 TLSv1; |
|||
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; |
|||
ssl_ecdh_curve secp384r1; |
|||
ssl_prefer_server_ciphers on; |
|||
ssl_session_cache builtin:1000 shared:SSL:10m; |
|||
resolver 213.186.33.99 valid=300s; |
|||
resolver_timeout 3s; |
|||
} |
|||
@ -0,0 +1,42 @@ |
|||
server { |
|||
listen 80; |
|||
# listen [::]:80; |
|||
|
|||
server_name beta.devuan.org; |
|||
|
|||
location ~ ^/.well-known/acme-challenge { |
|||
root /var/www/devuan-www/letsencrypt; |
|||
} |
|||
# try_files $uri $uri/index.html $uri.htm $uri.html; |
|||
|
|||
##root /var/www/devuan-www/public; |
|||
|
|||
location / { |
|||
return 301 https://$server_name$request_uri; |
|||
} |
|||
|
|||
|
|||
} |
|||
|
|||
server { |
|||
|
|||
listen 443 ssl; |
|||
# listen [::]:443; |
|||
|
|||
server_name beta.devuan.org; |
|||
root /var/www/devuan-www.beta/public.current; |
|||
|
|||
include /etc/nginx/snippets/devuan-web.conf; |
|||
|
|||
ssl on; |
|||
ssl_certificate /etc/letsencrypt/live/dev-1.org/fullchain.pem; # managed by Certbot |
|||
ssl_certificate_key /etc/letsencrypt/live/dev-1.org/privkey.pem; # managed by Certbot |
|||
ssl_protocols TLSv1.2 TLSv1.1 TLSv1; |
|||
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; |
|||
ssl_ecdh_curve secp384r1; |
|||
ssl_prefer_server_ciphers on; |
|||
ssl_session_cache builtin:1000 shared:SSL:10m; |
|||
resolver 213.186.33.99 valid=300s; |
|||
resolver_timeout 3s; |
|||
|
|||
} |
|||
@ -0,0 +1,21 @@ |
|||
# Default server configuration |
|||
# |
|||
server { |
|||
listen 80 default_server; |
|||
listen [::]:80 default_server; |
|||
|
|||
location / { |
|||
return 301 https://www.devuan.org$request_uri; |
|||
} |
|||
|
|||
} |
|||
|
|||
server { |
|||
|
|||
listen 443 ssl; |
|||
# listen [::]:443; |
|||
|
|||
location / { |
|||
return 301 https://www.devuan.org$request_uri; |
|||
} |
|||
} |
|||
@ -1,22 +0,0 @@ |
|||
# |
|||
# Basic nginx config. |
|||
# TLS support, redirects, are missing here. |
|||
# |
|||
|
|||
server { |
|||
listen 80; |
|||
server_name devuanzuwu3xoqwp.onion; |
|||
root /var/www/devuan-www/public.current; |
|||
|
|||
include /etc/nginx/snippets/devuan-web.conf; |
|||
} |
|||
|
|||
server { |
|||
listen 80; |
|||
|
|||
server_name devuan.org www.devuan.org; |
|||
|
|||
root /var/www/devuan-www; |
|||
|
|||
include /etc/nginx/snippets/devuan-web.conf; |
|||
} |
|||
@ -0,0 +1,13 @@ |
|||
# regex to split $uri to $fastcgi_script_name and $fastcgi_path |
|||
fastcgi_split_path_info ^(.+\.php)(/.+)$; |
|||
|
|||
# Check that the PHP script exists before passing it |
|||
try_files $fastcgi_script_name =404; |
|||
|
|||
# Bypass the fact that try_files resets $fastcgi_path_info |
|||
# see: http://trac.nginx.org/nginx/ticket/321 |
|||
set $path_info $fastcgi_path_info; |
|||
fastcgi_param PATH_INFO $path_info; |
|||
|
|||
fastcgi_index index.php; |
|||
include fastcgi.conf; |
|||
@ -0,0 +1,5 @@ |
|||
# Self signed certificates generated by the ssl-cert package |
|||
# Don't use them in a production server! |
|||
|
|||
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; |
|||
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; |
|||
Loading…
Reference in new issue