jared
/
ja13-nginx
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

initial commit

Jared Dunbar 2 years ago
commit
3de0ec104e
Signed by: Jared Dunbar <jrddunbr@gmail.com> GPG Key ID: CF202CC859BAC692
1 changed files with 203 additions and 0 deletions
Split View Show Diff Stats
  1. 203
    0
      nginx.conf

+ 203
- 0
nginx.conf View File 

@@ -0,0 +1,203 @@
1 
+worker_processes  2;
2 
+
3 
+events {
4 
+  worker_connections  1024;
5 
+}
6 
+
7 
+http {
8 
+  # Some SSL stuff
9 
+  # when move to nginx 1.13, add TLSv1.3 below
10 
+  ssl_protocols TLSv1.2;
11 
+  ssl_prefer_server_ciphers on;
12 
+  # specifically, not RC4.
13 
+  ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
14 
+
15 
+  # Some global configurations
16 
+  client_max_body_size 10M;
17 
+  include mime.types;
18 
+  default_type application/octet-stream;
19 
+  sendfile on;
20 
+  keepalive_timeout  65;
21 
+  gzip  on;
22 
+
23 
+  # http://ja13.org and https://ja13.org
24 
+  server {
25 
+    server_name ja13.org;
26 
+    listen 80;
27 
+    listen 443 http2 ssl;
28 
+    root /srv/http/http;
29 
+
30 
+    ssl_certificate /etc/letsencrypt/live/ja13.org-0001/fullchain.pem;
31 
+    ssl_certificate_key /etc/letsencrypt/live/ja13.org-0001/privkey.pem;
32 
+
33 
+    location / {
34 
+      index index.html;
35 
+      autoindex on;
36 
+    }
37 
+
38 
+    location /robots.txt {
39 
+      root /srv/http/common;
40 
+      index robots.txt;
41 
+    }
42 
+
43 
+    location /favicon.ico {
44 
+      root /srv/http/common;
45 
+      index favicon.ico;
46 
+    }
47 
+
48 
+    location /resume.pdf {
49 
+      root /srv/http/resume;
50 
+      index resume.pdf;
51 
+    }
52 
+  }
53 
+
54 
+  # http://john.ja13.org and https://john.ja13.org
55 
+  server {
56 
+    server_name john.ja13.org;
57 
+    listen 80;
58 
+    listen 443 http2 ssl;
59 
+    root /srv/http/john;
60 
+
61 
+    ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
62 
+    ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
63 
+
64 
+    location / {
65 
+      proxy_pass http://10.0.0.4;
66 
+    }
67 
+  }
68 
+
69 
+  # http://ns1.ja13.org and https://ns1.ja13.org
70 
+  server {
71 
+    server_name ns1.ja13.org;
72 
+    listen 80;
73 
+    listen 443 http2 ssl;
74 
+    root /srv/http/ns1;
75 
+
76 
+    ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
77 
+    ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
78 
+
79 
+    location / {
80 
+      index index.html;
81 
+      autoindex on;
82 
+    }
83 
+
84 
+    location /robots.txt {
85 
+      root /srv/http/common;
86 
+      index robots.txt;
87 
+    }
88 
+
89 
+    location /favicon.ico {
90 
+      root /srv/http/common;
91 
+      index favicon.ico;
92 
+    }
93 
+  }
94 
+
95 
+  # http://wifi.ja13.org and https://wifi.ja13.org
96 
+  server {
97 
+    server_name wifi.ja13.org;
98 
+    listen 80;
99 
+    listen 443 http2 ssl;
100 
+    root /srv/http;
101 
+
102 
+    allow 10.0.0.0/24;
103 
+    deny all;
104 
+
105 
+    ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
106 
+    ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
107 
+
108 
+    location / {
109 
+      proxy_set_header Referer "";
110 
+      proxy_ssl_verify off;
111 
+      proxy_pass https://127.0.0.1:8443;
112 
+    }
113 
+  }
114 
+
115 
+  # http://source.ja13.org and https://source.ja13.org
116 
+  server {
117 
+    server_name source.ja13.org;
118 
+    listen 80;
119 
+    listen 443 http2 ssl;
120 
+
121 
+    ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
122 
+    ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
123 
+
124 
+    location / {
125 
+      # this will probably be changed later
126 
+      proxy_pass http://10.0.0.10:80;
127 
+    }
128 
+
129 
+    location /robots.txt {
130 
+      root /srv/http/common;
131 
+      index robots.txt;
132 
+    }
133 
+
134 
+    location /favicon.ico {
135 
+      root /srv/http/common;
136 
+      index favicon.ico;
137 
+    }
138 
+  }
139 
+
140 
+  server {
141 
+    server_name nx.ja13.org;
142 
+    listen 80;
143 
+    location / {
144 
+      return 301 https://docs.plm.automation.siemens.com/tdoc/nx/12.0.1/nx_help/;
145 
+    }
146 
+  }
147 
+
148 
+  # http://resume.ja13.org and https://resume.ja13.org
149 
+  server {
150 
+    server_name resume.ja13.org;
151 
+    listen 80;
152 
+    listen 443 http2 ssl;
153 
+    root /srv/http/resume;
154 
+
155 
+    ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
156 
+    ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
157 
+
158 
+    location / {
159 
+      index index.html;
160 
+      autoindex on;
161 
+    }
162 
+
163 
+    location /robots.txt {
164 
+      root /srv/http/common;
165 
+      index robots.txt;
166 
+    }
167 
+
168 
+    location /favicon.ico {
169 
+      root /srv/http/common;
170 
+      index favicon.ico;
171 
+    }
172 
+  }
173 
+
174 
+  # http://*.ja13.org and https://*.ja13.org (a catch all domain)
175 
+  server {
176 
+    server_name _;
177 
+    listen 80 default_server;
178 
+    listen 443 http2 default_server ssl;
179 
+    root /srv/http/lost;
180 
+    ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;
181 
+    ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;
182 
+
183 
+    location / {
184 
+      index index.html;
185 
+      autoindex on;
186 
+    }
187 
+
188 
+    location /robots.txt {
189 
+      root /srv/http/common;
190 
+      index robots.txt;
191 
+    }
192 
+
193 
+    location /favicon.ico {
194 
+      root /srv/http/common;
195 
+      index favicon.ico;
196 
+    }
197 
+
198 
+    location /resume.pdf {
199 
+      root /srv/http/resume;
200 
+      index resume.pdf;
201 
+    }
202 
+  }
203 
+}

Write Preview
Loading…
Cancel
Save