jared
/
ja13-nginx
Beobachten 1
Favorisieren 0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Keine Beschreibung
Du kannst nicht mehr als 25 Themen auswählen Themen müssen mit entweder einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
3 Commits
1 Branch
Struktur: 025848d68d
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „025848d68d“
${ noResults }
ja13-nginx/nginx.conf

nginx.conf 4.4KB
Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191 
  1. worker_processes  2;

  2. 

  3. events {

  4.   worker_connections  1024;

  5. }

  6. 

  7. http {

  8.   # Some SSL stuff

  9.   ssl_protocols TLSv1.2 TLSv1.3;

  10. 	ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;

  11. 	ssl_prefer_server_ciphers on;

  12. 

  13.   # Some global configurations

  14.   client_max_body_size 10M;

  15.   include mime.types;

  16.   default_type application/octet-stream;

  17.   sendfile on;

  18.   keepalive_timeout  65;

  19.   gzip  on;

  20. 

  21.   # header crap

  22.   add_header X-Frame-Options "SAMEORIGIN" always;

  23. 	add_header X-XSS-Protection "1; mode=block" always;

  24. 	add_header X-Content-Type-Options "nosniff" always;

  25. 	add_header Referrer-Policy "no-referrer" always;

  26.   # erg.. fix this eventually.

  27. 	add_header Content-Security-Policy 'self' always;

  28. 

  29.   # http://ja13.org and https://ja13.org

  30.   server {

  31.     server_name ja13.org;

  32.   	listen 80;

  33.   	listen [::]:80;

  34.   	listen 443 ssl http2;

  35.   	listen [::]:443 ssl http2;

  36.     root /srv/http/http;

  37. 

  38.     ssl_certificate /etc/letsencrypt/live/ja13.org-0001/fullchain.pem;

  39.     ssl_certificate_key /etc/letsencrypt/live/ja13.org-0001/privkey.pem;

  40. 

  41.     location / {

  42.       index index.html;

  43.       autoindex on;

  44.     }

  45. 

  46.     location /robots.txt {

  47.       root /srv/http/common;

  48.       index robots.txt;

  49.     }

  50. 

  51.     location /favicon.ico {

  52.       root /srv/http/common;

  53.       index favicon.ico;

  54.     }

  55. 

  56.     location /resume.pdf {

  57.       root /srv/http/resume;

  58.       index resume.pdf;

  59.     }

  60.   }

  61. 

  62.   # http://john.ja13.org and https://john.ja13.org

  63.   server {

  64.     server_name john.ja13.org;

  65.     listen 80;

  66.   	listen [::]:80;

  67.   	listen 443 ssl http2;

  68.   	listen [::]:443 ssl http2;

  69.     root /srv/http/john;

  70. 

  71.     allow 10.0.0.0/24;

  72.     deny all;

  73. 

  74.     ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;

  75.     ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;

  76. 

  77.     location / {

  78.       proxy_pass http://10.0.0.4;

  79.     }

  80.   }

  81. 

  82.   # http://ns1.ja13.org and https://ns1.ja13.org

  83.   server {

  84.     server_name ns1.ja13.org;

  85.     listen 80;

  86.   	listen [::]:80;

  87.   	listen 443 ssl http2;

  88.   	listen [::]:443 ssl http2;

  89.     root /srv/http/ns1;

  90. 

  91.     ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;

  92.     ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;

  93. 

  94.     location / {

  95.       index index.html;

  96.       autoindex on;

  97.     }

  98. 

  99.     location /robots.txt {

  100.       root /srv/http/common;

  101.       index robots.txt;

  102.     }

  103. 

  104.     location /favicon.ico {

  105.       root /srv/http/common;

  106.       index favicon.ico;

  107.     }

  108.   }

  109. 

  110.   # http://wifi.ja13.org and https://wifi.ja13.org

  111.   server {

  112.     server_name wifi.ja13.org;

  113.     listen 80;

  114.   	listen [::]:80;

  115.   	listen 443 ssl http2;

  116.   	listen [::]:443 ssl http2;

  117.     root /srv/http;

  118. 

  119.     allow 10.0.0.0/24;

  120.     deny all;

  121. 

  122.     ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;

  123.     ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;

  124. 

  125.     location / {

  126.       proxy_set_header Referer "";

  127.       proxy_ssl_verify off;

  128.       proxy_pass https://127.0.0.1:8443;

  129.     }

  130.   }

  131. 

  132.   # http://resume.ja13.org and https://resume.ja13.org

  133.   server {

  134.     server_name resume.ja13.org;

  135.     listen 80;

  136.   	listen [::]:80;

  137.   	listen 443 ssl http2;

  138.   	listen [::]:443 ssl http2;

  139.     root /srv/http/resume;

  140. 

  141.     ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;

  142.     ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;

  143. 

  144.     location / {

  145.       index index.html;

  146.       autoindex on;

  147.     }

  148. 

  149.     location /robots.txt {

  150.       root /srv/http/common;

  151.       index robots.txt;

  152.     }

  153. 

  154.     location /favicon.ico {

  155.       root /srv/http/common;

  156.       index favicon.ico;

  157.     }

  158.   }

  159. 

  160.   # http://*.ja13.org and https://*.ja13.org (a catch all domain)

  161.   server {

  162.     server_name _;

  163.     listen 80 default_server;

  164.   	listen [::]:80 default_server;

  165.   	listen 443 ssl http2 default_server;

  166.   	listen [::]:443 ssl http2 default_server;

  167.     root /srv/http/lost;

  168.     ssl_certificate /etc/letsencrypt/live/ja13.org/fullchain.pem;

  169.     ssl_certificate_key /etc/letsencrypt/live/ja13.org/privkey.pem;

  170. 

  171.     location / {

  172.       index index.html;

  173.       autoindex on;

  174.     }

  175. 

  176.     location /robots.txt {

  177.       root /srv/http/common;

  178.       index robots.txt;

  179.     }

  180. 

  181.     location /favicon.ico {

  182.       root /srv/http/common;

  183.       index favicon.ico;

  184.     }

  185. 

  186.     location /resume.pdf {

  187.       root /srv/http/resume;

  188.       index resume.pdf;

  189.     }

  190.   }

  191. }