diff options
Diffstat (limited to 'straper/db/public/nginx/etc-nginx/sites-available')
14 files changed, 0 insertions, 465 deletions
diff --git a/straper/db/public/nginx/etc-nginx/sites-available/bin.labunix.xyz-9443.conf b/straper/db/public/nginx/etc-nginx/sites-available/bin.labunix.xyz-9443.conf deleted file mode 100644 index 399893f..0000000 --- a/straper/db/public/nginx/etc-nginx/sites-available/bin.labunix.xyz-9443.conf +++ /dev/null @@ -1,23 +0,0 @@ -server { - listen 443 ssl; - http2 on; - server_name bin.labunix.xyz; - - ssl_certificate /etc/letsencrypt/live/labunix.xyz/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/labunix.xyz/privkey.pem; - - client_max_body_size 50m; - - location / { - proxy_pass http://127.0.0.1:8081; - - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - - proxy_http_version 1.1; - proxy_set_header Connection ""; - } -} - diff --git a/straper/db/public/nginx/etc-nginx/sites-available/cloud-wg.conf b/straper/db/public/nginx/etc-nginx/sites-available/cloud-wg.conf deleted file mode 100644 index 1209383..0000000 --- a/straper/db/public/nginx/etc-nginx/sites-available/cloud-wg.conf +++ /dev/null @@ -1,17 +0,0 @@ -server { - listen 443 ssl; - http2 on; - server_name cloud.labunix.xyz; - ssl_certificate /etc/letsencrypt/live/labunix.xyz/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/labunix.xyz/privkey.pem; - client_max_body_size 2G; - - location / { - proxy_pass http://127.0.0.1:9091; # adjust if your upstream differs - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } -} - diff --git a/straper/db/public/nginx/etc-nginx/sites-available/default b/straper/db/public/nginx/etc-nginx/sites-available/default deleted file mode 100644 index c5af914..0000000 --- a/straper/db/public/nginx/etc-nginx/sites-available/default +++ /dev/null @@ -1,91 +0,0 @@ -## -# You should look at the following URL's in order to grasp a solid understanding -# of Nginx configuration files in order to fully unleash the power of Nginx. -# https://www.nginx.com/resources/wiki/start/ -# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ -# https://wiki.debian.org/Nginx/DirectoryStructure -# -# In most cases, administrators will remove this file from sites-enabled/ and -# leave it as reference inside of sites-available where it will continue to be -# updated by the nginx packaging team. -# -# This file will automatically load configuration files provided by other -# applications, such as Drupal or Wordpress. These applications will be made -# available underneath a path with that package name, such as /drupal8. -# -# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. -## - -# Default server configuration -# -server { - listen 80 default_server; - listen [::]:80 default_server; - - # SSL configuration - # - # listen 443 ssl default_server; - # listen [::]:443 ssl default_server; - # - # Note: You should disable gzip for SSL traffic. - # See: https://bugs.debian.org/773332 - # - # Read up on ssl_ciphers to ensure a secure configuration. - # See: https://bugs.debian.org/765782 - # - # Self signed certs generated by the ssl-cert package - # Don't use them in a production server! - # - # include snippets/snakeoil.conf; - - root /var/www/html; - - # Add index.php to the list if you are using PHP - index index.html index.htm index.nginx-debian.html; - - server_name _; - - location / { - # First attempt to serve request as file, then - # as directory, then fall back to displaying a 404. - try_files $uri $uri/ =404; - } - - # pass PHP scripts to FastCGI server - # - #location ~ \.php$ { - # include snippets/fastcgi-php.conf; - # - # # With php-fpm (or other unix sockets): - # fastcgi_pass unix:/run/php/php7.4-fpm.sock; - # # With php-cgi (or other tcp sockets): - # fastcgi_pass 127.0.0.1:9000; - #} - - # deny access to .htaccess files, if Apache's document root - # concurs with nginx's one - # - #location ~ /\.ht { - # deny all; - #} -} - - -# Virtual Host configuration for example.com -# -# You can move that to a different file under sites-available/ and symlink that -# to sites-enabled/ to enable it. -# -#server { -# listen 80; -# listen [::]:80; -# -# server_name example.com; -# -# root /var/www/example.com; -# index index.html; -# -# location / { -# try_files $uri $uri/ =404; -# } -#} diff --git a/straper/db/public/nginx/etc-nginx/sites-available/etherpad b/straper/db/public/nginx/etc-nginx/sites-available/etherpad deleted file mode 100644 index e7adb82..0000000 --- a/straper/db/public/nginx/etc-nginx/sites-available/etherpad +++ /dev/null @@ -1,63 +0,0 @@ -server { - listen 443 ssl; - http2 on; - server_name ether.labunix.xyz; - - ssl_certificate /etc/letsencrypt/live/labunix.xyz/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/labunix.xyz/privkey.pem; - - limit_req zone=etherpad_req burst=60 nodelay; - limit_conn etherpad_conn 20; - client_max_body_size 1m; -# Admin only (protect both /admin and /admin/) - location = /admin { - auth_basic "Etherpad Admin"; - auth_basic_user_file /etc/nginx/htpasswd-etherpad-admin; - - proxy_pass http://127.0.0.1:9001; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 120s; - proxy_send_timeout 120s; - proxy_buffering off; - } - - location ^~ /admin/ { - auth_basic "Etherpad Admin"; - auth_basic_user_file /etc/nginx/htpasswd-etherpad-admin; - - proxy_pass http://127.0.0.1:9001; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 120s; - proxy_send_timeout 120s; - proxy_buffering off; - } - location / { - proxy_pass http://127.0.0.1:9001; - - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 120s; - proxy_send_timeout 120s; - proxy_buffering off; - } -} diff --git a/straper/db/public/nginx/etc-nginx/sites-available/labunix-i2p.conf b/straper/db/public/nginx/etc-nginx/sites-available/labunix-i2p.conf deleted file mode 100644 index 9c9ab7e..0000000 --- a/straper/db/public/nginx/etc-nginx/sites-available/labunix-i2p.conf +++ /dev/null @@ -1,15 +0,0 @@ -server { - listen 127.0.0.1:8089; - listen [::1]:8089; - server_name _; - - root /srv/www/labunix/public; - index index.html; - - access_log /var/log/nginx/labunix-i2p.access.log; - error_log /var/log/nginx/labunix-i2p.error.log; - - location / { - try_files $uri $uri/ =404; - } -} diff --git a/straper/db/public/nginx/etc-nginx/sites-available/labunix-onion.conf b/straper/db/public/nginx/etc-nginx/sites-available/labunix-onion.conf deleted file mode 100644 index b451e66..0000000 --- a/straper/db/public/nginx/etc-nginx/sites-available/labunix-onion.conf +++ /dev/null @@ -1,20 +0,0 @@ -server { - listen 127.0.0.1:8088; - server_name _; - - root /srv/www/labunix/public; - index index.html; - - access_log /var/log/nginx/labunix-onion.access.log; - error_log /var/log/nginx/labunix-onion.error.log; - - location / { - try_files $uri $uri/ =404; - } - - location ~* \.(css|js|png|jpg|jpeg|gif|svg|webp|ico|woff2?)$ { - expires 30d; - add_header Cache-Control "public, max-age=2592000, immutable"; - try_files $uri =404; - } -} diff --git a/straper/db/public/nginx/etc-nginx/sites-available/labunix.conf b/straper/db/public/nginx/etc-nginx/sites-available/labunix.conf deleted file mode 100644 index 01043ff..0000000 --- a/straper/db/public/nginx/etc-nginx/sites-available/labunix.conf +++ /dev/null @@ -1,47 +0,0 @@ -# HTTP on :9080 (optional: redirect to HTTPS :9443) -server { - listen 9080; - server_name labunix.xyz www.labunix.xyz 10.50.0.1; - - # If you want redirect to HTTPS on :9443: - return 301 https://$host:443$request_uri; - - # If you prefer serving plain HTTP instead, comment the return above - # and uncomment this: - # root /srv/www/labunix/public; - # index index.html; - # location / { try_files $uri $uri/ =404; } -} - -# HTTPS on :9443 -server { - listen 443 ssl; - http2 on; - server_name labunix.xyz www.labunix.xyz 10.50.0.1; - - root /srv/www/labunix/public; - index index.html; - - ssl_certificate /etc/letsencrypt/live/labunix.xyz/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/labunix.xyz/privkey.pem; - - add_header Onion-Location "http://l6xtdi33ubszm2gswstchrb6o4d6aw3ewj2irexlsbzk6pvesky7p2ad.onion$request_uri" always; - - location / { - try_files $uri $uri/ =404; - } - location /stats/ { - alias /srv/stats/; - index goaccess.html; - allow 127.0.0.1; - allow 10.50.0.0/24; - allow 192.168.33.0/24; - deny all; - } - - location ~* \.(css|js|png|jpg|jpeg|gif|svg|webp|ico|woff2?)$ { - expires 30d; - add_header Cache-Control "public, max-age=2592000, immutable"; - try_files $uri =404; - } -} diff --git a/straper/db/public/nginx/etc-nginx/sites-available/labunix.xyz b/straper/db/public/nginx/etc-nginx/sites-available/labunix.xyz deleted file mode 100644 index a6267a4..0000000 --- a/straper/db/public/nginx/etc-nginx/sites-available/labunix.xyz +++ /dev/null @@ -1,9 +0,0 @@ -server { - listen 9080; - server_name labunix.xyz www.labunix.xyz cloud.labunix.xyz vpn.labunix.xyz; - - root /var/www/labunix; - index index.html; -} - - diff --git a/straper/db/public/nginx/etc-nginx/sites-available/lufi.conf b/straper/db/public/nginx/etc-nginx/sites-available/lufi.conf deleted file mode 100644 index 0051841..0000000 --- a/straper/db/public/nginx/etc-nginx/sites-available/lufi.conf +++ /dev/null @@ -1,34 +0,0 @@ -server { - listen 443 ssl; - http2 on; - server_name lufi.labunix.xyz; - - ssl_certificate /etc/letsencrypt/live/labunix.xyz/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/labunix.xyz/privkey.pem; - - auth_basic "Restricted"; - auth_basic_user_file /etc/nginx/lufi.htpasswd; - - access_log /var/log/nginx/vhost.access.log vhost; - error_log /var/log/nginx/lufi.error.log; - - location / { - proxy_pass http://127.0.0.1:8090; - - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - - proxy_set_header Host $http_host; - proxy_set_header X-Forwarded-Host $http_host; - proxy_set_header X-Forwarded-Port 443; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - add_header X-Frame-Options SAMEORIGIN always; - add_header X-Content-Type-Options nosniff always; - client_max_body_size 2G; - proxy_read_timeout 3600s; - } -} - diff --git a/straper/db/public/nginx/etc-nginx/sites-available/pad.labunix.xyz-9443.conf b/straper/db/public/nginx/etc-nginx/sites-available/pad.labunix.xyz-9443.conf deleted file mode 100644 index b0b47df..0000000 --- a/straper/db/public/nginx/etc-nginx/sites-available/pad.labunix.xyz-9443.conf +++ /dev/null @@ -1,67 +0,0 @@ -# pad.labunix.xyz (main) → HTTP:3101, WS:3103 -server { - listen 443 ssl; - http2 on; - server_name pad.labunix.xyz; - access_log /var/log/nginx/vhost.access.log vhost; - ssl_certificate /etc/letsencrypt/live/pad.labunix.xyz/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/pad.labunix.xyz/privkey.pem; - client_max_body_size 100m; - auth_basic "Restricted"; - auth_basic_user_file /etc/nginx/htpasswd-cryptpad; - - location /cryptpad_websocket { - proxy_pass http://127.0.0.1:3103; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; - proxy_set_header Host $http_host; - proxy_set_header X-Forwarded-Host $http_host; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-Port $server_port; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } - - location / { - proxy_pass http://127.0.0.1:3101; - proxy_http_version 1.1; - proxy_set_header Host $http_host; - proxy_set_header X-Forwarded-Host $http_host; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-Port $server_port; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } -} - -# pad-sandbox.labunix.xyz (sandbox) → HTTP:3101, WS:3103 -server { - listen 443 ssl; - http2 on; - server_name pad-sandbox.labunix.xyz; - access_log /var/log/nginx/vhost.access.log vhost; - ssl_certificate /etc/letsencrypt/live/pad.labunix.xyz/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/pad.labunix.xyz/privkey.pem; - client_max_body_size 100m; - - location /cryptpad_websocket { - proxy_pass http://127.0.0.1:3103; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; - proxy_set_header Host $http_host; - proxy_set_header X-Forwarded-Host $http_host; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-Port $server_port; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } - - location / { - proxy_pass http://127.0.0.1:3101; - proxy_http_version 1.1; - proxy_set_header Host $http_host; - proxy_set_header X-Forwarded-Host $http_host; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-Port $server_port; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - } -} diff --git a/straper/db/public/nginx/etc-nginx/sites-available/search.labunix.xyz.conf b/straper/db/public/nginx/etc-nginx/sites-available/search.labunix.xyz.conf deleted file mode 100644 index 64c151d..0000000 --- a/straper/db/public/nginx/etc-nginx/sites-available/search.labunix.xyz.conf +++ /dev/null @@ -1,22 +0,0 @@ -limit_req_zone $binary_remote_addr zone=searxng:10m rate=30r/m; - -server { - listen 443 ssl; - http2 on; - server_name search.labunix.xyz; - ssl_certificate /etc/letsencrypt/live/labunix.xyz/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/labunix.xyz/privkey.pem; - - location / { - limit_req zone=searxng burst=50 nodelay; - limit_req_status 429; - - proxy_pass http://10.50.0.1:8080; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto https; - proxy_http_version 1.1; - proxy_set_header Connection ""; - } -} diff --git a/straper/db/public/nginx/etc-nginx/sites-available/upload.labunix.xyz-9443.conf b/straper/db/public/nginx/etc-nginx/sites-available/upload.labunix.xyz-9443.conf deleted file mode 100644 index 11d7c82..0000000 --- a/straper/db/public/nginx/etc-nginx/sites-available/upload.labunix.xyz-9443.conf +++ /dev/null @@ -1,24 +0,0 @@ -server { - listen 443 ssl; - listen [::]:443 ssl; - http2 on; - server_name upload.labunix.xyz; - - ssl_certificate /etc/letsencrypt/live/labunix.xyz/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/labunix.xyz/privkey.pem; - - client_max_body_size 21m; - - location / { - proxy_pass http://127.0.0.1:5280; - - proxy_http_version 1.1; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - proxy_request_buffering off; - proxy_buffering off; - } -} - diff --git a/straper/db/public/nginx/etc-nginx/sites-available/vault.labunix.xyz b/straper/db/public/nginx/etc-nginx/sites-available/vault.labunix.xyz deleted file mode 100644 index 5b1d7de..0000000 --- a/straper/db/public/nginx/etc-nginx/sites-available/vault.labunix.xyz +++ /dev/null @@ -1,2 +0,0 @@ -# disabled: vault.labunix.xyz config moved elsewhere - diff --git a/straper/db/public/nginx/etc-nginx/sites-available/vault.labunix.xyz-9443.conf b/straper/db/public/nginx/etc-nginx/sites-available/vault.labunix.xyz-9443.conf deleted file mode 100644 index 022539a..0000000 --- a/straper/db/public/nginx/etc-nginx/sites-available/vault.labunix.xyz-9443.conf +++ /dev/null @@ -1,31 +0,0 @@ -server { - listen 443 ssl; - server_name vault.labunix.xyz; - - ssl_certificate /etc/letsencrypt/live/labunix.xyz/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/labunix.xyz/privkey.pem; - - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - client_max_body_size 100m; - - location / { - proxy_pass http://127.0.0.1:9081; - } - - # keep only if you publish 127.0.0.1:3012:3012 - location /notifications/hub { - proxy_pass http://127.0.0.1:3012; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - } - - location /notifications/hub/negotiate { - proxy_pass http://127.0.0.1:9081; - } -} - |
