envs
/
ops
mirror of https://git.envs.net/envs/ops.git
1
0
Fork 0
Code Releases Activity

update some outdated configs 

Signed-off-by: creme <creme@envs.net>
This commit is contained in:
creme 2022-09-29 12:52:50 +00:00
parent 0c83234050
commit 93625b57a8
6 changed files with 49 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
etc/nginx/sites-available/fed.envs.net.conf Normal file
View File

@ -0,0 +1,38 @@
server {
include snippets/listen.conf;
server_name fed.envs.net federationtester.envs.net;
location / {
return 302 https://$host$request_uri;
}
location /.well-known/acme-challenge/ {
alias /var/lib/letsencrypt/.well-known/acme-challenge/;
}
}
server {
include snippets/listen_ssl.conf;
server_name fed.envs.net federationtester.envs.net;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
root /var/www/fed.envs.net/;
index index.html;
location / {
rewrite ^ /index.html break;
}
location /api {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://localhost:8089;
}
location ~ ^/([^/]+?)(.json)?$ {
return 302 https://$host/api/report?server_name=$1;
}
}

1
etc/nginx/sites-enabled/fed.envs.net.conf Symbolic link
View File

@ -0,0 +1 @@
/etc/nginx/sites-available/fed.envs.net.conf

3
etc/nginx/snippets/php_common
View File

@ -8,3 +8,6 @@ if (!-f $request_filename) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_connect_timeout 3600;
fastcgi_send_timeout 3600;
fastcgi_read_timeout 3600;

1
etc/nginx/snippets/ssl.conf
View File

@ -1,4 +1,5 @@
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ecdh_curve X25519:secp521r1:secp384r1:prime256v1;
ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384';
ssl_prefer_server_ciphers off;
ssl_session_cache shared:SSL:10m;

1
etc/nginx/user-sites-enabled/cosmicice.cat.conf
View File

@ -1 +0,0 @@
/etc/nginx/user-sites-available/cosmicice.cat.conf

10
etc/systemd/system/jetforce.service
View File

@ -6,16 +6,18 @@ After=network-online.target
Type=simple
Restart=always
RestartSec=5
User=jetforce
Group=jetforce
Environment="PYTHONUNBUFFERED=1"
ExecStart=/usr/local/bin/jetforce \
--host 89.163.145.170 \
--port 1965 \
--hostname envs.net \
--dir /var/gemini \
--tls-certfile /etc/letsencrypt/live/envs.net/fullchain.pem \
--tls-keyfile /etc/letsencrypt/live/envs.net/privkey.pem \
--tls-cafile /etc/letsencrypt/live/envs.net/chain.pem \
--tls-capath /etc/letsencrypt/archive/envs.net/
--tls-certfile /srv/jetforce/ssl/fullchain.pem \
--tls-keyfile /srv/jetforce/ssl/privkey.pem \
--tls-cafile /srv/jetforce/ssl/chain.pem \
--tls-capath /srv/jetforce/ssl/
[Install]
WantedBy=default.target