mirror of https://git.envs.net/envs/ops.git
update config from server
This commit is contained in:
parent
d5655be8e6
commit
ecefa47175
|
|
@ -23,9 +23,9 @@ ff02::2 ip6-allrouters
|
|||
|
||||
192.168.1.10 git.envs.net gitea
|
||||
192.168.1.11 searx.envs.net searx
|
||||
192.168.1.12 cryptpad pad.envs.net pad cryptpad
|
||||
192.168.1.12 cryptpad pad.envs.net sandpad.envs.net pad cryptpad sandpad
|
||||
192.168.1.13 drone.envs.net drone
|
||||
192.168.1.14 codimd.envs.net codimd
|
||||
192.168.1.14 codimd.envs.net codimd hedgedoc.envs.net hedgedoc
|
||||
192.168.1.15 envs.sh 0x0.envs.net 0x0 null.envs.net null ix.envs.net io.envs.net
|
||||
192.168.1.16 rss.envs.net rss
|
||||
192.168.1.17 pb.envs.net pb pastebin.envs.net pastbin bin.envs.net bin
|
||||
|
|
|
|||
|
|
@ -41,5 +41,5 @@ ident stream tcp nowait identd /usr/sbin/ident2 ident2 -i -n
|
|||
#:HAM-RADIO: amateur-radio services
|
||||
|
||||
#:OTHER: Other services
|
||||
#gopher stream tcp nowait nobody /usr/sbin/gophernicus gophernicus -h envs.net -nv -o UTF-8
|
||||
gopher stream tcp nowait nobody /usr/sbin/gophernicus gophernicus -h envs.net -nv -r /var/gopher/envs.net -o UTF-8
|
||||
#gopher stream tcp nowait nobody /usr/local/sbin/gophernicus gophernicus -h envs.net -nv -o UTF-8
|
||||
gopher stream tcp nowait nobody /usr/local/sbin/gophernicus gophernicus -h envs.net -nv -r /var/gopher/envs.net -o UTF-8
|
||||
|
|
|
|||
|
|
@ -59,7 +59,7 @@ for domain in $RENEWED_DOMAINS; do
|
|||
cat /etc/ssl/certs/envs_dhparam.pem > "$daemon_cert_root/envs_dhparam.pem"
|
||||
|
||||
# 0x0
|
||||
lxc-attach -n null -- bash -c "systemctl reload nginx"
|
||||
lxc-attach -n 0x0 -- bash -c "systemctl reload nginx"
|
||||
;;
|
||||
|
||||
znc.envs.net)
|
||||
|
|
|
|||
|
|
@ -40,14 +40,14 @@ http {
|
|||
reset_timedout_connection on;
|
||||
|
||||
# request timed out -- default 60
|
||||
client_body_timeout 10;
|
||||
client_header_timeout 10;
|
||||
client_body_timeout 60;
|
||||
client_header_timeout 60;
|
||||
|
||||
# if client stop responding, free up memory -- default 60
|
||||
send_timeout 10;
|
||||
send_timeout 60;
|
||||
|
||||
# server will close connection after this time -- default 75
|
||||
keepalive_timeout 30;
|
||||
keepalive_timeout 75;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
|
|
|||
|
|
@ -170,6 +170,14 @@ server {
|
|||
location /matrix {
|
||||
return 301 https://envs.net/chat/matrix/;
|
||||
}
|
||||
# matrix documentation
|
||||
location /matrix/doc {
|
||||
return 301 https://envs.net/chat/matrix/doc/;
|
||||
}
|
||||
location /chat/matrix/doc {
|
||||
alias /var/www/docs/matrix-dokumentation/public/;
|
||||
index index.html;
|
||||
}
|
||||
|
||||
# include php and ssi
|
||||
include snippets/php.conf;
|
||||
|
|
|
|||
|
|
@ -0,0 +1,55 @@
|
|||
### FFSYNC.ENVS.NET - lxc - nullpointer ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
server_name ffsync.envs.net;
|
||||
|
||||
location / {
|
||||
return 307 https://$host$request_uri;
|
||||
}
|
||||
|
||||
location /.well-known/acme-challenge/ {
|
||||
alias /var/lib/letsencrypt/.well-known/acme-challenge/;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name ffsync.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
|
||||
client_max_body_size 64M;
|
||||
|
||||
error_log /var/log/nginx/ffsync.envs.net-error.log crit;
|
||||
|
||||
location / {
|
||||
include proxy_params;
|
||||
proxy_ssl_name $http_host;
|
||||
proxy_ssl_server_name on;
|
||||
proxy_pass https://ffsync.envs.net;
|
||||
}
|
||||
|
||||
include snippets/favicon;
|
||||
}
|
||||
|
||||
|
||||
# ALIAS
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
server_name ff-sync.envs.net;
|
||||
|
||||
return 301 https://ffsync.envs.net$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
server_name ff-sync.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
return 301 https://ffsync.envs.net$request_uri;
|
||||
}
|
||||
|
|
@ -0,0 +1 @@
|
|||
/etc/nginx/sites-available/ffsync.envs.net.conf
|
||||
|
|
@ -1,6 +1,7 @@
|
|||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:TLS-CHACHA20-POLY1305-SHA256:TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:HIGH:!aNULL:!MD5';
|
||||
ssl_prefer_server_ciphers on;
|
||||
#ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:TLS-CHACHA20-POLY1305-SHA256:TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:HIGH:!aNULL:!MD5';
|
||||
ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384';
|
||||
ssl_prefer_server_ciphers off;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_verify_depth 3;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue