change some config from server

pull/2/head
creme 2 years ago
parent 56e8fe5642
commit f6313e4c54
  1. 3
      etc/cron.d/certbot
  2. 10
      etc/etc/hosts
  3. 14
      etc/init.d/S41firewall
  4. 6
      etc/letsencrypt/renewal-hooks/deploy/envs.sh
  5. 16
      etc/nginx/nginx.conf
  6. 2
      etc/nginx/sites-available/bbj.envs.net.conf
  7. 6
      etc/nginx/sites-available/chat.envs.net.conf
  8. 1
      etc/nginx/sites-available/dimension.envs.net.conf
  9. 1
      etc/nginx/sites-available/drone.envs.net.conf
  10. 25
      etc/nginx/sites-available/element.envs.net.conf
  11. 16
      etc/nginx/sites-available/envs.sh.conf
  12. 11
      etc/nginx/sites-available/git.envs.net.conf
  13. 1
      etc/nginx/sites-available/gopher.envs.net.conf
  14. 1
      etc/nginx/sites-available/grafana.envs.net.conf
  15. 1
      etc/nginx/sites-available/halcyon.envs.net.conf
  16. 11
      etc/nginx/sites-available/help.envs.net.conf
  17. 21
      etc/nginx/sites-available/ip.envs.net.conf
  18. 1
      etc/nginx/sites-available/lag.envs.net.conf
  19. 1
      etc/nginx/sites-available/lists.envs.net.conf
  20. 1
      etc/nginx/sites-available/mail.envs.net.conf
  21. 1
      etc/nginx/sites-available/matrix.envs.net.conf
  22. 11
      etc/nginx/sites-available/pad.envs.net.conf
  23. 11
      etc/nginx/sites-available/pb.envs.net.conf
  24. 11
      etc/nginx/sites-available/pleroma.envs.net.conf
  25. 2
      etc/nginx/sites-available/prometheus.envs.net.conf
  26. 11
      etc/nginx/sites-available/rss.envs.net.conf
  27. 11
      etc/nginx/sites-available/searx.envs.net.conf
  28. 1
      etc/nginx/sites-available/stats.envs.net.conf
  29. 1
      etc/nginx/sites-available/ttbp.envs.net.conf
  30. 1
      etc/nginx/sites-available/twtxt.envs.net.conf
  31. 1
      etc/nginx/sites-available/user.envs.net.conf
  32. 1
      etc/nginx/sites-available/user.envs.sh.conf
  33. 12
      etc/nginx/sites-available/webirc.envs.net.conf
  34. 7
      etc/nginx/sites-available/znc.envs.net.conf
  35. 1
      etc/nginx/sites-enabled/jitsi.envs.net.conf
  36. 1
      etc/nginx/sites-enabled/tb.envs.net.conf
  37. 59
      etc/nginx/user-sites-available/antonmcclure.com.conf
  38. 1
      etc/nginx/user-sites-enabled/antonmcclure.com.conf
  39. 2
      var/tilde/admins

@ -14,4 +14,5 @@
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
1 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew --deploy-hook /etc/letsencrypt/renewal-hooks/deploy/envs.sh --renew-hook "systemctl reload nginx"
#1 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew --deploy-hook /etc/letsencrypt/renewal-hooks/deploy/envs.sh --renew-hook "systemctl reload nginx"
1 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew --renew-hook "systemctl reload nginx"

@ -6,6 +6,8 @@
89.163.145.170 envs.net core core.envs.net ve423.venus.dedi.server-hosting.expert ve423
5.199.136.30 ssh.envs.net
168.119.12.180 srv01.envs.net
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
@ -15,7 +17,7 @@ ff02::2 ip6-allrouters
# ENVS.NET - LXC
#
192.168.1.2 ns1.envs.net ns1 dns
192.168.1.2 ns1.envs.net ns1
192.168.1.3 mail.envs.net mail
192.168.1.4 lists.envs.net lists
192.168.1.5 ldap.envs.net ldap
@ -26,9 +28,13 @@ ff02::2 ip6-allrouters
192.168.1.12 cryptpad pad.envs.net pad cryptpad
192.168.1.13 drone.envs.net drone
192.168.1.14 matrix.envs.net matrix element.envs.net element lag.envs.net lag riot.envs.net riot dimension.envs.net dimension
#168.119.12.180 matrix.envs.net matrix element.envs.net element lag.envs.net lag riot.envs.net riot dimension.envs.net dimension
192.168.1.15 envs.sh 0x0.envs.net null.envs.net 0x0 null tb.envs.net tb termbin.envs.net termbin
192.168.1.15 envs.sh 0x0.envs.net 0x0 null.envs.net null ix.envs.net io.envs.net
192.168.1.16 rss.envs.net rss
192.168.1.17 pb.envs.net pb pastebin.envs.net pastbin bin.envs.net bin
192.168.1.18 pleroma.envs.net pleroma social halcyon.envs.net halcyon
#144.76.146.17 pleroma.envs.net pleroma social halcyon.envs.net halcyon
192.168.1.19 jitsi.envs.net jitsi meet.envs.net meet
192.168.1.22 dns.envs.net pubdns

@ -158,6 +158,18 @@ if [ "$1" = "start" ]; then
$IPT -w -A FORWARD -p tcp -d 192.168.1.2 --dport 53 -j ACCEPT
$IPT -w -t nat -A POSTROUTING ! -d 192.168.1.0/24 -s 192.168.1.2 -j SNAT --to 89.163.145.170
# DoT / DoH
$IPT -w -t nat -A PREROUTING -d 5.199.130.141 -p udp --dport 53 -j DNAT --to-destination 192.168.1.22:53
$IPT -w -A FORWARD -p udp -d 192.168.1.22 --dport 53 -j ACCEPT
$IPT -w -t nat -A PREROUTING -d 5.199.130.141 -p tcp --dport 53 -j DNAT --to-destination 192.168.1.22:53
$IPT -w -A FORWARD -p tcp -d 192.168.1.22 --dport 53 -j ACCEPT
# $IPT -w -t nat -A PREROUTING -d 5.199.130.141 -p udp --dport 853 -j DNAT --to-destination 192.168.1.22:853
# $IPT -w -A FORWARD -p udp -d 192.168.1.22 --dport 853 -j ACCEPT
$IPT -w -t nat -A PREROUTING -d 5.199.130.141 -p tcp --dport 853 -j DNAT --to-destination 192.168.1.22:853
$IPT -w -A FORWARD -p tcp -d 192.168.1.22 --dport 853 -j ACCEPT
#
$IPT -w -t nat -A POSTROUTING ! -d 192.168.1.0/24 -s 192.168.1.22 -j SNAT --to 5.199.130.141
#
# MAIL ()
# => apache2 proxy (http/https)
@ -248,8 +260,6 @@ if [ "$1" = "start" ]; then
# 0x0
# => apache2 proxy (http/https)
$IPT -w -t nat -A PREROUTING -d 89.163.145.170 -p tcp --dport 9999 -j DNAT --to-destination 192.168.1.15:9999
$IPT -w -A FORWARD -p tcp -d 192.168.1.15 --dport 9999 -j ACCEPT
$IPT -w -t nat -A POSTROUTING ! -d 192.168.1.0/24 -s 192.168.1.15 -j SNAT --to 89.163.145.170
# rss

@ -13,6 +13,9 @@ for domain in $RENEWED_DOMAINS; do
cat "$RENEWED_LINEAGE/fullchain.pem" > "$daemon_cert_root/fullchain.pem"
cat /etc/ssl/certs/envs_dhparam.pem > "$daemon_cert_root/envs_dhparam.pem"
#rsync -av --numeric-ids "$daemon_cert_root" root@srv01.envs.net:/opt/ssl_certs/
#ssh root@srv01.envs.net bash -c "/opt/sync_certs.sh"
# matrix
matrix_dir=/var/lib/lxc/matrix/rootfs/etc/matrix-synapse
cp "$daemon_cert_root/privkey.pem" "$matrix_dir"/
@ -61,6 +64,9 @@ for domain in $RENEWED_DOMAINS; do
cat "$RENEWED_LINEAGE/chain.pem" > "$daemon_cert_root/chain.pem"
cat "$RENEWED_LINEAGE/fullchain.pem" > "$daemon_cert_root/fullchain.pem"
cat /etc/ssl/certs/envs_dhparam.pem > "$daemon_cert_root/envs_dhparam.pem"
#rsync -av --numeric-ids "$daemon_cert_root" root@srv01.envs.net:/opt/ssl_certs/
# 0x0 / fiche
lxc-attach -n null -- bash -c "systemctl reload nginx"
;;

@ -52,19 +52,21 @@ http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
# if the request body size is more than the buffer size, then the entire (or partial)
# request body is written into a temporary file
client_body_buffer_size 128k;
# client_body_buffer_size 128k;
# buffer size for reading client request header
# client_header_buffer_size 1k;
# maximum number and size of buffers for large headers to read from client request
large_client_header_buffers 4 256k;
# large_client_header_buffers 4 256k;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
@ -126,6 +128,11 @@ http {
include /etc/nginx/user-sites-enabled/*;
}
# SSL Pass-thru
stream {
include /etc/nginx/streams/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
@ -146,3 +153,4 @@ http {
# proxy on;
# }
#}

@ -2,7 +2,6 @@
server {
include snippets/listen_local.conf;
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name bbj.envs.net forum.envs.net;
return 307 https://$host$request_uri;
@ -36,7 +35,6 @@ server {
#ALIAS
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name forum.envs.net;
include snippets/ssl.conf;

@ -2,7 +2,6 @@
server {
include snippets/listen_local.conf;
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name chat.envs.net;
return 307 https://$server_name$request_uri;
@ -10,14 +9,11 @@ server {
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name chat.envs.net;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
include snippets/local_ssl_header.conf;
location / {
return 301 https://envs.net/chat/;
}
return 301 https://envs.net/chat/;
}

@ -1,7 +1,6 @@
### DIMENSION.ENVS.NET - lxc ###
server {
include snippets/listen.conf;
# include snippets/ddos_mid.conf;
server_name dimension.envs.net;
return 307 https://$host$request_uri;

@ -1,7 +1,6 @@
### DRONE.ENVS.NET - lxc ###
server {
listen 5.199.130.141:80;
# include snippets/ddos_mid.conf;
server_name drone.envs.net;
return 307 https://$host$request_uri;

@ -1,7 +1,6 @@
### ELEMENT.ENVS.NET - lxc ###
server {
include snippets/listen.conf;
# include snippets/ddos_mid.conf;
server_name element.envs.net;
return 307 https://$host$request_uri;
@ -30,25 +29,19 @@ server {
#ALIAS
server {
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name riot.envs.net;
include snippets/listen.conf;
server_name riot.envs.net;
location / {
return 301 https://element.envs.net/;
}
return 301 https://element.envs.net/;
}
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name riot.envs.net;
include snippets/listen_ssl.conf;
server_name riot.envs.net;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
include snippets/local_ssl_header.conf;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
include snippets/local_ssl_header.conf;
location / {
return 301 https://element.envs.net/;
}
return 301 https://element.envs.net/;
}

@ -1,7 +1,6 @@
### ENVS.SH - lxc - nullpointer ###
server {
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name envs.sh;
location / {
@ -39,42 +38,35 @@ server {
# ALIAS
server {
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name 0x0.envs.sh null.envs.sh ix.envs.sh io.envs.sh;
location / {
return 301 https://envs.sh/;
}
return 301 https://envs.sh/;
}
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name 0x0.envs.sh null.envs.sh ix.envs.sh io.envs.sh;
include snippets/ssl.conf;
include ssl/envs_sh_wild.conf;
include snippets/local_ssl_header.conf;
location / {
return 301 https://envs.sh/;
}
return 301 https://envs.sh/;
}
## envs.net
server {
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name 0x0.envs.net null.envs.net ix.envs.net io.envs.net;
return 307 https://envs.sh$request_uri;
}
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name 0x0.envs.net null.envs.net ix.envs.net io.envs.net;
return 307 https://envs.sh$request_uri;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
return 307 https://envs.sh$request_uri;
}

@ -1,7 +1,6 @@
### GIT.ENVS.NET - lxc ###
server {
listen 5.199.130.141:80;
# include snippets/ddos_mid.conf;
server_name git.envs.net;
return 307 https://$host$request_uri;
@ -29,24 +28,18 @@ server {
#ALIAS
server {
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name gitea.envs.net;
location / {
return 301 https://git.envs.net/;
}
return 301 https://git.envs.net/;
}
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name gitea.envs.net;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
include snippets/local_ssl_header.conf;
location / {
return 301 https://git.envs.net/;
}
return 301 https://git.envs.net/;
}

@ -2,7 +2,6 @@
server {
include snippets/listen_local.conf;
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name gopher.envs.net gopherproxy.envs.net;
return 307 https://$server_name$request_uri;

@ -1,7 +1,6 @@
### GRAFANA.ENVS.NET - lxc ###
server {
include snippets/listen.conf;
# include snippets/ddos_mid.conf;
server_name grafana.envs.net;
return 307 https://$host$request_uri;

@ -1,7 +1,6 @@
### HALCYON.ENVS.NET - lxc on pleroma ###
server {
include snippets/listen.conf;
# include snippets/ddos_mid.conf;
server_name halcyon.envs.net;
return 307 https://$host$request_uri;

@ -2,7 +2,6 @@
server {
include snippets/listen_local.conf;
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name help.envs.net;
return 307 https://$host$request_uri;
@ -30,24 +29,18 @@ server {
#ALIAS
server {
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name howto.envs.net tutorial.envs.net;
location / {
return 301 https://help.envs.net/;
}
return 301 https://help.envs.net/;
}
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name howto.envs.net tutorial.envs.net;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
include snippets/local_ssl_header.conf;
location / {
return 301 https://help.envs.net/;
}
return 301 https://help.envs.net/;
}

@ -2,17 +2,13 @@
server {
include snippets/listen_local.conf;
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name whois.envs.net ifconfig.envs.net ifconf.envs.net ping.envs.net checkip.envs.net ipconfig.envs.net ipconf.envs.net ipinfo.envs.net;
location / {
return 301 http://ip.envs.net/;
}
return 301 http://ip.envs.net/;
}
server {
include snippets/listen_local.conf;
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name ip.envs.net;
location / {
@ -25,16 +21,13 @@ server {
server {
include snippets/listen_local_ssl.conf;
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name whois.envs.net ifconfig.envs.net ifconf.envs.net ping.envs.net checkip.envs.net ipconfig.envs.net ipconf.envs.net ipinfo.envs.net;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
include snippets/local_ssl_header.conf;
location / {
return 301 https://ip.envs.net/;
}
return 301 https://ip.envs.net/;
}
server {
include snippets/listen_local_ssl.conf;
@ -59,25 +52,19 @@ server {
server {
include snippets/listen_local.conf;
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name ip.envs.sh whois.envs.sh ifconfig.envs.sh ifconf.envs.sh ping.envs.sh checkip.envs.sh ipconfig.envs.sh ipconf.envs.sh ipinfo.envs.sh;
location / {
return 301 http://ip.envs.net/;
}
return 301 http://ip.envs.net/;
}
server {
include snippets/listen_local_ssl.conf;
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name whois.envs.sh ifconfig.envs.sh ifconf.envs.sh ping.envs.sh checkip.envs.sh ipconfig.envs.sh ipconf.envs.sh ipinfo.envs.sh;
include snippets/ssl.conf;
include ssl/envs_sh_wild.conf;
include snippets/local_ssl_header.conf;
location / {
return 301 https://ip.envs.net/;
}
return 301 https://ip.envs.net/;
}

@ -1,7 +1,6 @@
### LAG.ENVS.NET - lxc ###
server {
include snippets/listen.conf;
# include snippets/ddos_mid.conf;
server_name lag.envs.net;
return 307 https://$host$request_uri;

@ -1,7 +1,6 @@
### LISTS.ENVS.NET - lxc ###
server {
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name lists.envs.net;
return 307 https://$host$request_uri;

@ -1,7 +1,6 @@
### MAIL.ENVS.NET - lxc ###
server {
listen 5.199.136.28:80;
# include snippets/ddos_mid.conf;
server_name mail.envs.net webmail.envs.net autodiscover.envs.net smtp.envs.net imap.envs.net pop.envs.net;
include /etc/nginx/proxy_params;

@ -1,7 +1,6 @@
### MATRIX.ENVS.NET - lxc ###
server {
include snippets/listen.conf;
# include snippets/ddos_mid.conf;
server_name matrix.envs.net;
return 307 https://$host$request_uri;

@ -1,7 +1,6 @@
### PAD.ENVS.NET - lxc ###
server {
include snippets/listen.conf;
# include snippets/ddos_high.conf;
server_name pad.envs.net;
return 307 https://$host$request_uri;
@ -34,24 +33,18 @@ server {
#ALIAS
server {
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name cryptpad.envs.net;
location / {
return 301 https://pad.envs.net/;
}
return 301 https://pad.envs.net/;
}
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name cryptpad.envs.net;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
include snippets/local_ssl_header.conf;
location / {
return 301 https://pad.envs.net/;
}
return 301 https://pad.envs.net/;
}

@ -1,7 +1,6 @@
### PB.ENVS.NET - lxc ###
server {
include snippets/listen.conf;
# include snippets/ddos_mid.conf;
server_name pb.envs.net;
return 307 https://$host$request_uri;
@ -29,24 +28,18 @@ server {
#ALIAS
server {
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name bin.envs.net paste.envs.net pastebin.envs.net;
location / {
return 301 https://pb.envs.net/;
}
return 301 https://pb.envs.net/;
}
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name bin.envs.net paste.envs.net pastebin.envs.net;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
include snippets/local_ssl_header.conf;
location / {
return 301 https://pb.envs.net/;
}
return 301 https://pb.envs.net/;
}

@ -1,7 +1,6 @@
### PLEROMA.ENVS.NET - lxc ###
server {
listen 5.199.136.29:80;
# include snippets/ddos_mid.conf;
server_name pleroma.envs.net;
return 307 https://$host$request_uri;
@ -36,24 +35,18 @@ server {
#ALIAS
server {
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name social.envs.net;
location / {
return 301 https://pleroma.envs.net/;
}
return 301 https://pleroma.envs.net/;
}
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name social.envs.net;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
include snippets/local_ssl_header.conf;
location / {
return 301 https://pleroma.envs.net/;
}
return 301 https://pleroma.envs.net/;
}

@ -1,7 +1,6 @@
### PROMETHEUS.ENVS.NET - lxc ###
server {
include snippets/listen.conf;
# include snippets/ddos_mid.conf;
server_name prometheus.envs.net;
return 307 https://$host$request_uri;
@ -10,7 +9,6 @@ server {
# SSL
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_mid.conf;
server_name prometheus.envs.net;
include snippets/ssl.conf;

@ -1,7 +1,6 @@
### RSS.ENVS.NET - lxc ###
server {
include snippets/listen.conf;
# include snippets/ddos_high.conf;
server_name rss.envs.net;
return 307 https://$host$request_uri;
@ -29,24 +28,18 @@ server {
#ALIAS
server {
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name atom.envs.net;
location / {
return 301 https://rss.envs.net/;
}
return 301 https://rss.envs.net/;
}
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name atom.envs.net;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
include snippets/local_ssl_header.conf;
location / {
return 301 https://rss.envs.net/;
}
return 301 https://rss.envs.net/;
}

@ -1,7 +1,6 @@
### SEARX.ENVS.NET - lxc ###
server {
include snippets/listen.conf;
# include snippets/ddos_mid.conf;
server_name searx.envs.net;
return 307 https://$host$request_uri;
@ -29,24 +28,18 @@ server {
#ALIAS
server {
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name search.envs.net;
location / {
return 301 https://searx.envs.net/;
}
return 301 https://searx.envs.net/;
}
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name search.envs.net;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
include snippets/local_ssl_header.conf;
location / {
return 301 https://searx.envs.net/;
}
return 301 https://searx.envs.net/;
}

@ -2,7 +2,6 @@
server {
include snippets/listen_local.conf;
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name stats.envs.net;
return 307 https://$host$request_uri;

@ -2,7 +2,6 @@
server {
include snippets/listen_local.conf;
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name ttbp.envs.net;
return 307 https://$host$request_uri;

@ -2,7 +2,6 @@
server {
include snippets/listen_local.conf;
include snippets/listen.conf;
# include snippets/ddos_mid.conf;
server_name twtxt.envs.net;
return 307 https://$server_name$request_uri;

@ -9,7 +9,6 @@ limit_req_zone $binary_remote_addr zone=weechat:10m rate=10r/m;
server {
include snippets/listen_local.conf;
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name ~^(.*)\.envs\.net;
return 307 https://$1.envs.net$request_uri;

@ -7,7 +7,6 @@ map $http_upgrade $connection_upgrade {
server {
include snippets/listen_local.conf;
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name ~^(.*)\.envs\.sh;
return 307 https://$1.envs.sh$request_uri;

@ -2,8 +2,8 @@
server {
include snippets/listen_local.conf;
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name webirc.envs.net;
return 307 https://webirc.envs.net$request_uri;
}
@ -34,24 +34,18 @@ server {
#ALIAS
server {
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name thelounge.envs.net lounge.envs.net ;
location / {
return 301 https://webirc.envs.net/;
}
return 301 https://webirc.envs.net/;
}
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name thelounge.envs.net lounge.envs.net ;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
include snippets/local_ssl_header.conf;
location / {
return 301 https://webirc.envs.net/;
}
return 301 https://webirc.envs.net/;
}

@ -2,7 +2,6 @@
server {
include snippets/listen_local.conf;
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name znc.envs.net;
location / {
@ -43,7 +42,6 @@ server {
#ALIAS
server {
include snippets/listen.conf;
# include snippets/ddos_def.conf;
server_name bouncer.envs.net ;
location / {
@ -57,14 +55,11 @@ server {
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_def.conf;
server_name bouncer.envs.net ;
include snippets/ssl.conf;
include ssl/envs_net_wild.conf;
include snippets/local_ssl_header.conf;
location / {
return 301 https://znc.envs.net/;
}
return 301 https://znc.envs.net/;
}

@ -1 +0,0 @@
/etc/nginx/sites-available/jitsi.envs.net.conf

@ -1 +0,0 @@
/etc/nginx/sites-available/tb.envs.net.conf

@ -1,59 +0,0 @@
### ANTONMCCLURE.COM - local ###
server {
include snippets/listen.conf;
# include snippets/ddos_mid.conf;
server_name antonmcclure.com www.antonmcclure.com;
error_log /var/log/nginx/antonmcclure.com-error.log crit;
location / {
return 307 https://$host$request_uri;
}
location /.well-known/acme-challenge/ {
alias /var/lib/letsencrypt/.well-known/acme-challenge/;
}
}
server {
include snippets/listen_ssl.conf;
# include snippets/ddos_mid.conf;
server_name antonmcclure.com www.antonmcclure.com;
include snippets/ssl.conf;
ssl_certificate /etc/letsencrypt/live/antonmcclure.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/antonmcclure.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/antonmcclure.com/chain.pem;
ssl_dhparam /etc/ssl/certs/envs_dhparam.pem;
server_tokens off;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
add_header X-Content-Type-Options nosniff;
add_header 'Referrer-Policy' 'origin, no-referrer-when-downgrade';
add_header X-Frame-Options SAMEORIGIN;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
error_log /var/log/nginx/antonmcclure.com-error.log crit;
root /home/anton/public_html/;
index index.html index.php index.cgi index.py index.sh index.pl index.lua;
location / {
add_header Access-Control-Allow-Origin *;
try_files $uri.html $uri $uri/ /index.php?$args ;
}
location /cgi-bin {
gzip off;
include fastcgi_params;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
}
# include php and ssi
include snippets/php.conf;
ssi on;
}

@ -1 +0,0 @@
/etc/nginx/user-sites-available/antonmcclure.com.conf

@ -1 +1 @@
Subproject commit befab4b9b47340c4a0f10bcab45c80202e25d130
Subproject commit 918bc0406fb046ad3baaf1b27708ef5e59c24752
Loading…
Cancel
Save