mirror of https://git.envs.net/envs/ops.git
change some config from server
This commit is contained in:
parent
56e8fe5642
commit
f6313e4c54
|
@ -14,4 +14,5 @@
|
|||
SHELL=/bin/sh
|
||||
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
|
||||
|
||||
1 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew --deploy-hook /etc/letsencrypt/renewal-hooks/deploy/envs.sh --renew-hook "systemctl reload nginx"
|
||||
#1 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew --deploy-hook /etc/letsencrypt/renewal-hooks/deploy/envs.sh --renew-hook "systemctl reload nginx"
|
||||
1 */12 * * * root test -x /usr/bin/certbot -a \! -d /run/systemd/system && perl -e 'sleep int(rand(43200))' && certbot -q renew --renew-hook "systemctl reload nginx"
|
||||
|
|
|
@ -6,6 +6,8 @@
|
|||
89.163.145.170 envs.net core core.envs.net ve423.venus.dedi.server-hosting.expert ve423
|
||||
5.199.136.30 ssh.envs.net
|
||||
|
||||
168.119.12.180 srv01.envs.net
|
||||
|
||||
# The following lines are desirable for IPv6 capable hosts
|
||||
::1 localhost ip6-localhost ip6-loopback
|
||||
ff02::1 ip6-allnodes
|
||||
|
@ -15,7 +17,7 @@ ff02::2 ip6-allrouters
|
|||
# ENVS.NET - LXC
|
||||
#
|
||||
|
||||
192.168.1.2 ns1.envs.net ns1 dns
|
||||
192.168.1.2 ns1.envs.net ns1
|
||||
192.168.1.3 mail.envs.net mail
|
||||
192.168.1.4 lists.envs.net lists
|
||||
192.168.1.5 ldap.envs.net ldap
|
||||
|
@ -26,9 +28,13 @@ ff02::2 ip6-allrouters
|
|||
192.168.1.12 cryptpad pad.envs.net pad cryptpad
|
||||
192.168.1.13 drone.envs.net drone
|
||||
192.168.1.14 matrix.envs.net matrix element.envs.net element lag.envs.net lag riot.envs.net riot dimension.envs.net dimension
|
||||
#168.119.12.180 matrix.envs.net matrix element.envs.net element lag.envs.net lag riot.envs.net riot dimension.envs.net dimension
|
||||
|
||||
192.168.1.15 envs.sh 0x0.envs.net null.envs.net 0x0 null tb.envs.net tb termbin.envs.net termbin
|
||||
192.168.1.15 envs.sh 0x0.envs.net 0x0 null.envs.net null ix.envs.net io.envs.net
|
||||
192.168.1.16 rss.envs.net rss
|
||||
192.168.1.17 pb.envs.net pb pastebin.envs.net pastbin bin.envs.net bin
|
||||
192.168.1.18 pleroma.envs.net pleroma social halcyon.envs.net halcyon
|
||||
#144.76.146.17 pleroma.envs.net pleroma social halcyon.envs.net halcyon
|
||||
192.168.1.19 jitsi.envs.net jitsi meet.envs.net meet
|
||||
|
||||
192.168.1.22 dns.envs.net pubdns
|
||||
|
|
|
@ -158,6 +158,18 @@ if [ "$1" = "start" ]; then
|
|||
$IPT -w -A FORWARD -p tcp -d 192.168.1.2 --dport 53 -j ACCEPT
|
||||
$IPT -w -t nat -A POSTROUTING ! -d 192.168.1.0/24 -s 192.168.1.2 -j SNAT --to 89.163.145.170
|
||||
|
||||
# DoT / DoH
|
||||
$IPT -w -t nat -A PREROUTING -d 5.199.130.141 -p udp --dport 53 -j DNAT --to-destination 192.168.1.22:53
|
||||
$IPT -w -A FORWARD -p udp -d 192.168.1.22 --dport 53 -j ACCEPT
|
||||
$IPT -w -t nat -A PREROUTING -d 5.199.130.141 -p tcp --dport 53 -j DNAT --to-destination 192.168.1.22:53
|
||||
$IPT -w -A FORWARD -p tcp -d 192.168.1.22 --dport 53 -j ACCEPT
|
||||
# $IPT -w -t nat -A PREROUTING -d 5.199.130.141 -p udp --dport 853 -j DNAT --to-destination 192.168.1.22:853
|
||||
# $IPT -w -A FORWARD -p udp -d 192.168.1.22 --dport 853 -j ACCEPT
|
||||
$IPT -w -t nat -A PREROUTING -d 5.199.130.141 -p tcp --dport 853 -j DNAT --to-destination 192.168.1.22:853
|
||||
$IPT -w -A FORWARD -p tcp -d 192.168.1.22 --dport 853 -j ACCEPT
|
||||
#
|
||||
$IPT -w -t nat -A POSTROUTING ! -d 192.168.1.0/24 -s 192.168.1.22 -j SNAT --to 5.199.130.141
|
||||
|
||||
#
|
||||
# MAIL ()
|
||||
# => apache2 proxy (http/https)
|
||||
|
@ -248,8 +260,6 @@ if [ "$1" = "start" ]; then
|
|||
|
||||
# 0x0
|
||||
# => apache2 proxy (http/https)
|
||||
$IPT -w -t nat -A PREROUTING -d 89.163.145.170 -p tcp --dport 9999 -j DNAT --to-destination 192.168.1.15:9999
|
||||
$IPT -w -A FORWARD -p tcp -d 192.168.1.15 --dport 9999 -j ACCEPT
|
||||
$IPT -w -t nat -A POSTROUTING ! -d 192.168.1.0/24 -s 192.168.1.15 -j SNAT --to 89.163.145.170
|
||||
|
||||
# rss
|
||||
|
|
|
@ -13,6 +13,9 @@ for domain in $RENEWED_DOMAINS; do
|
|||
cat "$RENEWED_LINEAGE/fullchain.pem" > "$daemon_cert_root/fullchain.pem"
|
||||
cat /etc/ssl/certs/envs_dhparam.pem > "$daemon_cert_root/envs_dhparam.pem"
|
||||
|
||||
#rsync -av --numeric-ids "$daemon_cert_root" root@srv01.envs.net:/opt/ssl_certs/
|
||||
#ssh root@srv01.envs.net bash -c "/opt/sync_certs.sh"
|
||||
|
||||
# matrix
|
||||
matrix_dir=/var/lib/lxc/matrix/rootfs/etc/matrix-synapse
|
||||
cp "$daemon_cert_root/privkey.pem" "$matrix_dir"/
|
||||
|
@ -61,6 +64,9 @@ for domain in $RENEWED_DOMAINS; do
|
|||
cat "$RENEWED_LINEAGE/chain.pem" > "$daemon_cert_root/chain.pem"
|
||||
cat "$RENEWED_LINEAGE/fullchain.pem" > "$daemon_cert_root/fullchain.pem"
|
||||
cat /etc/ssl/certs/envs_dhparam.pem > "$daemon_cert_root/envs_dhparam.pem"
|
||||
|
||||
#rsync -av --numeric-ids "$daemon_cert_root" root@srv01.envs.net:/opt/ssl_certs/
|
||||
|
||||
# 0x0 / fiche
|
||||
lxc-attach -n null -- bash -c "systemctl reload nginx"
|
||||
;;
|
||||
|
|
|
@ -52,19 +52,21 @@ http {
|
|||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
|
||||
# if the request body size is more than the buffer size, then the entire (or partial)
|
||||
# request body is written into a temporary file
|
||||
client_body_buffer_size 128k;
|
||||
# client_body_buffer_size 128k;
|
||||
|
||||
# buffer size for reading client request header
|
||||
# client_header_buffer_size 1k;
|
||||
|
||||
# maximum number and size of buffers for large headers to read from client request
|
||||
large_client_header_buffers 4 256k;
|
||||
# large_client_header_buffers 4 256k;
|
||||
|
||||
##
|
||||
# SSL Settings
|
||||
##
|
||||
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
|
||||
ssl_prefer_server_ciphers on;
|
||||
|
||||
##
|
||||
|
@ -126,6 +128,11 @@ http {
|
|||
include /etc/nginx/user-sites-enabled/*;
|
||||
}
|
||||
|
||||
# SSL Pass-thru
|
||||
stream {
|
||||
include /etc/nginx/streams/*;
|
||||
}
|
||||
|
||||
#mail {
|
||||
# # See sample authentication script at:
|
||||
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
|
||||
|
@ -146,3 +153,4 @@ http {
|
|||
# proxy on;
|
||||
# }
|
||||
#}
|
||||
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
server {
|
||||
include snippets/listen_local.conf;
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name bbj.envs.net forum.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
@ -36,7 +35,6 @@ server {
|
|||
#ALIAS
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name forum.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
server {
|
||||
include snippets/listen_local.conf;
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name chat.envs.net;
|
||||
|
||||
return 307 https://$server_name$request_uri;
|
||||
|
@ -10,14 +9,11 @@ server {
|
|||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name chat.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
location / {
|
||||
return 301 https://envs.net/chat/;
|
||||
}
|
||||
return 301 https://envs.net/chat/;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### DIMENSION.ENVS.NET - lxc ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name dimension.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### DRONE.ENVS.NET - lxc ###
|
||||
server {
|
||||
listen 5.199.130.141:80;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name drone.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### ELEMENT.ENVS.NET - lxc ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name element.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
@ -30,25 +29,19 @@ server {
|
|||
|
||||
#ALIAS
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name riot.envs.net;
|
||||
include snippets/listen.conf;
|
||||
server_name riot.envs.net;
|
||||
|
||||
location / {
|
||||
return 301 https://element.envs.net/;
|
||||
}
|
||||
return 301 https://element.envs.net/;
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name riot.envs.net;
|
||||
include snippets/listen_ssl.conf;
|
||||
server_name riot.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
location / {
|
||||
return 301 https://element.envs.net/;
|
||||
}
|
||||
return 301 https://element.envs.net/;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### ENVS.SH - lxc - nullpointer ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name envs.sh;
|
||||
|
||||
location / {
|
||||
|
@ -39,42 +38,35 @@ server {
|
|||
# ALIAS
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name 0x0.envs.sh null.envs.sh ix.envs.sh io.envs.sh;
|
||||
|
||||
location / {
|
||||
return 301 https://envs.sh/;
|
||||
}
|
||||
return 301 https://envs.sh/;
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name 0x0.envs.sh null.envs.sh ix.envs.sh io.envs.sh;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_sh_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
location / {
|
||||
return 301 https://envs.sh/;
|
||||
}
|
||||
return 301 https://envs.sh/;
|
||||
}
|
||||
|
||||
## envs.net
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name 0x0.envs.net null.envs.net ix.envs.net io.envs.net;
|
||||
|
||||
return 307 https://envs.sh$request_uri;
|
||||
}
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name 0x0.envs.net null.envs.net ix.envs.net io.envs.net;
|
||||
return 307 https://envs.sh$request_uri;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
|
||||
return 307 https://envs.sh$request_uri;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### GIT.ENVS.NET - lxc ###
|
||||
server {
|
||||
listen 5.199.130.141:80;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name git.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
@ -29,24 +28,18 @@ server {
|
|||
#ALIAS
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name gitea.envs.net;
|
||||
|
||||
location / {
|
||||
return 301 https://git.envs.net/;
|
||||
}
|
||||
return 301 https://git.envs.net/;
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name gitea.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
location / {
|
||||
return 301 https://git.envs.net/;
|
||||
}
|
||||
return 301 https://git.envs.net/;
|
||||
}
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
server {
|
||||
include snippets/listen_local.conf;
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name gopher.envs.net gopherproxy.envs.net;
|
||||
|
||||
return 307 https://$server_name$request_uri;
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### GRAFANA.ENVS.NET - lxc ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name grafana.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### HALCYON.ENVS.NET - lxc on pleroma ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name halcyon.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
server {
|
||||
include snippets/listen_local.conf;
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name help.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
@ -30,24 +29,18 @@ server {
|
|||
#ALIAS
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name howto.envs.net tutorial.envs.net;
|
||||
|
||||
location / {
|
||||
return 301 https://help.envs.net/;
|
||||
}
|
||||
return 301 https://help.envs.net/;
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name howto.envs.net tutorial.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
location / {
|
||||
return 301 https://help.envs.net/;
|
||||
}
|
||||
return 301 https://help.envs.net/;
|
||||
}
|
||||
|
|
|
@ -2,17 +2,13 @@
|
|||
server {
|
||||
include snippets/listen_local.conf;
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name whois.envs.net ifconfig.envs.net ifconf.envs.net ping.envs.net checkip.envs.net ipconfig.envs.net ipconf.envs.net ipinfo.envs.net;
|
||||
|
||||
location / {
|
||||
return 301 http://ip.envs.net/;
|
||||
}
|
||||
return 301 http://ip.envs.net/;
|
||||
}
|
||||
server {
|
||||
include snippets/listen_local.conf;
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name ip.envs.net;
|
||||
|
||||
location / {
|
||||
|
@ -25,16 +21,13 @@ server {
|
|||
server {
|
||||
include snippets/listen_local_ssl.conf;
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name whois.envs.net ifconfig.envs.net ifconf.envs.net ping.envs.net checkip.envs.net ipconfig.envs.net ipconf.envs.net ipinfo.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
location / {
|
||||
return 301 https://ip.envs.net/;
|
||||
}
|
||||
return 301 https://ip.envs.net/;
|
||||
}
|
||||
server {
|
||||
include snippets/listen_local_ssl.conf;
|
||||
|
@ -59,25 +52,19 @@ server {
|
|||
server {
|
||||
include snippets/listen_local.conf;
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name ip.envs.sh whois.envs.sh ifconfig.envs.sh ifconf.envs.sh ping.envs.sh checkip.envs.sh ipconfig.envs.sh ipconf.envs.sh ipinfo.envs.sh;
|
||||
|
||||
location / {
|
||||
return 301 http://ip.envs.net/;
|
||||
}
|
||||
return 301 http://ip.envs.net/;
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_local_ssl.conf;
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name whois.envs.sh ifconfig.envs.sh ifconf.envs.sh ping.envs.sh checkip.envs.sh ipconfig.envs.sh ipconf.envs.sh ipinfo.envs.sh;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_sh_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
location / {
|
||||
return 301 https://ip.envs.net/;
|
||||
}
|
||||
return 301 https://ip.envs.net/;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### LAG.ENVS.NET - lxc ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name lag.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### LISTS.ENVS.NET - lxc ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name lists.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### MAIL.ENVS.NET - lxc ###
|
||||
server {
|
||||
listen 5.199.136.28:80;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name mail.envs.net webmail.envs.net autodiscover.envs.net smtp.envs.net imap.envs.net pop.envs.net;
|
||||
|
||||
include /etc/nginx/proxy_params;
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### MATRIX.ENVS.NET - lxc ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name matrix.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### PAD.ENVS.NET - lxc ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_high.conf;
|
||||
server_name pad.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
@ -34,24 +33,18 @@ server {
|
|||
#ALIAS
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name cryptpad.envs.net;
|
||||
|
||||
location / {
|
||||
return 301 https://pad.envs.net/;
|
||||
}
|
||||
return 301 https://pad.envs.net/;
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name cryptpad.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
location / {
|
||||
return 301 https://pad.envs.net/;
|
||||
}
|
||||
return 301 https://pad.envs.net/;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### PB.ENVS.NET - lxc ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name pb.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
@ -29,24 +28,18 @@ server {
|
|||
#ALIAS
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name bin.envs.net paste.envs.net pastebin.envs.net;
|
||||
|
||||
location / {
|
||||
return 301 https://pb.envs.net/;
|
||||
}
|
||||
return 301 https://pb.envs.net/;
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name bin.envs.net paste.envs.net pastebin.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
location / {
|
||||
return 301 https://pb.envs.net/;
|
||||
}
|
||||
return 301 https://pb.envs.net/;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### PLEROMA.ENVS.NET - lxc ###
|
||||
server {
|
||||
listen 5.199.136.29:80;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name pleroma.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
@ -36,24 +35,18 @@ server {
|
|||
#ALIAS
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name social.envs.net;
|
||||
|
||||
location / {
|
||||
return 301 https://pleroma.envs.net/;
|
||||
}
|
||||
return 301 https://pleroma.envs.net/;
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name social.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
location / {
|
||||
return 301 https://pleroma.envs.net/;
|
||||
}
|
||||
return 301 https://pleroma.envs.net/;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### PROMETHEUS.ENVS.NET - lxc ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name prometheus.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
@ -10,7 +9,6 @@ server {
|
|||
# SSL
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name prometheus.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### RSS.ENVS.NET - lxc ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_high.conf;
|
||||
server_name rss.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
@ -29,24 +28,18 @@ server {
|
|||
#ALIAS
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name atom.envs.net;
|
||||
|
||||
location / {
|
||||
return 301 https://rss.envs.net/;
|
||||
}
|
||||
return 301 https://rss.envs.net/;
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name atom.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
location / {
|
||||
return 301 https://rss.envs.net/;
|
||||
}
|
||||
return 301 https://rss.envs.net/;
|
||||
}
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
### SEARX.ENVS.NET - lxc ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name searx.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
@ -29,24 +28,18 @@ server {
|
|||
#ALIAS
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name search.envs.net;
|
||||
|
||||
location / {
|
||||
return 301 https://searx.envs.net/;
|
||||
}
|
||||
return 301 https://searx.envs.net/;
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name search.envs.net;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
location / {
|
||||
return 301 https://searx.envs.net/;
|
||||
}
|
||||
return 301 https://searx.envs.net/;
|
||||
}
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
server {
|
||||
include snippets/listen_local.conf;
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name stats.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
server {
|
||||
include snippets/listen_local.conf;
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name ttbp.envs.net;
|
||||
|
||||
return 307 https://$host$request_uri;
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
server {
|
||||
include snippets/listen_local.conf;
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name twtxt.envs.net;
|
||||
|
||||
return 307 https://$server_name$request_uri;
|
||||
|
|
|
@ -9,7 +9,6 @@ limit_req_zone $binary_remote_addr zone=weechat:10m rate=10r/m;
|
|||
server {
|
||||
include snippets/listen_local.conf;
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name ~^(.*)\.envs\.net;
|
||||
|
||||
return 307 https://$1.envs.net$request_uri;
|
||||
|
|
|
@ -7,7 +7,6 @@ map $http_upgrade $connection_upgrade {
|
|||
server {
|
||||
include snippets/listen_local.conf;
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name ~^(.*)\.envs\.sh;
|
||||
|
||||
return 307 https://$1.envs.sh$request_uri;
|
||||
|
|
|
@ -2,8 +2,8 @@
|
|||
server {
|
||||
include snippets/listen_local.conf;
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name webirc.envs.net;
|
||||
|
||||
return 307 https://webirc.envs.net$request_uri;
|
||||
}
|
||||
|
||||
|
@ -34,24 +34,18 @@ server {
|
|||
#ALIAS
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name thelounge.envs.net lounge.envs.net ;
|
||||
|
||||
location / {
|
||||
return 301 https://webirc.envs.net/;
|
||||
}
|
||||
return 301 https://webirc.envs.net/;
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name thelounge.envs.net lounge.envs.net ;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
location / {
|
||||
return 301 https://webirc.envs.net/;
|
||||
}
|
||||
return 301 https://webirc.envs.net/;
|
||||
}
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
server {
|
||||
include snippets/listen_local.conf;
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name znc.envs.net;
|
||||
|
||||
location / {
|
||||
|
@ -43,7 +42,6 @@ server {
|
|||
#ALIAS
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name bouncer.envs.net ;
|
||||
|
||||
location / {
|
||||
|
@ -57,14 +55,11 @@ server {
|
|||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_def.conf;
|
||||
server_name bouncer.envs.net ;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
include ssl/envs_net_wild.conf;
|
||||
include snippets/local_ssl_header.conf;
|
||||
|
||||
location / {
|
||||
return 301 https://znc.envs.net/;
|
||||
}
|
||||
return 301 https://znc.envs.net/;
|
||||
}
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
/etc/nginx/sites-available/jitsi.envs.net.conf
|
|
@ -1 +0,0 @@
|
|||
/etc/nginx/sites-available/tb.envs.net.conf
|
|
@ -1,59 +0,0 @@
|
|||
### ANTONMCCLURE.COM - local ###
|
||||
server {
|
||||
include snippets/listen.conf;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name antonmcclure.com www.antonmcclure.com;
|
||||
|
||||
error_log /var/log/nginx/antonmcclure.com-error.log crit;
|
||||
|
||||
location / {
|
||||
return 307 https://$host$request_uri;
|
||||
}
|
||||
|
||||
location /.well-known/acme-challenge/ {
|
||||
alias /var/lib/letsencrypt/.well-known/acme-challenge/;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
include snippets/listen_ssl.conf;
|
||||
# include snippets/ddos_mid.conf;
|
||||
server_name antonmcclure.com www.antonmcclure.com;
|
||||
|
||||
include snippets/ssl.conf;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/antonmcclure.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/antonmcclure.com/privkey.pem;
|
||||
ssl_trusted_certificate /etc/letsencrypt/live/antonmcclure.com/chain.pem;
|
||||
ssl_dhparam /etc/ssl/certs/envs_dhparam.pem;
|
||||
|
||||
|
||||
server_tokens off;
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header 'Referrer-Policy' 'origin, no-referrer-when-downgrade';
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
add_header 'Access-Control-Allow-Origin' '*';
|
||||
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
||||
|
||||
|
||||
error_log /var/log/nginx/antonmcclure.com-error.log crit;
|
||||
|
||||
root /home/anton/public_html/;
|
||||
index index.html index.php index.cgi index.py index.sh index.pl index.lua;
|
||||
|
||||
location / {
|
||||
add_header Access-Control-Allow-Origin *;
|
||||
try_files $uri.html $uri $uri/ /index.php?$args ;
|
||||
}
|
||||
|
||||
location /cgi-bin {
|
||||
gzip off;
|
||||
include fastcgi_params;
|
||||
fastcgi_pass unix:/var/run/fcgiwrap.socket;
|
||||
}
|
||||
|
||||
# include php and ssi
|
||||
include snippets/php.conf;
|
||||
ssi on;
|
||||
}
|
|
@ -1 +0,0 @@
|
|||
/etc/nginx/user-sites-available/antonmcclure.com.conf
|
|
@ -1 +1 @@
|
|||
Subproject commit befab4b9b47340c4a0f10bcab45c80202e25d130
|
||||
Subproject commit 918bc0406fb046ad3baaf1b27708ef5e59c24752
|
Loading…
Reference in New Issue