This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| more_set_headers "X-protocol : $server_protocol always"; | |
| more_set_headers 'Alt-Svc h3=":$server_port"; ma=86400'; | |
| quic_retry on; | |
| listen 443 quic; | |
| listen 443 ssl; | |
| listen [::]:443 quic; | |
| listen [::]:443 ssl; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # Common security rules | |
| ## | |
| # Security settings for better privacy | |
| # Deny hidden files | |
| location ~ /\.(?!well-known\/) { | |
| deny all; | |
| } | |
| # Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) or other common git repository files |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| # # The special value auto allows binding worker processes automatically to available CPUs: | |
| worker_processes auto; | |
| worker_cpu_affinity auto; | |
| # # Changes the limit on the maximum number of open files (RLIMIT_NOFILE) for worker processes | |
| worker_rlimit_nofile 100000; | |
| pid /run/nginx.pid; | |
| # # PCRE JIT can speed up processing of regular expressions significantly. | |
| pcre_jit on; |
VirtuBox
/ wsl-vpnkit.sh
Last active
November 17, 2023 13:13
Script to install wsl-vpnkit with a systemd service for Debian/Ubuntu
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # ------------------------------------------------------------------------- | |
| # wsl-vpnkit install script | |
| # ------------------------------------------------------------------------- | |
| # Check if user is root | |
| [ "$(id -u)" != "0" ] && { | |
| echo "Error: You must be root or use sudo to run this script" | |
| exit 1 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # ------------------------------------------------------------------------- | |
| # Generate Self-signed certificate | |
| # ------------------------------------------------------------------------- | |
| # Usage : | |
| # | |
| # bash selfsigned.sh <domain> | |
| # | |
| # ------------------------------------------------------------------------- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| location ~ /(config|tmp|core|lang|libs|vendor|plugins|misc/user)$ { | |
| deny all; | |
| } | |
| add_header Referrer-Policy origin; | |
| add_header X-Piwik-Cache $upstream_cache_status; | |
| location ~* \.html$ { | |
| allow all; | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo mv /etc/nginx/conf.d/brotli.conf.disabled /etc/nginx/conf.d/brotli.conf | |
| sudo mv /etc/nginx/conf.d/gzip.conf /etc/nginx/conf.d/gzip.conf.disabled | |
| sudo nginx -t && sudo service nginx restart |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # file /var/www/site.tld/conf/nginx/ssl.conf | |
| # Here Nginx list on port 1443 instead of 443 | |
| listen 1443 ssl http2; | |
| listen [::]:1443 ssl http2; | |
| ssl_certificate /etc/letsencrypt/live/site.tld/fullchain.pem; | |
| ssl_certificate_key /etc/letsencrypt/live/site.tld/key.pem; | |
| ssl_trusted_certificate /etc/letsencrypt/live/site.tld/ca.pem; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #------------------------------------------------------------------------------# | |
| # OFFICIAL UBUNTU Xenial REPOS # | |
| #------------------------------------------------------------------------------# | |
| ###### Ubuntu Main Repos | |
| deb http://fr.archive.ubuntu.com/ubuntu/ focal main restricted universe multiverse | |
| ###### Ubuntu Update Repos | |
| deb http://fr.archive.ubuntu.com/ubuntu/ focal-security main restricted universe multiverse |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # WordOps nextcloud configuration | |
| # install path : /var/www/yourdomain.tld/conf/nginx/nextcloud.conf | |
| # replace "fastcgi_pass php73;" with another upstream if you are using php72 or php74 | |
| # ---------------------------------------------------------------------------- | |
| add_header X-Robots-Tag none; | |
| add_header X-Permitted-Cross-Domain-Policies none; | |
| add_header Referrer-Policy no-referrer; | |
| location = /robots.txt { | |
| allow all; |
NewerOlder