|
user www-data; |
|
worker_processes auto; |
|
pid /run/nginx.pid; |
|
include /etc/nginx/modules-enabled/*.conf; |
|
|
|
events { |
|
worker_connections 768; |
|
# multi_accept on; |
|
} |
|
|
|
http { |
|
|
|
## |
|
# Basic Settings |
|
## |
|
|
|
sendfile on; |
|
tcp_nopush on; |
|
types_hash_max_size 2048; |
|
# server_tokens off; |
|
|
|
# server_names_hash_bucket_size 64; |
|
# server_name_in_redirect off; |
|
|
|
include /etc/nginx/mime.types; |
|
default_type application/octet-stream; |
|
|
|
## |
|
# SSL Settings |
|
## |
|
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE |
|
ssl_prefer_server_ciphers on; |
|
|
|
## |
|
# Logging Settings |
|
## |
|
|
|
access_log /var/log/nginx/access.log; |
|
error_log /var/log/nginx/error.log; |
|
|
|
## |
|
# Gzip Settings |
|
## |
|
|
|
gzip on; |
|
|
|
# gzip_vary on; |
|
# gzip_proxied any; |
|
# gzip_comp_level 6; |
|
# gzip_buffers 16 8k; |
|
# gzip_http_version 1.1; |
|
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; |
|
|
|
## |
|
# Virtual Host Configs |
|
## |
|
|
|
include /etc/nginx/conf.d/*.conf; |
|
include /etc/nginx/sites-enabled/*; |
|
|
|
server { |
|
server_name webring.alifeee.co.uk; |
|
|
|
# HTTP to HTTPS |
|
if ($scheme != "https") { |
|
return 301 https://$host$request_uri; |
|
} # managed by Certbot |
|
|
|
# HTTPS configuration |
|
listen [::]:443 ssl ipv6only=on; # managed by Certbot |
|
listen 443 ssl; # managed by Certbot |
|
ssl_certificate /etc/letsencrypt/live/webring.alifeee.co.uk/fullchain.pem; # managed by Certbot |
|
ssl_certificate_key /etc/letsencrypt/live/webring.alifeee.co.uk/privkey.pem; # managed by Certbot |
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot |
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot |
|
|
|
location / { |
|
proxy_pass http://localhost:8080; |
|
proxy_redirect off; |
|
proxy_set_header Host $http_host; |
|
proxy_set_header X-Real-IP $remote_addr; |
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
proxy_read_timeout 900; |
|
} |
|
} |
|
|
|
server { |
|
server_name steamcollage.alifeee.co.uk; |
|
location / { |
|
add_header Content-Type text/plain; |
|
return 200 "see https://github.com/alifeee/steam_collage_api"; |
|
} |
|
location /steamcollage/ { |
|
proxy_pass http://localhost:5000; |
|
proxy_redirect off; |
|
proxy_set_header Host $http_host; |
|
proxy_set_header X-Real-IP $remote_addr; |
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
proxy_read_timeout 900; |
|
} |
|
|
|
|
|
listen 443 ssl; # managed by Certbot |
|
ssl_certificate /etc/letsencrypt/live/steamcollage.alifeee.co.uk/fullchain.pem; # managed by Certbot |
|
ssl_certificate_key /etc/letsencrypt/live/steamcollage.alifeee.co.uk/privkey.pem; # managed by Certbot |
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot |
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot |
|
} |
|
|
|
server { |
|
server_name webdiffer.alifeee.co.uk; |
|
location / { |
|
proxy_pass http://localhost:5616; |
|
proxy_redirect off; |
|
proxy_set_header Host $http_host; |
|
proxy_set_header X-Real-IP $remote_addr; |
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
proxy_read_timeout 900; |
|
auth_basic "website differ"; |
|
auth_basic_user_file /etc/nginx/.htpasswd; |
|
} |
|
|
|
listen [::]:443 ssl; # managed by Certbot |
|
listen 443 ssl; # managed by Certbot |
|
ssl_certificate /etc/letsencrypt/live/webdiffer.alifeee.co.uk/fullchain.pem; # managed by Certbot |
|
ssl_certificate_key /etc/letsencrypt/live/webdiffer.alifeee.co.uk/privkey.pem; # managed by Certbot |
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot |
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot |
|
} |
|
|
|
server { |
|
server_name influxdb.alifeee.co.uk; |
|
location / { |
|
proxy_pass http://localhost:8086; |
|
proxy_redirect off; |
|
proxy_set_header Host $http_host; |
|
proxy_set_header X-Real-IP $remote_addr; |
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
proxy_read_timeout 900; |
|
} |
|
|
|
|
|
listen 443 ssl; # managed by Certbot |
|
ssl_certificate /etc/letsencrypt/live/influxdb.alifeee.co.uk/fullchain.pem; # managed by Certbot |
|
ssl_certificate_key /etc/letsencrypt/live/influxdb.alifeee.co.uk/privkey.pem; # managed by Certbot |
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot |
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot |
|
} |
|
|
|
server { |
|
server_name summon2scale.alifeee.co.uk; |
|
location / { |
|
proxy_pass http://localhost:9043; |
|
proxy_redirect off; |
|
proxy_set_header Host $http_host; |
|
proxy_set_header X-Real-IP $remote_addr; |
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
proxy_read_timeout 900; |
|
} |
|
|
|
|
|
listen 443 ssl; # managed by Certbot |
|
ssl_certificate /etc/letsencrypt/live/summon2scale.alifeee.co.uk/fullchain.pem; # managed by Certbot |
|
ssl_certificate_key /etc/letsencrypt/live/summon2scale.alifeee.co.uk/privkey.pem; # managed by Certbot |
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot |
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot |
|
|
|
} |
|
|
|
server { |
|
server_name ringram.alifeee.co.uk; |
|
location / { |
|
root /var/www/ringram/website/_site; |
|
try_files $uri $uri/ =404; |
|
} |
|
|
|
|
|
listen 443 ssl; # managed by Certbot |
|
ssl_certificate /etc/letsencrypt/live/ringram.alifeee.co.uk/fullchain.pem; # managed by Certbot |
|
ssl_certificate_key /etc/letsencrypt/live/ringram.alifeee.co.uk/privkey.pem; # managed by Certbot |
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot |
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot |
|
} |
|
|
|
server { |
|
server_name pad.alifeee.co.uk; |
|
location / { |
|
proxy_pass http://localhost:9001; |
|
proxy_redirect off; |
|
proxy_set_header Host $http_host; |
|
proxy_set_header X-Real-IP $remote_addr; |
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
proxy_read_timeout 900; |
|
proxy_http_version 1.1; |
|
proxy_set_header Upgrade $http_upgrade; |
|
proxy_set_header Connection "upgrade"; |
|
} |
|
|
|
listen [::]:443 ssl; # managed by Certbot |
|
listen 443 ssl; # managed by Certbot |
|
ssl_certificate /etc/letsencrypt/live/pad.alifeee.co.uk/fullchain.pem; # managed by Certbot |
|
ssl_certificate_key /etc/letsencrypt/live/pad.alifeee.co.uk/privkey.pem; # managed by Certbot |
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot |
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot |
|
} |
|
|
|
server { |
|
server_name cal.alifeee.co.uk; |
|
location / { |
|
root /var/www/simple-calendar/_site; |
|
try_files $uri $uri/ =404; |
|
add_header Cache-Control no-cache; |
|
if_modified_since off; |
|
add_header Last-Modified ""; |
|
} |
|
location = /edit { |
|
include fastcgi_params; |
|
fastcgi_param SCRIPT_FILENAME /var/www/simple-calendar/edit; |
|
fastcgi_pass unix:/var/run/fcgiwrap.socket; |
|
auth_basic "calendar edit"; |
|
auth_basic_user_file /etc/nginx/.htpasswd; |
|
} |
|
|
|
listen [::]:443 ssl; # managed by Certbot |
|
listen 443 ssl; # managed by Certbot |
|
ssl_certificate /etc/letsencrypt/live/cal.alifeee.co.uk/fullchain.pem; # managed by Certbot |
|
ssl_certificate_key /etc/letsencrypt/live/cal.alifeee.co.uk/privkey.pem; # managed by Certbot |
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot |
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot |
|
|
|
} |
|
|
|
server { |
|
server_name wad.alifeee.co.uk; |
|
|
|
client_max_body_size 100M; |
|
|
|
location / { |
|
proxy_pass http://localhost:6875; |
|
proxy_redirect off; |
|
proxy_set_header Host $http_host; |
|
proxy_set_header X-Real-IP $remote_addr; |
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
proxy_read_timeout 900; |
|
} |
|
|
|
listen [::]:443 ssl; # managed by Certbot |
|
listen 443 ssl; # managed by Certbot |
|
ssl_certificate /etc/letsencrypt/live/wad.alifeee.co.uk/fullchain.pem; # managed by Certbot |
|
ssl_certificate_key /etc/letsencrypt/live/wad.alifeee.co.uk/privkey.pem; # managed by Certbot |
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot |
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot |
|
|
|
} |
|
|
|
server { |
|
server_name syncthing.alifeee.co.uk; |
|
location / { |
|
proxy_pass http://localhost:8384/; |
|
proxy_set_header Host $http_host; |
|
proxy_set_header X-Real-IP $remote_addr; |
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
proxy_set_header X-Forwarded-Proto $scheme; |
|
proxy_read_timeout 900; |
|
} |
|
|
|
listen [::]:443 ssl; # managed by Certbot |
|
listen 443 ssl; # managed by Certbot |
|
ssl_certificate /etc/letsencrypt/live/syncthing.alifeee.co.uk/fullchain.pem; # managed by Certbot |
|
ssl_certificate_key /etc/letsencrypt/live/syncthing.alifeee.co.uk/privkey.pem; # managed by Certbot |
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot |
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot |
|
} |
|
|
|
server { |
|
server_name server.alifeee.co.uk; |
|
|
|
listen 80 default_server; |
|
listen [::]:80 default_server; |
|
|
|
listen [::]:443 ssl; # managed by Certbot |
|
listen 443 ssl; # managed by Certbot |
|
ssl_certificate /etc/letsencrypt/live/server.alifeee.co.uk/fullchain.pem; # managed by Certbot |
|
ssl_certificate_key /etc/letsencrypt/live/server.alifeee.co.uk/privkey.pem; # managed by Certbot |
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot |
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot |
|
|
|
location / { |
|
root /var/www/server_homepage; |
|
try_files $uri $uri/ =404; |
|
} |
|
|
|
location ~ /static.*/$ { |
|
root /var/www/; |
|
autoindex on; |
|
auth_basic "static index"; |
|
auth_basic_user_file /etc/nginx/.htpasswd; |
|
} |
|
location /static { |
|
alias /var/www/static/; |
|
try_files $uri $uri/ =404; |
|
} |
|
|
|
location /do/ { |
|
fastcgi_intercept_errors on; |
|
include fastcgi_params; |
|
fastcgi_param SCRIPT_FILENAME /var/www/cgi/$fastcgi_script_name; |
|
fastcgi_pass unix:/var/run/fcgiwrap.socket; |
|
} |
|
location /bench/ { |
|
fastcgi_intercept_errors on; |
|
include fastcgi_params; |
|
fastcgi_param SCRIPT_FILENAME /var/www/cgi/$fastcgi_script_name; |
|
fastcgi_pass unix:/var/run/fcgiwrap.socket; |
|
} |
|
location /github/ { |
|
fastcgi_intercept_errors on; |
|
include fastcgi_params; |
|
fastcgi_param SCRIPT_FILENAME /var/www/cgi/$fastcgi_script_name; |
|
fastcgi_pass unix:/var/run/fcgiwrap.socket; |
|
} |
|
location /occupation-data/ { |
|
fastcgi_index index.cgi; |
|
fastcgi_intercept_errors on; |
|
include fastcgi_params; |
|
fastcgi_param SCRIPT_FILENAME /var/www/cgi/$fastcgi_script_name; |
|
fastcgi_pass unix:/var/run/fcgiwrap.socket; |
|
} |
|
|
|
location /liputenpo/ { |
|
fastcgi_intercept_errors on; |
|
include fastcgi_params; |
|
fastcgi_param SCRIPT_FILENAME /var/www/cgi/$fastcgi_script_name; |
|
fastcgi_pass unix:/var/run/fcgiwrap.socket; |
|
} |
|
location /polycule { |
|
alias /var/www/polycule/_site/; |
|
try_files $uri $uri/ =404; |
|
auth_basic "polycule"; |
|
auth_basic_user_file /var/www/polycule/.htpasswd; |
|
} |
|
location /polycule/edit { |
|
fastcgi_intercept_errors on; |
|
include fastcgi_params; |
|
fastcgi_param SCRIPT_FILENAME /var/www/polycule/edit.cgi; |
|
fastcgi_pass unix:/var/run/fcgiwrap.socket; |
|
auth_basic "polycule"; |
|
auth_basic_user_file /var/www/polycule/.htpasswd; |
|
} |
|
|
|
location /factorio { |
|
alias /var/www/factorio_map/; |
|
try_files $uri $uri/ =404; |
|
} |
|
|
|
location /bothies { |
|
alias /var/www/bothies/; |
|
try_files $uri $uri/ =404; |
|
} |
|
|
|
location /flowers { |
|
alias /var/www/flowers/; |
|
try_files $uri $uri/ =404; |
|
} |
|
location = /flowers { |
|
return 301 "/flowers/"; |
|
} |
|
location = /flowers/ { |
|
fastcgi_index index.cgi; |
|
include fastcgi_params; |
|
fastcgi_param SCRIPT_FILENAME /var/www/$fastcgi_script_name; |
|
fastcgi_pass unix:/var/run/fcgiwrap.socket; |
|
} |
|
location ~ ^/flowers.*\.cgi$ { |
|
client_max_body_size 10M; |
|
include fastcgi_params; |
|
fastcgi_param SCRIPT_FILENAME /var/www/$fastcgi_script_name; |
|
fastcgi_pass unix:/var/run/fcgiwrap.socket; |
|
auth_basic "flowers"; |
|
auth_basic_user_file /var/www/flowers/.htpasswd; |
|
} |
|
|
|
location /calendar { |
|
alias /var/www/calendar/; |
|
try_files $uri $uri/ =404; |
|
# index index.html; |
|
auth_basic "Neil's calendar"; |
|
auth_basic_user_file /etc/nginx/.htpasswd; |
|
|
|
# location ~ /calendar/.*\.php$ { |
|
# return 200 'this is a php file'; |
|
# add_header Content-Type text/plain; |
|
# include snippets/fastcgi-php.conf; |
|
# fastcgi_split_path_info ^(.+\.php)(.*)$; |
|
# fastcgi_pass unix:/var/run/php8.1-fpm-calendar-site.sock; |
|
# fastcgi_pass unix:/var/run/php8.1-fpm.sock; |
|
# fastcgi_index index.php; |
|
# include fastcgi.conf; |
|
# } |
|
|
|
# location /calendar { |
|
# try_files $uri $uri/ =404; |
|
# } |
|
# include snippets/fastcgi-php.conf; |
|
# fastcgi_pass unix:/run/php/php8.1-fpm.sock; |
|
} |
|
} |
|
|
|
|
|
server { |
|
if ($host = webring.alifeee.co.uk) { |
|
return 301 https://$host$request_uri; |
|
} # managed by Certbot |
|
|
|
server_name webring.alifeee.co.uk; |
|
listen 80; |
|
listen [::]:80; |
|
return 404; # managed by Certbot |
|
} |
|
|
|
server { |
|
if ($host = steamcollage.alifeee.co.uk) { |
|
return 301 https://$host$request_uri; |
|
} # managed by Certbot |
|
|
|
server_name steamcollage.alifeee.co.uk; |
|
listen 80; |
|
return 404; # managed by Certbot |
|
} |
|
|
|
|
|
server { |
|
if ($host = webdiffer.alifeee.co.uk) { |
|
return 301 https://$host$request_uri; |
|
} # managed by Certbot |
|
|
|
server_name webdiffer.alifeee.co.uk; |
|
listen 80; |
|
listen [::]:80; |
|
return 404; # managed by Certbot |
|
} |
|
|
|
|
|
server { |
|
if ($host = influxdb.alifeee.co.uk) { |
|
return 301 https://$host$request_uri; |
|
} # managed by Certbot |
|
|
|
|
|
server_name influxdb.alifeee.co.uk; |
|
listen 80; |
|
return 404; # managed by Certbot |
|
|
|
|
|
} |
|
|
|
server { |
|
if ($host = ringram.alifeee.co.uk) { |
|
return 301 https://$host$request_uri; |
|
} # managed by Certbot |
|
|
|
|
|
server_name ringram.alifeee.co.uk |
|
listen 80; |
|
listen 80; |
|
return 404; # managed by Certbot |
|
|
|
|
|
} |
|
|
|
server { |
|
if ($host = pad.alifeee.co.uk) { |
|
return 301 https://$host$request_uri; |
|
} # managed by Certbot |
|
|
|
|
|
listen 80; |
|
listen [::]:80; |
|
server_name pad.alifeee.co.uk; |
|
return 404; # managed by Certbot |
|
|
|
|
|
} |
|
|
|
server { |
|
if ($host = summon2scale.alifeee.co.uk) { |
|
return 301 https://$host$request_uri; |
|
} # managed by Certbot |
|
|
|
|
|
server_name summon2scale.alifeee.co.uk; |
|
listen 80; |
|
return 404; # managed by Certbot |
|
|
|
|
|
} |
|
|
|
server { |
|
if ($host = cal.alifeee.co.uk) { |
|
return 301 https://$host$request_uri; |
|
} # managed by Certbot |
|
|
|
|
|
server_name cal.alifeee.co.uk; |
|
listen 80; |
|
listen [::]:80; |
|
return 404; # managed by Certbot |
|
|
|
|
|
} |
|
|
|
server { |
|
if ($host = wad.alifeee.co.uk) { |
|
return 301 https://$host$request_uri; |
|
} # managed by Certbot |
|
|
|
|
|
server_name wad.alifeee.co.uk; |
|
listen 80; |
|
listen [::]:80; |
|
return 404; # managed by Certbot |
|
|
|
|
|
} |
|
|
|
server { |
|
if ($host = syncthing.alifeee.co.uk) { |
|
return 301 https://$host$request_uri; |
|
} # managed by Certbot |
|
|
|
|
|
server_name syncthing.alifeee.co.uk; |
|
listen 80; |
|
listen [::]:80; |
|
return 404; # managed by Certbot |
|
|
|
|
|
}} |
|
|
|
|
|
#mail { |
|
# # See sample authentication script at: |
|
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript |
|
# |
|
# # auth_http localhost/auth.php; |
|
# # pop3_capabilities "TOP" "USER"; |
|
# # imap_capabilities "IMAP4rev1" "UIDPLUS"; |
|
# |
|
# server { |
|
# listen localhost:110; |
|
# protocol pop3; |
|
# proxy on; |
|
# } |
|
# |
|
# server { |
|
# listen localhost:143; |
|
# protocol imap; |
|
# proxy on; |
|
# } |
|
#} |
|
|