Arena Artoon arenadoon

## nginx.conf

user  nginx;

# one(1) worker or equal the number of _real_ cpu cores. 4=4 core cpu
worker_processes  4;

# renice workers to reduce priority compared to system processes for
# machine health. worst case nginx will get ~25% system resources at nice=15
worker_priority -5;

## nginx_cloudflare.conf
# Look for client IP in the X-Forwarded-For header
real_ip_header X-Forwarded-For;

# Ignore trusted IPs
real_ip_recursive on;

# Trusted list
set_real_ip_from 199.27.128.0/21;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;

## gist:820e70d8d2e6c90ea8263465e8d92e37
http {
    map $whitelist $limit {
      default $binary_remote_addr;
      1 "";
    }

    limit_conn_zone $limit zone=conn_limit_per_ip:10m;
    limit_req_zone $limit zone=req_limit_per_ip:10m rate=5r/s;

    server {

## gist:030dd273cfba8f66ad81ea60c9a9ef1f
Select all and delete (actually move to buffer)
:%d

Select all and copy to buffer
:%y

Use p to paste the buffer.

## nginx.conf
user www-data;
worker_processes 1; # set to number of cores
worker_priority  15; # be nice

# todo: put these on tmpfs, slow write logs to non-volatile
error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

# set open fd limit to 81920
worker_rlimit_nofile 81920; # must be equal or higher as 'worker_processes' * 'worker_connections'

## nginx.conf
user web;

# One worker process per CPU core.
worker_processes 8;

# Also set
# /etc/security/limits.conf
#   web soft nofile 65535
#   web hard nofile 65535
# /etc/default/nginx

## sysctl.conf
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled.  See sysctl(8) and
# sysctl.conf(5) for more details.

# Turn on execshield
# 0 completely disables ExecShield and Address Space Layout Randomization
# 1 enables them ONLY if the application bits for these protections are set to “enable”
# 2 enables them by default, except if the application bits are set to “disable”
# 3 enables them always, whatever the application bits

## allow
for i in `curl https://www.cloudflare.com/ips-v4`; do csf -a $i; done

## stream.php
<?php
/*
Hi!
So this gist is not a very good implementation, it works great in chrome but the seeking is sort of glitched in firefox.
But it does the job and I hope it can help out!

(Please let me know how to improve this)
*/
ini_set('max_execution_time', 0);
$url = "http://mirrors.standaloneinstaller.com/video-sample/jellyfish-25-mbps-hd-hevc.m4v"; //just some sample url, please dont overload their servers

## speedtest-server-list.txt
17584) Chongqing Mobile Company (Chongqing, CN)
 5726) China Unicom Chong Qing Branch (Chongqing, China)
 5530) CCN (Chongqing, China)
19076) China Telecom (ChongQing, China)
20054) YunJinTianFu (Chengdu, China)
11444) University of Electronic Science and Technology of China (Chengdu, China)
 2461) China Unicom (Chengdu, China)
 4575) China Mobile Group Sichuan (Chengdu, China)
16398) China Mobile,GuiZhou (Guiyang, China)
 5292) China Mobile Group Shaanxi Company Limited (Xi'an, China)

	user nginx;

	# one(1) worker or equal the number of _real_ cpu cores. 4=4 core cpu
	worker_processes 4;

	# renice workers to reduce priority compared to system processes for
	# machine health. worst case nginx will get ~25% system resources at nice=15
	worker_priority -5;
	# Look for client IP in the X-Forwarded-For header
	real_ip_header X-Forwarded-For;

	# Ignore trusted IPs
	real_ip_recursive on;

	# Trusted list
	set_real_ip_from 199.27.128.0/21;
	set_real_ip_from 173.245.48.0/20;
	set_real_ip_from 103.21.244.0/22;
	http {
	map $whitelist $limit {
	default $binary_remote_addr;
	1 "";
	}

	limit_conn_zone $limit zone=conn_limit_per_ip:10m;
	limit_req_zone $limit zone=req_limit_per_ip:10m rate=5r/s;

	server {
	Select all and delete (actually move to buffer)
	:%d

	Select all and copy to buffer
	:%y

	Use p to paste the buffer.
	user www-data;
	worker_processes 1; # set to number of cores
	worker_priority 15; # be nice

	# todo: put these on tmpfs, slow write logs to non-volatile
	error_log /var/log/nginx/error.log;
	pid /var/run/nginx.pid;

	# set open fd limit to 81920
	worker_rlimit_nofile 81920; # must be equal or higher as 'worker_processes' * 'worker_connections'
	user web;

	# One worker process per CPU core.
	worker_processes 8;

	# Also set
	# /etc/security/limits.conf
	# web soft nofile 65535
	# web hard nofile 65535
	# /etc/default/nginx
	# Kernel sysctl configuration file for Red Hat Linux
	#
	# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
	# sysctl.conf(5) for more details.

	# Turn on execshield
	# 0 completely disables ExecShield and Address Space Layout Randomization
	# 1 enables them ONLY if the application bits for these protections are set to “enable”
	# 2 enables them by default, except if the application bits are set to “disable”
	# 3 enables them always, whatever the application bits
	<?php
	/*
	Hi!
	So this gist is not a very good implementation, it works great in chrome but the seeking is sort of glitched in firefox.
	But it does the job and I hope it can help out!

	(Please let me know how to improve this)
	*/
	ini_set('max_execution_time', 0);
	$url = "http://mirrors.standaloneinstaller.com/video-sample/jellyfish-25-mbps-hd-hevc.m4v"; //just some sample url, please dont overload their servers
	17584) Chongqing Mobile Company (Chongqing, CN)
	5726) China Unicom Chong Qing Branch (Chongqing, China)
	5530) CCN (Chongqing, China)
	19076) China Telecom (ChongQing, China)
	20054) YunJinTianFu (Chengdu, China)
	11444) University of Electronic Science and Technology of China (Chengdu, China)
	2461) China Unicom (Chengdu, China)
	4575) China Mobile Group Sichuan (Chengdu, China)
	16398) China Mobile,GuiZhou (Guiyang, China)
	5292) China Mobile Group Shaanxi Company Limited (Xi'an, China)