Last active
March 14, 2017 14:27
-
-
Save shelbyKiraM/746e6ad248354fd0e493425705d71f79 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
server_name cudd.li www.cudd.li; | |
listen 80; | |
return 301 https://cudd.li$request_uri; | |
} | |
server { | |
server_name cudd.li www.cudd.li; | |
listen 443 ssl http2; | |
index index.php index.html index.htm; | |
root /home/user/http/cuddli; | |
ssl on; | |
ssl_certificate /etc/letsencrypt/live/cudd.li/fullchain.pem; | |
ssl_certificate_key /etc/letsencrypt/live/cudd.li/privkey.pem; | |
ssl_stapling on; | |
ssl_stapling_verify on; | |
add_header Strict-Transport-Security "max-age=0;"; | |
location ~* /\.\./ { | |
deny all; | |
return 404; | |
} | |
location ~ \.php$ { | |
fastcgi_split_path_info ^(.+\.php)(/.+)$; | |
fastcgi_read_timeout 300; | |
fastcgi_pass unix:/run/php/php7.0-fpm.sock; | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME $request_filename; | |
include fastcgi_params; | |
} | |
location / { | |
try_files $uri $uri/ /blog/index.php?p=$uri&$args; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
echo "service nginx stop" | |
service nginx stop | |
echo "swo.re" | |
letsencrypt certonly --standalone -d swo.re -d www.swo.re -d mail.swo.re | |
echo "cudd.li" | |
letsencrypt certonly --standalone -d cudd.li -d www.cudd.li | |
echo "shelbymunsch.com" | |
letsencrypt certonly --standalone -d shelbymunsch.com -d www.shelbymunsch.com | |
echo "emiliemunsch.com" | |
letsencrypt certonly --standalone -d emiliemunsch.com -d www.emiliemunsch.com | |
echo "smuns.ch" | |
letsencrypt certonly --standalone -d smuns.ch -d www.smuns.ch | |
echo "theoutcast.info" | |
letsencrypt certonly --standalone -d theoutcast.info -d www.theoutcast.info | |
echo "service nginx restart" | |
service nginx restart | |
echo "done." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
user www-data; | |
worker_processes 1; | |
pid /var/run/nginx.pid; | |
events { | |
worker_connections 768; | |
# multi_accept on; | |
} | |
http { | |
## | |
# Basic Settings | |
## | |
sendfile on; | |
tcp_nopush on; | |
tcp_nodelay on; | |
keepalive_timeout 65; | |
types_hash_max_size 2048; | |
# server_tokens off; | |
# server_names_hash_bucket_size 64; | |
# server_name_in_redirect off; | |
include /etc/nginx/mime.types; | |
default_type application/octet-stream; | |
## | |
# SSL Settings | |
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE | |
ssl_prefer_server_ciphers on; | |
ssl_dhparam /etc/nginx/ssl/dhparam.pem; | |
ssl_session_cache shared:SSL:10m; | |
## | |
# Logging Settings | |
## | |
access_log /var/log/nginx/access.log; | |
error_log /var/log/nginx/error.log; | |
## | |
# Gzip Settings | |
## | |
gzip on; | |
gzip_disable "msie6"; | |
# gzip_vary on; | |
# gzip_proxied any; | |
# gzip_comp_level 6; | |
# gzip_buffers 16 8k; | |
# gzip_http_version 1.1; | |
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; | |
## | |
# Virtual Host Configs | |
## | |
include /etc/nginx/conf.d/*.conf; | |
include /etc/nginx/sites-enabled/*; | |
include /var/www/*/.nginx/nginx.conf; | |
} | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
include /var/www/she/.nginx/sites-enabled/*.conf; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 4.4.0-66-generic x86_64) | |
* Documentation: https://help.ubuntu.com | |
* Management: https://landscape.canonical.com | |
* Support: https://ubuntu.com/advantage | |
Get cloud support with Ubuntu Advantage Cloud Guest: | |
http://www.ubuntu.com/business/services/cloud | |
0 packages can be updated. | |
0 updates are security updates. | |
Last login: Tue Mar 14 14:10:38 2017 from 73.93.141.37 | |
14:12:55 root@swo.re / openssl s_client -connect swo.re:443 | |
CONNECTED(00000003) | |
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 | |
verify return:1 | |
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 | |
verify return:1 | |
depth=0 CN = cudd.li | |
verify return:1 | |
--- | |
Certificate chain | |
0 s:/CN=cudd.li | |
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 | |
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 | |
i:/O=Digital Signature Trust Co./CN=DST Root CA X3 | |
--- | |
Server certificate | |
-----BEGIN CERTIFICATE----- | |
MIIE/zCCA+egAwIBAgISA9vTCac/o+WlWYU9aFdTLGRlMA0GCSqGSIb3DQEBCwUA | |
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD | |
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzAzMTQwMzQ2MDBaFw0x | |
NzA2MTIwMzQ2MDBaMBIxEDAOBgNVBAMTB2N1ZGQubGkwggEiMA0GCSqGSIb3DQEB | |
AQUAA4IBDwAwggEKAoIBAQDxpnoRw4jSocnkB1yRypAUcPmsYAZ5DkwtABGKq57e | |
MXq/GwyRMjgGr19ecnhZJMZcDzsMHut0u8yADyOJObXNKEKM12AXgB5mTtM527KV | |
J1+IUGdFvGhzMW33vMFdymPXQqRQ9WZfNoBjgwj65Xm4OWe3OuAyWiDD0umWJRie | |
e2/HfAIE94oSV2SH431tI8X/bq+fjhB2HuT6lI3UNsoMB21TwjR630QREhWmtASh | |
yj3lyXrhCC0h3v8/AJf1alkdNHZIkSLEhV3TMXDKdHv4VR1OtNfa19IQwpwRhkL+ | |
5iRodmuUeFl9fT0w4XP21HM4nmG80FU1GeArxqtjMBPNAgMBAAGjggIVMIICETAO | |
BgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwG | |
A1UdEwEB/wQCMAAwHQYDVR0OBBYEFAt1DU+pRm8cjhn3CCy0eiY4o5ljMB8GA1Ud | |
IwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMHAGCCsGAQUFBwEBBGQwYjAvBggr | |
BgEFBQcwAYYjaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8wLwYI | |
KwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcvMB8G | |
A1UdEQQYMBaCB2N1ZGQubGmCC3d3dy5jdWRkLmxpMIH+BgNVHSAEgfYwgfMwCAYG | |
Z4EMAQIBMIHmBgsrBgEEAYLfEwEBATCB1jAmBggrBgEFBQcCARYaaHR0cDovL2Nw | |
cy5sZXRzZW5jcnlwdC5vcmcwgasGCCsGAQUFBwICMIGeDIGbVGhpcyBDZXJ0aWZp | |
Y2F0ZSBtYXkgb25seSBiZSByZWxpZWQgdXBvbiBieSBSZWx5aW5nIFBhcnRpZXMg | |
YW5kIG9ubHkgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBDZXJ0aWZpY2F0ZSBQb2xp | |
Y3kgZm91bmQgYXQgaHR0cHM6Ly9sZXRzZW5jcnlwdC5vcmcvcmVwb3NpdG9yeS8w | |
DQYJKoZIhvcNAQELBQADggEBAHlg84nRNNl34PVtk4RzpVqkeT2fjZR4D8OnC17B | |
+t9lJOaBAEsd9K7gSxEGFIQOnH8a8w4+TW832kDctMFBzK2xAe1fEevkbW18U+x7 | |
xTN80fwNS7mdnw5muj3wTu8uJ3DdPKAukEazoAq72TYU6SiZMt7N60ikRpt9x7hm | |
XjO22Bw2AfB5JYvZ5Us/Ub3BADiKCN4kseJzOd8Tm6LMfLlKCzg2B2gRmhhzTI0s | |
WAB2fcG+gFQhnpJR4swALl+OjAcLaMUJJSAJkt3oIF0rSpw7ZRRgt1BBCwNQ1GSM | |
CEhGJ+7nuARCRTTgCfevR7BP7riLffL/bm2grhszxr/HdSM= | |
-----END CERTIFICATE----- | |
subject=/CN=cudd.li | |
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 | |
--- | |
No client certificate CA names sent | |
Peer signing digest: SHA512 | |
Server Temp Key: ECDH, P-256, 256 bits | |
--- | |
SSL handshake has read 3135 bytes and written 431 bytes | |
--- | |
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384 | |
Server public key is 2048 bit | |
Secure Renegotiation IS supported | |
Compression: NONE | |
Expansion: NONE | |
No ALPN negotiated | |
SSL-Session: | |
Protocol : TLSv1.2 | |
Cipher : ECDHE-RSA-AES256-GCM-SHA384 | |
Session-ID: 09879233727A2B98B8D78F67B4F8F13BBF82AB5A15F1B7D397AE1800BB269A86 | |
Session-ID-ctx: | |
Master-Key: 3EC707C3A6CD1D567A5B0706ECD0FFFBC8E4B19E4B1C058C03ADA3B8359072EF41D4597CB0EC3FF9A9DECD6E44A81768 | |
Key-Arg : None | |
PSK identity: None | |
PSK identity hint: None | |
SRP username: None | |
TLS session ticket lifetime hint: 300 (seconds) | |
TLS session ticket: | |
0000 - 20 87 8c 38 af 6b dd a1-b0 b2 a0 0f 1d 22 cb 6e ..8.k.......".n | |
0010 - 06 c7 02 40 4b e2 8b 44-6b ca 1f cc 1f 8a a5 07 ...@K..Dk....... | |
0020 - 99 23 72 8a a1 cd df 59-9b 7d 47 41 7a d6 f2 f6 .#r....Y.}GAz... | |
0030 - 78 6b b9 aa 44 e5 3f 27-f5 ac 34 8a 9f 53 e0 4e xk..D.?'..4..S.N | |
0040 - 1a 03 dd eb 7f 11 5b ed-f1 1c bc cb ab d1 24 a3 ......[.......$. | |
0050 - ce 83 f7 5e fa b6 68 f8-80 c8 29 a0 4d 76 51 d5 ...^..h...).MvQ. | |
0060 - 27 b9 e2 15 ba 85 64 b3-a5 d2 f9 e0 15 75 01 9e '.....d......u.. | |
0070 - f6 84 b1 82 e2 6f 53 a7-0f 2d 9b fe a8 8b 40 ed .....oS..-....@. | |
0080 - c5 0c 14 c1 30 71 34 54-24 b1 7c 9e 88 74 8a f3 ....0q4T$.|..t.. | |
0090 - 15 10 54 71 77 50 fa d3-0a b7 7c b9 9a 9c 58 f2 ..TqwP....|...X. | |
00a0 - d4 2e 5e 18 7c 9a 2e 33-69 80 c3 60 35 7c fb 36 ..^.|..3i..`5|.6 | |
Start Time: 1489500778 | |
Timeout : 300 (sec) | |
Verify return code: 0 (ok) | |
--- | |
^C | |
14:13:04 root@swo.re / 130 ↵ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
server_name smuns.ch www.smuns.ch; | |
listen 80; | |
return 301 https://smuns.ch$request_uri; | |
} | |
server { | |
server_name www.smuns.ch; | |
listen 443 ssl http2; | |
ssl on; | |
ssl_certificate /etc/letsencrypt/live/smuns.ch/fullchain.pem; | |
ssl_certificate_key /etc/letsencrypt/live/smuns.ch/privkey.pem; | |
ssl_stapling on; | |
ssl_stapling_verify on; | |
add_header Strict-Transport-Security "max-age=0;"; | |
return 301 https://smuns.ch$request_uri; | |
} | |
server { | |
server_name smuns.ch; | |
listen 443 ssl; | |
root /home/she/http/smunsch; | |
index index.php index.html index.htm; | |
ssl on; | |
ssl_certificate /etc/letsencrypt/live/smuns.ch/fullchain.pem; | |
ssl_certificate_key /etc/letsencrypt/live/smuns.ch/privkey.pem; | |
ssl_stapling on; | |
ssl_stapling_verify on; | |
add_header Strict-Transport-Security "max-age=0;"; | |
location ~* /\.\./ { | |
deny all; | |
return 404; | |
} | |
location ~ \.php$ { | |
fastcgi_split_path_info ^(.+\.php)(/.+)$; | |
fastcgi_read_timeout 300; | |
fastcgi_pass unix:/run/php/php7.0-fpm.sock; | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME $request_filename; | |
include fastcgi_params; | |
} | |
location / { | |
try_files $uri $uri/ /blog/index.php?p=$uri&$args; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
server_name swo.re www.swo.re mail.swo.re; | |
listen 80; | |
return 301 https://swo.re$request_uri; | |
} | |
server { | |
server_name www.swo.re mail.swo.re; | |
listen 443 ssl http2; | |
ssl_certificate /etc/letsencrypt/live/swo.re/fullchain.pem; | |
ssl_certificate_key /etc/letsencrypt/live/swo.re/privkey.pem; | |
ssl_stapling on; | |
ssl_stapling_verify on; | |
add_header Strict-Transport-Security "max-age=0;"; | |
return 301 https://swo.re$request_uri; | |
} | |
server { | |
server_name swo.re; | |
listen 443 ssl http2; | |
index index.php index.html index.htm; | |
root /home/she/http/swore; | |
ssl_certificate /etc/letsencrypt/live/swo.re/fullchain.pem; | |
ssl_certificate_key /etc/letsencrypt/live/swo.re/privkey.pem; | |
ssl_stapling on; | |
ssl_stapling_verify on; | |
add_header Strict-Transport-Security "max-age=0;"; | |
location ~* /\.\./ { | |
deny all; | |
return 404; | |
} | |
location ~ \.php$ { | |
fastcgi_split_path_info ^(.+\.php)(/.+)$; | |
fastcgi_pass unix:/run/php/php7.0-fpm.sock; | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME $request_filename; | |
fastcgi_param HTTPS on; | |
fastcgi_param HTTP_SCHEME https; | |
include fastcgi_params; | |
} | |
location / { | |
try_files $uri $uri/ /redir.php?p=$uri&$args; | |
} | |
location /fap/ { | |
autoindex on; | |
} | |
location /reactions/ { | |
autoindex on; | |
} | |
location /reaction/ { | |
autoindex on; | |
} | |
location /img/ { | |
autoindex on; | |
} | |
location /TFSM/ { | |
autoindex on; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment