From 5e601f7ee14830ef645ee3d3b1bcdce7450a5ce3 Mon Sep 17 00:00:00 2001 From: punk Date: Thu, 29 Apr 2021 16:10:16 +0100 Subject: linux tools configs moved to linux folder --- tools/conf/etc/nginx/sites-enabled/default.conf | 96 ----------------------- tools/conf/etc/nginx/sites-enabled/email.conf | 63 --------------- tools/conf/etc/nginx/sites-enabled/forum.conf | 39 --------- tools/conf/etc/nginx/sites-enabled/frontpage.conf | 40 ---------- tools/conf/etc/nginx/sites-enabled/git.conf | 24 ------ tools/conf/etc/nginx/sites-enabled/ports.conf | 55 ------------- tools/conf/etc/nginx/sites-enabled/shop.conf | 86 -------------------- tools/conf/etc/nginx/sites-enabled/task.conf | 21 ----- tools/conf/etc/nginx/sites-enabled/vexim.conf | 39 --------- tools/conf/etc/nginx/sites-enabled/wiki.conf | 39 --------- 10 files changed, 502 deletions(-) delete mode 100644 tools/conf/etc/nginx/sites-enabled/default.conf delete mode 100644 tools/conf/etc/nginx/sites-enabled/email.conf delete mode 100644 tools/conf/etc/nginx/sites-enabled/forum.conf delete mode 100644 tools/conf/etc/nginx/sites-enabled/frontpage.conf delete mode 100644 tools/conf/etc/nginx/sites-enabled/git.conf delete mode 100644 tools/conf/etc/nginx/sites-enabled/ports.conf delete mode 100644 tools/conf/etc/nginx/sites-enabled/shop.conf delete mode 100644 tools/conf/etc/nginx/sites-enabled/task.conf delete mode 100644 tools/conf/etc/nginx/sites-enabled/vexim.conf delete mode 100644 tools/conf/etc/nginx/sites-enabled/wiki.conf (limited to 'tools/conf/etc/nginx/sites-enabled') diff --git a/tools/conf/etc/nginx/sites-enabled/default.conf b/tools/conf/etc/nginx/sites-enabled/default.conf deleted file mode 100644 index f7a6928..0000000 --- a/tools/conf/etc/nginx/sites-enabled/default.conf +++ /dev/null @@ -1,96 +0,0 @@ -server { -#if ($http_user_agent ~* (AhrefsBot|SemrushBot|MJ12Bot|DotBot)) { -# return 410; -#} - -##listen 443 ssl http2; - server_name tribu.semdestino.org; - - listen 80 default_server; - listen 443 ssl default_server; -# listen [::]:443 ssl http2; - - access_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_vhost,nohostname main; - error_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_vhost_err,nohostname debug; - - root /etc/nginx/html/; - - ssl_certificate /etc/letsencrypt/live/tribu.semdestino.org/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/tribu.semdestino.org/privkey.pem; - ssl_trusted_certificate /etc/letsencrypt/live/tribu.semdestino.org/chain.pem; - - ssl_session_timeout 1d; - ssl_session_cache shared:SSL:50m; - ssl_session_tickets off; - ssl_protocols TLSv1.2; - ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; - ssl_prefer_server_ciphers on; - add_header Strict-Transport-Security max-age=15768000; - ssl_stapling on; - ssl_stapling_verify on; - - -#proxy_redirect off; -#proxy_set_header Host $http_host; -proxy_set_header X-Forwarded-Host $http_host; -#proxy_set_header X-Real-IP $remote_addr; -proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - - - location /doc { - alias /srv/www/doc; - index index.html; - autoindex on; - } - - location /mirror { - proxy_pass http://ports.ank; - } - - location /pub { - proxy_pass http://wiki.server.ank:8080; - } - location ^~ /.well-known { - # ACME challenge - proxy_pass http://wiki.server.ank; - } - location /wiki { - proxy_pass http://wiki.server.ank:8080; - } - - location /git { - proxy_pass http://git.server.ank:8080; - } - - location /forum/ { - proxy_pass http://forum.server.ank:8080/; - } - - location /task { - proxy_pass http://task.server.ank:8080; - } - - location /shop { - proxy_pass http://shop.server.ank:8080; - } - - location /vexim/ { - proxy_pass http://vexim.server.ank:8080/; - } - - location /email { - proxy_pass http://email.server.ank:8080; - } - - location /awstats { - proxy_pass http://awstats.server.ank:8080; - } - - location /stats { - proxy_pass http://stats.server.ank:8080; - } - - location / { - proxy_pass http://frontpage.server.ank:8080/; - } -} diff --git a/tools/conf/etc/nginx/sites-enabled/email.conf b/tools/conf/etc/nginx/sites-enabled/email.conf deleted file mode 100644 index 5b34d7c..0000000 --- a/tools/conf/etc/nginx/sites-enabled/email.conf +++ /dev/null @@ -1,63 +0,0 @@ -server { - listen 8080; - server_name email.server.ank; - - access_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_email,nohostname main; - error_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_email_err,nohostname debug; - - location /email { - alias /srv/www/email; - index index.php; - autoindex off; - } - - # Favicon - location ~ ^/email/favicon.ico$ { - root /srv/www/email/skins/classic/images; - log_not_found off; - access_log off; - expires max; - } - - # Robots file - location ~ ^/email/robots.txt { - allow all; - log_not_found off; - access_log off; - } - - # Deny Protected directories - location ~ ^/email/(config|temp|logs)/ { - deny all; - } - - location ~ ^/email/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ { - deny all; - } - - location ~ ^/email/(bin|SQL)/ { - deny all; - } - - # Hide .md files - location ~ ^/email/(.+\.md)$ { - deny all; - } - - # Hide all dot files - location ~ ^/email/\. { - deny all; - access_log off; - log_not_found off; - } - - location ~ /email/.*\.php { - alias /srv/www/email; - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_index index.php; - try_files $uri /index.php =404; - include /etc/nginx/fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass 127.0.0.1:9000; - } -} diff --git a/tools/conf/etc/nginx/sites-enabled/forum.conf b/tools/conf/etc/nginx/sites-enabled/forum.conf deleted file mode 100644 index 14350e3..0000000 --- a/tools/conf/etc/nginx/sites-enabled/forum.conf +++ /dev/null @@ -1,39 +0,0 @@ -server { - listen 8080; - server_name forum.server.ank; - - access_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_forum,nohostname main; - error_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_forum_err,nohostname debug; - - root /srv/www/forum; - - location / { - index index.php; - try_files $uri $uri/ index.php$is_args$args; - } - - location ~ [^/]\.php(/|$) { - - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - if (!-f $document_root$fastcgi_script_name) { - return 404; - } - - # Mitigate https://httpoxy.org/ vulnerabilities - fastcgi_param HTTP_PROXY ""; - - fastcgi_pass 127.0.0.1:9000; - fastcgi_index index.php; - - # include the fastcgi_param setting - include fastcgi_params; - - # SCRIPT_FILENAME parameter is used for PHP FPM determining - # the script name. If it is not set in fastcgi_params file, - # i.e. /etc/nginx/fastcgi_params or in the parent contexts, - # please comment off following line - fastcgi_param REQUEST_METHOD $request_method; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - } - -} diff --git a/tools/conf/etc/nginx/sites-enabled/frontpage.conf b/tools/conf/etc/nginx/sites-enabled/frontpage.conf deleted file mode 100644 index 7f7e66a..0000000 --- a/tools/conf/etc/nginx/sites-enabled/frontpage.conf +++ /dev/null @@ -1,40 +0,0 @@ -server { - listen 8080; - server_name frontpage.server.ank; - - #access_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_frontpage,nohostname main; - error_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_frontpage_err,nohostname debug; - - root /srv/www/frontpage; - - index index.html index.php; - - location / { - index index.html; - try_files $uri $uri/ index.html index.php$is_args$args; - } - - location ~ [^/]\.php(/|$) { - - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - if (!-f $document_root$fastcgi_script_name) { - return 404; - } - - # Mitigate https://httpoxy.org/ vulnerabilities - fastcgi_param HTTP_PROXY ""; - - fastcgi_pass 127.0.0.1:9000; - fastcgi_index index.php; - - # include the fastcgi_param setting - include fastcgi_params; - - # SCRIPT_FILENAME parameter is used for PHP FPM determining - # the script name. If it is not set in fastcgi_params file, - # i.e. /etc/nginx/fastcgi_params or in the parent contexts, - # please comment off following line - fastcgi_param REQUEST_METHOD $request_method; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - } -} diff --git a/tools/conf/etc/nginx/sites-enabled/git.conf b/tools/conf/etc/nginx/sites-enabled/git.conf deleted file mode 100644 index f9d2d97..0000000 --- a/tools/conf/etc/nginx/sites-enabled/git.conf +++ /dev/null @@ -1,24 +0,0 @@ -server { - listen 8080; - server_name git.server.ank; - - access_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_git,nohostname main; - error_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_git_err,nohostname debug; - - root /srv/www/gitweb; - - location /git/static { - # static files (png/css) served from /usr/share/gitweb/static - alias /srv/www/gitweb/static; - } - - location / { - index gitweb.cgi; - fastcgi_split_path_info ^/git()(/?.+)$; - fastcgi_param GITWEB_CONFIG /etc/gitweb.conf; - fastcgi_param DOCUMENT_ROOT /srv/www/gitweb; - fastcgi_param SCRIPT_NAME /gitweb.cgi$fastcgi_path_info; - include fastcgi_params; - fastcgi_pass unix:/var/run/fcgiwrap.sock; - } -} diff --git a/tools/conf/etc/nginx/sites-enabled/ports.conf b/tools/conf/etc/nginx/sites-enabled/ports.conf deleted file mode 100644 index 829d710..0000000 --- a/tools/conf/etc/nginx/sites-enabled/ports.conf +++ /dev/null @@ -1,55 +0,0 @@ -server { - listen 80; - server_name localhost ports.ank default_host; - - access_log /var/log/nginx/ports_access.log; - error_log /var/log/nginx/ports_error.log; - - location /mirror/archive { - autoindex on; - alias /usr/ports/archive; - } - - location /mirror/packages { - autoindex on; - alias /usr/ports/packages; - } - - location /mirror/distfiles { - autoindex on; - alias /usr/ports/distfiles; - } - - location /mirror/bugs { - autoindex on; - alias /usr/ports/pkgbuild; - types { - text/plain log; - } - } - - location /mirror/installed { - autoindex on; - alias /usr/ports/installed; - default_type text/plain; - } - - location /mirror/releases { - autoindex on; - alias /usr/ports/releases; - } - - location /mirror/ { - return 301 https://tribu.semdestino.org/wiki/Main/Mirror; - } - - error_page 404 /404.html; - - # redirect server error pages to the static page /50x.html - # - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root html; - } -} - diff --git a/tools/conf/etc/nginx/sites-enabled/shop.conf b/tools/conf/etc/nginx/sites-enabled/shop.conf deleted file mode 100644 index de34e40..0000000 --- a/tools/conf/etc/nginx/sites-enabled/shop.conf +++ /dev/null @@ -1,86 +0,0 @@ -server { - listen 8080; - server_name shop.server.ank; - - access_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_shop,nohostname main; - error_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_shop_err,nohostname debug; - - location ~ ^/shop/admin { - alias /srv/www/shop/upload/admin; - index index.php; - - location ~ ^/shop/admin/config.php { - deny all; - } - - location ~ \.php$ { - include /etc/nginx/fastcgi_params; - fastcgi_param SCRIPT_FILENAME $request_filename$1; - fastcgi_pass 127.0.0.1:9000; - } - } - - location ^~ /shop { - alias /srv/www/shop/upload; - index index.php; - #try_files $uri $uri/ index.php$is_args$args; - #try_files index.php @opencart; - - location ~ ^/shop/upload/image/data { - autoindex on; - } - - location ~ ^/shop/config.php { - deny all; - } - - - location ~ ^/shop/admin/config.php { - deny all; - } - -# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). -# - location ~ ^/shop/\. { - deny all; - access_log off; - log_not_found off; - } - location ~ ^/shop/\.(jpg|jpeg|png|gif|css|js|ico)$ { - expires max; - log_not_found off; - } - - location ~ \.php$ { - include /etc/nginx/fastcgi_params; - fastcgi_param SCRIPT_FILENAME $request_filename$1; - fastcgi_pass 127.0.0.1:9000; - #fastcgi_split_path_info ^(.+\.php)(/.+)$; - #fastcgi_split_path_info ^(.+\.php)(.*)$; - #fastcgi_index index.php; - #try_files $uri /index.php =404; - # fastcgi_pass unix:/var/run/php5-fpm.sock; - } - - } - - - location @tribushop { - rewrite ^/shop/(.+)$ /shop/index.php?_route_=$1 last; - } - - location /shop/engine { - deny all; - } - - location ~ ^/shop/library { - deny all; - } - - # Make sure files with the following extensions do not - # get loaded by nginx because nginx would display the - # source code, and these files can contain PASSWORDS! - location ~ ^/shop/\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|.*ini|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ { - deny all; - } -} diff --git a/tools/conf/etc/nginx/sites-enabled/task.conf b/tools/conf/etc/nginx/sites-enabled/task.conf deleted file mode 100644 index 8b15ee5..0000000 --- a/tools/conf/etc/nginx/sites-enabled/task.conf +++ /dev/null @@ -1,21 +0,0 @@ -server { - listen 8080; - server_name task.server.ank; - - location /task { - index index.php; - alias /srv/www/task; - try_files $uri $uri/ index.php$is_args$args; - } - - location ~ ^/task(.+\.php)$ { ### This location block was the solution - alias /srv/www/task; - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_index index.php; - try_files $uri /index.php =404; - include /etc/nginx/fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$1; -# fastcgi_pass unix:/var/run/php5-fpm.sock; - fastcgi_pass 127.0.0.1:9000; - } -} diff --git a/tools/conf/etc/nginx/sites-enabled/vexim.conf b/tools/conf/etc/nginx/sites-enabled/vexim.conf deleted file mode 100644 index d113cdc..0000000 --- a/tools/conf/etc/nginx/sites-enabled/vexim.conf +++ /dev/null @@ -1,39 +0,0 @@ -server { - listen 8080; - server_name vexim.server.ank; - - access_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_vexim,nohostname main; - error_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_vexim_err,nohostname debug; - - root /srv/www/vexim; - - location / { - index index.php; - autoindex off; - } - - location ~ [^/]\.php(/|$) { - - fastcgi_split_path_info ^(.+?\.php)(/.*)$; - if (!-f $document_root$fastcgi_script_name) { - return 404; - } - - # Mitigate https://httpoxy.org/ vulnerabilities - fastcgi_param HTTP_PROXY ""; - - fastcgi_pass 127.0.0.1:9000; - fastcgi_index index.php; - - # include the fastcgi_param setting - include fastcgi_params; - - # SCRIPT_FILENAME parameter is used for PHP FPM determining - # the script name. If it is not set in fastcgi_params file, - # i.e. /etc/nginx/fastcgi_params or in the parent contexts, - # please comment off following line - fastcgi_param REQUEST_METHOD $request_method; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - } - -} diff --git a/tools/conf/etc/nginx/sites-enabled/wiki.conf b/tools/conf/etc/nginx/sites-enabled/wiki.conf deleted file mode 100644 index 1e3b4d1..0000000 --- a/tools/conf/etc/nginx/sites-enabled/wiki.conf +++ /dev/null @@ -1,39 +0,0 @@ -server { - listen 8080; - server_name wiki.server.ank; - - access_log syslog:server=unix:/dev/log,facility=daemon,tag=vh_tribu,nohostname main; - error_log syslog:server=unix:/dev/log,facility=daemon,tag=vh_tribu_err,nohostname debug; - - root /srv/www/; - - location /pub { - alias /srv/www/wiki/pub; - } - # ACME challenge - location ^~ /.well-known { - allow all; - alias /srv/www/wiki/pub/cert/.well-known/; - default_type "text/plain"; - try_files $uri =404; - } - - location @pmwiki { - rewrite ^/wiki/(.*) /wiki/pmwiki.php?n=$1; - } - - location /wiki { - index pmwiki.php; - try_files $uri $uri/ @pmwiki; - } - - location ~ ^\/wiki(.+\.php)$ { - index pmwiki.php; - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_index pmwiki.php; - try_files $uri /pmwiki.php =404; - include /etc/nginx/fastcgi_params; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - fastcgi_pass 127.0.0.1:9000; - } -} -- cgit 1.4.1-2-gfad0