From 721c5af0bb335b2367121681694ceaa7606b18ce Mon Sep 17 00:00:00 2001
From: Silvino Silva <silvino@bk.ru>
Date: Mon, 9 Mar 2020 20:15:17 +0000
Subject: nginx configuration revision

---
 tools/conf/etc/logrotate.conf                   |  34 ++++----
 tools/conf/etc/nginx/nginx.conf                 |   3 +-
 tools/conf/etc/nginx/sites-enabled/default.conf | 102 ++++++++++++++----------
 tools/conf/etc/nginx/sites-enabled/ports.conf   |  55 +++++++++++++
 4 files changed, 133 insertions(+), 61 deletions(-)
 create mode 100644 tools/conf/etc/nginx/sites-enabled/ports.conf

(limited to 'tools/conf/etc')

diff --git a/tools/conf/etc/logrotate.conf b/tools/conf/etc/logrotate.conf
index ee85347..d7ff75c 100644
--- a/tools/conf/etc/logrotate.conf
+++ b/tools/conf/etc/logrotate.conf
@@ -18,6 +18,8 @@ maxsize 1M
 # this directory
 include /etc/logrotate.d
 
+dateformat .%Y%m%d
+
 # few generic files to rotate
 /var/log/wtmp {
     monthly
@@ -39,7 +41,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+      /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -50,7 +52,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+      /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -61,7 +63,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+      /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -73,7 +75,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+      /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -84,7 +86,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+      /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -95,7 +97,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+      /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -115,7 +117,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+        /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -126,7 +128,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+        /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -137,7 +139,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+        /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -148,7 +150,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+        /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -159,7 +161,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+      /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -170,7 +172,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+      /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -181,7 +183,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+      /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -193,7 +195,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+      /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -204,7 +206,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+      /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
@@ -215,7 +217,7 @@ include /etc/logrotate.d
    delaycompress
    sharedscripts
    postrotate
-      /etc/init.d/syslog-ng reload
+      /sbin/syslog-ng-ctl reload >/dev/null
    endscript
 }
 
diff --git a/tools/conf/etc/nginx/nginx.conf b/tools/conf/etc/nginx/nginx.conf
index 1339275..e757df6 100644
--- a/tools/conf/etc/nginx/nginx.conf
+++ b/tools/conf/etc/nginx/nginx.conf
@@ -2,11 +2,10 @@
 # /etc/nginx/nginx.conf - nginx server configuration
 #
 
-
 user www;
 worker_processes auto;
 
-error_log syslog:server=unix:/dev/log debug;
+error_log syslog:server=unix:/dev/log,facility=daemon debug;
 
 pid /var/run/nginx.pid;
 
diff --git a/tools/conf/etc/nginx/sites-enabled/default.conf b/tools/conf/etc/nginx/sites-enabled/default.conf
index fb9fb8e..1bb8afd 100644
--- a/tools/conf/etc/nginx/sites-enabled/default.conf
+++ b/tools/conf/etc/nginx/sites-enabled/default.conf
@@ -1,8 +1,19 @@
 server {
+#if ($http_user_agent ~* (AhrefsBot|SemrushBot|MJ12Bot|DotBot)) {
+#     return 410;
+#}
+
+##listen 443 ssl http2;
     server_name tribu.semdestino.org;
 
     listen 80 default_server;
     listen 443 ssl default_server;
+#  listen [::]:443 ssl http2;
+
+    access_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_vhost,nohostname main;
+    error_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_vhost_err,nohostname debug;
+
+    root /etc/nginx/html/;
 
     ssl_certificate /etc/letsencrypt/live/tribu.semdestino.org/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/tribu.semdestino.org/privkey.pem;
@@ -18,62 +29,67 @@ server {
     ssl_stapling on;
     ssl_stapling_verify on;
 
-    access_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_vhost,nohostname main;
-    error_log syslog:server=unix:/dev/log,facility=daemon,tag=nginx_vhost_err,nohostname debug;
+#proxy_redirect off;
+#proxy_set_header Host $http_host;
+#proxy_set_header X-Forwarded-Host $http_host;
+#proxy_set_header X-Real-IP $remote_addr;
+#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 
-    root /etc/html/;
 
-    location /doc {
-        alias /srv/www/doc;
-        index index.html;
+   location /doc {
+       alias /srv/www/doc;
+       index index.html;
+        autoindex on;
     }
 
-    location /pub {
+   location /mirror {
+       proxy_pass http://c1.ank;
+   }
+
+   location /pub {
+       proxy_pass http://wiki.c2.ank:8080;
+   }
+   location ^~ /.well-known {
+       # ACME challenge
+       proxy_pass http://wiki.c2.ank;
+   }
+   location /wiki {
         proxy_pass http://wiki.c2.ank:8080;
-    }
+   }
 
-    location /wiki {
-        proxy_pass http://wiki.c2.ank:8080;
-    }
+   location /git {
+       proxy_pass http://git.c2.ank:8080;
+   }
 
-    location /git {
-        proxy_pass http://git.c2.ank:8080;
-    }
+   location /forum/ {
+        proxy_pass http://forum.c2.ank:8080/;
+   }
 
-    location /forum {
-        proxy_pass http://forum.c2.ank:8080;
-    }
-
-    location /task {
-        proxy_pass http://task.c2.ank:8080;
-    }
-
-    location /shop {
-        proxy_pass http://shop.c2.ank:8080;
-    }
+   #location /task {
+   #    proxy_pass http://task.c2.ank:8080;
+   #}
 
-    location /email {
-        proxy_pass http://email.c2.ank:8080;
-    }
+   # location /shop {
+   #     proxy_pass http://shop.c2.ank:8080;
+   # }
 
-    location /mirror {
-        proxy_pass http://c1.ank;
-    }
+   location /vexim/ {
+       proxy_pass http://vexim.c2.ank:8080/;
+   }
 
-    location /awstats {
-        proxy_pass http://awstats.c2.ank:8080;
-    }
+   # location /email {
+   #     proxy_pass http://email.c2.ank:8080;
+   # }
 
-    location /stats {
-        proxy_pass http://stats.c2.ank:8080;
-    }
+   # location /awstats {
+   #     proxy_pass http://awstats.c2.ank:8080;
+   # }
 
-    # ACME challenge
-    location ^~ /.well-known {
-        proxy_pass http://wiki.c2.ank;
-    }
+   # location /stats {
+   #     proxy_pass http://stats.c2.ank:8080;
+   # }
 
-    location / {
-        proxy_pass http://frontpage.c2.ank;
+   location / {
+        proxy_pass http://frontpage.c2.ank:8080/;
     }
 }
diff --git a/tools/conf/etc/nginx/sites-enabled/ports.conf b/tools/conf/etc/nginx/sites-enabled/ports.conf
new file mode 100644
index 0000000..829d710
--- /dev/null
+++ b/tools/conf/etc/nginx/sites-enabled/ports.conf
@@ -0,0 +1,55 @@
+server {
+    listen       80;
+    server_name  localhost ports.ank default_host;
+
+    access_log /var/log/nginx/ports_access.log;
+    error_log /var/log/nginx/ports_error.log;
+
+    location /mirror/archive {
+    	autoindex on;
+    	alias /usr/ports/archive;
+    }
+
+    location /mirror/packages {
+    	autoindex on;
+    	alias /usr/ports/packages;
+    }
+
+    location /mirror/distfiles {
+    	autoindex on;
+    	alias /usr/ports/distfiles;
+    }
+    		
+    location /mirror/bugs {
+    	autoindex on;
+    	alias /usr/ports/pkgbuild;
+    	types {
+    		text/plain log;
+    	}
+    }
+
+    location /mirror/installed {
+    	autoindex on;
+    	alias /usr/ports/installed;
+    	default_type text/plain;
+    }
+    	
+    location /mirror/releases {
+    	autoindex on;
+    	alias /usr/ports/releases;
+    }
+
+	location /mirror/ {
+         return 301 https://tribu.semdestino.org/wiki/Main/Mirror;
+    }
+
+    error_page  404              /404.html;
+
+    # redirect server error pages to the static page /50x.html
+    #
+    error_page   500 502 503 504  /50x.html;
+    location = /50x.html {
+        root   html;
+    }
+}
+
-- 
cgit 1.4.1-2-gfad0