From 390a4d2fbef2d8c814d7b2fb00cc0c4db3964c55 Mon Sep 17 00:00:00 2001
From: Silvino Silva First run dryrun to test if everything is ok; Example of http block with ssl configured; Edit ngnix configutarion; This server is configured in a way that
root serves pmwiki and /tasks serves flyspray. In order to
- flyspray to link correctly change index is needed;
- # certbot certonly --dry-run --email user@mail.org --webroot -w /srv/www/c9-pmwiki/pub/cert/-d hive.gnu.systems
+ # certbot certonly --dry-run --email user@mail.org --webroot -w /srv/www/c9-pmwiki/pub/cert/-d example.sub.domain
- # certbot certonly --email user@mail.org --webroot -w /srv/www/c9-pmwiki/pub/cert/-d hive.gnu.systems
+ # certbot certonly --email user@mail.org --webroot -w /srv/www/c9-pmwiki/pub/cert/-d example.sub.domain
2.2. Self certificate
@@ -175,7 +175,7 @@
1024
-
#
@@ -183,7 +183,7 @@
#
- user nginx;
+ user www;
worker_processes auto;
error_log /var/log/nginx/error.log;
@@ -195,34 +195,31 @@
worker_connections 1024;
}
-
http {
include mime.types;
default_type application/octet-stream;
- ##
- # SSL Settings
- ##
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
- ssl_prefer_server_ciphers on;
-
- # ssl on;
- ssl_certificate /etc/ssl/certs/nginx.crt;
- ssl_certificate_key /etc/ssl/keys/nginx.key;
-
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
- access_log /var/log/nginx/access.log;
- error_log /var/log/nginx/error.log;
-
sendfile on;
#tcp_nopush on;
- keepalive_timeout 65;
- client_body_timeout 12;
- client_header_timeout 12;
+ # Allow attach iso to wiki
+ #client_max_body_size 8M;
+ client_max_body_size 30M;
+ #keepalive_timeout 65;
+ keepalive_timeout 120;
+ #client_body_timeout 12;
+ client_body_timeout 24;
+ #client_header_timeout 12;
+ client_header_timeout 24;
+
+ #client_max_body_size 10000M;
+ #keepalive_timeout 10000;
+ #client_body_timeout 10000;
+ #client_header_timeout 10000;
send_timeout 65;
@@ -235,15 +232,6 @@
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
- ##
- # Virtual Host Configs
- ##
- server {
- listen 80 default_server;
- server_name _;
- return 301 https://$host$request_uri;
- }
-
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*.conf;
@@ -294,48 +282,113 @@
server { + listen 443 ssl; - # listen [::]:443 ssl; + listen 80; + server_name example.sub.domain; + + # listen [::]:443 ssl http2; + ssl_certificate /etc/letsencrypt/live/example.sub.domain/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/example.sub.domain/privkey.pem; + ssl_trusted_certificate /etc/letsencrypt/live/example.sub.domain/chain.pem; + + ssl_session_timeout 1d; + ssl_session_cache shared:SSL:50m; + ssl_session_tickets off; + ssl_protocols TLSv1.2; + ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; + ssl_prefer_server_ciphers on; + add_header Strict-Transport-Security max-age=15768000; + ssl_stapling on; + ssl_stapling_verify on; - server_name c9.core; + access_log /var/log/nginx/example_access.log; + error_log /var/log/nginx/example_error.log; - root /srv/www/default; + root /srv/www/; - location /distfiles { - alias /usr/ports/distfiles; + location /mirror { + #alias /usr/ports/releases; + proxy_pass http://10.0.0.3:80/; } + location /builder { + rewrite ^/blog(.*) /$1 break; + proxy_pass http://10.0.0.3:80; + } - location /tasks { + location /doc { + alias /srv/www/doc; + index index.html; + } + + location /git/static { + # static files (png/css) served from /usr/share/gitweb/static + alias /srv/www/gitweb/static; + } + + location /git { + alias /srv/www/gitweb; + index gitweb.cgi; + fastcgi_split_path_info ^/git()(/?.+)$; + fastcgi_param GITWEB_CONFIG /etc/gitweb.conf; + fastcgi_param DOCUMENT_ROOT /srv/www/gitweb; + fastcgi_param SCRIPT_NAME /gitweb.cgi$fastcgi_path_info; + + include fastcgi_params; + fastcgi_pass unix:/var/run/fcgiwrap.sock; + } + + location /chat { index index.php; - alias /srv/www/default/flyspray; + alias /srv/www/chat; try_files $uri $uri/ index.php$is_args$args; } - location ~ ^/tasks(.+\.php)$ { - alias /srv/www/default/flyspray; + location ~ ^/chat(.+\.php)$ { ### This location block was the solution + alias /srv/www/chat; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_index index.php; + try_files $uri /index.php =404; + include /etc/nginx/fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$1; + # fastcgi_pass unix:/var/run/php5-fpm.sock; + fastcgi_pass 127.0.0.1:9000; + } + + + location /task { + index index.php; + alias /srv/www/flyspray; + try_files $uri $uri/ index.php$is_args$args; + } + location ~ ^/task(.+\.php)$ { ### This location block was the solution + alias /srv/www/flyspray; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_index index.php; - try_files $uri /index.php =404; + try_files $uri /index.php =404; include /etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$1; # fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_pass 127.0.0.1:9000; } - location / { - alias /srv/www/default/pmwiki/; - index pmwiki.php + location /pub { + alias /srv/www/pmwiki/pub; + } + location /wiki { + alias /srv/www/pmwiki/; + index pmwiki.php; try_files $uri $uri/ /pmwiki.php$is_args$args; } - - location ~ \.php$ { - alias /srv/www/default/pmwiki; + location ~ ^/wiki(.+\.php)$ { + alias /srv/www/pmwiki; + index pmwiki.php; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_index pmwiki.php; try_files $uri /pmwiki.php =404; @@ -344,6 +397,21 @@ # fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_pass 127.0.0.1:9000; } + + # ACME challenge + location ^~ /.well-known { + allow all; + alias /srv/www/pmwiki/pub/cert/.well-known/; + default_type "text/plain"; + try_files $uri =404; + } + + location / { + alias /srv/www/frontpage/; + index index.html; + try_files $uri $uri/ /index.html$is_args$args; + } + }diff --git a/tools/scripts/pkgmk-test.conf b/tools/scripts/pkgmk-test.conf index 715ac01..c5f70e4 100644 --- a/tools/scripts/pkgmk-test.conf +++ b/tools/scripts/pkgmk-test.conf @@ -4,11 +4,11 @@ source /etc/pkgmk.conf -#PKGMK_SOURCE_MIRRORS=() +PKGMK_SOURCE_MIRRORS=(http://c1.ank/distfiles/) PKGMK_SOURCE_DIR="$PWD" PKGMK_PACKAGE_DIR="$PWD" PKGMK_WORK_DIR="$PWD/work" -# PKGMK_DOWNLOAD="no" +PKGMK_DOWNLOAD="yes" # PKGMK_IGNORE_FOOTPRINT="no" # PKGMK_IGNORE_NEW="no" # PKGMK_NO_STRIP="no" diff --git a/tools/vim.html b/tools/vim.html index 6b9ec31..b3354d8 100644 --- a/tools/vim.html +++ b/tools/vim.html @@ -44,7 +44,7 @@
Default vimrc skeleton is configured to use wombat2mod, which is installed by adduser skeleton.
-Horizontal split;
@@ -72,7 +72,20 @@ ctrl+w (k,j,l,h)-
Use built in netrw to see directories and files;
+ +Come from background;
@@ -166,15 +179,15 @@ comma (,), press esc to confirm. -Press z= over the bad written word and select desired one.
-This is part of the Hive System Documentation. - Copyright (C) 2018 + Copyright (C) 2019 Hive Team. See the file Gnu Free Documentation License for copying conditions.
diff --git a/tools/x.html b/tools/x.html index 79d1757..c693062 100644 --- a/tools/x.html +++ b/tools/x.html @@ -155,7 +155,7 @@ fi -Xorg global default keyboard configuration; /etc/X11/xorg.conf.d/10-keyboard.conf
-- cgit 1.4.1-2-gfad0 '#n137'>137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154