matthew
/
mracs-configurations
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

initial commit chag

master
Matthew 2022-11-27 16:06:17 -05:00
parent 3251c09fea
commit 8c2406cf22
No known key found for this signature in database
GPG Key ID: 210AF32ADE3B5C4B
48 changed files with 13 additions and 921 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Nginx/Locations/mracs.dev/mcmap.loc.conf Normal file
View File

@ -0,0 +1,3 @@
location /mcmap {
proxy_pass http://localhost:8123;
}

23
Nginx/Server Blocks/ats.libraryofcode.org.conf
View File

@ -1,23 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ats.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/opencats;
index index.html index.htm index.php;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_param HTACCESS on;
proxy_read_timeout 800;
}
}

14
Nginx/Server Blocks/bin.libraryofcode.org.conf
View File

@ -1,14 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name bin.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/binary;
location / {
autoindex on;
}
}

16
Nginx/Server Blocks/board.ins.conf
View File

@ -1,16 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
#listen [::]:443 ssl http2;
server_name board.ins;
ssl_certificate /etc/nginx/ssl/board-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/board-ins.key.pem;
location / {
proxy_pass http://localhost:3121;
}
location /api {
proxy_pass http://localhost:3892;
}
}

24
Nginx/Server Blocks/book.libraryofcode.org.conf
View File

@ -1,24 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name book.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /opt/book;
index index.html index.htm index.php;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
fastcgi_param HTACCESS on;
proxy_read_timeout 800;
}
if (!-e $request_filename){
rewrite ^(.*)$ /index.php?/$1 last;
}
}

12
Nginx/Server Blocks/certapi.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name certapi.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:3030;
}
}

16
Nginx/Server Blocks/cloud.libraryofcode.org.conf
View File

@ -1,16 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name cloud.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
return 307 $scheme://www.libraryofcode.org/;
}
location ~ /(.*)$ {
rewrite https://$1.cloud.libraryofcode.org temporary;
}
}

12
Nginx/Server Blocks/comm.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name comm.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:3895;
}
}

22
Nginx/Server Blocks/confluence.libraryofcode.org.conf
View File

@ -1,22 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name confluence.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
return 307 https://wiki.libraryofcode.org/;
}
location /synchrony {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8091/synchrony;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}

20
Nginx/Server Blocks/content.libraryofcode.org.conf
View File

@ -1,20 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name content.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/content;
location / {
autoindex on;
}
location /sec {
autoindex on;
auth_basic "Secure Area";
auth_basic_user_file /etc/nginx/htpasswd;
}
}

12
Nginx/Server Blocks/cr.ins.conf
View File

@ -1,12 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
#listen [::]:443 ssl http2;
server_name cr.ins;
ssl_certificate /etc/nginx/ssl/cr-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/cr-ins.key.pem;
location / {
proxy_pass http://10.8.0.1:3891;
}
}

12
Nginx/Server Blocks/cshd.ins.conf
View File

@ -1,12 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
#listen [::]:443 ssl http2;
server_name cshd.ins;
ssl_certificate /etc/nginx/ssl/cshd-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/cshd-ins.key.pem;
location / {
proxy_pass http://10.8.0.1:5479;
}
}

12
Nginx/Server Blocks/data.ins.conf
View File

@ -1,12 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
#listen [::]:443 ssl http2;
server_name data.ins;
ssl_certificate /etc/nginx/ssl/data-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/data-ins.key.pem;
location / {
proxy_pass http://10.8.0.1:19999;
}
}

11
Nginx/Server Blocks/directory.libraryofcode.org.conf
View File

@ -1,11 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name directory.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/staff-directory;
index index.html;
}

35
Nginx/Server Blocks/dns.ins.conf
View File

@ -1,35 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
server_name dns.ins;
ssl_certificate /etc/nginx/ssl/dns-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/dns-ins.key.pem;
index index.html index.htm index.php;
root /opt/powerdns-admin;
access_log /var/log/nginx/powerdns-admin.local.access.log combined;
error_log /var/log/nginx/powerdns-admin.local.error.log;
location ~ ^/static/ {
include /etc/nginx/mime.types;
root /opt/powerdns-admin/powerdnsadmin;
location ~* \.(jpg|jpeg|png|gif)$ {
expires 365d;
}
location ~* ^.+.(css|js)$ {
expires 7d;
}
}
location / {
proxy_pass http://unix:/run/powerdns-admin/socket;
proxy_read_timeout 120;
proxy_connect_timeout 120;
proxy_redirect off;
}
}

14
Nginx/Server Blocks/docker.libraryofcode.org.conf
View File

@ -1,14 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name docker.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
client_max_body_size 1G;
location / {
proxy_pass http://localhost:5000;
}
}

14
Nginx/Server Blocks/drive.libraryofcode.org.conf
View File

@ -1,14 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name drive.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
client_max_body_size 1G;
location / {
proxy_pass http://localhost:5608;
}
}

17
Nginx/Server Blocks/eds.libraryofcode.org.conf
View File

@ -1,17 +0,0 @@
upstream eds-backend {
server localhost:7101;
server node2.libraryofcode.org:7101 backup;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name eds.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://eds-backend;
}
}

42
Nginx/Server Blocks/edu.libraryofcode.org.conf
View File

@ -1,42 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name edu.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /opt/moodle;
index index.html index.htm index.php;
error_page 404 /error/index.php; error_page 403 =404 /error/index.php;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_pass unix:/run/php/php8.0-fpm_moodle.sock;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_read_timeout 300;
proxy_read_timeout 300;
}
location /dataroot/ {
internal;
alias /var/opt/moodledata/; # ensure the path ends with /
}
# Hide all dot files but allow "Well-Known URIs" as per RFC 5785
location ~ /\.(?!well-known).* {
return 404;
}
# This should be after the php fpm rule and very close to the last nginx ruleset.
# Don't allow direct access to various internal files. See MDL-69333
location ~ (/vendor/|/node_modules/|composer\.json|/readme|/README|readme\.txt|/upgrade\.txt|db/install\.xml|/fixtures/|/behat/|phpunit\.xml|\.lock|environment\.xml) {
deny all;
return 404;
}
}

12
Nginx/Server Blocks/firewall.ins.conf
View File

@ -1,12 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
#listen [::]:443 ssl http2;
server_name firewall.ins;
ssl_certificate /etc/nginx/ssl/firewall-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/firewall-ins.key.pem;
location / {
proxy_pass http://192.168.56.1:80;
}
}

13
Nginx/Server Blocks/forms.libraryofcode.org.conf
View File

@ -1,13 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name forms.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/forms;
rewrite ^(/.*)\.html(\?.*)?$ $1$2 permanent;
try_files $uri.html $uri/ $uri =404;
}

68
Nginx/Server Blocks/gitlab.libraryofcode.org.conf
View File

@ -1,68 +0,0 @@
upstream gitlab-workhorse {
server unix:/var/opt/gitlab/gitlab-workhorse/sockets/socket fail_timeout=0;
}
## HTTPS host
server {
listen 0.0.0.0:443 ssl http2;
listen [::]:443 ipv6only=on ssl http2;
server_name gitlab.libraryofcode.org; ## Replace this with something like gitlab.example.com
root /opt/gitlab/embedded/service/gitlab-rails/public;
## Strong SSL Security
## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html & https://cipherli.st/
ssl on;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
# GitLab needs backwards compatible ciphers to retain compatibility with Java IDEs
#ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
## See app/controllers/application_controller.rb for headers set
## [Optional] Enable HTTP Strict Transport Security
## HSTS is a feature improving protection against MITM attacks
## For more information see: https://www.nginx.com/blog/http-strict-transport-security-hsts-and-nginx/
add_header Strict-Transport-Security "max-age=31536000; preload";
## [Optional] If your certficate has OCSP, enable OCSP stapling to reduce the overhead and latency of running SSL.
## Replace with your ssl_trusted_certificate. For more info see:
## - https://medium.com/devops-programming/4445f4862461
## - https://www.ruby-forum.com/topic/4419319
## - https://www.digitalocean.com/community/tutorials/how-to-configure-ocsp-stapling-on-apache-and-nginx
# ssl_stapling on;
# ssl_stapling_verify on;
# ssl_trusted_certificate /etc/nginx/ssl/stapling.trusted.crt;
# resolver 208.67.222.222 208.67.222.220 valid=300s; # Can change to your DNS resolver if desired
# resolver_timeout 5s;
## Individual nginx logs for this GitLab vhost
access_log /var/log/nginx/gitlab_access.log;
error_log /var/log/nginx/gitlab_error.log;
location / {
client_max_body_size 0;
gzip off;
## https://github.com/gitlabhq/gitlabhq/issues/694
## Some requests take more than 30 seconds.
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://gitlab-workhorse;
}
}

16
Nginx/Server Blocks/gocrypt.libraryofcode.org.conf
View File

@ -1,16 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name gocrypt.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/gocryptdoc;
index index.html;
location / {
try_files $uri $uri/index.html =404;
}
}

12
Nginx/Server Blocks/hr.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name hr.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:5487;
}
}

31
Nginx/Server Blocks/inbox.libraryofcode.org.conf
View File

@ -1,31 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name inbox.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/rainloop;
index index.php index.html;
access_log /var/log/nginx/rainloop_access.log;
error_log /var/log/nginx/rainloop_error.log;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ ^/(.+\.php)$ {
try_files $uri =404;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
location ^~ /data {
deny all;
}
}

30
Nginx/Server Blocks/ins-test.libraryofcode.org.conf
View File

@ -1,30 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ins-test.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/ins-test.chain.crt;
ssl_certificate_key /etc/nginx/ssl/ins-test.key.pem;
ssl_session_cache builtin:1000 shared:SSL:10m;
#ssl_protocols TLSv1.2;
#ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify off;
root /var/www/content;
location / {
autoindex on;
}
location /sec {
autoindex on;
auth_basic "Secure Area";
auth_basic_user_file /etc/nginx/htpasswd;
}
}

30
Nginx/Server Blocks/internships.libraryofcode.org.conf
View File

@ -1,30 +0,0 @@
// php7.2-fpm-internships.sock
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name internships.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_pass /run/php/php7.2-fpm-internships.sock;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# Hide all dot files but allow "Well-Known URIs" as per RFC 5785
location ~ /\.(?!well-known).* {
return 404;
}
location ~ (/vendor/|/node_modules/|composer\.json|/readme|/README|readme\.txt|/upgrade\.txt|db/install\.xml|/fixtures/|/behat/|phpunit\.xml|\.lock|environment\.xml) {
deny all;
return 404;
}
}

44
Nginx/Server Blocks/journal.libraryofcode.org.conf
View File

@ -1,44 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name journal.libraryofcode.org;
root /var/www/ojs;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
error_page 404 /index.php;
location ~ ^(.+\.php)(.*)$ {
set $path_info $fastcgi_path_info;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_param PATH_INFO $path_info;
fastcgi_param PATH_TRANSLATED $document_root$path_info;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
include fastcgi_params;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ /\.(?!well-known).* {
deny all;
}
}

13
Nginx/Server Blocks/keys.ins.conf
View File

@ -1,13 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
#listen [::]:443 ssl http2;
server_name keys.ins;
ssl_certificate /etc/nginx/ssl/keys-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/keys-ins.key.pem;
root /var/www/keys;
location / {
autoindex on;
}
}

22
Nginx/Server Blocks/keys.libraryofcode.org.conf
View File

@ -1,22 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;server_name keys.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/html/sks;
error_page 404 /404.html;
location ~ (.git|LICENSE|readme.md) {
deny all;
return 404;
}
location /pks {
proxy_pass http://localhost:11371;
proxy_pass_header Server;
}
}

39
Nginx/Server Blocks/libraryofcode.org.conf
View File

@ -1,39 +0,0 @@
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name www.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/wordpress;
index index.php;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
#The following parameter can be also included in fastcgi_params file
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location = /ads.txt {
root /var/www/int/1;
}
}

34
Nginx/Server Blocks/lists-old.libraryofcode.org.conf
View File

@ -1,34 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name lists.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
client_max_body_size 1G;
location / {
return 307 $scheme://lists.libraryofcode.org/cgi-bin/mailman/listinfo;
}
location /cgi-bin/mailman {
root /usr/lib/;
fastcgi_split_path_info (^/cgi-bin/mailman/[^/]*)(.*)$;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
}
location /images/mailman {
alias /usr/share/images/mailman;
}
location /pipermail {
alias /var/lib/mailman/archives/public;
autoindex on;
}
}

16
Nginx/Server Blocks/lists.libraryofcode.org.conf
View File

@ -1,16 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name lists.libraryofcode.org;
location /static/ {
alias /etc/mailman3/static/;
}
location / {
proxy_pass http://127.0.0.1:6475;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}

13
Nginx/Server Blocks/loc.sh.conf
View File

@ -1,13 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name loc.sh;
ssl_certificate /etc/letsencrypt/live/loc.sh-0001/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/loc.sh-0001/privkey.pem; # managed by Certbot
location / {
proxy_pass http://localhost:3890;
}
}

12
Nginx/Server Blocks/mc-map.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mc-map.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:8123;
}
}

12
Nginx/Server Blocks/modmail.ins.conf
View File

@ -1,12 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
#listen [::]:443 ssl http2;
server_name modmail.ins;
ssl_certificate /etc/nginx/ssl/modmail-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/modmail-ins.key.pem;
location / {
proxy_pass http://10.8.0.1:5478;
}
}

7
Nginx/Server Blocks/mracs.dev.conf Normal file
View File

@ -0,0 +1,7 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mracs.dev;
include /etc/nginx/loc/mracs.dev/*;
}

12
Nginx/Server Blocks/nlm.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name nlm.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:9000;
}
}

34
Nginx/Server Blocks/pbx.ins.conf
View File

@ -1,34 +0,0 @@
server {
listen 10.8.0.1:443 ssl http2;
listen [::]:443 ssl http2;
server_name pbx.ins;
ssl_certificate /etc/nginx/ssl/pbx-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/pbx-ins.key.pem;
client_max_body_size 230M;
client_body_timeout 1h;
root /var/www/html;
index index.html index.htm index.php;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf; # server defaults are good
fastcgi_pass unix:/run/php/php7.3-fpm-asterisk.sock;
fastcgi_param HTACCESS on; # disables FreePBX htaccess warning
proxy_read_timeout 800;
}
# disallows the things that the FreePBX .htaccess files disallow
location ~ (/\.ht|/\.git|\.ini$|/libraries|/helpers|/i18n|/node|/views/.+php$) {
deny all;
}
# from the api module .htaccess file
rewrite ^/admin/api/([^/]*)/([^/]*)/?(.*)?$ /admin/api/api.php?module=$1&command=$2&route=$3 last;
}

16
Nginx/Server Blocks/report.libraryofcode.org.conf
View File

@ -1,16 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name report.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/report;
index public/index.html;
location /assets {
alias /var/www/report/assets/;
try_files $uri $uri/ =404;
}
}

12
Nginx/Server Blocks/s3.libraryofcode.org.conf
View File

@ -1,12 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name s3.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
proxy_pass http://localhost:9000;
}
}

13
Nginx/Server Blocks/sis.libraryofcode.org.conf
View File

@ -1,13 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name sis.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
location / {
#proxy_pass http://localhost:6969;
return 307 https://edu.libraryofcode.org/;
}
}

14
Nginx/Server Blocks/skb.libraryofcode.org.conf
View File

@ -1,14 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name skb.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
client_max_body_size 1G;
location / {
proxy_pass http://localhost:3001;
}
}

13
Nginx/Server Blocks/staff.libraryofcode.org.conf
View File

@ -1,13 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name staff.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
#limit_req zone=one burst=15;
location / {
return 307 https://wiki.libraryofcode.org/en/cs-support;
}
}

13
Nginx/Server Blocks/static.libraryofcode.org.conf
View File

@ -1,13 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name static.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /var/www/static;
location / {
autoindex on;
}
}

34
Nginx/Server Blocks/time.libraryofcode.org.conf
View File

@ -1,34 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name time.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
root /opt/kimai2/public;
index index.php;
access_log off;
log_not_found off;
location ~ /\.ht {
deny all;
}
location / {
try_files $uri /index.php$is_args$args;
}
location ~ ^/index\.php(/|$) {
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi.conf;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=$document_root/..:/tmp/";
internal;
}
location ~ \.php$ {
return 404;
}
}

14
Nginx/Server Blocks/wiki.libraryofcode.org.conf
View File

@ -1,14 +0,0 @@
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name wiki.libraryofcode.org;
ssl_certificate /etc/nginx/ssl/org.chain.crt;
ssl_certificate_key /etc/nginx/ssl/org.key.pem;
client_max_body_size 1G;
location / {
proxy_pass http://localhost:3000;
}
}

4
Nginx/nginx.conf
View File

@ -39,10 +39,12 @@ http {
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_certificate /etc/letsencrypt/live/mracs.dev/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mracs.dev/privkey.pem;
#ssl_stapling_verify on;
ssl_session_cache shared:SSL:10m;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_dhparam /etc/nginx/dhparam.pem;
#ssl_dhparam /etc/nginx/dhparam.pem;
ssl_ecdh_curve X25519:prime256v1:secp384r1;