From 8c859c3e8923d675dc520c03c48cfed7ebc545f8 Mon Sep 17 00:00:00 2001 From: zeek <984294471@qq.com> Date: Sat, 7 Mar 2020 11:35:25 +0800 Subject: [PATCH] update nginx conf --- nginx/sites-available/default | 260 ------------------------------- nginx/sites-enabled/default | 69 ++++++++ nginx/sites-enabled/git.conf | 48 ++++++ nginx/sites-enabled/img.conf | 66 ++++++++ nginx/sites-enabled/monitor.conf | 28 ++++ nginx/sites-enabled/pan.conf | 48 ++++++ 6 files changed, 259 insertions(+), 260 deletions(-) delete mode 100644 nginx/sites-available/default create mode 100644 nginx/sites-enabled/default create mode 100644 nginx/sites-enabled/git.conf create mode 100644 nginx/sites-enabled/img.conf create mode 100644 nginx/sites-enabled/monitor.conf create mode 100644 nginx/sites-enabled/pan.conf diff --git a/nginx/sites-available/default b/nginx/sites-available/default deleted file mode 100644 index c68bdb2..0000000 --- a/nginx/sites-available/default +++ /dev/null @@ -1,260 +0,0 @@ - -server { - listen 80 ; - listen [::]:80; - - listen 443 ssl http2; - listen [::]:443 ssl http2; - ssl_certificate /etc/nginx/cert/www.crt; - ssl_certificate_key /etc/nginx/cert/www.key; - - root /var/www/html; - - index index.html index.htm index.nginx-debian.html; - - server_name www.zeekling.cn; - - if ( $scheme = http ){ - return 301 https://$server_name$request_uri; - } - - location / { - # add_header Strict-Transport-Security "max-age=31536000"; - # index index.html index.htm index.php; - add_header Strict-Transport-Security "max-age=31536000"; - proxy_pass http://127.0.0.1:8080; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header Host $http_host; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - } - - location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz)$ { - proxy_pass http://127.0.0.1:8080; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_cache cache_one; - proxy_cache_valid 200 302 30d; - proxy_cache_valid 301 30d; - proxy_cache_valid any 30d; - expires 30d; - proxy_redirect off; - add_header wall "Stay simple, stay naive."; - } - location /goaccess.html { - autoindex on; - } - - location /robots.txt { - autoindex on; - } - location /ByteDanceVerify.html { - autoindex on; - } - location /ads.txt { - autoindex on; - } - - location ~ \.php$ { - add_header Strict-Transport-Security "max-age=31536000"; - include snippets/fastcgi-php.conf; - fastcgi_split_path_info ^(.+\.php)(/.+)$; - #fastcgi_index index.php; - fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; - include fastcgi_params; - } -} - -server { - listen 80 ; - listen [::]:80; - - listen 443 ssl http2; - listen [::]:443 ssl http2; - ssl_certificate /etc/nginx/cert/img.crt; - ssl_certificate_key /etc/nginx/cert/img.key; - - root /var/www/html/chevereto; - - index index.html index.htm index.nginx-debian.html; - - client_max_body_size 50M; - - server_name img.zeekling.cn; - - if ( $scheme = http ){ - return 301 https://$server_name$request_uri; - } - location / { - add_header Strict-Transport-Security "max-age=31536000"; - if (-f $request_filename/index.html) { - rewrite (.*) $1/index.html break; - } - if (-f $request_filename/index.php) { - rewrite (.*) $1/index.php; - } - if (!-f $request_filename) { - rewrite (.*) /index.php; - } - try_files $uri $uri/ /api.php; - } - - location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz)$ { - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_cache cache_one; - proxy_cache_valid 200 302 30d; - proxy_cache_valid 301 30d; - proxy_cache_valid any 30d; - expires 30d; - proxy_redirect off; - add_header wall "Stay simple, stay naive."; - } - location /ads.txt { - autoindex on; - } - location /admin { - add_header Strict-Transport-Security "max-age=31536000"; - try_files $uri /admin/index.php?$args; - } - - location ~ \.php$ { - add_header Strict-Transport-Security "max-age=31536000"; - include snippets/fastcgi-php.conf; - fastcgi_split_path_info ^(.+\.php)(/.+)$; - #fastcgi_index index.php; - fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; - include fastcgi_params; - } - -} - -server { - listen 80 ; - listen [::]:80; - - listen 443 ssl http2; - listen [::]:443 ssl http2; - ssl_certificate /etc/nginx/cert/git.crt; - ssl_certificate_key /etc/nginx/cert/git.key; - - root /var/www/html; - client_max_body_size 50M; - - index index.html index.htm index.nginx-debian.html; - - server_name git.zeekling.cn; - - if ( $scheme = http ){ - return 301 https://$server_name$request_uri; - } - location / { - add_header Strict-Transport-Security "max-age=31536000"; - proxy_pass http://127.0.0.1:3003; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_set_header Upgrade $http_upgrade; - } - - location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz)$ { - proxy_pass http://127.0.0.1:3003; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_cache cache_one; - proxy_cache_valid 200 302 30d; - proxy_cache_valid 301 30d; - proxy_cache_valid any 30d; - expires 30d; - proxy_redirect off; - add_header wall "Stay simple, stay naive."; - } - - location /ads.txt { - autoindex on; - } -} - -server { - listen 80 ; - listen [::]:80; - - listen 443 ssl http2; - listen [::]:443 ssl http2; - ssl_certificate /etc/nginx/cert/monitor.crt; - ssl_certificate_key /etc/nginx/cert/monitor.key; - - root /var/www/html; - - index index.html index.htm index.nginx-debian.html; - - server_name monitor.zeekling.cn; - - if ( $scheme = http ){ - return 301 https://$server_name$request_uri; - } - location / { - add_header Strict-Transport-Security "max-age=31536000"; - proxy_pass http://127.0.0.1:8088; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-Port $server_port; - proxy_set_header X-Forwarded-Host $host; - } -} -server { - listen 80 ; - listen [::]:80; - - listen 443 ssl http2; - listen [::]:443 ssl http2; - ssl_certificate /etc/nginx/cert/pan.crt; - ssl_certificate_key /etc/nginx/cert/pan.key; - - root /var/www/html; - - client_max_body_size 500M; - - index index.html index.htm index.nginx-debian.html; - - server_name pan.zeekling.cn; - - location / { - add_header Strict-Transport-Security "max-age=31536000"; - proxy_pass http://127.0.0.1:8000; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_set_header Upgrade $http_upgrade; - } - - if ( $scheme = http ){ - return 301 https://$server_name$request_uri; - } - location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz)$ { - proxy_pass http://127.0.0.1:8000; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_cache cache_one; - proxy_cache_valid 200 302 30d; - proxy_cache_valid 301 30d; - proxy_cache_valid any 30d; - expires 30d; - proxy_redirect off; - add_header wall "Stay simple, stay naive."; - } - - location /ads.txt { - autoindex on; - } -} diff --git a/nginx/sites-enabled/default b/nginx/sites-enabled/default new file mode 100644 index 0000000..3d1411d --- /dev/null +++ b/nginx/sites-enabled/default @@ -0,0 +1,69 @@ +server { + listen 80 ; + listen [::]:80; + + listen 443 ssl http2; + listen [::]:443 ssl http2; + ssl_certificate /etc/nginx/cert/www.crt; + ssl_certificate_key /etc/nginx/cert/www.key; + + root /var/www/html; + + index index.html index.htm index.nginx-debian.html; + + server_name www.zeekling.cn; + + if ( $scheme = http ){ + return 301 https://$server_name$request_uri; + } + + location / { + # add_header Strict-Transport-Security "max-age=31536000"; + # index index.html index.htm index.php; + add_header Strict-Transport-Security "max-age=31536000"; + proxy_pass http://127.0.0.1:8080; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $http_host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } + + location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz)$ { + proxy_pass http://127.0.0.1:8080; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_cache cache_one; + proxy_cache_valid 200 302 30d; + proxy_cache_valid 301 30d; + proxy_cache_valid any 30d; + expires 30d; + proxy_redirect off; + add_header wall "Stay simple, stay naive."; + } + location /goaccess.html { + autoindex on; + } + + location /robots.txt { + autoindex on; + } + location /ByteDanceVerify.html { + autoindex on; + } + location /ads.txt { + autoindex on; + } + + location ~ \.php$ { + add_header Strict-Transport-Security "max-age=31536000"; + include snippets/fastcgi-php.conf; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + #fastcgi_index index.php; + fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; + include fastcgi_params; + } +} + diff --git a/nginx/sites-enabled/git.conf b/nginx/sites-enabled/git.conf new file mode 100644 index 0000000..c0ab133 --- /dev/null +++ b/nginx/sites-enabled/git.conf @@ -0,0 +1,48 @@ +server { + listen 80 ; + listen [::]:80; + + listen 443 ssl http2; + listen [::]:443 ssl http2; + ssl_certificate /etc/nginx/cert/git.crt; + ssl_certificate_key /etc/nginx/cert/git.key; + + root /var/www/html; + client_max_body_size 50M; + + index index.html index.htm index.nginx-debian.html; + + server_name git.zeekling.cn; + + if ( $scheme = http ){ + return 301 https://$server_name$request_uri; + } + location / { + add_header Strict-Transport-Security "max-age=31536000"; + proxy_pass http://127.0.0.1:3003; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header Upgrade $http_upgrade; + } + + location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz)$ { + proxy_pass http://127.0.0.1:3003; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_cache cache_one; + proxy_cache_valid 200 302 30d; + proxy_cache_valid 301 30d; + proxy_cache_valid any 30d; + expires 30d; + proxy_redirect off; + add_header wall "Stay simple, stay naive."; + } + + location /ads.txt { + autoindex on; + } +} + diff --git a/nginx/sites-enabled/img.conf b/nginx/sites-enabled/img.conf new file mode 100644 index 0000000..e117d09 --- /dev/null +++ b/nginx/sites-enabled/img.conf @@ -0,0 +1,66 @@ +server { + listen 80 ; + listen [::]:80; + + listen 443 ssl http2; + listen [::]:443 ssl http2; + ssl_certificate /etc/nginx/cert/img.crt; + ssl_certificate_key /etc/nginx/cert/img.key; + + root /var/www/html/chevereto; + + index index.html index.htm index.nginx-debian.html; + + client_max_body_size 50M; + + server_name img.zeekling.cn; + + if ( $scheme = http ){ + return 301 https://$server_name$request_uri; + } + location / { + add_header Strict-Transport-Security "max-age=31536000"; + if (-f $request_filename/index.html) { + rewrite (.*) $1/index.html break; + } + if (-f $request_filename/index.php) { + rewrite (.*) $1/index.php; + } + if (!-f $request_filename) { + rewrite (.*) /index.php; + } + try_files $uri $uri/ /api.php; + } + + location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz)$ { + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_cache cache_one; + proxy_cache_valid 200 302 30d; + proxy_cache_valid 301 30d; + proxy_cache_valid any 30d; + expires 30d; + proxy_redirect off; + add_header wall "Stay simple, stay naive."; + } + location /ads.txt { + autoindex on; + } + location /admin { + add_header Strict-Transport-Security "max-age=31536000"; + try_files $uri /admin/index.php?$args; + } + + location ~ \.php$ { + add_header Strict-Transport-Security "max-age=31536000"; + include snippets/fastcgi-php.conf; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + #fastcgi_index index.php; + fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; + include fastcgi_params; + } + +} + diff --git a/nginx/sites-enabled/monitor.conf b/nginx/sites-enabled/monitor.conf new file mode 100644 index 0000000..d8246bd --- /dev/null +++ b/nginx/sites-enabled/monitor.conf @@ -0,0 +1,28 @@ +server { + listen 80 ; + listen [::]:80; + + listen 443 ssl http2; + listen [::]:443 ssl http2; + ssl_certificate /etc/nginx/cert/monitor.crt; + ssl_certificate_key /etc/nginx/cert/monitor.key; + + root /var/www/html; + + index index.html index.htm index.nginx-debian.html; + + server_name monitor.zeekling.cn; + + if ( $scheme = http ){ + return 301 https://$server_name$request_uri; + } + location / { + add_header Strict-Transport-Security "max-age=31536000"; + proxy_pass http://127.0.0.1:8088; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Port $server_port; + proxy_set_header X-Forwarded-Host $host; + } +} diff --git a/nginx/sites-enabled/pan.conf b/nginx/sites-enabled/pan.conf new file mode 100644 index 0000000..40854d1 --- /dev/null +++ b/nginx/sites-enabled/pan.conf @@ -0,0 +1,48 @@ +server { + listen 80 ; + listen [::]:80; + + listen 443 ssl http2; + listen [::]:443 ssl http2; + ssl_certificate /etc/nginx/cert/pan.crt; + ssl_certificate_key /etc/nginx/cert/pan.key; + + root /var/www/html; + + client_max_body_size 500M; + + index index.html index.htm index.nginx-debian.html; + + server_name pan.zeekling.cn; + + location / { + add_header Strict-Transport-Security "max-age=31536000"; + proxy_pass http://127.0.0.1:8000; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header Upgrade $http_upgrade; + } + + if ( $scheme = http ){ + return 301 https://$server_name$request_uri; + } + location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz)$ { + proxy_pass http://127.0.0.1:8000; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_cache cache_one; + proxy_cache_valid 200 302 30d; + proxy_cache_valid 301 30d; + proxy_cache_valid any 30d; + expires 30d; + proxy_redirect off; + add_header wall "Stay simple, stay naive."; + } + + location /ads.txt { + autoindex on; + } +}