gru/linuxiarz_vps_angie
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chamges

Browse Source
This commit is contained in:
Mateusz Gruszczyński
2025-11-17 10:05:34 +01:00
parent 537a2f76d0
commit 1f5c01a22f
1 changed files with 25 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
sites-available/rspamd.linuxiarz.pl.conf
View File

@@ -1,7 +1,7 @@
upstream rspamd { upstream rspamd {
zone rspamd 1m; zone rspamd 1m;
server 127.0.0.1:11334; server 127.0.0.1:11334;
keepalive 16; keepalive 16;
} }
limit_req_zone $binary_remote_addr zone=rspamd_limit:10m rate=10r/s; limit_req_zone $binary_remote_addr zone=rspamd_limit:10m rate=10r/s;
@@ -11,47 +11,49 @@ server {
listen 443 ssl; listen 443 ssl;
http2 on; http2 on;
http3 on; http3 on;
ssl_protocols TLSv1.3 TLSv1.2; ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on; ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400'; add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name rspamd.linuxiarz.pl; server_name rspamd.linuxiarz.pl;
include config/wildcard.conf; include config/wildcard.conf;
# security
#include config/security.conf;
status_zone rspamd.linuxiarz.pl; status_zone rspamd.linuxiarz.pl;
limit_req zone=rspamd_limit burst=20 nodelay; limit_req zone=rspamd_limit burst=20 nodelay;
# restrict methods # Restrict methods
if ($request_method !~ ^(GET|POST)$) { if ($request_method !~ ^(GET|POST)$) {
return '405'; return 405;
} }
# logging # Logging
access_log off; access_log /var/log/angie/rspamd.linuxiarz.pl.access.log;
error_log off; error_log /var/log/angie/rspamd.linuxiarz.pl.error.log warn;
location / { location / {
proxy_pass http://rspamd/; proxy_pass http://rspamd/;
include config/proxy.conf;
}
# additional config proxy_set_header Host $host;
# include config/general.conf; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_buffering off;
proxy_request_buffering off;
}
} }
# HTTP redirect # HTTP redirect
server { server {
listen 80; listen 80;
server_name rspamd.linuxiarz.pl; server_name rspamd.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
# restrict methods
if ($request_method !~ ^(GET)$) { if ($request_method !~ ^(GET)$) {
return '405'; return 405;
} }
location / { location / {