gru/linuxiarz_vps_angie
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

work in progress

Browse Source
This commit is contained in:
root
2025-11-16 23:45:16 +01:00
parent 4970352314
commit 24c11e8810
50 changed files with 243 additions and 1413 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
angie.conf
View File

@@ -54,27 +54,6 @@ http {
resolver 127.0.0.1 1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 valid=10s status_zone=default_resolver;
resolver_timeout 2s;
map $sent_http_content_type $compressible_type {
default 0;
~*text/plain 1;
~*text/css 1;
~*text/xml 1;
~*text/javascript 1;
~*application/javascript 1;
~*application/x-javascript 1;
~*application/json 1;
~*application/xml 1;
~*application/xml\+rss 1;
~*application/rss\+xml 1;
~*image/svg\+xml 1;
~*font/truetype 1;
~*font/opentype 1;
~*font/woff 1;
~*font/woff2 1;
~*application/font-woff 1;
~*application/font-woff2 1;
}
# Brotli compression
brotli on;
brotli_static on;
@@ -96,13 +75,15 @@ http {
gzip_min_length 1000;
gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javasc
# Load configs
include /etc/angie/conf.d/*.conf;
include /etc/angie/sites-enabled/*;
include /etc/angie/config/upstreams.conf;
# include /etc/angie/conf.d/*.conf;
include /etc/angie/sites-enabled/*.conf;
more_clear_headers "Server";
set_real_ip_from 127.0.0.1;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
}

2
conf.d/status.conf
View File

@@ -4,7 +4,7 @@ server {
listen 84;
listen 86;
acceess_log off;
access_log off;
error_log off;
auto_redirect on;

35
config/upstreams.conf
View File

@@ -1,35 +0,0 @@
upstream varnish {
zone varnish 1m;
server 127.0.0.1:6081;
keepalive 16;
}
upstream gitea {
zone gitea 1m;
server 127.0.0.1:3000;
keepalive 16;
}
upstream adphone_app {
zone adphone_app 1m;
server 127.0.0.1:8001;
keepalive 16;
}
upstream doh {
zone doh 1m;
server 127.0.0.1:8844;
keepalive 16;
}
upstream linuxiarz_app {
zone linuxiarz_app 1m;
server 127.0.0.1:8000;
keepalive 16;
}
upstream redirector_app {
zone redirector_app 1m;
server 127.0.0.1:8282;
keepalive 16;
}

0
off Normal file
View File

6
sites-available/adphone.pl.conf
View File

@@ -1,3 +1,9 @@
upstream adphone_app {
zone adphone_app 1m;
server 127.0.0.1:8001;
keepalive 16;
}
server {
listen 443 quic;
listen 443 ssl;

5
sites-available/autodiscover.conf
View File

@@ -17,9 +17,10 @@ server {
include config/security.conf;
# logging
access_log /var/log/nginx/autodiscover.linuxiarz.pl.access.log;
error_log /var/log/nginx/autodiscover.linuxiarz.pl.error.log warn;
access_log /var/log/angie/autodiscover.linuxiarz.pl.access.log;
error_log /var/log/angie/autodiscover.linuxiarz.pl.error.log warn;
status_zone autodiscover;
location ~ /(?:a|A)utodiscover/(?:a|A)utodiscover.xml {
rewrite .* /autodiscover/autodiscover.php redirect;

6
sites-available/blog.linuxiarz.pl.conf
View File

@@ -1,3 +1,9 @@
upstream varnish {
zone varnish 1m;
server 127.0.0.1:6081;
keepalive 16;
}
server {
listen 8080;
server_name blog.linuxiarz.pl;

7
sites-available/default.conf
View File

@@ -4,6 +4,7 @@ server {
if ($request_method !~ ^(HEAD)$) {
return '405';
}
status_zone default;
}
server {
@@ -13,7 +14,9 @@ server {
return '405';
}
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
status_zone default_ssl;
ssl_certificate /etc/angie/ssl/angie.crt;
ssl_certificate_key /etc/angie/ssl/angie.key;
ssl_stapling off;
}

71
sites-available/doh.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,71 @@
upstream doh {
zone doh 1m;
server 127.0.0.1:8844;
keepalive 16;
}
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name doh.linuxiarz.pl;
set $base /var/www/dnsdist;
root $base;
status_zone doh.linuxiarz.pl;
include config/wildcard.conf;
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET|POST|HEAD|PUT)$) {
return '405';
}
error_page 400 @echo_400;
location @echo400 {
add_header Content-Type text/plain;
return 200 "Bad request :)";
}
error_page 404 403 500 504 502 =200 /;
# logging
access_log /var/log/angie/doh.linuxiarz.pl.access.log;
error_log /var/log/angie/doh.linuxiarz.pl.error.log warn;
# additional config
include config/general.conf;
location / {
proxy_pass https://doh;
include config/proxy.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name doh.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
include config/letsencrypt.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://doh.linuxiarz.pl$request_uri;
}
}

6
sites-available/gitea.linuxiarz.pl.conf
View File

@@ -1,3 +1,9 @@
upstream gitea {
zone gitea 1m;
server 127.0.0.1:3000;
keepalive 16;
}
server {
listen 443 quic;

30
sites-available/gruszczynski.cc.conf
View File

@@ -11,9 +11,15 @@ server {
set $base /var/www/gruszczynski.cc;
root $base;
ssl_certificate /etc/letsencrypt/live/gruszczynski.eu.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/gruszczynski.eu.org/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/gruszczynski.eu.org/chain.pem;
ssl_certificate /etc/ssl/gruszczynski.cc/fullchain.pem;
ssl_certificate_key /etc/ssl/gruszczynski.cc/privkey.pem;
# logging
access_log /var/log/angie/gruszczynski.cc.access.log;
error_log /var/log/angie/gruszczynski.cc.error.log warn;
status_zone gruszczynski.cc;
# ssl cfg
include config/ssl_cfg.conf;
@@ -26,11 +32,11 @@ server {
return '405';
}
error_page 404 403 500 504 502 =200 /;
if ($host = 'www.gruszczynski.cc') {
return 301 http://www.linuxiarz.pl$request_uri;
}
# logging
access_log /var/log/nginx/gruszczynski.cc.access.log;
error_log /var/log/nginx/gruszczynski.cc.error.log warn;
error_page 404 403 500 504 502 =200 /;
# index.html
index index.html;
@@ -40,11 +46,6 @@ server {
# letsencrypt
include config/letsencrypt.conf;
# handle .php
# location ~ \.php$ {
# include config/php_fastcgi.conf;
# }
}
# HTTP redirect
@@ -76,9 +77,8 @@ server {
server_name gruszczynski.cc;
ssl_certificate /etc/letsencrypt/live/gruszczynski.eu.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/gruszczynski.eu.org/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/gruszczynski.eu.org/chain.pem;
ssl_certificate /etc/ssl/gruszczynski.cc/fullchain.pem;
ssl_certificate_key /etc/ssl/gruszczynski.cc/privkey.pem;
# ssl cfg
include config/ssl_cfg.conf;

24
sites-available/gruszczynski.eu.org_varnish.conf
View File

@@ -7,15 +7,13 @@ server {
# security
include config/security.conf;
status_zone gruszczynski.eu.org_backend;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
#access_log /var/log/nginx/gruszczynski.eu.org.access.log;
#error_log /var/log/nginx/gruszczynski.eu.org.error.log warn;
# index.php
index index.php index.html;
@@ -42,32 +40,27 @@ server {
server_name www.gruszczynski.eu.org;
ssl_certificate /etc/letsencrypt/live/gruszczynski.eu.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/gruszczynski.eu.org/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/gruszczynski.eu.org/chain.pem;
ssl_certificate /etc/ssl/gruszczynski.eu.org/fullchain.pem;
ssl_certificate_key /etc/ssl/gruszczynski.eu.org/privkey.pem;
# ssl cfg
include config/ssl_cfg.conf;
status_zone gruszczynski.eu.org_frontend;
location / {
proxy_pass http://127.0.0.1:6081/;
proxy_pass http://varnish/;
include config/proxy.conf;
}
}
# HTTP redirect
server {
listen 80;
add_header Alt-Svc 'h3=":443"; ma=86400';
server_name gruszczynski.eu.org www.gruszczynski.eu.org;
include config/letsencrypt.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
@@ -89,9 +82,8 @@ server {
server_name gruszczynski.eu.org;
ssl_certificate /etc/letsencrypt/live/gruszczynski.eu.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/gruszczynski.eu.org/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/gruszczynski.eu.org/chain.pem;
ssl_certificate /etc/ssl/gruszczynski.eu.org/fullchain.pem;
ssl_certificate_key /etc/ssl/gruszczynski.eu.org/privkey.pem;
# ssl cfg
include config/ssl_cfg.conf;

10
sites-available/img.gruszczynski.eu.org.conf
View File

@@ -21,14 +21,16 @@ server {
# security
include config/security.conf;
status_zone img.gruszcznski.eu.org;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log /var/log/nginx/img.gruszczynski.eu.org.access.log;
error_log /var/log/nginx/img.gruszczynski.eu.org.error.log warn;
access_log /var/log/angie/img.gruszczynski.eu.org.access.log;
error_log /var/log/angie/img.gruszczynski.eu.org.error.log warn;
include config/general.conf;
@@ -49,8 +51,8 @@ server {
include config/letsencrypt.conf;
# logging
access_log /var/log/nginx/img.gruszczynski.eu.org.access.log;
error_log /var/log/nginx/img.gruszczynski.eu.org.error.log warn;
access_log /var/log/angie/img.gruszczynski.eu.org.access.log;
error_log /var/log/angie/img.gruszczynski.eu.org.error.log warn;
# restrict methods
if ($request_method !~ ^(GET)$) {

2
sites-available/kodi.linuxiarz.pl.conf
View File

@@ -25,6 +25,8 @@ server {
access_log off;
error_log off;
status_zone kodi.linuxiarz.pl;
location / {
autoindex on;
autoindex_exact_size off;

2
sites-available/kompilacje.linuxiarz.pl.conf
View File

@@ -21,6 +21,8 @@ server {
return '405';
}
status_zone kompilacje.linuxiarz.pl;
# logging
access_log off;
error_log off;

12
sites-available/linuxiarz.pl_new.conf
View File

@@ -1,3 +1,15 @@
upstream linuxiarz_app {
zone linuxiarz_app 1m;
server 127.0.0.1:8000;
keepalive 16;
}
upstream redirector_app {
zone redirector_app 1m;
server 127.0.0.1:8282;
keepalive 16;
}
# Cache (jak w oryginale)
proxy_cache_path /var/cache/angie/redirector
levels=1:2

2
sites-available/nginx.linuxiarz.pl.conf
View File

@@ -16,6 +16,8 @@ server {
# security
include config/security.conf;
status_zone nginx.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';

6
sites-available/pa.linuxiarz.pl.conf
View File

@@ -17,14 +17,16 @@ server {
# security
include config/security.conf;
status_zone pa.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log /var/log/nginx/pa.linuxiarz.pl.access.log;
error_log /var/log/nginx/pa.linuxiarz.pl.error.log warn;
access_log /var/log/angie/pa.linuxiarz.pl.access.log;
error_log /var/log/angie/pa.linuxiarz.pl.error.log warn;
# index.php
index index.php;

12
sites-available/paste.linuxiarz.pl_varnish.conf
View File

@@ -7,6 +7,8 @@ server {
# security
include config/security_paste.conf;
status_zone paste.linuxiarz.pl_backend;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
@@ -25,9 +27,6 @@ server {
break;
}
# additional config
include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi7_4.conf;
@@ -49,12 +48,13 @@ server {
include config/wildcard.conf;
# logging
access_log /var/log/nginx/paste.linuxiarz.pl.access.log;
error_log /var/log/nginx/paste.linuxiarz.pl.error.log warn;
access_log /var/log/angie/paste.linuxiarz.pl.access.log;
error_log /var/log/angie/paste.linuxiarz.pl.error.log warn;
status_zone paste.linuxiarz.pl_frontend;
location / {
proxy_pass http://127.0.0.1:6081/;
proxy_pass http://varnish/;
include config/proxy.conf;
}

2
sites-available/pliki.linuxiarz.pl.conf
View File

@@ -16,6 +16,8 @@ server {
# security
include config/security.conf;
status_zone pliki.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';

9
sites-available/pma.linuxiarz.pl.conf
View File

@@ -16,22 +16,23 @@ server {
# security
include config/security.conf;
status_zone pma.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log /var/log/nginx/pma.linuxiarz.pl.access.log;
error_log /var/log/nginx/pma.linuxiarz.pl.error.log warn;
access_log /var/log/angie/pma.linuxiarz.pl.access.log;
error_log /var/log/angie/pma.linuxiarz.pl.error.log warn;
# index.php
index index.php;
# index.php fallback
location / {
# allow 85.221.250.77/32;
allow 85.221.250.159/32;
allow 109.173.163.175/32;
deny all;
}

6
sites-available/r.linuxiarz.pl.conf
View File

@@ -14,14 +14,16 @@ server {
include config/wildcard.conf;
include config/security_roundcube.conf;
status_zone r.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log /var/log/nginx/r.linuxiarz.pl.access.log;
error_log /var/log/nginx/r.linuxiarz.pl.error.log warn;
access_log /var/log/angie/r.linuxiarz.pl.access.log;
error_log /var/log/angie/r.linuxiarz.pl.error.log warn;
# index.php
index index.php;

19
sites-available/redirects.conf
View File

@@ -1,7 +1,24 @@
server {
listen 80;
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":443"; ma=86400';
ssl_certificate /etc/ssl/gru.one.pl/fullchain.pem;
ssl_certificate_key /etc/ssl/gru.one.pl/privkey.pem;
status_zone gru.one.pl;
server_name .gru.one.pl ;
if ($scheme = http) {
return 301 https://$host$request_uri;
}
location / {
return 301 https://www.linuxiarz.pl$request_uri;
}
@@ -11,6 +28,8 @@ server {
listen 80;
server_name .grucha.eu.org;
status_zone grucha.eu.org;
location / {
return 301 https://www.gruszczynski.eu.org$request_uri;
}

6
sites-available/repo.linuxiarz.pl.conf
View File

@@ -17,14 +17,16 @@ server {
# security
include config/security.conf;
status_zone repo.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log /var/log/nginx/repo.linuxiarz.pl.access.log;
error_log /var/log/nginx/repo.linuxiarz.pl.error.log warn;
access_log /var/log/angie/repo.linuxiarz.pl.access.log;
error_log /var/log/angie/repo.linuxiarz.pl.error.log warn;
location ~* \.(?:tar.gz|zip?)$ {

2
sites-available/rspamd.linuxiarz.pl.conf
View File

@@ -14,6 +14,8 @@ server {
# security
include config/security.conf;
status_zone rspamd.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';

6
sites-available/sk.linuxiarz.pl.conf
View File

@@ -16,14 +16,16 @@ server {
# security
include config/security.conf;
status_zone sk.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log /var/log/nginx/sk.linuxiarz.pl.access.log;
error_log /var/log/nginx/sk.linuxiarz.pl.error.log warn;
access_log /var/log/angie/sk.linuxiarz.pl.access.log;
error_log /var/log/angie/sk.linuxiarz.pl.error.log warn;
# index.php
index index.php;

6
sites-available/ts3stats.linuxiarz.pl.conf
View File

@@ -16,14 +16,16 @@ server {
# security
include config/security.conf;
status_zone ts3stats.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log /var/log/nginx/ts3stats.linuxiarz.pl.access.log;
error_log /var/log/nginx/ts3stats.linuxiarz.pl.error.log warn;
access_log /var/log/angie/ts3stats.linuxiarz.pl.access.log;
error_log /var/log/angie/ts3stats.linuxiarz.pl.error.log warn;
# index.php
index index.php;

13
sites-available/unitraklub.pl.conf
View File

@@ -5,6 +5,11 @@ server {
root /var/www/503/;
index index.html;
if ($scheme = http) {
return 301 https://$host$request_uri;
}
}
server {
@@ -18,15 +23,15 @@ server {
server_name *.unitraklub.pl unitraklub.pl;
ssl_certificate /etc/ssl/unitraklub.pl/fullchain.pem;
ssl_certificate_key /etc/ssl/unitraklub.pl/privkey.pem;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
ssl_stapling off;
root /var/www/503/;
index index.html;
location / {
location / {
try_files /index.html =404;
}
}
}

13
sites-available/webmail.linuxiarz.pl.conf
View File

@@ -20,15 +20,16 @@ server {
}
# logging
access_log /var/log/nginx/webmail.linuxiarz.pl.access.log;
error_log /var/log/nginx/webmail.linuxiarz.pl.error.log warn;
access_log /var/log/angie/webmail.linuxiarz.pl.access.log;
error_log /var/log/angie/webmail.linuxiarz.pl.error.log warn;
status_zone webmail.linuxiarz.pl;
# index.php
index index.php;
# index.php fallback
location / {
try_files $uri $uri/ index.php;
try_files $uri $uri/ /index.php;
}
location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
@@ -48,8 +49,8 @@ server {
# additional config
include config/general.conf;
# handle .php
location ~ \.php$ {
# handle .php with PATH_INFO support
location ~ \.php(?:$|/) {
include config/php_fastcgi_webmail.conf;
}
}

47
sites-enabled/autodiscover.conf
View File

@@ -1,47 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name autodiscover.linuxiarz.pl autodiscover.gruszczynski.eu.org autodiscover.gru.one.pl autodiscover.szczepaniak.eu.org;
set $base /var/www/autodiscover;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
# logging
access_log /var/log/angie/autodiscover.linuxiarz.pl.access.log;
error_log /var/log/angie/autodiscover.linuxiarz.pl.error.log warn;
status_zone autodiscover;
location ~ /(?:a|A)utodiscover/(?:a|A)utodiscover.xml {
rewrite .* /autodiscover/autodiscover.php redirect;
}
# additional config
include config/general.conf;
# handle .php
location ~* \.php$ {
include config/php_fastcgi.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name autodiscover.linuxiarz.pl autodiscover.gruszczynski.eu.org autodiscover.gru.one.pl autodiscover.szczepaniak.eu.org;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://autodiscover.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/autodiscover.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/autodiscover.conf

22
sites-enabled/default.conf
View File

@@ -1,22 +0,0 @@
server {
listen 80 default_server ;
return 403;
if ($request_method !~ ^(HEAD)$) {
return '405';
}
status_zone default;
}
server {
listen 443 ssl default_server;
return 403;
if ($request_method !~ ^(HEAD)$) {
return '405';
}
status_zone default_ssl;
ssl_certificate /etc/angie/ssl/angie.crt;
ssl_certificate_key /etc/angie/ssl/angie.key;
ssl_stapling off;
}

1
sites-enabled/default.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/default.conf

65
sites-enabled/doh.linuxiarz.pl.conf
View File

@@ -1,65 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name doh.linuxiarz.pl;
set $base /var/www/dnsdist;
root $base;
status_zone doh.linuxiarz.pl;
include config/wildcard.conf;
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET|POST|HEAD|PUT)$) {
return '405';
}
error_page 400 @echo_400;
location @echo400 {
add_header Content-Type text/plain;
return 200 "Bad request :)";
}
error_page 404 403 500 504 502 =200 /;
# logging
access_log /var/log/angie/doh.linuxiarz.pl.access.log;
error_log /var/log/angie/doh.linuxiarz.pl.error.log warn;
# additional config
include config/general.conf;
location / {
proxy_pass https://doh;
include config/proxy.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name doh.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
include config/letsencrypt.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://doh.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/doh.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/doh.linuxiarz.pl.conf

99
sites-enabled/gruszczynski.cc.conf
View File

@@ -1,99 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name www.gruszczynski.cc;
set $base /var/www/gruszczynski.cc;
root $base;
ssl_certificate /etc/ssl/gruszczynski.cc/fullchain.pem;
ssl_certificate_key /etc/ssl/gruszczynski.cc/privkey.pem;
# logging
access_log /var/log/angie/gruszczynski.cc.access.log;
error_log /var/log/angie/gruszczynski.cc.error.log warn;
status_zone gruszczynski.cc;
# ssl cfg
include config/ssl_cfg.conf;
# security
include config/security.conf;
status_zone gruszczynski.cc;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
if ($host = 'www.gruszczynski.cc') {
return 301 http://www.linuxiarz.pl$request_uri;
}
error_page 404 403 500 504 502 =200 /;
# index.html
index index.html;
# additional config
include config/general.conf;
# letsencrypt
include config/letsencrypt.conf;
}
# HTTP redirect
server {
listen 80;
server_name gruszczynski.cc www.gruszczynski.cc;
add_header Alt-Svc 'h3=":443"; ma=86400';
include config/letsencrypt.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://www.gruszczynski.cc$request_uri;
}
}
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name gruszczynski.cc;
ssl_certificate /etc/ssl/gruszczynski.cc/fullchain.pem;
ssl_certificate_key /etc/ssl/gruszczynski.cc/privkey.pem;
# ssl cfg
include config/ssl_cfg.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://www.gruszczynski.cc$request_uri;
}
}

1
sites-enabled/gruszczynski.cc.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/gruszczynski.cc.conf

102
sites-enabled/gruszczynski.eu.org_varnish.conf
View File

@@ -1,102 +0,0 @@
server {
listen 8080;
server_name www.gruszczynski.eu.org;
set $base /var/www/gruszczynski.eu.org;
root $base;
# security
include config/security.conf;
status_zone gruszczynski.eu.org_backend;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# index.php
index index.php index.html;
# additional config
include config/general.conf;
# letsencrypt
include config/letsencrypt.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi.conf;
}
}
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name www.gruszczynski.eu.org;
ssl_certificate /etc/ssl/gruszczynski.eu.org/fullchain.pem;
ssl_certificate_key /etc/ssl/gruszczynski.eu.org/privkey.pem;
# ssl cfg
include config/ssl_cfg.conf;
status_zone gruszczynski.eu.org_frontend;
location / {
proxy_pass http://varnish/;
include config/proxy.conf;
}
}
# HTTP redirect
server {
listen 80;
add_header Alt-Svc 'h3=":443"; ma=86400';
server_name gruszczynski.eu.org www.gruszczynski.eu.org;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://www.gruszczynski.eu.org$request_uri;
}
}
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name gruszczynski.eu.org;
ssl_certificate /etc/ssl/gruszczynski.eu.org/fullchain.pem;
ssl_certificate_key /etc/ssl/gruszczynski.eu.org/privkey.pem;
# ssl cfg
include config/ssl_cfg.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://www.gruszczynski.eu.org$request_uri;
}
}

1
sites-enabled/gruszczynski.eu.org_varnish.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/gruszczynski.eu.org_varnish.conf

65
sites-enabled/img.gruszczynski.eu.org.conf
View File

@@ -1,65 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name img.gruszczynski.eu.org;
set $base /var/www/img.gruszczynski.eu.org;
root $base/img;
ssl_certificate /etc/letsencrypt/live/img.gruszczynski.eu.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/img.gruszczynski.eu.org/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/img.gruszczynski.eu.org/chain.pem;
# ssl cfg
include config/ssl_cfg.conf;
# security
include config/security.conf;
status_zone img.gruszcznski.eu.org;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log /var/log/angie/img.gruszczynski.eu.org.access.log;
error_log /var/log/angie/img.gruszczynski.eu.org.error.log warn;
include config/general.conf;
# letsencrypt
include config/letsencrypt.conf;
}
# HTTP redirect
server {
listen 80;
server_name img.gruszczynski.eu.org;
add_header Alt-Svc 'h3=":443"; ma=86400';
set $base /var/www/img.gruszczynski.eu.org;
root $base/img;
include config/letsencrypt.conf;
# logging
access_log /var/log/angie/img.gruszczynski.eu.org.access.log;
error_log /var/log/angie/img.gruszczynski.eu.org.error.log warn;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://img.gruszczynski.eu.org$request_uri;
}
}

56
sites-enabled/kodi.linuxiarz.pl.conf
View File

@@ -1,56 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name kodi.linuxiarz.pl;
set $base /var/www/kodi.linuxiarz.pl/;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log off;
error_log off;
status_zone kodi.linuxiarz.pl;
location / {
autoindex on;
autoindex_exact_size off;
autoindex_localtime off;
autoindex_format html;
}
# additional config
include config/general.conf;
}
# HTTP redirect
server {
listen 80;
server_name kodi.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://kodi.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/kodi.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/kodi.linuxiarz.pl.conf

56
sites-enabled/kompilacje.linuxiarz.pl.conf
View File

@@ -1,56 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name kompilacje.linuxiarz.pl;
set $base /var/www/kompilacje.linuxiarz.pl/;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
status_zone kompilacje.linuxiarz.pl;
# logging
access_log off;
error_log off;
location / {
autoindex on;
autoindex_exact_size off;
autoindex_localtime off;
autoindex_format html;
}
# additional config
include config/general.conf;
}
# HTTP redirect
server {
listen 80;
server_name kompilacje.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://kompilacje.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/kompilacje.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/kompilacje.linuxiarz.pl.conf

56
sites-enabled/nginx.linuxiarz.pl.conf
View File

@@ -1,56 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name nginx.linuxiarz.pl;
set $base /var/www/nginx.linuxiarz.pl/;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
status_zone nginx.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log off;
error_log off;
location / {
autoindex on;
autoindex_exact_size off;
autoindex_localtime off;
autoindex_format html;
}
# additional config
include config/general.conf;
}
# HTTP redirect
server {
listen 80;
server_name nginx.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://nginx.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/nginx.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/nginx.linuxiarz.pl.conf

57
sites-enabled/pa.linuxiarz.pl.conf
View File

@@ -1,57 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name pa.linuxiarz.pl;
set $base /var/www/postfixadmin;
# set $base /var/www/postfixadmin-postfixadmin-cc23eba;
root $base/public;
include config/wildcard.conf;
# security
include config/security.conf;
status_zone pa.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log /var/log/angie/pa.linuxiarz.pl.access.log;
error_log /var/log/angie/pa.linuxiarz.pl.error.log warn;
# index.php
index index.php;
# index.php fallback
location / {
try_files $uri $uri/ login.php;
}
# additional config
include config/general.conf;
# handle .php
location ~* \.php$ {
include config/php_fastcgi7_4.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name pa.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://pa.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/pa.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/pa.linuxiarz.pl.conf

72
sites-enabled/paste.linuxiarz.pl_varnish.conf
View File

@@ -1,72 +0,0 @@
server {
listen 8080;
server_name paste.linuxiarz.pl;
set $base /var/www/paste.linuxiarz.pl;
root $base;
# security
include config/security_paste.conf;
status_zone paste.linuxiarz.pl_backend;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# index.php
index index.php;
# index.php fallback
location / {
try_files $uri /index.php;
}
if ($request_uri !~* ^/(static|favicon\.ico|robots\.txt)) {
rewrite ^/(.*)$ /index.php?/$1 last;
break;
}
# handle .php
location ~ \.php$ {
include config/php_fastcgi7_4.conf;
}
}
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name paste.linuxiarz.pl;
include config/wildcard.conf;
# logging
access_log /var/log/angie/paste.linuxiarz.pl.access.log;
error_log /var/log/angie/paste.linuxiarz.pl.error.log warn;
status_zone paste.linuxiarz.pl_frontend;
location / {
proxy_pass http://varnish/;
include config/proxy.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name paste.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://paste.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/paste.linuxiarz.pl_varnish.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/paste.linuxiarz.pl_varnish.conf

56
sites-enabled/pliki.linuxiarz.pl.conf
View File

@@ -1,56 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name pliki.linuxiarz.pl;
set $base /var/www/linuxiarz.pl/pliki;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
status_zone pliki.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log off;
error_log off;
location / {
autoindex on;
autoindex_exact_size off;
autoindex_localtime off;
autoindex_format html;
}
# additional config
include config/general.conf;
}
# HTTP redirect
server {
listen 80;
server_name pliki.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://pliki.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/pliki.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/pliki.linuxiarz.pl.conf

57
sites-enabled/pma.linuxiarz.pl.conf
View File

@@ -1,57 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name pma.linuxiarz.pl;
set $base /var/www/pma.linuxiarz.pl/pma;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
status_zone pma.linuxiarz.pl
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log /var/log/angie/pma.linuxiarz.pl.access.log;
error_log /var/log/angie/pma.linuxiarz.pl.error.log warn;
# index.php
index index.php;
# index.php fallback
location / {
allow 109.173.163.175/32;
deny all;
}
# additional config
include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name pma.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://pma.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/pma.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/pma.linuxiarz.pl.conf

68
sites-enabled/r.linuxiarz.pl.conf
View File

@@ -1,68 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name r.linuxiarz.pl;
set $base /var/www/rainloop;
root $base;
include config/wildcard.conf;
include config/security_roundcube.conf;
status_zone r.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log /var/log/angie/r.linuxiarz.pl.access.log;
error_log /var/log/angie/r.linuxiarz.pl.error.log warn;
# index.php
index index.php;
# index.php fallback
location / {
try_files $uri $uri/ index.php;
}
location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
deny all;
error_page 403 =404 / ;
}
location ~ ^/(data)/ {
deny all;
}
location ~\.(ini|log|conf|MD|md|json)$ {
deny all;
error_page 403 =404 / ;
}
# additional config
include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi_webmail.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name r.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://r.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/r.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/r.linuxiarz.pl.conf

36
sites-enabled/redirects.conf
View File

@@ -1,36 +0,0 @@
server {
listen 80;
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":443"; ma=86400';
ssl_certificate /etc/ssl/gru.one.pl/fullchain.pem;
ssl_certificate_key /etc/ssl/gru.one.pl/privkey.pem;
status_zone gru.one.pl;
server_name .gru.one.pl ;
if ($scheme = http) {
return 301 https://$host$request_uri;
}
location / {
return 301 https://www.linuxiarz.pl$request_uri;
}
}
server {
listen 80;
server_name .grucha.eu.org;
status_zone grucha.eu.org;
location / {
return 301 https://www.gruszczynski.eu.org$request_uri;
}
}

1
sites-enabled/redirects.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/redirects.conf

66
sites-enabled/repo.linuxiarz.pl.conf
View File

@@ -1,66 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name repo.linuxiarz.pl;
set $base /var/www/repo.linuxiarz.pl;
root $base;
include config/wildcard.conf;
index index.php;
# security
include config/security.conf;
status_zone repo.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log /var/log/angie/repo.linuxiarz.pl.access.log;
error_log /var/log/angie/repo.linuxiarz.pl.error.log warn;
location ~* \.(?:tar.gz|zip?)$ {
rewrite ^/(.*)$ https://objectstorage.eu-frankfurt-1.oraclecloud.com/n/frhsuwgawuyg/b/linuxiarz-repo/o/$1 permanent;
}
location / {
# try_files $uri $uri/ /index.php?dl=$uri;
try_files $uri $uri/ /index.php?$uri;
}
# additional config
include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name repo.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://repo.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/repo.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/repo.linuxiarz.pl.conf

51
sites-enabled/rspamd.linuxiarz.pl.conf
View File

@@ -1,51 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name rspamd.linuxiarz.pl;
include config/wildcard.conf;
# security
include config/security.conf;
status_zone rspamd.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log off;
error_log off;
location / {
proxy_pass http://127.0.0.1:11334/;
include config/proxy.conf;
}
# additional config
# include config/general.conf;
}
# HTTP redirect
server {
listen 80;
server_name rspamd.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://rspamd.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/rspamd.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/rspamd.linuxiarz.pl.conf

51
sites-enabled/sk.linuxiarz.pl.conf
View File

@@ -1,51 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name sk.linuxiarz.pl;
set $base /var/www/sk.linuxiarz.pl;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
status_zone sk.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log /var/log/angie/sk.linuxiarz.pl.access.log;
error_log /var/log/angie/sk.linuxiarz.pl.error.log warn;
# index.php
index index.php;
# additional config
include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi8_1.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name sk.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://sk.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/sk.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/sk.linuxiarz.pl.conf

69
sites-enabled/ts3stats.linuxiarz.pl.conf
View File

@@ -1,69 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name ts3stats.linuxiarz.pl;
set $base /var/www/ts3stats;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
status_zone ts3stats.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log /var/log/angie/ts3stats.linuxiarz.pl.access.log;
error_log /var/log/angie/ts3stats.linuxiarz.pl.error.log warn;
# index.php
index index.php;
location / {
try_files $uri $uri/ /index.php;
}
location /rrd {
rewrite ^ $scheme://$host permanent;
deny all;
}
location ~ /graph {
allow all;
}
location /libraries {
rewrite ^ $scheme://$host permanent;
deny all;
}
# additional config
include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name ts3stats.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://ts3stats.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/ts3stats.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/ts3stats.linuxiarz.pl.conf

37
sites-enabled/unitraklub.pl.conf
View File

@@ -1,37 +0,0 @@
server {
listen 80;
server_name *.unitraklub.pl unitraklub.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
root /var/www/503/;
index index.html;
if ($scheme = http) {
return 301 https://$host$request_uri;
}
}
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name *.unitraklub.pl unitraklub.pl;
ssl_certificate /etc/ssl/unitraklub.pl/fullchain.pem;
ssl_certificate_key /etc/ssl/unitraklub.pl/privkey.pem;
ssl_stapling off;
root /var/www/503/;
index index.html;
location / {
try_files /index.html =404;
}
}

1
sites-enabled/unitraklub.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/unitraklub.pl.conf

93
sites-enabled/webmail.linuxiarz.pl.conf
View File

@@ -1,93 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name webmail.linuxiarz.pl;
set $base /var/www/webmail;
root $base;
include config/wildcard.conf;
include config/security_roundcube.conf;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log /var/log/angie/webmail.linuxiarz.pl.access.log;
error_log /var/log/angie/webmail.linuxiarz.pl.error.log warn;
status_zone webmail.linuxiarz.pl;
# index.php
index index.php;
location / {
try_files $uri $uri/ /index.php;
}
location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
deny all;
error_page 403 =404 / ;
}
location ~ ^/(bin|SQL|config|temp|logs)/ {
deny all;
}
location ~\.(ini|log|conf|MD|md|json)$ {
deny all;
error_page 403 =404 / ;
}
# additional config
include config/general.conf;
# handle .php with PATH_INFO support
location ~ \.php(?:$|/) {
include config/php_fastcgi_webmail.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name webmail.linuxiarz.pl poczta.linuxiarz.pl poczta.gru.one.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://webmail.linuxiarz.pl$request_uri;
}
}
# Other redirects
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name poczta.linuxiarz.pl;
include config/wildcard.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://webmail.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/webmail.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/webmail.linuxiarz.pl.conf