gru/linuxiarz_vps_angie
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cleanups

Browse Source
This commit is contained in:
Mateusz Gruszczyński
2025-11-16 23:04:23 +01:00
parent af14d373fa
commit 4970352314
54 changed files with 183 additions and 4720 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
sites-enabled/._linuxiarz.pl.conf
View File

Binary file not shown.

1
sites-enabled/autodiscover.conf
View File

@@ -20,6 +20,7 @@ server {
access_log /var/log/angie/autodiscover.linuxiarz.pl.access.log;
error_log /var/log/angie/autodiscover.linuxiarz.pl.error.log warn;
status_zone autodiscover;
location ~ /(?:a|A)utodiscover/(?:a|A)utodiscover.xml {
rewrite .* /autodiscover/autodiscover.php redirect;

3
sites-enabled/default.conf
View File

@@ -4,6 +4,7 @@ server {
if ($request_method !~ ^(HEAD)$) {
return '405';
}
status_zone default;
}
server {
@@ -13,6 +14,8 @@ server {
return '405';
}
status_zone default_ssl;
ssl_certificate /etc/angie/ssl/angie.crt;
ssl_certificate_key /etc/angie/ssl/angie.key;
ssl_stapling off;

5
sites-enabled/doh.conf → sites-enabled/doh.linuxiarz.pl.conf
View File

@@ -13,6 +13,7 @@ server {
set $base /var/www/dnsdist;
root $base;
status_zone doh.linuxiarz.pl;
include config/wildcard.conf;
include config/security.conf;
@@ -29,7 +30,6 @@ server {
return 200 "Bad request :)";
}
error_page 404 403 500 504 502 =200 /;
# logging
@@ -40,11 +40,10 @@ server {
include config/general.conf;
location / {
proxy_pass https://127.0.0.1:8844/;
proxy_pass https://doh;
include config/proxy.conf;
}
}
# HTTP redirect

20
sites-enabled/gruszczynski.cc.conf
View File

@@ -14,29 +14,32 @@ server {
ssl_certificate /etc/ssl/gruszczynski.cc/fullchain.pem;
ssl_certificate_key /etc/ssl/gruszczynski.cc/privkey.pem;
# logging
access_log /var/log/angie/gruszczynski.cc.access.log;
error_log /var/log/angie/gruszczynski.cc.error.log warn;
status_zone gruszczynski.cc;
# ssl cfg
include config/ssl_cfg.conf;
# security
include config/security.conf;
status_zone gruszczynski.cc;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
if ($host = 'www.gruszczynski.cc') {
return 301 http://www.linuxiarz.pl$request_uri;
}
error_page 404 403 500 504 502 =200 /;
# logging
access_log /var/log/angie/gruszczynski.cc.access.log;
error_log /var/log/angie/gruszczynski.cc.error.log warn;
# index.html
index index.html;
@@ -45,11 +48,6 @@ server {
# letsencrypt
include config/letsencrypt.conf;
# handle .php
# location ~ \.php$ {
# include config/php_fastcgi.conf;
# }
}
# HTTP redirect

16
sites-enabled/gruszczynski.eu.org_varnish.conf
View File

@@ -7,15 +7,13 @@ server {
# security
include config/security.conf;
status_zone gruszczynski.eu.org_backend;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
#access_log /var/log/angie/gruszczynski.eu.org.access.log;
#error_log /var/log/angie/gruszczynski.eu.org.error.log warn;
# index.php
index index.php index.html;
@@ -48,25 +46,21 @@ server {
# ssl cfg
include config/ssl_cfg.conf;
status_zone gruszczynski.eu.org_frontend;
location / {
proxy_pass http://127.0.0.1:6081/;
proxy_pass http://varnish/;
include config/proxy.conf;
}
}
# HTTP redirect
server {
listen 80;
add_header Alt-Svc 'h3=":443"; ma=86400';
server_name gruszczynski.eu.org www.gruszczynski.eu.org;
# include config/letsencrypt.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';

2
sites-enabled/img.gruszczynski.eu.org.conf
View File

@@ -21,6 +21,8 @@ server {
# security
include config/security.conf;
status_zone img.gruszcznski.eu.org;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';

2
sites-enabled/kodi.linuxiarz.pl.conf
View File

@@ -25,6 +25,8 @@ server {
access_log off;
error_log off;
status_zone kodi.linuxiarz.pl;
location / {
autoindex on;
autoindex_exact_size off;

2
sites-enabled/kompilacje.linuxiarz.pl.conf
View File

@@ -21,6 +21,8 @@ server {
return '405';
}
status_zone kompilacje.linuxiarz.pl;
# logging
access_log off;
error_log off;

2
sites-enabled/nginx.linuxiarz.pl.conf
View File

@@ -16,6 +16,8 @@ server {
# security
include config/security.conf;
status_zone nginx.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';

2
sites-enabled/pa.linuxiarz.pl.conf
View File

@@ -17,6 +17,8 @@ server {
# security
include config/security.conf;
status_zone pa.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';

8
sites-enabled/paste.linuxiarz.pl_varnish.conf
View File

@@ -7,6 +7,8 @@ server {
# security
include config/security_paste.conf;
status_zone paste.linuxiarz.pl_backend;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
@@ -25,9 +27,6 @@ server {
break;
}
# additional config
#g.lin include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi7_4.conf;
@@ -52,9 +51,10 @@ server {
access_log /var/log/angie/paste.linuxiarz.pl.access.log;
error_log /var/log/angie/paste.linuxiarz.pl.error.log warn;
status_zone paste.linuxiarz.pl_frontend;
location / {
proxy_pass http://127.0.0.1:6081/;
proxy_pass http://varnish/;
include config/proxy.conf;
}

2
sites-enabled/pliki.linuxiarz.pl.conf
View File

@@ -16,6 +16,8 @@ server {
# security
include config/security.conf;
status_zone pliki.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';

2
sites-enabled/pma.linuxiarz.pl.conf
View File

@@ -16,6 +16,8 @@ server {
# security
include config/security.conf;
status_zone pma.linuxiarz.pl
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';

44
sites-enabled/quarantine.linuxiarz.pl.conf
View File

@@ -1,44 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name quarantine.linuxiarz.pl;
include config/wildcard.conf;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log off;
error_log off;
location / {
include uwsgi_params;
uwsgi_pass 127.0.0.1:9000;
allow 85.221.253.162;
allow 127.0.0.1;
deny all;
}
}
# HTTP redirect
server {
listen 80;
server_name quarantine.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://quarantine.linuxiarz.pl$request_uri;
}
}

2
sites-enabled/r.linuxiarz.pl.conf
View File

@@ -14,6 +14,8 @@ server {
include config/wildcard.conf;
include config/security_roundcube.conf;
status_zone r.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';

4
sites-enabled/redirects.conf
View File

@@ -11,6 +11,8 @@ server {
ssl_certificate /etc/ssl/gru.one.pl/fullchain.pem;
ssl_certificate_key /etc/ssl/gru.one.pl/privkey.pem;
status_zone gru.one.pl;
server_name .gru.one.pl ;
if ($scheme = http) {
@@ -26,6 +28,8 @@ server {
listen 80;
server_name .grucha.eu.org;
status_zone grucha.eu.org;
location / {
return 301 https://www.gruszczynski.eu.org$request_uri;
}

2
sites-enabled/repo.linuxiarz.pl.conf
View File

@@ -17,6 +17,8 @@ server {
# security
include config/security.conf;
status_zone repo.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';

2
sites-enabled/rspamd.linuxiarz.pl.conf
View File

@@ -14,6 +14,8 @@ server {
# security
include config/security.conf;
status_zone rspamd.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';

2
sites-enabled/sk.linuxiarz.pl.conf
View File

@@ -16,6 +16,8 @@ server {
# security
include config/security.conf;
status_zone sk.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';

2
sites-enabled/ts3stats.linuxiarz.pl.conf
View File

@@ -16,6 +16,8 @@ server {
# security
include config/security.conf;
status_zone ts3stats.linuxiarz.pl;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';

1
sites-enabled/unitraklub.pl.conf
View File

@@ -10,7 +10,6 @@ server {
return 301 https://$host$request_uri;
}
}
server {

60
sites-enabled/webmail-beta.linuxiarz.pl.conf
View File

@@ -1,60 +0,0 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name webmail-beta.linuxiarz.pl;
set $base /var/www/webmail-beta;
root $base;
include config/wildcard.conf;
include config/security_wp.conf;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
location / {
return 301 https://webmail.linuxiarz.pl$request_uri;
}
# logging
access_log /var/log/angie/webmail-beta.linuxiarz.pl.access.log;
error_log /var/log/angie/webmail-beta.linuxiarz.pl.error.log warn;
# index.php
index index.php;
# index.php fallback
location /x {
try_files $uri $uri/ index.php;
}
location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
deny all;
error_page 403 =404 / ;
}
location ~ ^/(bin|SQL|config|temp|logs)/ {
deny all;
}
location ~\.(ini|log|conf|MD|md|json)$ {
deny all;
error_page 403 =404 / ;
}
# additional config
include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi_webmail.conf;
}
}

7
sites-enabled/webmail.linuxiarz.pl.conf
View File

@@ -23,14 +23,11 @@ server {
access_log /var/log/angie/webmail.linuxiarz.pl.access.log;
error_log /var/log/angie/webmail.linuxiarz.pl.error.log warn;
status_zone webmail.linuxiarz.pl;
# index.php
index index.php;
# index.php fallback
# location / {
# try_files $uri $uri/ index.php;
# }
location / {
try_files $uri $uri/ /index.php;
}

87
sites-enabled/z.gruszczynski.eu.org_varnish.conf
View File

@@ -1,87 +0,0 @@
server {
listen 8080;
server_name z.gruszczynski.eu.org;
set $base /var/www/z.gruszczynski.eu.org;
root $base;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# index.php
index index.php;
# additional config
include config/general.conf;
port_in_redirect off;
location / {
}
# handle .php
location ~ \.php$ {
include config/php_fastcgi.conf;
}
}
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name z.gruszczynski.eu.org;
access_log /var/log/angie/z.gruszczynski.eu.org.access.log main;
error_log /var/log/angie/z.gruszczynski.eu.org.error.log warn;
ssl_certificate /etc/letsencrypt/live/z.gruszczynski.eu.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/z.gruszczynski.eu.org/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/z.gruszczynski.eu.org/chain.pem;
# ssl cfg
include config/ssl_cfg.conf;
include config/letsencrypt.conf;
location / {
proxy_pass http://127.0.0.1:6081/;
include config/proxy.conf;
add_header X-Robots-Tag "noindex, follow" always;
}
location = /robots.txt {
add_header Content-Type text/plain;
return 200 "User-agent: *\nDisallow: /\n";
}
}
# HTTP redirect
server {
listen 80;
server_name z.gruszczynski.eu.org;
add_header Alt-Svc 'h3=":443"; ma=86400';
include config/letsencrypt.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://z.gruszczynski.eu.org$request_uri;
}
}