gru/linuxiarz_vps_angie
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
root
2025-11-16 22:26:59 +01:00
commit af14d373fa
118 changed files with 10255 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
sites-enabled/._linuxiarz.pl.conf Executable file
View File

Binary file not shown.

1
sites-enabled/adphone.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/adphone.pl.conf

46
sites-enabled/autodiscover.conf Normal file
View File

@@ -0,0 +1,46 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name autodiscover.linuxiarz.pl autodiscover.gruszczynski.eu.org autodiscover.gru.one.pl autodiscover.szczepaniak.eu.org;
set $base /var/www/autodiscover;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
# logging
access_log /var/log/angie/autodiscover.linuxiarz.pl.access.log;
error_log /var/log/angie/autodiscover.linuxiarz.pl.error.log warn;
location ~ /(?:a|A)utodiscover/(?:a|A)utodiscover.xml {
rewrite .* /autodiscover/autodiscover.php redirect;
}
# additional config
include config/general.conf;
# handle .php
location ~* \.php$ {
include config/php_fastcgi.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name autodiscover.linuxiarz.pl autodiscover.gruszczynski.eu.org autodiscover.gru.one.pl autodiscover.szczepaniak.eu.org;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://autodiscover.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/blog.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/blog.linuxiarz.pl.conf

19
sites-enabled/default.conf Normal file
View File

@@ -0,0 +1,19 @@
server {
listen 80 default_server ;
return 403;
if ($request_method !~ ^(HEAD)$) {
return '405';
}
}
server {
listen 443 ssl default_server;
return 403;
if ($request_method !~ ^(HEAD)$) {
return '405';
}
ssl_certificate /etc/angie/ssl/angie.crt;
ssl_certificate_key /etc/angie/ssl/angie.key;
ssl_stapling off;
}

66
sites-enabled/doh.conf Normal file
View File

@@ -0,0 +1,66 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name doh.linuxiarz.pl;
set $base /var/www/dnsdist;
root $base;
include config/wildcard.conf;
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET|POST|HEAD|PUT)$) {
return '405';
}
error_page 400 @echo_400;
location @echo400 {
add_header Content-Type text/plain;
return 200 "Bad request :)";
}
error_page 404 403 500 504 502 =200 /;
# logging
access_log /var/log/angie/doh.linuxiarz.pl.access.log;
error_log /var/log/angie/doh.linuxiarz.pl.error.log warn;
# additional config
include config/general.conf;
location / {
proxy_pass https://127.0.0.1:8844/;
include config/proxy.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name doh.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
include config/letsencrypt.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://doh.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/gitea.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/gitea.linuxiarz.pl.conf

101
sites-enabled/gruszczynski.cc.conf Normal file
View File

@@ -0,0 +1,101 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name www.gruszczynski.cc;
set $base /var/www/gruszczynski.cc;
root $base;
ssl_certificate /etc/ssl/gruszczynski.cc/fullchain.pem;
ssl_certificate_key /etc/ssl/gruszczynski.cc/privkey.pem;
# ssl cfg
include config/ssl_cfg.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
if ($host = 'www.gruszczynski.cc') {
return 301 http://www.linuxiarz.pl$request_uri;
}
error_page 404 403 500 504 502 =200 /;
# logging
access_log /var/log/angie/gruszczynski.cc.access.log;
error_log /var/log/angie/gruszczynski.cc.error.log warn;
# index.html
index index.html;
# additional config
include config/general.conf;
# letsencrypt
include config/letsencrypt.conf;
# handle .php
# location ~ \.php$ {
# include config/php_fastcgi.conf;
# }
}
# HTTP redirect
server {
listen 80;
server_name gruszczynski.cc www.gruszczynski.cc;
add_header Alt-Svc 'h3=":443"; ma=86400';
include config/letsencrypt.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://www.gruszczynski.cc$request_uri;
}
}
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name gruszczynski.cc;
ssl_certificate /etc/ssl/gruszczynski.cc/fullchain.pem;
ssl_certificate_key /etc/ssl/gruszczynski.cc/privkey.pem;
# ssl cfg
include config/ssl_cfg.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://www.gruszczynski.cc$request_uri;
}
}

108
sites-enabled/gruszczynski.eu.org_varnish.conf Normal file
View File

@@ -0,0 +1,108 @@
server {
listen 8080;
server_name www.gruszczynski.eu.org;
set $base /var/www/gruszczynski.eu.org;
root $base;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
#access_log /var/log/angie/gruszczynski.eu.org.access.log;
#error_log /var/log/angie/gruszczynski.eu.org.error.log warn;
# index.php
index index.php index.html;
# additional config
include config/general.conf;
# letsencrypt
include config/letsencrypt.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi.conf;
}
}
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name www.gruszczynski.eu.org;
ssl_certificate /etc/ssl/gruszczynski.eu.org/fullchain.pem;
ssl_certificate_key /etc/ssl/gruszczynski.eu.org/privkey.pem;
# ssl cfg
include config/ssl_cfg.conf;
location / {
proxy_pass http://127.0.0.1:6081/;
include config/proxy.conf;
}
}
# HTTP redirect
server {
listen 80;
add_header Alt-Svc 'h3=":443"; ma=86400';
server_name gruszczynski.eu.org www.gruszczynski.eu.org;
# include config/letsencrypt.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://www.gruszczynski.eu.org$request_uri;
}
}
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name gruszczynski.eu.org;
ssl_certificate /etc/ssl/gruszczynski.eu.org/fullchain.pem;
ssl_certificate_key /etc/ssl/gruszczynski.eu.org/privkey.pem;
# ssl cfg
include config/ssl_cfg.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://www.gruszczynski.eu.org$request_uri;
}
}

63
sites-enabled/img.gruszczynski.eu.org.conf Normal file
View File

@@ -0,0 +1,63 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name img.gruszczynski.eu.org;
set $base /var/www/img.gruszczynski.eu.org;
root $base/img;
ssl_certificate /etc/letsencrypt/live/img.gruszczynski.eu.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/img.gruszczynski.eu.org/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/img.gruszczynski.eu.org/chain.pem;
# ssl cfg
include config/ssl_cfg.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log /var/log/angie/img.gruszczynski.eu.org.access.log;
error_log /var/log/angie/img.gruszczynski.eu.org.error.log warn;
include config/general.conf;
# letsencrypt
include config/letsencrypt.conf;
}
# HTTP redirect
server {
listen 80;
server_name img.gruszczynski.eu.org;
add_header Alt-Svc 'h3=":443"; ma=86400';
set $base /var/www/img.gruszczynski.eu.org;
root $base/img;
include config/letsencrypt.conf;
# logging
access_log /var/log/angie/img.gruszczynski.eu.org.access.log;
error_log /var/log/angie/img.gruszczynski.eu.org.error.log warn;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://img.gruszczynski.eu.org$request_uri;
}
}

54
sites-enabled/kodi.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,54 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name kodi.linuxiarz.pl;
set $base /var/www/kodi.linuxiarz.pl/;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log off;
error_log off;
location / {
autoindex on;
autoindex_exact_size off;
autoindex_localtime off;
autoindex_format html;
}
# additional config
include config/general.conf;
}
# HTTP redirect
server {
listen 80;
server_name kodi.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://kodi.linuxiarz.pl$request_uri;
}
}

54
sites-enabled/kompilacje.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,54 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name kompilacje.linuxiarz.pl;
set $base /var/www/kompilacje.linuxiarz.pl/;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log off;
error_log off;
location / {
autoindex on;
autoindex_exact_size off;
autoindex_localtime off;
autoindex_format html;
}
# additional config
include config/general.conf;
}
# HTTP redirect
server {
listen 80;
server_name kompilacje.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://kompilacje.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/linuxiarz.pl_new.conf Symbolic link
View File

@@ -0,0 +1 @@
../sites-available/linuxiarz.pl_new.conf

1
sites-enabled/listapp.linuxiarz.pl.conf Symbolic link
View File

@@ -0,0 +1 @@
/etc/angie/sites-available/listapp.linuxiarz.pl.conf

54
sites-enabled/nginx.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,54 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name nginx.linuxiarz.pl;
set $base /var/www/nginx.linuxiarz.pl/;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log off;
error_log off;
location / {
autoindex on;
autoindex_exact_size off;
autoindex_localtime off;
autoindex_format html;
}
# additional config
include config/general.conf;
}
# HTTP redirect
server {
listen 80;
server_name nginx.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://nginx.linuxiarz.pl$request_uri;
}
}

55
sites-enabled/pa.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,55 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name pa.linuxiarz.pl;
set $base /var/www/postfixadmin;
# set $base /var/www/postfixadmin-postfixadmin-cc23eba;
root $base/public;
include config/wildcard.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log /var/log/angie/pa.linuxiarz.pl.access.log;
error_log /var/log/angie/pa.linuxiarz.pl.error.log warn;
# index.php
index index.php;
# index.php fallback
location / {
try_files $uri $uri/ login.php;
}
# additional config
include config/general.conf;
# handle .php
location ~* \.php$ {
include config/php_fastcgi7_4.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name pa.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://pa.linuxiarz.pl$request_uri;
}
}

72
sites-enabled/paste.linuxiarz.pl_varnish.conf Normal file
View File

@@ -0,0 +1,72 @@
server {
listen 8080;
server_name paste.linuxiarz.pl;
set $base /var/www/paste.linuxiarz.pl;
root $base;
# security
include config/security_paste.conf;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# index.php
index index.php;
# index.php fallback
location / {
try_files $uri /index.php;
}
if ($request_uri !~* ^/(static|favicon\.ico|robots\.txt)) {
rewrite ^/(.*)$ /index.php?/$1 last;
break;
}
# additional config
#g.lin include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi7_4.conf;
}
}
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name paste.linuxiarz.pl;
include config/wildcard.conf;
# logging
access_log /var/log/angie/paste.linuxiarz.pl.access.log;
error_log /var/log/angie/paste.linuxiarz.pl.error.log warn;
location / {
proxy_pass http://127.0.0.1:6081/;
include config/proxy.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name paste.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://paste.linuxiarz.pl$request_uri;
}
}

54
sites-enabled/pliki.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,54 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name pliki.linuxiarz.pl;
set $base /var/www/linuxiarz.pl/pliki;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log off;
error_log off;
location / {
autoindex on;
autoindex_exact_size off;
autoindex_localtime off;
autoindex_format html;
}
# additional config
include config/general.conf;
}
# HTTP redirect
server {
listen 80;
server_name pliki.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://pliki.linuxiarz.pl$request_uri;
}
}

55
sites-enabled/pma.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,55 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name pma.linuxiarz.pl;
set $base /var/www/pma.linuxiarz.pl/pma;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log /var/log/angie/pma.linuxiarz.pl.access.log;
error_log /var/log/angie/pma.linuxiarz.pl.error.log warn;
# index.php
index index.php;
# index.php fallback
location / {
allow 109.173.163.175/32;
deny all;
}
# additional config
include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name pma.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://pma.linuxiarz.pl$request_uri;
}
}

44
sites-enabled/quarantine.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,44 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name quarantine.linuxiarz.pl;
include config/wildcard.conf;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log off;
error_log off;
location / {
include uwsgi_params;
uwsgi_pass 127.0.0.1:9000;
allow 85.221.253.162;
allow 127.0.0.1;
deny all;
}
}
# HTTP redirect
server {
listen 80;
server_name quarantine.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://quarantine.linuxiarz.pl$request_uri;
}
}

66
sites-enabled/r.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,66 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name r.linuxiarz.pl;
set $base /var/www/rainloop;
root $base;
include config/wildcard.conf;
include config/security_roundcube.conf;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log /var/log/angie/r.linuxiarz.pl.access.log;
error_log /var/log/angie/r.linuxiarz.pl.error.log warn;
# index.php
index index.php;
# index.php fallback
location / {
try_files $uri $uri/ index.php;
}
location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
deny all;
error_page 403 =404 / ;
}
location ~ ^/(data)/ {
deny all;
}
location ~\.(ini|log|conf|MD|md|json)$ {
deny all;
error_page 403 =404 / ;
}
# additional config
include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi_webmail.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name r.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://r.linuxiarz.pl$request_uri;
}
}

32
sites-enabled/redirects.conf Normal file
View File

@@ -0,0 +1,32 @@
server {
listen 80;
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":443"; ma=86400';
ssl_certificate /etc/ssl/gru.one.pl/fullchain.pem;
ssl_certificate_key /etc/ssl/gru.one.pl/privkey.pem;
server_name .gru.one.pl ;
if ($scheme = http) {
return 301 https://$host$request_uri;
}
location / {
return 301 https://www.linuxiarz.pl$request_uri;
}
}
server {
listen 80;
server_name .grucha.eu.org;
location / {
return 301 https://www.gruszczynski.eu.org$request_uri;
}
}

64
sites-enabled/repo.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,64 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name repo.linuxiarz.pl;
set $base /var/www/repo.linuxiarz.pl;
root $base;
include config/wildcard.conf;
index index.php;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log /var/log/angie/repo.linuxiarz.pl.access.log;
error_log /var/log/angie/repo.linuxiarz.pl.error.log warn;
location ~* \.(?:tar.gz|zip?)$ {
rewrite ^/(.*)$ https://objectstorage.eu-frankfurt-1.oraclecloud.com/n/frhsuwgawuyg/b/linuxiarz-repo/o/$1 permanent;
}
location / {
# try_files $uri $uri/ /index.php?dl=$uri;
try_files $uri $uri/ /index.php?$uri;
}
# additional config
include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name repo.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://repo.linuxiarz.pl$request_uri;
}
}

49
sites-enabled/rspamd.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,49 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name rspamd.linuxiarz.pl;
include config/wildcard.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log off;
error_log off;
location / {
proxy_pass http://127.0.0.1:11334/;
include config/proxy.conf;
}
# additional config
# include config/general.conf;
}
# HTTP redirect
server {
listen 80;
server_name rspamd.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://rspamd.linuxiarz.pl$request_uri;
}
}

49
sites-enabled/sk.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,49 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name sk.linuxiarz.pl;
set $base /var/www/sk.linuxiarz.pl;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log /var/log/angie/sk.linuxiarz.pl.access.log;
error_log /var/log/angie/sk.linuxiarz.pl.error.log warn;
# index.php
index index.php;
# additional config
include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi8_1.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name sk.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://sk.linuxiarz.pl$request_uri;
}
}

1
sites-enabled/status.conf Symbolic link
View File

@@ -0,0 +1 @@
../conf.d/status.conf

67
sites-enabled/ts3stats.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,67 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name ts3stats.linuxiarz.pl;
set $base /var/www/ts3stats;
root $base;
include config/wildcard.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# logging
access_log /var/log/angie/ts3stats.linuxiarz.pl.access.log;
error_log /var/log/angie/ts3stats.linuxiarz.pl.error.log warn;
# index.php
index index.php;
location / {
try_files $uri $uri/ /index.php;
}
location /rrd {
rewrite ^ $scheme://$host permanent;
deny all;
}
location ~ /graph {
allow all;
}
location /libraries {
rewrite ^ $scheme://$host permanent;
deny all;
}
# additional config
include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name ts3stats.linuxiarz.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://ts3stats.linuxiarz.pl$request_uri;
}
}

38
sites-enabled/unitraklub.pl.conf Normal file
View File

@@ -0,0 +1,38 @@
server {
listen 80;
server_name *.unitraklub.pl unitraklub.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
root /var/www/503/;
index index.html;
if ($scheme = http) {
return 301 https://$host$request_uri;
}
}
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name *.unitraklub.pl unitraklub.pl;
ssl_certificate /etc/ssl/unitraklub.pl/fullchain.pem;
ssl_certificate_key /etc/ssl/unitraklub.pl/privkey.pem;
ssl_stapling off;
root /var/www/503/;
index index.html;
location / {
try_files /index.html =404;
}
}

60
sites-enabled/webmail-beta.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,60 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name webmail-beta.linuxiarz.pl;
set $base /var/www/webmail-beta;
root $base;
include config/wildcard.conf;
include config/security_wp.conf;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
location / {
return 301 https://webmail.linuxiarz.pl$request_uri;
}
# logging
access_log /var/log/angie/webmail-beta.linuxiarz.pl.access.log;
error_log /var/log/angie/webmail-beta.linuxiarz.pl.error.log warn;
# index.php
index index.php;
# index.php fallback
location /x {
try_files $uri $uri/ index.php;
}
location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
deny all;
error_page 403 =404 / ;
}
location ~ ^/(bin|SQL|config|temp|logs)/ {
deny all;
}
location ~\.(ini|log|conf|MD|md|json)$ {
deny all;
error_page 403 =404 / ;
}
# additional config
include config/general.conf;
# handle .php
location ~ \.php$ {
include config/php_fastcgi_webmail.conf;
}
}

96
sites-enabled/webmail.linuxiarz.pl.conf Normal file
View File

@@ -0,0 +1,96 @@
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name webmail.linuxiarz.pl;
set $base /var/www/webmail;
root $base;
include config/wildcard.conf;
include config/security_roundcube.conf;
# restrict methods
if ($request_method !~ ^(GET|POST)$) {
return '405';
}
# logging
access_log /var/log/angie/webmail.linuxiarz.pl.access.log;
error_log /var/log/angie/webmail.linuxiarz.pl.error.log warn;
# index.php
index index.php;
# index.php fallback
# location / {
# try_files $uri $uri/ index.php;
# }
location / {
try_files $uri $uri/ /index.php;
}
location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
deny all;
error_page 403 =404 / ;
}
location ~ ^/(bin|SQL|config|temp|logs)/ {
deny all;
}
location ~\.(ini|log|conf|MD|md|json)$ {
deny all;
error_page 403 =404 / ;
}
# additional config
include config/general.conf;
# handle .php with PATH_INFO support
location ~ \.php(?:$|/) {
include config/php_fastcgi_webmail.conf;
}
}
# HTTP redirect
server {
listen 80;
server_name webmail.linuxiarz.pl poczta.linuxiarz.pl poczta.gru.one.pl;
add_header Alt-Svc 'h3=":443"; ma=86400';
location / {
return 301 https://webmail.linuxiarz.pl$request_uri;
}
}
# Other redirects
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name poczta.linuxiarz.pl;
include config/wildcard.conf;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://webmail.linuxiarz.pl$request_uri;
}
}

87
sites-enabled/z.gruszczynski.eu.org_varnish.conf Normal file
View File

@@ -0,0 +1,87 @@
server {
listen 8080;
server_name z.gruszczynski.eu.org;
set $base /var/www/z.gruszczynski.eu.org;
root $base;
# security
include config/security.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
# index.php
index index.php;
# additional config
include config/general.conf;
port_in_redirect off;
location / {
}
# handle .php
location ~ \.php$ {
include config/php_fastcgi.conf;
}
}
server {
listen 443 quic;
listen 443 ssl;
http2 on;
http3 on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_early_data on;
add_header Alt-Svc 'h3=":$server_port"; ma=86400';
server_name z.gruszczynski.eu.org;
access_log /var/log/angie/z.gruszczynski.eu.org.access.log main;
error_log /var/log/angie/z.gruszczynski.eu.org.error.log warn;
ssl_certificate /etc/letsencrypt/live/z.gruszczynski.eu.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/z.gruszczynski.eu.org/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/z.gruszczynski.eu.org/chain.pem;
# ssl cfg
include config/ssl_cfg.conf;
include config/letsencrypt.conf;
location / {
proxy_pass http://127.0.0.1:6081/;
include config/proxy.conf;
add_header X-Robots-Tag "noindex, follow" always;
}
location = /robots.txt {
add_header Content-Type text/plain;
return 200 "User-agent: *\nDisallow: /\n";
}
}
# HTTP redirect
server {
listen 80;
server_name z.gruszczynski.eu.org;
add_header Alt-Svc 'h3=":443"; ma=86400';
include config/letsencrypt.conf;
# restrict methods
if ($request_method !~ ^(GET)$) {
return '405';
}
location / {
return 301 https://z.gruszczynski.eu.org$request_uri;
}
}