summaryrefslogtreecommitdiffstats
path: root/server/proxy/nginx.conf
diff options
context:
space:
mode:
authorrstular <rok@stular.eu>2020-05-20 21:47:41 +0200
committerGitHub <noreply@github.com>2020-05-20 21:47:41 +0200
commit9e63ad7fd187b5eea9f2e3d3a1e1fa9a2d1ec1d2 (patch)
treec96e2c622aeb56000d4736ba1932269f2dfd217b /server/proxy/nginx.conf
parentMerge pull request #8 from beziapp/dev (diff)
parentMerge branch 'dev' of ssh://github.com/beziapp/beziapp.github.io into dev (diff)
downloadbeziapp-9e63ad7fd187b5eea9f2e3d3a1e1fa9a2d1ec1d2.tar
beziapp-9e63ad7fd187b5eea9f2e3d3a1e1fa9a2d1ec1d2.tar.gz
beziapp-9e63ad7fd187b5eea9f2e3d3a1e1fa9a2d1ec1d2.tar.bz2
beziapp-9e63ad7fd187b5eea9f2e3d3a1e1fa9a2d1ec1d2.tar.lz
beziapp-9e63ad7fd187b5eea9f2e3d3a1e1fa9a2d1ec1d2.tar.xz
beziapp-9e63ad7fd187b5eea9f2e3d3a1e1fa9a2d1ec1d2.tar.zst
beziapp-9e63ad7fd187b5eea9f2e3d3a1e1fa9a2d1ec1d2.zip
Diffstat (limited to 'server/proxy/nginx.conf')
-rw-r--r--server/proxy/nginx.conf133
1 files changed, 133 insertions, 0 deletions
diff --git a/server/proxy/nginx.conf b/server/proxy/nginx.conf
new file mode 100644
index 0000000..222b8d2
--- /dev/null
+++ b/server/proxy/nginx.conf
@@ -0,0 +1,133 @@
+#server {
+# server_name _;
+# listen 80 default_server;
+# # listen 443 default_server;
+# listen [::]:80 default_server;
+# # listen [::]:443 default_server;
+# return 444;
+#}
+server {
+ listen 93.103.156.37:80;
+ listen [::]:80;
+ server_name .g.gimb.tk .gimsis.gimb.tk .zgimsis.gimb.tk .gimsisext.gimb.tk .gse.gimb.tk;
+ return 301 https://zgimsis.gimb.tk$request_uri;
+ port_in_redirect off;
+ server_name_in_redirect off;
+}
+server {
+ listen 93.103.156.37:443 ssl http2;
+ listen [::]:443 ssl http2;
+ ssl_certificate /etc/ssl/sslforfree/sg.crt;
+ ssl_certificate_key /etc/ssl/sslforfree/sg.key;
+ ssl_session_cache builtin:1000 shared:SSL:10m;
+ ssl_prefer_server_ciphers on;
+ add_header Strict-Transport-Security "max-age=604800";
+ #root /var/www/html;
+ index index.php index.html index.htm index.nginx-debian.html;
+ server_name .g.gimb.tk .gimsis.gimb.tk .zgimsis.gimb.tk .gimsisext.gimb.tk .gse.gimb.tk;
+ location /gse/ {
+ #try_files $uri $uri/ =404;
+ proxy_pass https://localhost:27443;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ set $cors '';
+ set $both_conditions "";
+ add_header "x-debug-location-gse" "triggered";
+ if ($http_origin ~ \.?gimb\.tk$) {
+ set $cors 'true';
+ set $both_conditions "P";
+ add_header "x-debug-http-origin-check" "passed";
+ }
+ if ($cors = 'true') {
+ add_header "Access-Control-Allow-Origin" $http_origin always;
+ add_header "Access-Control-Allow-Credentials" "true" always;
+ add_header "Access-Control-Allow-Methods" "GET, POST, PATCH, PUT, DELETE, OPTIONS" always;
+ add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
+ add_header 'Access-Control-Expose-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
+ }
+ if ($request_method = 'OPTIONS') {
+ set $both_conditions "${both_conditions}D";
+ }
+ if ($both_conditions = PD) {
+ add_header "Access-Control-Allow-Origin" $http_origin always;
+ add_header "Access-Control-Allow-Credentials" "true" always;
+ add_header "Access-Control-Allow-Methods" "GET, POST, PATCH, PUT, DELETE, OPTIONS" always;
+ add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
+ add_header 'Access-Control-Expose-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
+ add_header 'Access-Control-Max-Age' -1;
+ add_header 'Content-Type' 'text/plain charset=UTF-8';
+ add_header 'Content-Length' 0;
+ return 204;
+ }
+ }
+ location / {
+ set $cors '';
+ if ($http_origin ~ \.?gimb\.tk$) {
+ set $cors 'true';
+ }
+ if ($cors = 'true') {
+ add_header "Access-Control-Allow-Origin" $http_origin always;
+ add_header "Access-Control-Allow-Credentials" "true" always;
+ add_header "Access-Control-Allow-Methods" "GET, POST, PATCH, PUT, DELETE, OPTIONS" always;
+ add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
+ add_header 'Access-Control-Expose-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
+ }
+ if ($request_method = 'OPTIONS') {
+ add_header 'Access-Control-Max-Age' 300;
+ add_header 'Content-Type' 'text/plain charset=UTF-8';
+ add_header 'Content-Length' 0;
+ return 204;
+ }
+ return 301 https://zgimsis.gimb.tk/gse/;
+ }
+ #location ~ \.php$ {
+ # include snippets/fastcgi-php.conf;
+ # fastcgi_pass unix:/run/php/php7.3-fpm.sock;
+ #}
+ location ~ /\.ht {
+ deny all;
+ }
+ port_in_redirect off;
+ server_name_in_redirect off;
+}
+server {
+ listen 93.103.156.37:80;
+ listen [::]:80;
+ server_name .la.gimb.tk .lopolisapi.gimb.tk .lopolis-api.gimb.tk;
+ return 301 https://lopolis-api.gimb.tk$request_uri;
+ port_in_redirect off;
+ server_name_in_redirect off;
+}
+server {
+ listen 93.103.156.37:443 ssl http2;
+ listen [::]:443 ssl http2;
+ ssl_certificate /etc/ssl/sslforfree/sg.crt;
+ ssl_certificate_key /etc/ssl/sslforfree/sg.key;
+ ssl_session_cache builtin:1000 shared:SSL:10m;
+ ssl_prefer_server_ciphers on;
+ add_header Strict-Transport-Security "max-age=604800";
+ #root /var/www/html;
+ index index.php index.html index.htm index.nginx-debian.html;
+ server_name .la.gimb.tk .lopolisapi.gimb.tk .lopolis-api.gimb.tk;
+ location / {
+ #try_files $uri $uri/ =404;
+ proxy_pass http://localhost:44625;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ }
+ #location / {
+# return 301 https://zgimsis.gimb.tk/gse/;
+# }
+ #location ~ \.php$ {
+ # include snippets/fastcgi-php.conf;
+ # fastcgi_pass unix:/run/php/php7.3-fpm.sock;
+ #}
+ location ~ /\.ht {
+ deny all;
+ }
+ add_header X-This-Is-Definetley-Not-Flask I-Really-Care-If-Someone-DoSes-This-/s;
+ add_header X-I-Mean-If-Someone-Wants-To-DoS-Me They-Have-The-Power-To-Do-It;
+ add_header X-Although-It-Is-Illegal-And-I Will-Report-You-To-SiCert-And-They-Will-Bit-Your-Ass;
+ port_in_redirect off;
+ server_name_in_redirect off;
+}