From 94a995a53bfdfd892d505849409370008dc202fb Mon Sep 17 00:00:00 2001 From: "usa.yimian.xyz" Date: Wed, 19 Aug 2020 06:17:30 -0400 Subject: [PATCH] ini --- cn.yimian.xyz/nginx/conf.d/acg.watch.conf | 46 +++++++ .../nginx/conf.d/api.yimian.xyz.conf | 76 ++++++++++++ .../nginx/conf.d/auth.yimian.xyz.conf | 43 +++++++ cn.yimian.xyz/nginx/conf.d/eee.dog.conf | 29 +++++ .../nginx/conf.d/home.yimian.xyz.conf | 25 ++++ .../nginx/conf.d/img.yimian.xyz.conf.dead | 45 +++++++ .../nginx/conf.d/imgbed.yimian.xyz.conf | 42 +++++++ cn.yimian.xyz/nginx/conf.d/iotcat.me.conf | 30 +++++ .../nginx/conf.d/log.yimian.xyz.conf | 41 ++++++ .../nginx/conf.d/login.yimian.xyz.conf | 41 ++++++ .../nginx/conf.d/mksec.yimian.xyz.conf | 29 +++++ .../nginx/conf.d/monitor.yimian.xyz.conf | 30 +++++ .../nginx/conf.d/onedrive.yimian.xyz.conf | 25 ++++ .../nginx/conf.d/pay.yimian.xyz.conf | 34 +++++ .../nginx/conf.d/session.yimian.xyz.conf | 69 +++++++++++ .../nginx/conf.d/share.yimian.xyz.conf | 42 +++++++ .../nginx/conf.d/shorturl.yimian.xyz.conf | 29 +++++ .../nginx/conf.d/user.yimian.xyz.conf | 34 +++++ .../nginx/conf.d/ushio-win.yimian.xyz.conf | 42 +++++++ cn.yimian.xyz/nginx/conf.d/ushio.cool.conf | 32 +++++ .../nginx/conf.d/v2ray.yimian.xyz.conf | 34 +++++ .../nginx/conf.d/wanzongbiz.com.conf | 15 +++ .../nginx/conf.d/wiot-ota.yimian.xyz.conf | 28 +++++ cn.yimian.xyz/nginx/conf.d/www.eee.dog.conf | 39 ++++++ cn.yimian.xyz/nginx/conf.d/yimian.xyz.conf | 30 +++++ cn.yimian.xyz/nginx/default.d/cache.conf | 13 ++ cn.yimian.xyz/nginx/default.d/favicon.conf | 3 + cn.yimian.xyz/nginx/default.d/hsts.conf | 1 + cn.yimian.xyz/nginx/default.d/php.conf | 13 ++ .../nginx/default.d/wp-supercache.conf.b | 20 +++ cn.yimian.xyz/nginx/fastcgi.conf | 26 ++++ cn.yimian.xyz/nginx/fastcgi_params | 25 ++++ cn.yimian.xyz/nginx/mime.types | 97 +++++++++++++++ cn.yimian.xyz/nginx/nginx.conf | 63 ++++++++++ cn.yimian.xyz/nginx/nginx.conf.b | 117 ++++++++++++++++++ cn2.yimian.xyz/nginx/conf.d.b/acg.watch.conf | 46 +++++++ cn2.yimian.xyz/nginx/conf.d.b/eee.dog.conf | 29 +++++ .../nginx/conf.d.b/home.yimian.xyz.conf | 25 ++++ .../nginx/conf.d.b/img.yimian.xyz.conf | 49 ++++++++ .../nginx/conf.d.b/img.yimian.xyz.conf.docker | 44 +++++++ .../nginx/conf.d.b/imgbed.yimian.xyz.conf | 42 +++++++ cn2.yimian.xyz/nginx/conf.d.b/iotcat.me.conf | 30 +++++ .../nginx/conf.d.b/log.yimian.xyz.conf | 41 ++++++ .../nginx/conf.d.b/onedrive.yimian.xyz.conf | 25 ++++ .../nginx/conf.d.b/pay.yimian.xyz.conf | 34 +++++ .../nginx/conf.d.b/session.yimian.xyz.conf | 35 ++++++ .../nginx/conf.d.b/share.yimian.xyz.conf | 42 +++++++ .../nginx/conf.d.b/shorturl.yimian.xyz.conf | 29 +++++ cn2.yimian.xyz/nginx/conf.d.b/ushio.cool.conf | 32 +++++ .../nginx/conf.d.b/www.eee.dog.conf | 39 ++++++ cn2.yimian.xyz/nginx/conf.d.b/yimian.xyz.conf | 30 +++++ cn2.yimian.xyz/nginx/default.d/cache.conf | 13 ++ cn2.yimian.xyz/nginx/default.d/favicon.conf | 3 + cn2.yimian.xyz/nginx/default.d/hsts.conf | 1 + cn2.yimian.xyz/nginx/default.d/php.conf | 13 ++ .../nginx/default.d/wp-supercache.conf.b | 20 +++ cn2.yimian.xyz/nginx/fastcgi.conf | 26 ++++ cn2.yimian.xyz/nginx/fastcgi_params | 25 ++++ cn2.yimian.xyz/nginx/mime.types | 97 +++++++++++++++ cn2.yimian.xyz/nginx/nginx.conf | 63 ++++++++++ cn2.yimian.xyz/nginx/nginx.conf.b | 117 ++++++++++++++++++ .../nginx/conf.d/home.yimian.xyz.conf | 39 ++++++ home.yimian.xyz/nginx/conf.d/ushio.cool.conf | 32 +++++ .../nginx/conf.d/v-china.yimian.xyz.conf | 30 +++++ home.yimian.xyz/nginx/default.d/cache.conf | 13 ++ home.yimian.xyz/nginx/default.d/favicon.conf | 3 + home.yimian.xyz/nginx/default.d/hsts.conf | 1 + home.yimian.xyz/nginx/default.d/php.conf | 13 ++ .../nginx/default.d/wp-supercache.conf.b | 20 +++ home.yimian.xyz/nginx/fastcgi.conf | 26 ++++ home.yimian.xyz/nginx/fastcgi_params | 25 ++++ home.yimian.xyz/nginx/mime.types | 97 +++++++++++++++ home.yimian.xyz/nginx/nginx.conf | 63 ++++++++++ home.yimian.xyz/nginx/nginx.conf.b | 117 ++++++++++++++++++ jp.yimian.xyz/nginx/conf.d/blog.conf | 18 +++ jp.yimian.xyz/nginx/mime.types | 89 +++++++++++++ jp.yimian.xyz/nginx/nginx.conf | 91 ++++++++++++++ uk.yimian.xyz/nginx/conf.d/acg.watch.conf.bck | 46 +++++++ .../nginx/conf.d/imgbed.yimian.xyz.conf.bck | 42 +++++++ uk.yimian.xyz/nginx/conf.d/iotcat.me.conf | 30 +++++ .../nginx/conf.d/onedrive.yimian.xyz.conf | 25 ++++ .../nginx/conf.d/session.yimian.xyz.conf | 35 ++++++ .../nginx/conf.d/share.yimian.xyz.conf.bck | 42 +++++++ uk.yimian.xyz/nginx/conf.d/ushio.cool.conf | 32 +++++ .../nginx/conf.d/www.eee.dog.conf.bck | 39 ++++++ uk.yimian.xyz/nginx/default.d/cache.conf | 13 ++ uk.yimian.xyz/nginx/default.d/favicon.conf | 3 + uk.yimian.xyz/nginx/default.d/hsts.conf | 1 + uk.yimian.xyz/nginx/default.d/php.conf | 13 ++ .../nginx/default.d/wp-supercache.conf.b | 20 +++ uk.yimian.xyz/nginx/fastcgi.conf | 26 ++++ uk.yimian.xyz/nginx/fastcgi_params | 25 ++++ uk.yimian.xyz/nginx/mime.types | 97 +++++++++++++++ uk.yimian.xyz/nginx/nginx.conf | 63 ++++++++++ uk.yimian.xyz/nginx/nginx.conf.b | 117 ++++++++++++++++++ .../nginx/conf.d/acg.watch.conf.bck | 46 +++++++ .../nginx/conf.d/docker.yimian.xyz.conf | 42 +++++++ .../nginx/conf.d/home.yimian.xyz.conf | 25 ++++ .../nginx/conf.d/imgbed.yimian.xyz.conf.bck | 42 +++++++ usa.yimian.xyz/nginx/conf.d/iotcat.me.conf | 30 +++++ .../nginx/conf.d/onedrive.yimian.xyz.conf | 25 ++++ .../nginx/conf.d/proxy.yimian.xyz.conf | 25 ++++ usa.yimian.xyz/nginx/conf.d/redrange.me.conf | 37 ++++++ .../nginx/conf.d/session.yimian.xyz.conf | 35 ++++++ .../nginx/conf.d/share.yimian.xyz.conf.bck | 42 +++++++ usa.yimian.xyz/nginx/conf.d/ushio.cool.conf | 32 +++++ .../nginx/conf.d/v-china.yimian.xyz.conf | 42 +++++++ .../nginx/conf.d/vmess.yimian.xyz.conf | 30 +++++ .../nginx/conf.d/www.eee.dog.conf.bck | 39 ++++++ usa.yimian.xyz/nginx/default.d/cache.conf | 13 ++ usa.yimian.xyz/nginx/default.d/favicon.conf | 3 + usa.yimian.xyz/nginx/default.d/hsts.conf | 1 + usa.yimian.xyz/nginx/default.d/php.conf | 13 ++ .../nginx/default.d/wp-supercache.conf.b | 20 +++ usa.yimian.xyz/nginx/fastcgi.conf | 26 ++++ usa.yimian.xyz/nginx/fastcgi_params | 25 ++++ usa.yimian.xyz/nginx/mime.types | 97 +++++++++++++++ usa.yimian.xyz/nginx/nginx.conf | 63 ++++++++++ usa.yimian.xyz/nginx/nginx.conf.b | 117 ++++++++++++++++++ 119 files changed, 4474 insertions(+) create mode 100644 cn.yimian.xyz/nginx/conf.d/acg.watch.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/api.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/auth.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/eee.dog.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/home.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/img.yimian.xyz.conf.dead create mode 100644 cn.yimian.xyz/nginx/conf.d/imgbed.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/iotcat.me.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/log.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/login.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/mksec.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/monitor.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/onedrive.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/pay.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/session.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/share.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/shorturl.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/user.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/ushio-win.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/ushio.cool.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/v2ray.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/wanzongbiz.com.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/wiot-ota.yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/www.eee.dog.conf create mode 100644 cn.yimian.xyz/nginx/conf.d/yimian.xyz.conf create mode 100644 cn.yimian.xyz/nginx/default.d/cache.conf create mode 100644 cn.yimian.xyz/nginx/default.d/favicon.conf create mode 100644 cn.yimian.xyz/nginx/default.d/hsts.conf create mode 100644 cn.yimian.xyz/nginx/default.d/php.conf create mode 100644 cn.yimian.xyz/nginx/default.d/wp-supercache.conf.b create mode 100644 cn.yimian.xyz/nginx/fastcgi.conf create mode 100644 cn.yimian.xyz/nginx/fastcgi_params create mode 100644 cn.yimian.xyz/nginx/mime.types create mode 100644 cn.yimian.xyz/nginx/nginx.conf create mode 100644 cn.yimian.xyz/nginx/nginx.conf.b create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/acg.watch.conf create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/eee.dog.conf create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/home.yimian.xyz.conf create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/img.yimian.xyz.conf create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/img.yimian.xyz.conf.docker create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/imgbed.yimian.xyz.conf create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/iotcat.me.conf create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/log.yimian.xyz.conf create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/onedrive.yimian.xyz.conf create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/pay.yimian.xyz.conf create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/session.yimian.xyz.conf create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/share.yimian.xyz.conf create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/shorturl.yimian.xyz.conf create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/ushio.cool.conf create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/www.eee.dog.conf create mode 100644 cn2.yimian.xyz/nginx/conf.d.b/yimian.xyz.conf create mode 100644 cn2.yimian.xyz/nginx/default.d/cache.conf create mode 100644 cn2.yimian.xyz/nginx/default.d/favicon.conf create mode 100644 cn2.yimian.xyz/nginx/default.d/hsts.conf create mode 100644 cn2.yimian.xyz/nginx/default.d/php.conf create mode 100644 cn2.yimian.xyz/nginx/default.d/wp-supercache.conf.b create mode 100644 cn2.yimian.xyz/nginx/fastcgi.conf create mode 100644 cn2.yimian.xyz/nginx/fastcgi_params create mode 100644 cn2.yimian.xyz/nginx/mime.types create mode 100644 cn2.yimian.xyz/nginx/nginx.conf create mode 100644 cn2.yimian.xyz/nginx/nginx.conf.b create mode 100644 home.yimian.xyz/nginx/conf.d/home.yimian.xyz.conf create mode 100644 home.yimian.xyz/nginx/conf.d/ushio.cool.conf create mode 100644 home.yimian.xyz/nginx/conf.d/v-china.yimian.xyz.conf create mode 100644 home.yimian.xyz/nginx/default.d/cache.conf create mode 100644 home.yimian.xyz/nginx/default.d/favicon.conf create mode 100644 home.yimian.xyz/nginx/default.d/hsts.conf create mode 100644 home.yimian.xyz/nginx/default.d/php.conf create mode 100644 home.yimian.xyz/nginx/default.d/wp-supercache.conf.b create mode 100644 home.yimian.xyz/nginx/fastcgi.conf create mode 100644 home.yimian.xyz/nginx/fastcgi_params create mode 100644 home.yimian.xyz/nginx/mime.types create mode 100644 home.yimian.xyz/nginx/nginx.conf create mode 100644 home.yimian.xyz/nginx/nginx.conf.b create mode 100644 jp.yimian.xyz/nginx/conf.d/blog.conf create mode 100644 jp.yimian.xyz/nginx/mime.types create mode 100644 jp.yimian.xyz/nginx/nginx.conf create mode 100644 uk.yimian.xyz/nginx/conf.d/acg.watch.conf.bck create mode 100644 uk.yimian.xyz/nginx/conf.d/imgbed.yimian.xyz.conf.bck create mode 100644 uk.yimian.xyz/nginx/conf.d/iotcat.me.conf create mode 100644 uk.yimian.xyz/nginx/conf.d/onedrive.yimian.xyz.conf create mode 100644 uk.yimian.xyz/nginx/conf.d/session.yimian.xyz.conf create mode 100644 uk.yimian.xyz/nginx/conf.d/share.yimian.xyz.conf.bck create mode 100644 uk.yimian.xyz/nginx/conf.d/ushio.cool.conf create mode 100644 uk.yimian.xyz/nginx/conf.d/www.eee.dog.conf.bck create mode 100644 uk.yimian.xyz/nginx/default.d/cache.conf create mode 100644 uk.yimian.xyz/nginx/default.d/favicon.conf create mode 100644 uk.yimian.xyz/nginx/default.d/hsts.conf create mode 100644 uk.yimian.xyz/nginx/default.d/php.conf create mode 100644 uk.yimian.xyz/nginx/default.d/wp-supercache.conf.b create mode 100644 uk.yimian.xyz/nginx/fastcgi.conf create mode 100644 uk.yimian.xyz/nginx/fastcgi_params create mode 100644 uk.yimian.xyz/nginx/mime.types create mode 100644 uk.yimian.xyz/nginx/nginx.conf create mode 100644 uk.yimian.xyz/nginx/nginx.conf.b create mode 100644 usa.yimian.xyz/nginx/conf.d/acg.watch.conf.bck create mode 100644 usa.yimian.xyz/nginx/conf.d/docker.yimian.xyz.conf create mode 100644 usa.yimian.xyz/nginx/conf.d/home.yimian.xyz.conf create mode 100644 usa.yimian.xyz/nginx/conf.d/imgbed.yimian.xyz.conf.bck create mode 100644 usa.yimian.xyz/nginx/conf.d/iotcat.me.conf create mode 100644 usa.yimian.xyz/nginx/conf.d/onedrive.yimian.xyz.conf create mode 100644 usa.yimian.xyz/nginx/conf.d/proxy.yimian.xyz.conf create mode 100644 usa.yimian.xyz/nginx/conf.d/redrange.me.conf create mode 100644 usa.yimian.xyz/nginx/conf.d/session.yimian.xyz.conf create mode 100644 usa.yimian.xyz/nginx/conf.d/share.yimian.xyz.conf.bck create mode 100644 usa.yimian.xyz/nginx/conf.d/ushio.cool.conf create mode 100644 usa.yimian.xyz/nginx/conf.d/v-china.yimian.xyz.conf create mode 100644 usa.yimian.xyz/nginx/conf.d/vmess.yimian.xyz.conf create mode 100644 usa.yimian.xyz/nginx/conf.d/www.eee.dog.conf.bck create mode 100644 usa.yimian.xyz/nginx/default.d/cache.conf create mode 100644 usa.yimian.xyz/nginx/default.d/favicon.conf create mode 100644 usa.yimian.xyz/nginx/default.d/hsts.conf create mode 100644 usa.yimian.xyz/nginx/default.d/php.conf create mode 100644 usa.yimian.xyz/nginx/default.d/wp-supercache.conf.b create mode 100644 usa.yimian.xyz/nginx/fastcgi.conf create mode 100644 usa.yimian.xyz/nginx/fastcgi_params create mode 100644 usa.yimian.xyz/nginx/mime.types create mode 100644 usa.yimian.xyz/nginx/nginx.conf create mode 100644 usa.yimian.xyz/nginx/nginx.conf.b diff --git a/cn.yimian.xyz/nginx/conf.d/acg.watch.conf b/cn.yimian.xyz/nginx/conf.d/acg.watch.conf new file mode 100644 index 0000000..2e3a1cb --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/acg.watch.conf @@ -0,0 +1,46 @@ +server { + listen 80; + listen [::]:80; + server_name acg.watch; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + #listen 80; + #listen [::]:80; + listen 443 ssl; + + server_name acg.watch; + root /home/www/acg.watch; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/acg.watch/acg.watch.crt; #2 + ssl_certificate_key /mnt/config/ssl/acg.watch/acg.watch.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + #error_page 404 = /404.php; + +# rewrite ^(.*)$ https://www.$host$1 permanent; + + # Load configuration files for the default server block. + include /etc/cn.yimian.xyz/nginx/default.d/*.conf; + +# if (-f $request_filename/index.html){ rewrite (.*) $1/index.html break; } +# if (-f $request_filename/index.php){ rewrite (.*) $1/index.php; } +# if (!-f $request_filename){ rewrite (.*) /index.php; } +# if (!-e $request_filename) { rewrite ^(.*)$ /index.php$1 last; } + + location /api/ { + proxy_pass http://acg.watch-api:30080; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/api.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/api.yimian.xyz.conf new file mode 100644 index 0000000..b8b76ce --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/api.yimian.xyz.conf @@ -0,0 +1,76 @@ +server { + listen 80; + #listen [::]:80; + server_name api.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name api.yimian.xyz; + root /home/www/api; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + + + # history reason redirect + location = /getImgNum.php { + add_header Access-Control-Allow-Origin *; + return 301 https://api.yimian.xyz/img/getImgNum.php; + } + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + location ^~ /coro/ { + proxy_pass http://coro-api:17676/; + } + location ^~ /todo-ddl/ { + proxy_pass http://todo-ddl-api:13233/; + } + + location ^~ /upload/ { + proxy_pass http://upload-api:3000/; + #proxy_method POST; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-NginX-Proxy true; + proxy_ssl_session_reuse off; + proxy_set_header Host $http_host; + proxy_cache_bypass $http_upgrade; + proxy_redirect off; + } + + + + location ^~ /danmaku/ { + proxy_pass http://danmaku-api:1207/; + proxy_connect_timeout 300s; + proxy_send_timeout 300s; + proxy_read_timeout 300s; + } + + + + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/auth.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/auth.yimian.xyz.conf new file mode 100644 index 0000000..3bfdfcc --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/auth.yimian.xyz.conf @@ -0,0 +1,43 @@ +server { + listen 80; + #listen [::]:80; + server_name auth.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name auth.yimian.xyz; + root /home/www/auth; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + location / { + proxy_cookie_path / "/; secure; SameSite=None"; + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/eee.dog.conf b/cn.yimian.xyz/nginx/conf.d/eee.dog.conf new file mode 100644 index 0000000..5c687ed --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/eee.dog.conf @@ -0,0 +1,29 @@ +server { + listen 80; + listen [::]:80; + server_name eee.dog; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + #listen 80; + #listen [::]:80; + listen 443 ssl; + + server_name eee.dog; + + ssl_certificate /mnt/config/ssl/eee.dog/eee.dog.crt; #2 + ssl_certificate_key /mnt/config/ssl/eee.dog/eee.dog.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + #error_page 404 = /404.php; + +location / { + rewrite ^(.*)$ https://shorturl.yimian.xyz/s/index.php?s=$1 last; + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/home.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/home.yimian.xyz.conf new file mode 100644 index 0000000..a79bb7f --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/home.yimian.xyz.conf @@ -0,0 +1,25 @@ +server { + listen 80; + #listen [::]:80; + server_name home.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name home.yimian.xyz; + client_max_body_size 9000M; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location / { + proxy_pass http://frp:4480; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/img.yimian.xyz.conf.dead b/cn.yimian.xyz/nginx/conf.d/img.yimian.xyz.conf.dead new file mode 100644 index 0000000..a4faabd --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/img.yimian.xyz.conf.dead @@ -0,0 +1,45 @@ +server { + listen 80; + #listen [::]:80; + server_name img.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name img.yimian.xyz; + root /home/www/img; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + location / { + if (-f $request_filename/index.html){ + rewrite (.*) $1/index.html break; + } + if (-f $request_filename/index.php){ + rewrite (.*) $1/index.php; + } + if (!-f $request_filename){ + rewrite (.*) /index.php; + } + } + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + + +} diff --git a/cn.yimian.xyz/nginx/conf.d/imgbed.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/imgbed.yimian.xyz.conf new file mode 100644 index 0000000..348cca2 --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/imgbed.yimian.xyz.conf @@ -0,0 +1,42 @@ +server { + listen 80; + #listen [::]:80; + server_name imgbed.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name imgbed.yimian.xyz; + root /home/www/imgbed; + index index.php index.html; + client_max_body_size 50m; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/iotcat.me.conf b/cn.yimian.xyz/nginx/conf.d/iotcat.me.conf new file mode 100644 index 0000000..b3b033c --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/iotcat.me.conf @@ -0,0 +1,30 @@ +server { + listen 80; + #listen [::]:80; + server_name iotcat.me www.iotcat.me; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name iotcat.me www.iotcat.me; + root /home/www/iotcat.me; + index index.html; + + ssl_certificate /mnt/config/ssl/iotcat.me/iotcat.me.crt; #2 + ssl_certificate_key /mnt/config/ssl/iotcat.me/iotcat.me.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + +} diff --git a/cn.yimian.xyz/nginx/conf.d/log.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/log.yimian.xyz.conf new file mode 100644 index 0000000..bf239b2 --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/log.yimian.xyz.conf @@ -0,0 +1,41 @@ +server { + listen 80; + #listen [::]:80; + server_name log.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name log.yimian.xyz; + root /home/www/log; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/login.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/login.yimian.xyz.conf new file mode 100644 index 0000000..b9deb4b --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/login.yimian.xyz.conf @@ -0,0 +1,41 @@ +server { + listen 80; + #listen [::]:80; + server_name login.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name login.yimian.xyz; + root /home/www/login; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/mksec.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/mksec.yimian.xyz.conf new file mode 100644 index 0000000..81aca09 --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/mksec.yimian.xyz.conf @@ -0,0 +1,29 @@ +server { + listen 80; + #listen [::]:80; + server_name mksec.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name mksec.yimian.xyz; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + + + location / { + proxy_pass http://mksec:3000/; + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/monitor.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/monitor.yimian.xyz.conf new file mode 100644 index 0000000..e92f275 --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/monitor.yimian.xyz.conf @@ -0,0 +1,30 @@ +server { + listen 80; + #listen [::]:80; + server_name monitor.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name monitor.yimian.xyz; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + + location / { + proxy_pass http://serverstatus:80/; + } + + +} diff --git a/cn.yimian.xyz/nginx/conf.d/onedrive.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/onedrive.yimian.xyz.conf new file mode 100644 index 0000000..dc736ce --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/onedrive.yimian.xyz.conf @@ -0,0 +1,25 @@ +server { + listen 80; + #listen [::]:80; + server_name onedrive.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name onedrive.yimian.xyz; + client_max_body_size 9000M; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location / { + proxy_pass http://oneindex:80; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/pay.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/pay.yimian.xyz.conf new file mode 100644 index 0000000..7d5cd6e --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/pay.yimian.xyz.conf @@ -0,0 +1,34 @@ +server { + listen 80; + #listen [::]:80; + server_name pay.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name pay.yimian.xyz; + root /home/www/pay; + index index.php index.html; + client_max_body_size 50m; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + location / { + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/session.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/session.yimian.xyz.conf new file mode 100644 index 0000000..fb691a2 --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/session.yimian.xyz.conf @@ -0,0 +1,69 @@ +server { + listen 80; + #listen [::]:80; + server_name session.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name session.yimian.xyz; + #root /home/www/session/; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + + location ^~ /php/ { + root /home/www/session/; + try_files $uri =404; + fastcgi_pass php-fpm:9000; + + fastcgi_pass_request_body off; + client_body_in_file_only clean; + fastcgi_param REQUEST_BODY_FILE $request_body_file; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_keep_conn on; + } + + location ^~ /websocket/ { + +# add_header Access-Control-Allow-Origin *; +# add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS'; +# add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization'; +# if ($request_method = 'OPTIONS') { +# return 204; +# } + + proxy_pass http://session:21514/; + proxy_read_timeout 300s; + proxy_send_timeout 300s; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + } + + + location / { + +# add_header Access-Control-Allow-Origin *; +# add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS'; +# add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization'; +# if ($request_method = 'OPTIONS') { +# return 204; +# } + + proxy_pass http://session:21513/; + } + + + +} + diff --git a/cn.yimian.xyz/nginx/conf.d/share.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/share.yimian.xyz.conf new file mode 100644 index 0000000..e57fb6b --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/share.yimian.xyz.conf @@ -0,0 +1,42 @@ +server { + listen 80; + #listen [::]:80; + server_name share.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name share.yimian.xyz; + root /home/www/filebed; + index index.php index.html; + client_max_body_size 50m; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/shorturl.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/shorturl.yimian.xyz.conf new file mode 100644 index 0000000..b61290e --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/shorturl.yimian.xyz.conf @@ -0,0 +1,29 @@ +server { + listen 80; + #listen [::]:80; + server_name shorturl.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + #listen 80; + #listen [::]:80; + listen 443 ssl; + + server_name shorturl.yimian.xyz; + root /home/www/shorturl; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + #error_page 404 = /404.php; + + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; +} diff --git a/cn.yimian.xyz/nginx/conf.d/user.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/user.yimian.xyz.conf new file mode 100644 index 0000000..2ca1bf4 --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/user.yimian.xyz.conf @@ -0,0 +1,34 @@ +server { + listen 80; + #listen [::]:80; + server_name user.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name user.yimian.xyz; + root /home/www/user; + index index.php index.html; + client_max_body_size 50m; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + location / { + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/ushio-win.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/ushio-win.yimian.xyz.conf new file mode 100644 index 0000000..e7e19e2 --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/ushio-win.yimian.xyz.conf @@ -0,0 +1,42 @@ +server { + listen 80; + #listen [::]:80; + server_name ushio-win.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name ushio-win.yimian.xyz; + root /home/www/ushio-win-server; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + + location / { + proxy_pass http://ushio-win-server:13432; + } + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/ushio.cool.conf b/cn.yimian.xyz/nginx/conf.d/ushio.cool.conf new file mode 100644 index 0000000..3e59d81 --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/ushio.cool.conf @@ -0,0 +1,32 @@ +server { + listen 80; + #listen [::]:80; + server_name ushio.cool www.ushio.cool; + rewrite ^(.*)$ https://ushio.cool$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name ushio.cool; + root /mnt/html/ushio; + index index.html; + + ssl_certificate /mnt/config/ssl/ushio.cool/ushio.cool.crt; #2 + ssl_certificate_key /mnt/config/ssl/ushio.cool/ushio.cool.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + +} diff --git a/cn.yimian.xyz/nginx/conf.d/v2ray.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/v2ray.yimian.xyz.conf new file mode 100644 index 0000000..302098c --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/v2ray.yimian.xyz.conf @@ -0,0 +1,34 @@ +server { + listen 80; + #listen [::]:80; + server_name v2ray.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name v2ray.yimian.xyz; + root /home/www/v2ray; + index index.php index.html; + client_max_body_size 50m; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + location / { + } +} diff --git a/cn.yimian.xyz/nginx/conf.d/wanzongbiz.com.conf b/cn.yimian.xyz/nginx/conf.d/wanzongbiz.com.conf new file mode 100644 index 0000000..8f29156 --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/wanzongbiz.com.conf @@ -0,0 +1,15 @@ + +server { + listen 80; + listen [::]:80; + #listen 443 ssl; + + server_name wanzongbiz.com www.wanzongbiz.com; + root /home/www/wanzongbiz; + index index.html; + + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + +} diff --git a/cn.yimian.xyz/nginx/conf.d/wiot-ota.yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/wiot-ota.yimian.xyz.conf new file mode 100644 index 0000000..72a2792 --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/wiot-ota.yimian.xyz.conf @@ -0,0 +1,28 @@ +server { + listen 80; + #listen [::]:80; + server_name wiot-ota.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name wiot-ota.yimian.xyz; + root /home/www/wiot; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; +} diff --git a/cn.yimian.xyz/nginx/conf.d/www.eee.dog.conf b/cn.yimian.xyz/nginx/conf.d/www.eee.dog.conf new file mode 100644 index 0000000..a015d46 --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/www.eee.dog.conf @@ -0,0 +1,39 @@ +server { + listen 80; + #listen [::]:80; + server_name www.eee.dog; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + #listen 80; + #listen [::]:80; + listen 443 ssl; + + server_name www.eee.dog; + root /home/www/blog; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/eee.dog/eee.dog.crt; #2 + ssl_certificate_key /mnt/config/ssl/eee.dog/eee.dog.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + #error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + if (-f $request_filename/index.html){ rewrite (.*) $1/index.html break; } + if (-f $request_filename/index.php){ rewrite (.*) $1/index.php; } + if (!-f $request_filename){ rewrite (.*) /index.php; } + if (!-e $request_filename) { rewrite ^(.*)$ /index.php$1 last; } + + location / { + } + +} diff --git a/cn.yimian.xyz/nginx/conf.d/yimian.xyz.conf b/cn.yimian.xyz/nginx/conf.d/yimian.xyz.conf new file mode 100644 index 0000000..ac3e056 --- /dev/null +++ b/cn.yimian.xyz/nginx/conf.d/yimian.xyz.conf @@ -0,0 +1,30 @@ +server { + listen 80; + #listen [::]:80; + server_name yimian.xyz www.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name yimian.xyz www.yimian.xyz; + root /home/www/yimian.xyz; + index index.html; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + +} diff --git a/cn.yimian.xyz/nginx/default.d/cache.conf b/cn.yimian.xyz/nginx/default.d/cache.conf new file mode 100644 index 0000000..ba59f57 --- /dev/null +++ b/cn.yimian.xyz/nginx/default.d/cache.conf @@ -0,0 +1,13 @@ +location ~* ^.+\.(ico|gif|jpg|jpeg|png)$ { + access_log off; + expires 30d; +} + +location ~* ^.+\.(css|js|txt|xml|swf|wav)$ { + access_log off; + expires 24h; +} + +location ~* ^.+\.(html|htm)$ { + expires 1h; +} diff --git a/cn.yimian.xyz/nginx/default.d/favicon.conf b/cn.yimian.xyz/nginx/default.d/favicon.conf new file mode 100644 index 0000000..de48afc --- /dev/null +++ b/cn.yimian.xyz/nginx/default.d/favicon.conf @@ -0,0 +1,3 @@ +location = /favicon.ico { + #proxy_pass https://cdn.yimian.xyz/img/head/head3r.ico; +} diff --git a/cn.yimian.xyz/nginx/default.d/hsts.conf b/cn.yimian.xyz/nginx/default.d/hsts.conf new file mode 100644 index 0000000..c3b0734 --- /dev/null +++ b/cn.yimian.xyz/nginx/default.d/hsts.conf @@ -0,0 +1 @@ +add_header Strict-Transport-Security "max-age=31536000"; diff --git a/cn.yimian.xyz/nginx/default.d/php.conf b/cn.yimian.xyz/nginx/default.d/php.conf new file mode 100644 index 0000000..9a20984 --- /dev/null +++ b/cn.yimian.xyz/nginx/default.d/php.conf @@ -0,0 +1,13 @@ +location ~ \.php$ { + try_files $uri =404; + fastcgi_pass php-fpm:9000; + + fastcgi_pass_request_body off; + client_body_in_file_only clean; + fastcgi_param REQUEST_BODY_FILE $request_body_file; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_keep_conn on; +} diff --git a/cn.yimian.xyz/nginx/default.d/wp-supercache.conf.b b/cn.yimian.xyz/nginx/default.d/wp-supercache.conf.b new file mode 100644 index 0000000..5142de5 --- /dev/null +++ b/cn.yimian.xyz/nginx/default.d/wp-supercache.conf.b @@ -0,0 +1,20 @@ +set $cache_uri $request_uri; + +if ($request_method = POST) { + set $cache_uri 'null cache'; + } + +if ($query_string != "") { + set $cache_uri 'null cache'; + } +if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args ; + } diff --git a/cn.yimian.xyz/nginx/fastcgi.conf b/cn.yimian.xyz/nginx/fastcgi.conf new file mode 100644 index 0000000..091738c --- /dev/null +++ b/cn.yimian.xyz/nginx/fastcgi.conf @@ -0,0 +1,26 @@ + +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/cn.yimian.xyz/nginx/fastcgi_params b/cn.yimian.xyz/nginx/fastcgi_params new file mode 100644 index 0000000..28decb9 --- /dev/null +++ b/cn.yimian.xyz/nginx/fastcgi_params @@ -0,0 +1,25 @@ + +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/cn.yimian.xyz/nginx/mime.types b/cn.yimian.xyz/nginx/mime.types new file mode 100644 index 0000000..2961256 --- /dev/null +++ b/cn.yimian.xyz/nginx/mime.types @@ -0,0 +1,97 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/cn.yimian.xyz/nginx/nginx.conf b/cn.yimian.xyz/nginx/nginx.conf new file mode 100644 index 0000000..738936c --- /dev/null +++ b/cn.yimian.xyz/nginx/nginx.conf @@ -0,0 +1,63 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /run/nginx.pid; + +# Load dynamic modules. See /usr/share/nginx/README.dynamic. +include /usr/share/nginx/modules/*.conf; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + #tcp_nopush on; + #tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + client_max_body_size 5000m; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + include /mnt/etc/cn.yimian.xyz/nginx/conf.d/*.conf; + + server { + + listen 80 default_server; + listen [::]:80 default_server; + listen 443 ssl http2 default_server; + listen [::]:443 ssl http2 default_server; + server_name _; + + ssl_certificate "/mnt/config/ssl/yimian.xyz/yimian.xyz.crt"; + ssl_certificate_key "/mnt/config/ssl/yimian.xyz/yimian.xyz.key"; + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 10m; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + location / { + rewrite ^(.*)$ https://ushio.cool/; + } + } + +} diff --git a/cn.yimian.xyz/nginx/nginx.conf.b b/cn.yimian.xyz/nginx/nginx.conf.b new file mode 100644 index 0000000..07afa7c --- /dev/null +++ b/cn.yimian.xyz/nginx/nginx.conf.b @@ -0,0 +1,117 @@ + +user nginx; +worker_processes 1; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid /run/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + + #gzip on; + + server { + listen 80; + server_name localhost; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + location / { + root html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} + } + + + # another virtual host using mix of IP-, name-, and port-based configuration + # + #server { + # listen 8000; + # listen somename:8080; + # server_name somename alias another.alias; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + + + # HTTPS server + # + #server { + # listen 443 ssl; + # server_name localhost; + + # ssl_certificate cert.pem; + # ssl_certificate_key cert.key; + + # ssl_session_cache shared:SSL:1m; + # ssl_session_timeout 5m; + + # ssl_ciphers HIGH:!aNULL:!MD5; + # ssl_prefer_server_ciphers on; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/acg.watch.conf b/cn2.yimian.xyz/nginx/conf.d.b/acg.watch.conf new file mode 100644 index 0000000..2e3a1cb --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/acg.watch.conf @@ -0,0 +1,46 @@ +server { + listen 80; + listen [::]:80; + server_name acg.watch; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + #listen 80; + #listen [::]:80; + listen 443 ssl; + + server_name acg.watch; + root /home/www/acg.watch; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/acg.watch/acg.watch.crt; #2 + ssl_certificate_key /mnt/config/ssl/acg.watch/acg.watch.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + #error_page 404 = /404.php; + +# rewrite ^(.*)$ https://www.$host$1 permanent; + + # Load configuration files for the default server block. + include /etc/cn.yimian.xyz/nginx/default.d/*.conf; + +# if (-f $request_filename/index.html){ rewrite (.*) $1/index.html break; } +# if (-f $request_filename/index.php){ rewrite (.*) $1/index.php; } +# if (!-f $request_filename){ rewrite (.*) /index.php; } +# if (!-e $request_filename) { rewrite ^(.*)$ /index.php$1 last; } + + location /api/ { + proxy_pass http://acg.watch-api:30080; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/eee.dog.conf b/cn2.yimian.xyz/nginx/conf.d.b/eee.dog.conf new file mode 100644 index 0000000..6b9b00a --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/eee.dog.conf @@ -0,0 +1,29 @@ +server { + listen 80; + listen [::]:80; + server_name eee.dog; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + #listen 80; + #listen [::]:80; + listen 443 ssl; + + server_name eee.dog; + + ssl_certificate /mnt/config/ssl/eee.dog/eee.dog.crt; #2 + ssl_certificate_key /mnt/config/ssl/eee.dog/eee.dog.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + #error_page 404 = /404.php; + +location / { + rewrite ^(.*)$ https://shorturl.yimian.xyz/index.php?s=$1 last; + } +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/home.yimian.xyz.conf b/cn2.yimian.xyz/nginx/conf.d.b/home.yimian.xyz.conf new file mode 100644 index 0000000..a79bb7f --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/home.yimian.xyz.conf @@ -0,0 +1,25 @@ +server { + listen 80; + #listen [::]:80; + server_name home.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name home.yimian.xyz; + client_max_body_size 9000M; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location / { + proxy_pass http://frp:4480; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/img.yimian.xyz.conf b/cn2.yimian.xyz/nginx/conf.d.b/img.yimian.xyz.conf new file mode 100644 index 0000000..a9f062a --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/img.yimian.xyz.conf @@ -0,0 +1,49 @@ +server { + listen 80; + #listen [::]:80; + server_name img.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name img.yimian.xyz; + root /home/www/img; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + add_header Cache-Control no-store; + + if (-f $request_filename/index.html){ rewrite (.*) $1/index.html break; } + if (-f $request_filename/index.php){ rewrite (.*) $1/index.php; } + if (!-f $request_filename){ rewrite (.*) /index.php; } + if (!-e $request_filename) { rewrite ^(.*)$ /index.php$1 last; } + + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/img.yimian.xyz.conf.docker b/cn2.yimian.xyz/nginx/conf.d.b/img.yimian.xyz.conf.docker new file mode 100644 index 0000000..dea46b9 --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/img.yimian.xyz.conf.docker @@ -0,0 +1,44 @@ +server { + listen 80; + #listen [::]:80; + server_name img.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name img.yimian.xyz; + root /home/www/img; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + #include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + location ^~ / { + proxy_pass http://127.0.0.1:5580/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + + } + + + + +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/imgbed.yimian.xyz.conf b/cn2.yimian.xyz/nginx/conf.d.b/imgbed.yimian.xyz.conf new file mode 100644 index 0000000..348cca2 --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/imgbed.yimian.xyz.conf @@ -0,0 +1,42 @@ +server { + listen 80; + #listen [::]:80; + server_name imgbed.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name imgbed.yimian.xyz; + root /home/www/imgbed; + index index.php index.html; + client_max_body_size 50m; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/iotcat.me.conf b/cn2.yimian.xyz/nginx/conf.d.b/iotcat.me.conf new file mode 100644 index 0000000..b3b033c --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/iotcat.me.conf @@ -0,0 +1,30 @@ +server { + listen 80; + #listen [::]:80; + server_name iotcat.me www.iotcat.me; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name iotcat.me www.iotcat.me; + root /home/www/iotcat.me; + index index.html; + + ssl_certificate /mnt/config/ssl/iotcat.me/iotcat.me.crt; #2 + ssl_certificate_key /mnt/config/ssl/iotcat.me/iotcat.me.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/log.yimian.xyz.conf b/cn2.yimian.xyz/nginx/conf.d.b/log.yimian.xyz.conf new file mode 100644 index 0000000..bf239b2 --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/log.yimian.xyz.conf @@ -0,0 +1,41 @@ +server { + listen 80; + #listen [::]:80; + server_name log.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name log.yimian.xyz; + root /home/www/log; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/onedrive.yimian.xyz.conf b/cn2.yimian.xyz/nginx/conf.d.b/onedrive.yimian.xyz.conf new file mode 100644 index 0000000..dc736ce --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/onedrive.yimian.xyz.conf @@ -0,0 +1,25 @@ +server { + listen 80; + #listen [::]:80; + server_name onedrive.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name onedrive.yimian.xyz; + client_max_body_size 9000M; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location / { + proxy_pass http://oneindex:80; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/pay.yimian.xyz.conf b/cn2.yimian.xyz/nginx/conf.d.b/pay.yimian.xyz.conf new file mode 100644 index 0000000..7d5cd6e --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/pay.yimian.xyz.conf @@ -0,0 +1,34 @@ +server { + listen 80; + #listen [::]:80; + server_name pay.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name pay.yimian.xyz; + root /home/www/pay; + index index.php index.html; + client_max_body_size 50m; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + location / { + } +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/session.yimian.xyz.conf b/cn2.yimian.xyz/nginx/conf.d.b/session.yimian.xyz.conf new file mode 100644 index 0000000..7841075 --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/session.yimian.xyz.conf @@ -0,0 +1,35 @@ +server { + listen 80; + #listen [::]:80; + server_name session.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name session.yimian.xyz; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location ^~ /websocket/ { + proxy_pass http://session:21514/; + proxy_read_timeout 300s; + proxy_send_timeout 300s; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + } + + location / { + proxy_pass http://session:21513/; + } + + + +} + diff --git a/cn2.yimian.xyz/nginx/conf.d.b/share.yimian.xyz.conf b/cn2.yimian.xyz/nginx/conf.d.b/share.yimian.xyz.conf new file mode 100644 index 0000000..e57fb6b --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/share.yimian.xyz.conf @@ -0,0 +1,42 @@ +server { + listen 80; + #listen [::]:80; + server_name share.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name share.yimian.xyz; + root /home/www/filebed; + index index.php index.html; + client_max_body_size 50m; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/shorturl.yimian.xyz.conf b/cn2.yimian.xyz/nginx/conf.d.b/shorturl.yimian.xyz.conf new file mode 100644 index 0000000..b61290e --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/shorturl.yimian.xyz.conf @@ -0,0 +1,29 @@ +server { + listen 80; + #listen [::]:80; + server_name shorturl.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + #listen 80; + #listen [::]:80; + listen 443 ssl; + + server_name shorturl.yimian.xyz; + root /home/www/shorturl; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + #error_page 404 = /404.php; + + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/ushio.cool.conf b/cn2.yimian.xyz/nginx/conf.d.b/ushio.cool.conf new file mode 100644 index 0000000..3e59d81 --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/ushio.cool.conf @@ -0,0 +1,32 @@ +server { + listen 80; + #listen [::]:80; + server_name ushio.cool www.ushio.cool; + rewrite ^(.*)$ https://ushio.cool$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name ushio.cool; + root /mnt/html/ushio; + index index.html; + + ssl_certificate /mnt/config/ssl/ushio.cool/ushio.cool.crt; #2 + ssl_certificate_key /mnt/config/ssl/ushio.cool/ushio.cool.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/www.eee.dog.conf b/cn2.yimian.xyz/nginx/conf.d.b/www.eee.dog.conf new file mode 100644 index 0000000..a015d46 --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/www.eee.dog.conf @@ -0,0 +1,39 @@ +server { + listen 80; + #listen [::]:80; + server_name www.eee.dog; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + #listen 80; + #listen [::]:80; + listen 443 ssl; + + server_name www.eee.dog; + root /home/www/blog; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/eee.dog/eee.dog.crt; #2 + ssl_certificate_key /mnt/config/ssl/eee.dog/eee.dog.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + #error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + + if (-f $request_filename/index.html){ rewrite (.*) $1/index.html break; } + if (-f $request_filename/index.php){ rewrite (.*) $1/index.php; } + if (!-f $request_filename){ rewrite (.*) /index.php; } + if (!-e $request_filename) { rewrite ^(.*)$ /index.php$1 last; } + + location / { + } + +} diff --git a/cn2.yimian.xyz/nginx/conf.d.b/yimian.xyz.conf b/cn2.yimian.xyz/nginx/conf.d.b/yimian.xyz.conf new file mode 100644 index 0000000..ac3e056 --- /dev/null +++ b/cn2.yimian.xyz/nginx/conf.d.b/yimian.xyz.conf @@ -0,0 +1,30 @@ +server { + listen 80; + #listen [::]:80; + server_name yimian.xyz www.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name yimian.xyz www.yimian.xyz; + root /home/www/yimian.xyz; + index index.html; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + + # Load configuration files for the default server block. + include /mnt/etc/cn.yimian.xyz/nginx/default.d/*.conf; + +} diff --git a/cn2.yimian.xyz/nginx/default.d/cache.conf b/cn2.yimian.xyz/nginx/default.d/cache.conf new file mode 100644 index 0000000..ba59f57 --- /dev/null +++ b/cn2.yimian.xyz/nginx/default.d/cache.conf @@ -0,0 +1,13 @@ +location ~* ^.+\.(ico|gif|jpg|jpeg|png)$ { + access_log off; + expires 30d; +} + +location ~* ^.+\.(css|js|txt|xml|swf|wav)$ { + access_log off; + expires 24h; +} + +location ~* ^.+\.(html|htm)$ { + expires 1h; +} diff --git a/cn2.yimian.xyz/nginx/default.d/favicon.conf b/cn2.yimian.xyz/nginx/default.d/favicon.conf new file mode 100644 index 0000000..de48afc --- /dev/null +++ b/cn2.yimian.xyz/nginx/default.d/favicon.conf @@ -0,0 +1,3 @@ +location = /favicon.ico { + #proxy_pass https://cdn.yimian.xyz/img/head/head3r.ico; +} diff --git a/cn2.yimian.xyz/nginx/default.d/hsts.conf b/cn2.yimian.xyz/nginx/default.d/hsts.conf new file mode 100644 index 0000000..c3b0734 --- /dev/null +++ b/cn2.yimian.xyz/nginx/default.d/hsts.conf @@ -0,0 +1 @@ +add_header Strict-Transport-Security "max-age=31536000"; diff --git a/cn2.yimian.xyz/nginx/default.d/php.conf b/cn2.yimian.xyz/nginx/default.d/php.conf new file mode 100644 index 0000000..9a20984 --- /dev/null +++ b/cn2.yimian.xyz/nginx/default.d/php.conf @@ -0,0 +1,13 @@ +location ~ \.php$ { + try_files $uri =404; + fastcgi_pass php-fpm:9000; + + fastcgi_pass_request_body off; + client_body_in_file_only clean; + fastcgi_param REQUEST_BODY_FILE $request_body_file; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_keep_conn on; +} diff --git a/cn2.yimian.xyz/nginx/default.d/wp-supercache.conf.b b/cn2.yimian.xyz/nginx/default.d/wp-supercache.conf.b new file mode 100644 index 0000000..5142de5 --- /dev/null +++ b/cn2.yimian.xyz/nginx/default.d/wp-supercache.conf.b @@ -0,0 +1,20 @@ +set $cache_uri $request_uri; + +if ($request_method = POST) { + set $cache_uri 'null cache'; + } + +if ($query_string != "") { + set $cache_uri 'null cache'; + } +if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args ; + } diff --git a/cn2.yimian.xyz/nginx/fastcgi.conf b/cn2.yimian.xyz/nginx/fastcgi.conf new file mode 100644 index 0000000..091738c --- /dev/null +++ b/cn2.yimian.xyz/nginx/fastcgi.conf @@ -0,0 +1,26 @@ + +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/cn2.yimian.xyz/nginx/fastcgi_params b/cn2.yimian.xyz/nginx/fastcgi_params new file mode 100644 index 0000000..28decb9 --- /dev/null +++ b/cn2.yimian.xyz/nginx/fastcgi_params @@ -0,0 +1,25 @@ + +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/cn2.yimian.xyz/nginx/mime.types b/cn2.yimian.xyz/nginx/mime.types new file mode 100644 index 0000000..2961256 --- /dev/null +++ b/cn2.yimian.xyz/nginx/mime.types @@ -0,0 +1,97 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/cn2.yimian.xyz/nginx/nginx.conf b/cn2.yimian.xyz/nginx/nginx.conf new file mode 100644 index 0000000..ba7aa73 --- /dev/null +++ b/cn2.yimian.xyz/nginx/nginx.conf @@ -0,0 +1,63 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /run/nginx.pid; + +# Load dynamic modules. See /usr/share/nginx/README.dynamic. +include /usr/share/nginx/modules/*.conf; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + #tcp_nopush on; + #tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + client_max_body_size 5000m; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + + server { + + listen 80 default_server; + listen [::]:80 default_server; + listen 443 ssl http2 default_server; + listen [::]:443 ssl http2 default_server; + server_name _; + + ssl_certificate "/mnt/config/ssl/yimian.xyz/yimian.xyz.crt"; + ssl_certificate_key "/mnt/config/ssl/yimian.xyz/yimian.xyz.key"; + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 10m; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + location / { + rewrite ^(.*)$ https://ushio.cool/; + } + } + + include /mnt/etc/cn.yimian.xyz/nginx/conf.d/*.conf; +} diff --git a/cn2.yimian.xyz/nginx/nginx.conf.b b/cn2.yimian.xyz/nginx/nginx.conf.b new file mode 100644 index 0000000..07afa7c --- /dev/null +++ b/cn2.yimian.xyz/nginx/nginx.conf.b @@ -0,0 +1,117 @@ + +user nginx; +worker_processes 1; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid /run/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + + #gzip on; + + server { + listen 80; + server_name localhost; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + location / { + root html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} + } + + + # another virtual host using mix of IP-, name-, and port-based configuration + # + #server { + # listen 8000; + # listen somename:8080; + # server_name somename alias another.alias; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + + + # HTTPS server + # + #server { + # listen 443 ssl; + # server_name localhost; + + # ssl_certificate cert.pem; + # ssl_certificate_key cert.key; + + # ssl_session_cache shared:SSL:1m; + # ssl_session_timeout 5m; + + # ssl_ciphers HIGH:!aNULL:!MD5; + # ssl_prefer_server_ciphers on; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + +} diff --git a/home.yimian.xyz/nginx/conf.d/home.yimian.xyz.conf b/home.yimian.xyz/nginx/conf.d/home.yimian.xyz.conf new file mode 100644 index 0000000..1f2d074 --- /dev/null +++ b/home.yimian.xyz/nginx/conf.d/home.yimian.xyz.conf @@ -0,0 +1,39 @@ +server { + listen 80; + listen 443 ssl; + server_name home.yimian.xyz; + + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + + client_max_body_size 1000m; + + location =/pan/ { + fastcgi_pass php-fpm:9000; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME /home/share/index.php; + include fastcgi_params; + } + + location /pan/ { + + client_max_body_size 1000m; + alias /home/share/; + } + + location / { + proxy_pass http://host.docker.internal:8123; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } +} diff --git a/home.yimian.xyz/nginx/conf.d/ushio.cool.conf b/home.yimian.xyz/nginx/conf.d/ushio.cool.conf new file mode 100644 index 0000000..f14f822 --- /dev/null +++ b/home.yimian.xyz/nginx/conf.d/ushio.cool.conf @@ -0,0 +1,32 @@ +server { + listen 80; + #listen [::]:80; + server_name ushio.cool www.ushio.cool; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name ushio.cool www.ushio.cool; + root /mnt/html/ushio; + index index.html; + + ssl_certificate /mnt/config/ssl/ushio.cool/ushio.cool.crt; #2 + ssl_certificate_key /mnt/config/ssl/ushio.cool/ushio.cool.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/usa.yimian.xyz/nginx/default.d/*.conf; + + +} diff --git a/home.yimian.xyz/nginx/conf.d/v-china.yimian.xyz.conf b/home.yimian.xyz/nginx/conf.d/v-china.yimian.xyz.conf new file mode 100644 index 0000000..5dba041 --- /dev/null +++ b/home.yimian.xyz/nginx/conf.d/v-china.yimian.xyz.conf @@ -0,0 +1,30 @@ +server { + listen 80; + #listen [::]:80; + server_name v-china.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name v-china.yimian.xyz; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location / { + proxy_pass http://v2ray:10808/; + proxy_read_timeout 300s; + proxy_send_timeout 300s; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + } + + +} + diff --git a/home.yimian.xyz/nginx/default.d/cache.conf b/home.yimian.xyz/nginx/default.d/cache.conf new file mode 100644 index 0000000..ba59f57 --- /dev/null +++ b/home.yimian.xyz/nginx/default.d/cache.conf @@ -0,0 +1,13 @@ +location ~* ^.+\.(ico|gif|jpg|jpeg|png)$ { + access_log off; + expires 30d; +} + +location ~* ^.+\.(css|js|txt|xml|swf|wav)$ { + access_log off; + expires 24h; +} + +location ~* ^.+\.(html|htm)$ { + expires 1h; +} diff --git a/home.yimian.xyz/nginx/default.d/favicon.conf b/home.yimian.xyz/nginx/default.d/favicon.conf new file mode 100644 index 0000000..de48afc --- /dev/null +++ b/home.yimian.xyz/nginx/default.d/favicon.conf @@ -0,0 +1,3 @@ +location = /favicon.ico { + #proxy_pass https://cdn.yimian.xyz/img/head/head3r.ico; +} diff --git a/home.yimian.xyz/nginx/default.d/hsts.conf b/home.yimian.xyz/nginx/default.d/hsts.conf new file mode 100644 index 0000000..c3b0734 --- /dev/null +++ b/home.yimian.xyz/nginx/default.d/hsts.conf @@ -0,0 +1 @@ +add_header Strict-Transport-Security "max-age=31536000"; diff --git a/home.yimian.xyz/nginx/default.d/php.conf b/home.yimian.xyz/nginx/default.d/php.conf new file mode 100644 index 0000000..9a20984 --- /dev/null +++ b/home.yimian.xyz/nginx/default.d/php.conf @@ -0,0 +1,13 @@ +location ~ \.php$ { + try_files $uri =404; + fastcgi_pass php-fpm:9000; + + fastcgi_pass_request_body off; + client_body_in_file_only clean; + fastcgi_param REQUEST_BODY_FILE $request_body_file; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_keep_conn on; +} diff --git a/home.yimian.xyz/nginx/default.d/wp-supercache.conf.b b/home.yimian.xyz/nginx/default.d/wp-supercache.conf.b new file mode 100644 index 0000000..5142de5 --- /dev/null +++ b/home.yimian.xyz/nginx/default.d/wp-supercache.conf.b @@ -0,0 +1,20 @@ +set $cache_uri $request_uri; + +if ($request_method = POST) { + set $cache_uri 'null cache'; + } + +if ($query_string != "") { + set $cache_uri 'null cache'; + } +if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args ; + } diff --git a/home.yimian.xyz/nginx/fastcgi.conf b/home.yimian.xyz/nginx/fastcgi.conf new file mode 100644 index 0000000..091738c --- /dev/null +++ b/home.yimian.xyz/nginx/fastcgi.conf @@ -0,0 +1,26 @@ + +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/home.yimian.xyz/nginx/fastcgi_params b/home.yimian.xyz/nginx/fastcgi_params new file mode 100644 index 0000000..28decb9 --- /dev/null +++ b/home.yimian.xyz/nginx/fastcgi_params @@ -0,0 +1,25 @@ + +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/home.yimian.xyz/nginx/mime.types b/home.yimian.xyz/nginx/mime.types new file mode 100644 index 0000000..2961256 --- /dev/null +++ b/home.yimian.xyz/nginx/mime.types @@ -0,0 +1,97 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/home.yimian.xyz/nginx/nginx.conf b/home.yimian.xyz/nginx/nginx.conf new file mode 100644 index 0000000..4abee71 --- /dev/null +++ b/home.yimian.xyz/nginx/nginx.conf @@ -0,0 +1,63 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /run/nginx.pid; + +# Load dynamic modules. See /usr/share/nginx/README.dynamic. +include /usr/share/nginx/modules/*.conf; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + #tcp_nopush on; + #tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + client_max_body_size 5000m; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + + server { + + listen 80 default_server; + listen [::]:80 default_server; + listen 443 ssl http2 default_server; + listen [::]:443 ssl http2 default_server; + server_name _; + + ssl_certificate "/mnt/config/ssl/yimian.xyz/yimian.xyz.crt"; + ssl_certificate_key "/mnt/config/ssl/yimian.xyz/yimian.xyz.key"; + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 10m; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + location / { + rewrite ^(.*)$ https://ushio.cool/; + } + } + + include /mnt/etc/home.yimian.xyz/nginx/conf.d/*.conf; +} diff --git a/home.yimian.xyz/nginx/nginx.conf.b b/home.yimian.xyz/nginx/nginx.conf.b new file mode 100644 index 0000000..07afa7c --- /dev/null +++ b/home.yimian.xyz/nginx/nginx.conf.b @@ -0,0 +1,117 @@ + +user nginx; +worker_processes 1; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid /run/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + + #gzip on; + + server { + listen 80; + server_name localhost; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + location / { + root html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} + } + + + # another virtual host using mix of IP-, name-, and port-based configuration + # + #server { + # listen 8000; + # listen somename:8080; + # server_name somename alias another.alias; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + + + # HTTPS server + # + #server { + # listen 443 ssl; + # server_name localhost; + + # ssl_certificate cert.pem; + # ssl_certificate_key cert.key; + + # ssl_session_cache shared:SSL:1m; + # ssl_session_timeout 5m; + + # ssl_ciphers HIGH:!aNULL:!MD5; + # ssl_prefer_server_ciphers on; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + +} diff --git a/jp.yimian.xyz/nginx/conf.d/blog.conf b/jp.yimian.xyz/nginx/conf.d/blog.conf new file mode 100644 index 0000000..0d1b8a3 --- /dev/null +++ b/jp.yimian.xyz/nginx/conf.d/blog.conf @@ -0,0 +1,18 @@ +server{ + + listen 80; + server_name jp.yimian.xyz; + + + location / { + proxy_pass http://blog; + proxy_read_timeout 300; + proxy_connect_timeout 300; + proxy_redirect off; + + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + } + +} diff --git a/jp.yimian.xyz/nginx/mime.types b/jp.yimian.xyz/nginx/mime.types new file mode 100644 index 0000000..89be9a4 --- /dev/null +++ b/jp.yimian.xyz/nginx/mime.types @@ -0,0 +1,89 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + image/svg+xml svg svgz; + image/webp webp; + + application/font-woff woff; + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.wap.wmlc wmlc; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; + application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/jp.yimian.xyz/nginx/nginx.conf b/jp.yimian.xyz/nginx/nginx.conf new file mode 100644 index 0000000..1c562c1 --- /dev/null +++ b/jp.yimian.xyz/nginx/nginx.conf @@ -0,0 +1,91 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ + +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /run/nginx.pid; + +# Load dynamic modules. See /usr/share/nginx/README.dynamic. +include /usr/share/nginx/modules/*.conf; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + include /etc/nginx/conf.d/*.conf; + + server { + listen 80 default_server; + listen [::]:80 default_server; + server_name _; + root /html/ushio; + index index.html; + + #location / { + #} + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } + } + + + + + +# Settings for a TLS enabled server. +# +# server { +# listen 443 ssl http2 default_server; +# listen [::]:443 ssl http2 default_server; +# server_name _; +# root /usr/share/nginx/html; +# +# ssl_certificate "/etc/pki/nginx/server.crt"; +# ssl_certificate_key "/etc/pki/nginx/private/server.key"; +# ssl_session_cache shared:SSL:1m; +# ssl_session_timeout 10m; +# ssl_ciphers HIGH:!aNULL:!MD5; +# ssl_prefer_server_ciphers on; +# +# # Load configuration files for the default server block. +# include /etc/nginx/default.d/*.conf; +# +# location / { +# } +# +# error_page 404 /404.html; +# location = /40x.html { +# } +# +# error_page 500 502 503 504 /50x.html; +# location = /50x.html { +# } +# } + +} diff --git a/uk.yimian.xyz/nginx/conf.d/acg.watch.conf.bck b/uk.yimian.xyz/nginx/conf.d/acg.watch.conf.bck new file mode 100644 index 0000000..48f47e5 --- /dev/null +++ b/uk.yimian.xyz/nginx/conf.d/acg.watch.conf.bck @@ -0,0 +1,46 @@ +server { + listen 80; + listen [::]:80; + server_name acg.watch; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + #listen 80; + #listen [::]:80; + listen 443 ssl; + + server_name acg.watch; + root /home/www/acg.watch; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/acg.watch/acg.watch.crt; #2 + ssl_certificate_key /mnt/config/ssl/acg.watch/acg.watch.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + #error_page 404 = /404.php; + +# rewrite ^(.*)$ https://www.$host$1 permanent; + + # Load configuration files for the default server block. + include /etc/uk.yimian.xyz/nginx/default.d/*.conf; + +# if (-f $request_filename/index.html){ rewrite (.*) $1/index.html break; } +# if (-f $request_filename/index.php){ rewrite (.*) $1/index.php; } +# if (!-f $request_filename){ rewrite (.*) /index.php; } +# if (!-e $request_filename) { rewrite ^(.*)$ /index.php$1 last; } + + location /api/ { + proxy_pass http://acg.watch-api:30080; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } +} diff --git a/uk.yimian.xyz/nginx/conf.d/imgbed.yimian.xyz.conf.bck b/uk.yimian.xyz/nginx/conf.d/imgbed.yimian.xyz.conf.bck new file mode 100644 index 0000000..50fe8da --- /dev/null +++ b/uk.yimian.xyz/nginx/conf.d/imgbed.yimian.xyz.conf.bck @@ -0,0 +1,42 @@ +server { + listen 80; + #listen [::]:80; + server_name imgbed.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name imgbed.yimian.xyz; + root /home/www/imgbed; + index index.php index.html; + client_max_body_size 50m; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/uk.yimian.xyz/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/uk.yimian.xyz/nginx/conf.d/iotcat.me.conf b/uk.yimian.xyz/nginx/conf.d/iotcat.me.conf new file mode 100644 index 0000000..6ba3978 --- /dev/null +++ b/uk.yimian.xyz/nginx/conf.d/iotcat.me.conf @@ -0,0 +1,30 @@ +server { + listen 80; + #listen [::]:80; + server_name iotcat.me www.iotcat.me; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name iotcat.me www.iotcat.me; + root /home/www/iotcat.me; + index index.html; + + ssl_certificate /mnt/config/ssl/iotcat.me/iotcat.me.crt; #2 + ssl_certificate_key /mnt/config/ssl/iotcat.me/iotcat.me.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + + # Load configuration files for the default server block. + include /mnt/etc/uk.yimian.xyz/nginx/default.d/*.conf; + +} diff --git a/uk.yimian.xyz/nginx/conf.d/onedrive.yimian.xyz.conf b/uk.yimian.xyz/nginx/conf.d/onedrive.yimian.xyz.conf new file mode 100644 index 0000000..dc736ce --- /dev/null +++ b/uk.yimian.xyz/nginx/conf.d/onedrive.yimian.xyz.conf @@ -0,0 +1,25 @@ +server { + listen 80; + #listen [::]:80; + server_name onedrive.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name onedrive.yimian.xyz; + client_max_body_size 9000M; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location / { + proxy_pass http://oneindex:80; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } +} diff --git a/uk.yimian.xyz/nginx/conf.d/session.yimian.xyz.conf b/uk.yimian.xyz/nginx/conf.d/session.yimian.xyz.conf new file mode 100644 index 0000000..7841075 --- /dev/null +++ b/uk.yimian.xyz/nginx/conf.d/session.yimian.xyz.conf @@ -0,0 +1,35 @@ +server { + listen 80; + #listen [::]:80; + server_name session.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name session.yimian.xyz; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location ^~ /websocket/ { + proxy_pass http://session:21514/; + proxy_read_timeout 300s; + proxy_send_timeout 300s; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + } + + location / { + proxy_pass http://session:21513/; + } + + + +} + diff --git a/uk.yimian.xyz/nginx/conf.d/share.yimian.xyz.conf.bck b/uk.yimian.xyz/nginx/conf.d/share.yimian.xyz.conf.bck new file mode 100644 index 0000000..7927486 --- /dev/null +++ b/uk.yimian.xyz/nginx/conf.d/share.yimian.xyz.conf.bck @@ -0,0 +1,42 @@ +server { + listen 80; + #listen [::]:80; + server_name share.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name share.yimian.xyz; + root /home/www/filebed; + index index.php index.html; + client_max_body_size 50m; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/uk.yimian.xyz/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/uk.yimian.xyz/nginx/conf.d/ushio.cool.conf b/uk.yimian.xyz/nginx/conf.d/ushio.cool.conf new file mode 100644 index 0000000..b301334 --- /dev/null +++ b/uk.yimian.xyz/nginx/conf.d/ushio.cool.conf @@ -0,0 +1,32 @@ +server { + listen 80; + #listen [::]:80; + server_name ushio.cool www.ushio.cool; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name ushio.cool www.ushio.cool; + root /mnt/html/ushio; + index index.html; + + ssl_certificate /mnt/config/ssl/ushio.cool/ushio.cool.crt; #2 + ssl_certificate_key /mnt/config/ssl/ushio.cool/ushio.cool.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/uk.yimian.xyz/nginx/default.d/*.conf; + + +} diff --git a/uk.yimian.xyz/nginx/conf.d/www.eee.dog.conf.bck b/uk.yimian.xyz/nginx/conf.d/www.eee.dog.conf.bck new file mode 100644 index 0000000..1319871 --- /dev/null +++ b/uk.yimian.xyz/nginx/conf.d/www.eee.dog.conf.bck @@ -0,0 +1,39 @@ +server { + listen 80; + #listen [::]:80; + server_name www.eee.dog; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + #listen 80; + #listen [::]:80; + listen 443 ssl; + + server_name www.eee.dog; + root /home/www/blog; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/eee.dog/eee.dog.crt; #2 + ssl_certificate_key /mnt/config/ssl/eee.dog/eee.dog.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + #error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/uk.yimian.xyz/nginx/default.d/*.conf; + + if (-f $request_filename/index.html){ rewrite (.*) $1/index.html break; } + if (-f $request_filename/index.php){ rewrite (.*) $1/index.php; } + if (!-f $request_filename){ rewrite (.*) /index.php; } + if (!-e $request_filename) { rewrite ^(.*)$ /index.php$1 last; } + + location / { + } + +} diff --git a/uk.yimian.xyz/nginx/default.d/cache.conf b/uk.yimian.xyz/nginx/default.d/cache.conf new file mode 100644 index 0000000..ba59f57 --- /dev/null +++ b/uk.yimian.xyz/nginx/default.d/cache.conf @@ -0,0 +1,13 @@ +location ~* ^.+\.(ico|gif|jpg|jpeg|png)$ { + access_log off; + expires 30d; +} + +location ~* ^.+\.(css|js|txt|xml|swf|wav)$ { + access_log off; + expires 24h; +} + +location ~* ^.+\.(html|htm)$ { + expires 1h; +} diff --git a/uk.yimian.xyz/nginx/default.d/favicon.conf b/uk.yimian.xyz/nginx/default.d/favicon.conf new file mode 100644 index 0000000..de48afc --- /dev/null +++ b/uk.yimian.xyz/nginx/default.d/favicon.conf @@ -0,0 +1,3 @@ +location = /favicon.ico { + #proxy_pass https://cdn.yimian.xyz/img/head/head3r.ico; +} diff --git a/uk.yimian.xyz/nginx/default.d/hsts.conf b/uk.yimian.xyz/nginx/default.d/hsts.conf new file mode 100644 index 0000000..c3b0734 --- /dev/null +++ b/uk.yimian.xyz/nginx/default.d/hsts.conf @@ -0,0 +1 @@ +add_header Strict-Transport-Security "max-age=31536000"; diff --git a/uk.yimian.xyz/nginx/default.d/php.conf b/uk.yimian.xyz/nginx/default.d/php.conf new file mode 100644 index 0000000..9a20984 --- /dev/null +++ b/uk.yimian.xyz/nginx/default.d/php.conf @@ -0,0 +1,13 @@ +location ~ \.php$ { + try_files $uri =404; + fastcgi_pass php-fpm:9000; + + fastcgi_pass_request_body off; + client_body_in_file_only clean; + fastcgi_param REQUEST_BODY_FILE $request_body_file; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_keep_conn on; +} diff --git a/uk.yimian.xyz/nginx/default.d/wp-supercache.conf.b b/uk.yimian.xyz/nginx/default.d/wp-supercache.conf.b new file mode 100644 index 0000000..5142de5 --- /dev/null +++ b/uk.yimian.xyz/nginx/default.d/wp-supercache.conf.b @@ -0,0 +1,20 @@ +set $cache_uri $request_uri; + +if ($request_method = POST) { + set $cache_uri 'null cache'; + } + +if ($query_string != "") { + set $cache_uri 'null cache'; + } +if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args ; + } diff --git a/uk.yimian.xyz/nginx/fastcgi.conf b/uk.yimian.xyz/nginx/fastcgi.conf new file mode 100644 index 0000000..091738c --- /dev/null +++ b/uk.yimian.xyz/nginx/fastcgi.conf @@ -0,0 +1,26 @@ + +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/uk.yimian.xyz/nginx/fastcgi_params b/uk.yimian.xyz/nginx/fastcgi_params new file mode 100644 index 0000000..28decb9 --- /dev/null +++ b/uk.yimian.xyz/nginx/fastcgi_params @@ -0,0 +1,25 @@ + +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/uk.yimian.xyz/nginx/mime.types b/uk.yimian.xyz/nginx/mime.types new file mode 100644 index 0000000..2961256 --- /dev/null +++ b/uk.yimian.xyz/nginx/mime.types @@ -0,0 +1,97 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/uk.yimian.xyz/nginx/nginx.conf b/uk.yimian.xyz/nginx/nginx.conf new file mode 100644 index 0000000..aecdf4a --- /dev/null +++ b/uk.yimian.xyz/nginx/nginx.conf @@ -0,0 +1,63 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /run/nginx.pid; + +# Load dynamic modules. See /usr/share/nginx/README.dynamic. +include /usr/share/nginx/modules/*.conf; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + #tcp_nopush on; + #tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + client_max_body_size 5000m; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + + server { + + listen 80 default_server; + listen [::]:80 default_server; + listen 443 ssl http2 default_server; + listen [::]:443 ssl http2 default_server; + server_name _; + + ssl_certificate "/mnt/config/ssl/yimian.xyz/yimian.xyz.crt"; + ssl_certificate_key "/mnt/config/ssl/yimian.xyz/yimian.xyz.key"; + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 10m; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + location / { + rewrite ^(.*)$ https://ushio.cool/; + } + } + + include /mnt/etc/uk.yimian.xyz/nginx/conf.d/*.conf; +} diff --git a/uk.yimian.xyz/nginx/nginx.conf.b b/uk.yimian.xyz/nginx/nginx.conf.b new file mode 100644 index 0000000..07afa7c --- /dev/null +++ b/uk.yimian.xyz/nginx/nginx.conf.b @@ -0,0 +1,117 @@ + +user nginx; +worker_processes 1; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid /run/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + + #gzip on; + + server { + listen 80; + server_name localhost; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + location / { + root html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} + } + + + # another virtual host using mix of IP-, name-, and port-based configuration + # + #server { + # listen 8000; + # listen somename:8080; + # server_name somename alias another.alias; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + + + # HTTPS server + # + #server { + # listen 443 ssl; + # server_name localhost; + + # ssl_certificate cert.pem; + # ssl_certificate_key cert.key; + + # ssl_session_cache shared:SSL:1m; + # ssl_session_timeout 5m; + + # ssl_ciphers HIGH:!aNULL:!MD5; + # ssl_prefer_server_ciphers on; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + +} diff --git a/usa.yimian.xyz/nginx/conf.d/acg.watch.conf.bck b/usa.yimian.xyz/nginx/conf.d/acg.watch.conf.bck new file mode 100644 index 0000000..0571ef6 --- /dev/null +++ b/usa.yimian.xyz/nginx/conf.d/acg.watch.conf.bck @@ -0,0 +1,46 @@ +server { + listen 80; + listen [::]:80; + server_name acg.watch; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + #listen 80; + #listen [::]:80; + listen 443 ssl; + + server_name acg.watch; + root /home/www/acg.watch; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/acg.watch/acg.watch.crt; #2 + ssl_certificate_key /mnt/config/ssl/acg.watch/acg.watch.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + #error_page 404 = /404.php; + +# rewrite ^(.*)$ https://www.$host$1 permanent; + + # Load configuration files for the default server block. + include /etc/usa.yimian.xyz/nginx/default.d/*.conf; + +# if (-f $request_filename/index.html){ rewrite (.*) $1/index.html break; } +# if (-f $request_filename/index.php){ rewrite (.*) $1/index.php; } +# if (!-f $request_filename){ rewrite (.*) /index.php; } +# if (!-e $request_filename) { rewrite ^(.*)$ /index.php$1 last; } + + location /api/ { + proxy_pass http://acg.watch-api:30080; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } +} diff --git a/usa.yimian.xyz/nginx/conf.d/docker.yimian.xyz.conf b/usa.yimian.xyz/nginx/conf.d/docker.yimian.xyz.conf new file mode 100644 index 0000000..e1fb7e6 --- /dev/null +++ b/usa.yimian.xyz/nginx/conf.d/docker.yimian.xyz.conf @@ -0,0 +1,42 @@ +server { + listen 80; + #listen [::]:80; + server_name docker.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name docker.yimian.xyz; + client_max_body_size 9000M; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location / { + #proxy_pass https://frps:4443; + #proxy_ssl_server_name on; + #proxy_ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + #proxy_ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + #proxy_http_version 1.1; + #proxy_set_header Upgrade $http_upgrade; + #proxy_set_header Connection 'upgrade'; + #proxy_set_header Host $host; + #proxy_cache_bypass $http_upgrade; + resolver 8.8.8.8; + proxy_ssl_server_name on; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Host $host:$server_port; + proxy_pass https://$host:4443; #通过域名访问frp服务 + proxy_read_timeout 300s; + proxy_send_timeout 300s; + #proxy_set_header Host $host; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + + } +} diff --git a/usa.yimian.xyz/nginx/conf.d/home.yimian.xyz.conf b/usa.yimian.xyz/nginx/conf.d/home.yimian.xyz.conf new file mode 100644 index 0000000..4cedc39 --- /dev/null +++ b/usa.yimian.xyz/nginx/conf.d/home.yimian.xyz.conf @@ -0,0 +1,25 @@ +server { + listen 80; + #listen [::]:80; + server_name home.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name home.yimian.xyz; + client_max_body_size 9000M; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location / { + proxy_pass http://frps:4480; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } +} diff --git a/usa.yimian.xyz/nginx/conf.d/imgbed.yimian.xyz.conf.bck b/usa.yimian.xyz/nginx/conf.d/imgbed.yimian.xyz.conf.bck new file mode 100644 index 0000000..50fe8da --- /dev/null +++ b/usa.yimian.xyz/nginx/conf.d/imgbed.yimian.xyz.conf.bck @@ -0,0 +1,42 @@ +server { + listen 80; + #listen [::]:80; + server_name imgbed.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name imgbed.yimian.xyz; + root /home/www/imgbed; + index index.php index.html; + client_max_body_size 50m; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/uk.yimian.xyz/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/usa.yimian.xyz/nginx/conf.d/iotcat.me.conf b/usa.yimian.xyz/nginx/conf.d/iotcat.me.conf new file mode 100644 index 0000000..ea91621 --- /dev/null +++ b/usa.yimian.xyz/nginx/conf.d/iotcat.me.conf @@ -0,0 +1,30 @@ +server { + listen 80; + #listen [::]:80; + server_name iotcat.me www.iotcat.me; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name iotcat.me www.iotcat.me; + root /home/www/iotcat.me; + index index.html; + + ssl_certificate /mnt/config/ssl/iotcat.me/iotcat.me.crt; #2 + ssl_certificate_key /mnt/config/ssl/iotcat.me/iotcat.me.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + + # Load configuration files for the default server block. + include /mnt/etc/usa.yimian.xyz/nginx/default.d/*.conf; + +} diff --git a/usa.yimian.xyz/nginx/conf.d/onedrive.yimian.xyz.conf b/usa.yimian.xyz/nginx/conf.d/onedrive.yimian.xyz.conf new file mode 100644 index 0000000..dc736ce --- /dev/null +++ b/usa.yimian.xyz/nginx/conf.d/onedrive.yimian.xyz.conf @@ -0,0 +1,25 @@ +server { + listen 80; + #listen [::]:80; + server_name onedrive.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name onedrive.yimian.xyz; + client_max_body_size 9000M; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location / { + proxy_pass http://oneindex:80; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } +} diff --git a/usa.yimian.xyz/nginx/conf.d/proxy.yimian.xyz.conf b/usa.yimian.xyz/nginx/conf.d/proxy.yimian.xyz.conf new file mode 100644 index 0000000..f76c8f8 --- /dev/null +++ b/usa.yimian.xyz/nginx/conf.d/proxy.yimian.xyz.conf @@ -0,0 +1,25 @@ +server { + listen 80; + #listen [::]:80; + server_name proxy.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name proxy.yimian.xyz; + client_max_body_size 90000M; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location / { + proxy_pass http://ushio-proxy:3000; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } +} diff --git a/usa.yimian.xyz/nginx/conf.d/redrange.me.conf b/usa.yimian.xyz/nginx/conf.d/redrange.me.conf new file mode 100644 index 0000000..5451103 --- /dev/null +++ b/usa.yimian.xyz/nginx/conf.d/redrange.me.conf @@ -0,0 +1,37 @@ +server { + listen 80; + listen [::]:80; + server_name redrange.me www.redrange.me; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + #listen 80; + #listen [::]:80; + listen 443 ssl; + + server_name redrange.me www.redrange.me; + + ssl_certificate /mnt/config/ssl/redrange.me/redrange.me.crt; #2 + ssl_certificate_key /mnt/config/ssl/redrange.me/redrange.me.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + + + # Load configuration files for the default server block. + + + location / { + proxy_pass http://host.docker.internal:8000; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } +} diff --git a/usa.yimian.xyz/nginx/conf.d/session.yimian.xyz.conf b/usa.yimian.xyz/nginx/conf.d/session.yimian.xyz.conf new file mode 100644 index 0000000..7841075 --- /dev/null +++ b/usa.yimian.xyz/nginx/conf.d/session.yimian.xyz.conf @@ -0,0 +1,35 @@ +server { + listen 80; + #listen [::]:80; + server_name session.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name session.yimian.xyz; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location ^~ /websocket/ { + proxy_pass http://session:21514/; + proxy_read_timeout 300s; + proxy_send_timeout 300s; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + } + + location / { + proxy_pass http://session:21513/; + } + + + +} + diff --git a/usa.yimian.xyz/nginx/conf.d/share.yimian.xyz.conf.bck b/usa.yimian.xyz/nginx/conf.d/share.yimian.xyz.conf.bck new file mode 100644 index 0000000..411abb5 --- /dev/null +++ b/usa.yimian.xyz/nginx/conf.d/share.yimian.xyz.conf.bck @@ -0,0 +1,42 @@ +server { + listen 80; + #listen [::]:80; + server_name share.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name share.yimian.xyz; + root /home/www/filebed; + index index.php index.html; + client_max_body_size 50m; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/usa.yimian.xyz/nginx/default.d/*.conf; + + location / { + } + + error_page 404 /404.html; + location = /40x.html { + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + } +} diff --git a/usa.yimian.xyz/nginx/conf.d/ushio.cool.conf b/usa.yimian.xyz/nginx/conf.d/ushio.cool.conf new file mode 100644 index 0000000..f14f822 --- /dev/null +++ b/usa.yimian.xyz/nginx/conf.d/ushio.cool.conf @@ -0,0 +1,32 @@ +server { + listen 80; + #listen [::]:80; + server_name ushio.cool www.ushio.cool; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + # listen 80; + # listen [::]:80; + listen 443 ssl; + + server_name ushio.cool www.ushio.cool; + root /mnt/html/ushio; + index index.html; + + ssl_certificate /mnt/config/ssl/ushio.cool/ushio.cool.crt; #2 + ssl_certificate_key /mnt/config/ssl/ushio.cool/ushio.cool.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + # error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/usa.yimian.xyz/nginx/default.d/*.conf; + + +} diff --git a/usa.yimian.xyz/nginx/conf.d/v-china.yimian.xyz.conf b/usa.yimian.xyz/nginx/conf.d/v-china.yimian.xyz.conf new file mode 100644 index 0000000..d2269f0 --- /dev/null +++ b/usa.yimian.xyz/nginx/conf.d/v-china.yimian.xyz.conf @@ -0,0 +1,42 @@ +server { + listen 80; + #listen [::]:80; + server_name v-china.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name v-china.yimian.xyz; + client_max_body_size 9000M; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location / { + #proxy_pass https://frps:4443; + #proxy_ssl_server_name on; + #proxy_ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + #proxy_ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + #proxy_http_version 1.1; + #proxy_set_header Upgrade $http_upgrade; + #proxy_set_header Connection 'upgrade'; + #proxy_set_header Host $host; + #proxy_cache_bypass $http_upgrade; + resolver 8.8.8.8; + proxy_ssl_server_name on; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Host $host:$server_port; + proxy_pass https://$host:4443; #通过域名访问frp服务 + proxy_read_timeout 300s; + proxy_send_timeout 300s; + #proxy_set_header Host $host; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + + } +} diff --git a/usa.yimian.xyz/nginx/conf.d/vmess.yimian.xyz.conf b/usa.yimian.xyz/nginx/conf.d/vmess.yimian.xyz.conf new file mode 100644 index 0000000..53e1ca3 --- /dev/null +++ b/usa.yimian.xyz/nginx/conf.d/vmess.yimian.xyz.conf @@ -0,0 +1,30 @@ +server { + listen 80; + #listen [::]:80; + server_name vmess.yimian.xyz; + rewrite ^(.*)$ https://$host$1 permanent; +} + +server { + #listen 80; + listen 443 ssl; + server_name vmess.yimian.xyz; + + ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; + ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; + + location / { + proxy_pass http://v2ray:10808/; + proxy_read_timeout 300s; + proxy_send_timeout 300s; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + } + + +} + diff --git a/usa.yimian.xyz/nginx/conf.d/www.eee.dog.conf.bck b/usa.yimian.xyz/nginx/conf.d/www.eee.dog.conf.bck new file mode 100644 index 0000000..1eff072 --- /dev/null +++ b/usa.yimian.xyz/nginx/conf.d/www.eee.dog.conf.bck @@ -0,0 +1,39 @@ +server { + listen 80; + #listen [::]:80; + server_name www.eee.dog; + rewrite ^(.*)$ https://$host$1 permanent; +} + + +server { + #listen 80; + #listen [::]:80; + listen 443 ssl; + + server_name www.eee.dog; + root /home/www/blog; + index index.php index.html; + + ssl_certificate /mnt/config/ssl/eee.dog/eee.dog.crt; #2 + ssl_certificate_key /mnt/config/ssl/eee.dog/eee.dog.key; #3 + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_prefer_server_ciphers on; + #error_page 404 = /404.php; + + # Load configuration files for the default server block. + include /mnt/etc/usa.yimian.xyz/nginx/default.d/*.conf; + + if (-f $request_filename/index.html){ rewrite (.*) $1/index.html break; } + if (-f $request_filename/index.php){ rewrite (.*) $1/index.php; } + if (!-f $request_filename){ rewrite (.*) /index.php; } + if (!-e $request_filename) { rewrite ^(.*)$ /index.php$1 last; } + + location / { + } + +} diff --git a/usa.yimian.xyz/nginx/default.d/cache.conf b/usa.yimian.xyz/nginx/default.d/cache.conf new file mode 100644 index 0000000..ba59f57 --- /dev/null +++ b/usa.yimian.xyz/nginx/default.d/cache.conf @@ -0,0 +1,13 @@ +location ~* ^.+\.(ico|gif|jpg|jpeg|png)$ { + access_log off; + expires 30d; +} + +location ~* ^.+\.(css|js|txt|xml|swf|wav)$ { + access_log off; + expires 24h; +} + +location ~* ^.+\.(html|htm)$ { + expires 1h; +} diff --git a/usa.yimian.xyz/nginx/default.d/favicon.conf b/usa.yimian.xyz/nginx/default.d/favicon.conf new file mode 100644 index 0000000..de48afc --- /dev/null +++ b/usa.yimian.xyz/nginx/default.d/favicon.conf @@ -0,0 +1,3 @@ +location = /favicon.ico { + #proxy_pass https://cdn.yimian.xyz/img/head/head3r.ico; +} diff --git a/usa.yimian.xyz/nginx/default.d/hsts.conf b/usa.yimian.xyz/nginx/default.d/hsts.conf new file mode 100644 index 0000000..c3b0734 --- /dev/null +++ b/usa.yimian.xyz/nginx/default.d/hsts.conf @@ -0,0 +1 @@ +add_header Strict-Transport-Security "max-age=31536000"; diff --git a/usa.yimian.xyz/nginx/default.d/php.conf b/usa.yimian.xyz/nginx/default.d/php.conf new file mode 100644 index 0000000..9a20984 --- /dev/null +++ b/usa.yimian.xyz/nginx/default.d/php.conf @@ -0,0 +1,13 @@ +location ~ \.php$ { + try_files $uri =404; + fastcgi_pass php-fpm:9000; + + fastcgi_pass_request_body off; + client_body_in_file_only clean; + fastcgi_param REQUEST_BODY_FILE $request_body_file; + + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + fastcgi_keep_conn on; +} diff --git a/usa.yimian.xyz/nginx/default.d/wp-supercache.conf.b b/usa.yimian.xyz/nginx/default.d/wp-supercache.conf.b new file mode 100644 index 0000000..5142de5 --- /dev/null +++ b/usa.yimian.xyz/nginx/default.d/wp-supercache.conf.b @@ -0,0 +1,20 @@ +set $cache_uri $request_uri; + +if ($request_method = POST) { + set $cache_uri 'null cache'; + } + +if ($query_string != "") { + set $cache_uri 'null cache'; + } +if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + set $cache_uri 'null cache'; + } + + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") { + set $cache_uri 'null cache'; + } + + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?$args ; + } diff --git a/usa.yimian.xyz/nginx/fastcgi.conf b/usa.yimian.xyz/nginx/fastcgi.conf new file mode 100644 index 0000000..091738c --- /dev/null +++ b/usa.yimian.xyz/nginx/fastcgi.conf @@ -0,0 +1,26 @@ + +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/usa.yimian.xyz/nginx/fastcgi_params b/usa.yimian.xyz/nginx/fastcgi_params new file mode 100644 index 0000000..28decb9 --- /dev/null +++ b/usa.yimian.xyz/nginx/fastcgi_params @@ -0,0 +1,25 @@ + +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/usa.yimian.xyz/nginx/mime.types b/usa.yimian.xyz/nginx/mime.types new file mode 100644 index 0000000..2961256 --- /dev/null +++ b/usa.yimian.xyz/nginx/mime.types @@ -0,0 +1,97 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/usa.yimian.xyz/nginx/nginx.conf b/usa.yimian.xyz/nginx/nginx.conf new file mode 100644 index 0000000..60bbeea --- /dev/null +++ b/usa.yimian.xyz/nginx/nginx.conf @@ -0,0 +1,63 @@ +# For more information on configuration, see: +# * Official English Documentation: http://nginx.org/en/docs/ +# * Official Russian Documentation: http://nginx.org/ru/docs/ +user nginx; +worker_processes auto; +error_log /var/log/nginx/error.log; +pid /run/nginx.pid; + +# Load dynamic modules. See /usr/share/nginx/README.dynamic. +include /usr/share/nginx/modules/*.conf; + +events { + worker_connections 1024; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + #tcp_nopush on; + #tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + client_max_body_size 5000m; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + # Load modular configuration files from the /etc/nginx/conf.d directory. + # See http://nginx.org/en/docs/ngx_core_module.html#include + # for more information. + + server { + + listen 80 default_server; + listen [::]:80 default_server; + listen 443 ssl http2 default_server; + listen [::]:443 ssl http2 default_server; + server_name _; + + ssl_certificate "/mnt/config/ssl/yimian.xyz/yimian.xyz.crt"; + ssl_certificate_key "/mnt/config/ssl/yimian.xyz/yimian.xyz.key"; + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 10m; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + location / { + rewrite ^(.*)$ https://ushio.cool/; + } + } + + include /mnt/etc/usa.yimian.xyz/nginx/conf.d/*.conf; +} diff --git a/usa.yimian.xyz/nginx/nginx.conf.b b/usa.yimian.xyz/nginx/nginx.conf.b new file mode 100644 index 0000000..07afa7c --- /dev/null +++ b/usa.yimian.xyz/nginx/nginx.conf.b @@ -0,0 +1,117 @@ + +user nginx; +worker_processes 1; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid /run/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + + #gzip on; + + server { + listen 80; + server_name localhost; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + location / { + root html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} + } + + + # another virtual host using mix of IP-, name-, and port-based configuration + # + #server { + # listen 8000; + # listen somename:8080; + # server_name somename alias another.alias; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + + + # HTTPS server + # + #server { + # listen 443 ssl; + # server_name localhost; + + # ssl_certificate cert.pem; + # ssl_certificate_key cert.key; + + # ssl_session_cache shared:SSL:1m; + # ssl_session_timeout 5m; + + # ssl_ciphers HIGH:!aNULL:!MD5; + # ssl_prefer_server_ciphers on; + + # location / { + # root html; + # index index.html index.htm; + # } + #} + +}