From 9934dd538b0ce116e3b1600272cb46369b082246 Mon Sep 17 00:00:00 2001 From: Hsieh Chin Fan Date: Wed, 2 Feb 2022 13:34:47 +0800 Subject: init commit --- nginx/sites-available/vps | 354 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 354 insertions(+) create mode 100644 nginx/sites-available/vps (limited to 'nginx/sites-available') diff --git a/nginx/sites-available/vps b/nginx/sites-available/vps new file mode 100644 index 0000000..bad4621 --- /dev/null +++ b/nginx/sites-available/vps @@ -0,0 +1,354 @@ +#map $token $api_client_name { +# default ""; +# +# # CAUTION!! Change token and client name wisely +# "XXXX" "client"; +#} + +# Gets the basename of the original request +map $request_uri $request_basename { + ~/(?[^/?]*)(?:\?|$) $captured_request_basename; +} + +# Gets the basename of the current uri +map $uri $basename { + ~/(?[^/]*)$ $captured_basename; +} + +server { + server_name topo.tw www.topo.tw; + + listen 80; + listen 443 ssl; + ssl_certificate /etc/nginx/ssl/fullchain.cert; + ssl_certificate_key /etc/nginx/ssl/cert.pem; + + root /srv/http; + index index.html; + autoindex on; + autoindex_exact_size off; + + # charset + charset utf-8; + charset_types *; + override_charset on; + default_type "text/plain; charset=utf-8"; + + # header + proxy_set_header Host $host; + add_header Cache-Control "no-cache" always; + #add_header Cache-Control "max-age=604800"; + error_page 404 /404.html; + error_log /var/log/nginx/error.log debug; + #rewrite_log on; + + location ~ \.html$ { + try_files $uri =404; + } + + location ~ \.js$ { + add_header Access-Control-Allow-Origin *; + } + + location ~ [^/]$ { + try_files $uri @rewrite_no_slash; + } + + location @rewrite_no_slash { + add_header rewrite no_slash; + rewrite ^(.+)$ $1.html permanent; + } + + location ~ /$ { + try_files $uri @rewrite_slash; + } + + location @rewrite_slash { + rewrite ^(.+)/$ $1.html permanent; + } + + rewrite ^/posts$ /posts/ permanent; + location = /posts/ { + autoindex_format xml; + xslt_string_param title "/posts/"; + xslt_stylesheet layout/simple.xslt; + add_header Cache-Control "no-cache" always; + } + + # This configuration allow you to upload/modify/delete file, for example: + # curl -X PUT -F file=@foo https://topo.tw/doc/bar + location ^~ /doc { + alias /home/pham/doc/; + + client_body_temp_path /tmp/client_temp; + dav_methods PUT DELETE MKCOL COPY MOVE; + create_full_put_path on; + dav_access group:rw all:r; + client_max_body_size 10000m; + } + + location ^~ /photos/ { + alias /home/pham/data/s3.photos/; + autoindex_format xml; + xslt_string_param title "photos"; + xslt_stylesheet layout/gal.xslt; + try_files $uri $uri/ =404; + expires max; + + if ($uri ~ ^/photos/([^!]+)!(large|lg|md)$ ) { + set $filename /home/pham/data/s3.photos/$1; + set $img_version $2; + rewrite ^ /thumbnail; + } + } + + rewrite ^/p(ublic)?$ /public/ permanent; + rewrite ^/p/(.*)$ /public/$1; + location ^~ /public/ { + alias /home/pham/public/; + autoindex_format xml; + xslt_string_param title "/posts/"; + xslt_stylesheet layout/simple.xslt; + add_header Access-Control-Allow-Origin "*" always; + add_header Cache-Control "no-cache" always; + } + + # thumbnail CGI, requires variables 'filename' and 'img_version' + location = /thumbnail { + # Prepare the required parameters (width, height, cropping or zooming) according to the URL address! + set $img_type resize; + set $img_w -; + set $img_h -; + if ($img_version = 'large') { + set $img_type resize; + set $img_w 1920; + } + if ($img_version = 'lg') { + set $img_type crop; + set $img_w 256; + set $img_h 256; + } + if ($img_version = 'md') { + set $img_type crop; + set $img_w 128; + set $img_h 128; + } + rewrite ^ /_$img_type; + } + + # Processing of Scaled Pictures + location = /_resize { + alias $filename; + image_filter resize $img_w $img_h; + image_filter_jpeg_quality 95; + image_filter_buffer 20M; + image_filter_interlace on; + } + + # Processing of clipped pictures + location = /_crop { + alias $filename; + image_filter crop $img_w $img_h; + image_filter_jpeg_quality 95; + image_filter_buffer 20M; + image_filter_interlace on; + } + + location ^~ /wallpapers { + alias /home/pham/public/wallpapers/; + + autoindex_format xml; + xslt_string_param title "Wallpaper Collection!"; + xslt_stylesheet layout/gal.xslt; + try_files $uri $uri/ =404; + + if ($uri ~ ([^/!]+)!(large|lg|md)$ ) { + set $filename /home/pham/public/wallpapers/$1; + set $img_version $2; + rewrite ^ /thumbnail; + } + } + + location ^~ /tmp { + alias /home/pham/public/tmp/; + autoindex on; + add_header "Content-Type" "text/plain; charset=utf-8"; + } + + location ^~ /osm { + alias /home/pham/public/osm/; + autoindex on; + } + + location ^~ /tainan/ { + alias /home/pham/public/tainan/; + autoindex on; + index =404; + } + + location /public/layx { + alias /home/pham/public/layx/; + + autoindex on; + + auth_basic "You need to login"; + auth_basic_user_file /etc/nginx/passwd/2022.10.11; + } + + location ^~ /private/ { + alias /home/pham/private/; + autoindex on; + auth_basic "You need to login"; + auth_basic_user_file /etc/nginx/passwd/japan; + } + + location = /japan.html { + autoindex on; + + auth_basic "You need to login"; + auth_basic_user_file /etc/nginx/passwd/japan; + } + + location ^~ /houshou { + alias /home/pham/houshou/; + + autoindex on; + autoindex_format xml; + xslt_string_param title "Houshou Collection!"; + xslt_stylesheet layout/gal.xslt; + try_files $uri $uri/ =404; + + auth_basic "You need to login"; + auth_basic_user_file /etc/nginx/passwd/houshou; + + if ($uri ~ ([^/!]+)!(large|lg|md)$ ) { + set $filename /home/pham/houshou/$1; + set $img_version $2; + rewrite ^ /thumbnail; + } + } + + location ^~ /houshou2 { + alias /home/pham/houshou2/; + + autoindex on; + autoindex_format xml; + xslt_string_param title "Houshou Collection!"; + #xslt_stylesheet layout/simple-gal.xslt; + xslt_stylesheet layout/gal.xslt; + try_files $uri $uri/ =404; + + if ($uri ~ ([^/!]+)!(large|lg|md)$ ) { + set $filename /home/pham/houshou2/$1; + set $img_version $2; + rewrite ^ /thumbnail; + } + } + + location /rescue { + root /home/pham; + + auth_basic "You need to login"; + auth_basic_user_file /etc/nginx/passwd/rescue; + } + +# location /upload/ { +# proxy_pass http://127.0.0.1:8000/; +# } + + #rewrite ^/up$ /up/; + #location /up/ { + # proxy_set_header X-Forwarded-Proto https; + # proxy_set_header Referer $host/up/; + # proxy_pass http://127.0.0.1:8080/; + + # client_max_body_size 1g; + #} + + #location = /_validate_token { + # internal; + + # if ($token = "") { + # return 401; # Unauthorized + # } + + # if ($api_client_name = "") { + # return 403; # Forbidden + # } + + # return 204; # OK (no content) + #} + +} + +# git server +server { + server_name git.topo.tw; + + listen 80; + listen 443 ssl; + ssl_certificate /etc/nginx/ssl/git.topo.tw/fullchain.cer; + ssl_certificate_key /etc/nginx/ssl/git.topo.tw/git.topo.tw.key; + + root /srv/git/www; + + location ~ (/.*) { + #include fastcgi_params; + #fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend; + ## export all repositories under GIT_PROJECT_ROOT + #fastcgi_param GIT_HTTP_EXPORT_ALL ""; + #fastcgi_param GIT_PROJECT_ROOT /srv/git; + #fastcgi_param PATH_INFO $1; + } +} + +# Block all direct accesses via IP address +server { + server_name "~[\d\.]+"; + listen 80; + listen 443 ssl; + + error_page 404 /404.html; + return 404; +} + +## Redirect 80 to 443 +#server { +# if ($host = topo.tw) { +# return 301 https://$host$request_uri; +# } # managed by Certbot +# +# +# #listen 80; +# server_name topo.tw; +# return 301 https://$host$request_uri; +# +# +#} + +## Forward Proxy +#server { +# resolver 8.8.8.8; +# listen 13288; +# +# proxy_connect; +# proxy_connect_allow 443 563; +# proxy_connect_connect_timeout 10s; +# proxy_connect_read_timeout 10s; +# proxy_connect_send_timeout 10s; +# location / { +# proxy_pass http://$host; +# proxy_set_header Host $host; +# } +#} + +#server { +# server_name demo.topo.tw; +# root /; +# +# location / { +# index /home/pham/git/vps/demo/client.sh; +# add_header Content-Type text/plain; +# } +# #listen 80; +#} -- cgit v1.2.3-70-g09d2