#map $token $api_client_name { # default ""; # # # CAUTION!! Change token and client name wisely # "XXXX" "client"; #} # Gets the basename of the original request map $request_uri $request_basename { ~/(?[^/?]*)(?:\?|$) $captured_request_basename; } # Gets the basename of the current uri map $uri $basename { ~/(?[^/]*)$ $captured_basename; } server { server_name topo.tw www.topo.tw; listen 80; listen 443 ssl; ssl_certificate /etc/nginx/ssl/fullchain.cert; ssl_certificate_key /etc/nginx/ssl/cert.pem; # files root /srv/http; index index.html; autoindex on; autoindex_exact_size off; disable_symlinks off; # charset charset utf-8; charset_types *; override_charset on; # header proxy_set_header Host $host; add_header Cache-Control "no-cache" always; #add_header Cache-Control "max-age=604800"; error_page 404 /404.html; error_log /var/log/nginx/error.log debug; #rewrite_log on; location ~ \.html$ { try_files $uri =404; } location ~ \.js$ { add_header Access-Control-Allow-Origin *; } location = /cgi/ { alias /srv/cgi/; } location ^~ /cgi/(.+) { gzip off; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/run/fcgiwrap.sock; fastcgi_param SCRIPT_FILENAME /srv/cgi/$1; } location ~ [^/]$ { try_files $uri @rewrite_no_slash; } location @rewrite_no_slash { add_header rewrite no_slash; rewrite ^(.+)$ $1.html permanent; } location ~ /$ { try_files $uri @rewrite_slash; } location @rewrite_slash { rewrite ^(.+)/$ $1.html permanent; } rewrite ^/posts$ /posts/ permanent; location = /posts/ { autoindex_format xml; xslt_string_param title "/posts/"; xslt_stylesheet layout/simple.xslt; add_header Cache-Control "no-cache" always; } # This configuration allow you to upload/modify/delete file, for example: # curl -X PUT -F file=@foo https://topo.tw/doc/bar location ^~ /doc { alias /home/pham/doc/; client_body_temp_path /tmp/client_temp; dav_methods PUT DELETE MKCOL COPY MOVE; create_full_put_path on; dav_access group:rw all:r; client_max_body_size 10000m; } location ^~ /photos/ { alias /home/pham/data/s3.photos/; autoindex_format xml; xslt_string_param title "photos"; xslt_stylesheet layout/gal.xslt; try_files $uri $uri/ =404; expires max; if ($uri ~ ^/photos/([^!]+)!(large|lg|md)$ ) { set $filename /home/pham/data/s3.photos/$1; set $img_version $2; rewrite ^ /thumbnail; } } rewrite ^/p(ublic)?$ /public/ permanent; rewrite ^/p/(.*)$ /public/$1; location ^~ /public/ { alias /home/pham/public/; autoindex_format xml; xslt_string_param title "/posts/"; xslt_stylesheet layout/simple.xslt; add_header Access-Control-Allow-Origin "*" always; add_header Cache-Control "no-cache" always; } # thumbnail CGI, requires variables 'filename' and 'img_version' location = /thumbnail { # Prepare the required parameters (width, height, cropping or zooming) according to the URL address! set $img_type resize; set $img_w -; set $img_h -; if ($img_version = 'large') { set $img_type resize; set $img_w 1920; } if ($img_version = 'lg') { set $img_type crop; set $img_w 256; set $img_h 256; } if ($img_version = 'md') { set $img_type crop; set $img_w 128; set $img_h 128; } rewrite ^ /_$img_type; } # Processing of Scaled Pictures location = /_resize { alias $filename; image_filter resize $img_w $img_h; image_filter_jpeg_quality 95; image_filter_buffer 20M; image_filter_interlace on; } # Processing of clipped pictures location = /_crop { alias $filename; image_filter crop $img_w $img_h; image_filter_jpeg_quality 95; image_filter_buffer 20M; image_filter_interlace on; } location ^~ /wallpapers { alias /home/pham/public/wallpapers/; autoindex_format xml; xslt_string_param title "Wallpaper Collection!"; xslt_stylesheet layout/gal.xslt; try_files $uri $uri/ =404; if ($uri ~ ([^/!]+)!(large|lg|md)$ ) { set $filename /home/pham/public/wallpapers/$1; set $img_version $2; rewrite ^ /thumbnail; } } location ^~ /tmp { alias /home/pham/public/tmp/; autoindex on; add_header "Content-Type" "text/plain; charset=utf-8"; } location ^~ /osm { alias /home/pham/public/osm/; autoindex on; } location ^~ /tainan/ { alias /home/pham/public/tainan/; autoindex on; index =404; } location /public/layx { alias /home/pham/public/layx/; autoindex on; auth_basic "You need to login"; auth_basic_user_file /etc/nginx/passwd/2022.10.11; } location ^~ /private/ { alias /home/pham/private/; autoindex on; auth_basic "You need to login"; auth_basic_user_file /etc/nginx/passwd/japan; } location = /japan.html { autoindex on; auth_basic "You need to login"; auth_basic_user_file /etc/nginx/passwd/japan; } location ^~ /houshou { alias /home/pham/houshou/; autoindex on; autoindex_format xml; xslt_string_param title "Houshou Collection!"; xslt_stylesheet layout/gal.xslt; try_files $uri $uri/ =404; auth_basic "You need to login"; auth_basic_user_file /etc/nginx/passwd/houshou; if ($uri ~ ([^/!]+)!(large|lg|md)$ ) { set $filename /home/pham/houshou/$1; set $img_version $2; rewrite ^ /thumbnail; } } location ^~ /houshou2 { alias /home/pham/houshou2/; autoindex on; autoindex_format xml; xslt_string_param title "Houshou Collection!"; #xslt_stylesheet layout/simple-gal.xslt; xslt_stylesheet layout/gal.xslt; try_files $uri $uri/ =404; if ($uri ~ ([^/!]+)!(large|lg|md)$ ) { set $filename /home/pham/houshou2/$1; set $img_version $2; rewrite ^ /thumbnail; } } location /rescue { root /home/pham; auth_basic "You need to login"; auth_basic_user_file /etc/nginx/passwd/rescue; } # location /upload/ { # proxy_pass http://127.0.0.1:8000/; # } #rewrite ^/up$ /up/; #location /up/ { # proxy_set_header X-Forwarded-Proto https; # proxy_set_header Referer $host/up/; # proxy_pass http://127.0.0.1:8080/; # client_max_body_size 1g; #} #location = /_validate_token { # internal; # if ($token = "") { # return 401; # Unauthorized # } # if ($api_client_name = "") { # return 403; # Forbidden # } # return 204; # OK (no content) #} } # git server server { server_name git.topo.tw; listen 80; listen 443 ssl; ssl_certificate /etc/nginx/ssl/git.topo.tw/fullchain.cer; ssl_certificate_key /etc/nginx/ssl/git.topo.tw/git.topo.tw.key; root /srv/git/www; location ~ (/.*) { #include fastcgi_params; #fastcgi_param SCRIPT_FILENAME /usr/lib/git-core/git-http-backend; ## export all repositories under GIT_PROJECT_ROOT #fastcgi_param GIT_HTTP_EXPORT_ALL ""; #fastcgi_param GIT_PROJECT_ROOT /srv/git; #fastcgi_param PATH_INFO $1; } } # Block all direct accesses via IP address server { server_name "~[\d\.]+"; listen 80; error_page 404 /404.html; return 404; } ## Redirect 80 to 443 #server { # if ($host = topo.tw) { # return 301 https://$host$request_uri; # } # managed by Certbot # # # #listen 80; # server_name topo.tw; # return 301 https://$host$request_uri; # # #} ## Forward Proxy #server { # resolver 8.8.8.8; # listen 13288; # # proxy_connect; # proxy_connect_allow 443 563; # proxy_connect_connect_timeout 10s; # proxy_connect_read_timeout 10s; # proxy_connect_send_timeout 10s; # location / { # proxy_pass http://$host; # proxy_set_header Host $host; # } #} #server { # server_name demo.topo.tw; # root /; # # location / { # index /home/pham/git/vps/demo/client.sh; # add_header Content-Type text/plain; # } # #listen 80; #}