commit a538698c935eb4ca17a2849c68129d197386159f Author: root Date: Sat Oct 29 23:23:42 2022 +0800 init diff --git a/9song-api b/9song-api new file mode 100644 index 0000000..019d41f --- /dev/null +++ b/9song-api @@ -0,0 +1,31 @@ +server { + server_name 9song-api.tradewind.vip; + + location / { + proxy_set_header Host $host; +# proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://127.0.0.1:8000/; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = 9song-api.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name 9song-api.tradewind.vip; + return 404; # managed by Certbot + + +} diff --git a/a_default b/a_default new file mode 100644 index 0000000..6d49065 --- /dev/null +++ b/a_default @@ -0,0 +1,18 @@ +server { + listen 80 default_server; + server_name _; + return 444; +} + +server { + listen 443 ssl default_server; + server_name _; + + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot +# include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot +# ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + + return 444; +} + diff --git a/api b/api new file mode 100644 index 0000000..22c3d73 --- /dev/null +++ b/api @@ -0,0 +1,36 @@ +server { + listen 443; + server_name api.tradewind.vip; + + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + + root /var/www/http/tradewind-api/public; + index index.php; + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + location ~ \.php$ { + fastcgi_pass 127.0.0.1:9000; + fastcgi_index index.php; + fastcgi_split_path_info ^((?U).+\.php)(/?.+)$; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; + include fastcgi_params; + } +} + +server { + if ($host = api.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + listen 80; + server_name api.tradewind.vip; + return 404; # managed by Certbot +} + diff --git a/bitwarden b/bitwarden new file mode 100644 index 0000000..406bbe0 --- /dev/null +++ b/bitwarden @@ -0,0 +1,36 @@ +server { + server_name bitwarden.tradewind.vip; + + # Allow large attachments + client_max_body_size 128M; + + location / { +resolver 223.5.5.5; +set $router "router.tradewind.vip"; + proxy_set_header Host $host; + proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://$router:10060; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = bitwarden.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name bitwarden.tradewind.vip; + return 404; # managed by Certbot + + +} diff --git a/default b/default new file mode 100644 index 0000000..9d51630 --- /dev/null +++ b/default @@ -0,0 +1,101 @@ +## +# You should look at the following URL's in order to grasp a solid understanding +# of Nginx configuration files in order to fully unleash the power of Nginx. +# https://www.nginx.com/resources/wiki/start/ +# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ +# https://wiki.debian.org/Nginx/DirectoryStructure +# +# In most cases, administrators will remove this file from sites-enabled/ and +# leave it as reference inside of sites-available where it will continue to be +# updated by the nginx packaging team. +# +# This file will automatically load configuration files provided by other +# applications, such as Drupal or Wordpress. These applications will be made +# available underneath a path with that package name, such as /drupal8. +# +# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. +## + +# Default server configuration +# +server { +# listen 80 default_server; +# listen [::]:80 default_server; + + # SSL configuration + # + listen 443 ssl default_server; + listen [::]:443 ssl default_server; + + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + # + # Note: You should disable gzip for SSL traffic. + # See: https://bugs.debian.org/773332 + # + # Read up on ssl_ciphers to ensure a secure configuration. + # See: https://bugs.debian.org/765782 + # + # Self signed certs generated by the ssl-cert package + # Don't use them in a production server! + # + # include snippets/snakeoil.conf; + + root /var/www/html; + + # Add index.php to the list if you are using PHP + index index.html index.htm index.nginx-debian.html; + + server_name _; + + location / { + # First attempt to serve request as file, then + # as directory, then fall back to displaying a 404. + try_files $uri $uri/ =404; + } + + # pass PHP scripts to FastCGI server + # + location ~ \.php$ { + include snippets/fastcgi-php.conf; + + # With php-fpm (or other unix sockets): +# fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; + # With php-cgi (or other tcp sockets): + fastcgi_pass 127.0.0.1:9000; + } + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} +} + + +# Virtual Host configuration for example.com +# +# You can move that to a different file under sites-available/ and symlink that +# to sites-enabled/ to enable it. +# +#server { +# listen 80; +# listen [::]:80; +# +# server_name example.com; +# +# root /var/www/example.com; +# index index.html; +# +# location / { +# try_files $uri $uri/ =404; +# } +#} +server { + listen 80; + server_name default_server; + return 301 https://$host$request_uri; +} diff --git a/emby b/emby new file mode 100644 index 0000000..9d09552 --- /dev/null +++ b/emby @@ -0,0 +1,34 @@ +server { + server_name emby.tradewind.vip; + + location / { + add_header Cache-Control no-cache; + add_header Pragma no-cache; + add_header Expires 0; + proxy_set_header Host $host; +# proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://router.tradewind.vip:8096/; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = emby.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name emby.tradewind.vip; + return 404; # managed by Certbot + + +} diff --git a/gitea b/gitea new file mode 100644 index 0000000..e3ad201 --- /dev/null +++ b/gitea @@ -0,0 +1,33 @@ +server { + server_name gitea.tradewind.vip; + + location / { +resolver 223.5.5.5; +set $router "router.tradewind.vip"; + proxy_set_header Host $host; +# proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://$router:10010; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = gitea.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name gitea.tradewind.vip; + return 404; # managed by Certbot + + +} diff --git a/gogs b/gogs new file mode 100644 index 0000000..df72ad6 --- /dev/null +++ b/gogs @@ -0,0 +1,31 @@ +server { + server_name gogs.tradewind.vip; + + location / { + proxy_set_header Host $host; +# proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://tradewind.myqnapcloud.com:10020/; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = gogs.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name gogs.tradewind.vip; + return 404; # managed by Certbot + + +} diff --git a/img b/img new file mode 100644 index 0000000..429cc2d --- /dev/null +++ b/img @@ -0,0 +1,31 @@ +server { + server_name img.tradewind.vip; + + location / { + proxy_set_header Host $host; +# proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass https://txapi.tradewind.vip/release/imgbed/; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = img.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name img.tradewind.vip; + return 404; # managed by Certbot + + +} diff --git a/jenkins b/jenkins new file mode 100644 index 0000000..694bd26 --- /dev/null +++ b/jenkins @@ -0,0 +1,31 @@ +server { + server_name jenkins.tradewind.vip; + + location / { + proxy_set_header Host $host; +# proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://tradewind.myqnapcloud.com:10030/; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = jenkins.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name jenkins.tradewind.vip; + return 404; # managed by Certbot + + +} diff --git a/joplin b/joplin new file mode 100644 index 0000000..564dd04 --- /dev/null +++ b/joplin @@ -0,0 +1,53 @@ +server { + server_name joplin.tradewind.vip; + + location / { +resolver 223.5.5.5; +set $router "router.tradewind.vip:22300"; + proxy_set_header Host $host; + proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://$router; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + server_name joplin.tradewind.vip; + + location / { +resolver 223.5.5.5; +set $router "router.tradewind.vip"; + proxy_set_header Host $host; +# proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://$router:8888; + } + + listen 5000 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = joplin.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name joplin.tradewind.vip; + return 404; # managed by Certbot + + +} diff --git a/leanote b/leanote new file mode 100644 index 0000000..d9f24db --- /dev/null +++ b/leanote @@ -0,0 +1,35 @@ +server { + server_name leanote.tradewind.vip; + + location / { +resolver 223.5.5.5; +set $router "router.tradewind.vip"; + proxy_set_header Host $host; +# proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://$router:10000; + } + location /demo { + deny all; + } + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = leanote.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name leanote.tradewind.vip; + return 404; # managed by Certbot + + +} diff --git a/music b/music new file mode 100644 index 0000000..10f7e27 --- /dev/null +++ b/music @@ -0,0 +1,42 @@ +map $http_upgrade $connection_upgrade { + default upgrade; + '' close; +} + +server { + server_name music.tradewind.vip; + + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_pass http://127.0.0.1:8080/; + } + +# listen 80; + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/music.tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/music.tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = music.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + listen 80; + server_name music.tradewind.vip; + return 404; # managed by Certbot +} + +#server { +# listen 8080; +# server_name tradewind.vip; +# return 301 https://music.tradewind.vip; +#} + diff --git a/nas b/nas new file mode 100644 index 0000000..bea9643 --- /dev/null +++ b/nas @@ -0,0 +1,38 @@ +server { + server_name nas.tradewind.vip; + + location / { +resolver 223.5.5.5; +set $router "router.tradewind.vip"; + proxy_set_header Host $host; + proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://$router:5000; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +#server { +# listen 80; +# server_name nas.tradewind.vip; +# return 301 https://$host$request_uri; +#} +server { + if ($host = nas.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name nas.tradewind.vip; + return 404; # managed by Certbot + + +} diff --git a/rss b/rss new file mode 100644 index 0000000..e64a391 --- /dev/null +++ b/rss @@ -0,0 +1,31 @@ +server { + server_name rss.tradewind.vip; + + location / { + proxy_set_header Host $host; +# proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://127.0.0.1:1200/; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = rss.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name rss.tradewind.vip; + return 404; # managed by Certbot + + +} diff --git a/send b/send new file mode 100644 index 0000000..10966ea --- /dev/null +++ b/send @@ -0,0 +1,31 @@ +server { + server_name send.tradewind.vip; + + location / { + proxy_set_header Host $host; +# proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass https://airportal.cn/; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = send.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name send.tradewind.vip; + return 404; # managed by Certbot + + +} diff --git a/sync b/sync new file mode 100644 index 0000000..d2a7ad1 --- /dev/null +++ b/sync @@ -0,0 +1,29 @@ +server { + server_name sync.tradewind.vip; + + location / { + proxy_set_header Host $host; +# proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://router.tradewind.vip:5007/Sync; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = sync.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name sync.tradewind.vip; + return 404; # managed by Certbot +} diff --git a/tr b/tr new file mode 100644 index 0000000..7f92fed --- /dev/null +++ b/tr @@ -0,0 +1,33 @@ +server { + server_name tr.tradewind.vip; + + location / { +resolver 223.5.5.5; +set $router "router.tradewind.vip"; + proxy_set_header Host $host; + proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://$router:49091; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = tr.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name tr.tradewind.vip; + return 404; # managed by Certbot + + +} diff --git a/wiznote b/wiznote new file mode 100644 index 0000000..f2cfdb4 --- /dev/null +++ b/wiznote @@ -0,0 +1,31 @@ +server { + server_name wiznote.tradewind.vip; + + location / { + proxy_set_header Host $host; +# proxy_redirect off; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://tradewind.myqnapcloud.com:10050/; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = wiznote.tradewind.vip) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name wiznote.tradewind.vip; + return 404; # managed by Certbot + + +} diff --git a/www b/www new file mode 100644 index 0000000..c1ed007 --- /dev/null +++ b/www @@ -0,0 +1,105 @@ +## +# You should look at the following URL's in order to grasp a solid understanding +# of Nginx configuration files in order to fully unleash the power of Nginx. +# https://www.nginx.com/resources/wiki/start/ +# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ +# https://wiki.debian.org/Nginx/DirectoryStructure +# +# In most cases, administrators will remove this file from sites-enabled/ and +# leave it as reference inside of sites-available where it will continue to be +# updated by the nginx packaging team. +# +# This file will automatically load configuration files provided by other +# applications, such as Drupal or Wordpress. These applications will be made +# available underneath a path with that package name, such as /drupal8. +# +# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. +## + +# Default server configuration +# +server { +# listen 80 default_server; +# listen [::]:80 default_server; + + # SSL configuration + # + listen 443 ssl; + listen [::]:443 ssl; + + ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + # + # Note: You should disable gzip for SSL traffic. + # See: https://bugs.debian.org/773332 + # + # Read up on ssl_ciphers to ensure a secure configuration. + # See: https://bugs.debian.org/765782 + # + # Self signed certs generated by the ssl-cert package + # Don't use them in a production server! + # + # include snippets/snakeoil.conf; + + root /var/www/http; + + # Add index.php to the list if you are using PHP + index index.html index.htm index.nginx-debian.html; + + server_name tradewind.vip www.tradewind.vip; + + location / { + # First attempt to serve request as file, then + # as directory, then fall back to displaying a 404. + try_files $uri =404; + } + + # pass PHP scripts to FastCGI server + # + location ~ \.php$ { + include snippets/fastcgi-php.conf; + + # With php-fpm (or other unix sockets): +# fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; + # With php-cgi (or other tcp sockets): + fastcgi_pass 127.0.0.1:9000; +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $fastcgi_path_info; + fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; + include fastcgi_params; + } + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} +} + + +# Virtual Host configuration for example.com +# +# You can move that to a different file under sites-available/ and symlink that +# to sites-enabled/ to enable it. +# +#server { +# listen 80; +# listen [::]:80; +# +# server_name example.com; +# +# root /var/www/example.com; +# index index.html; +# +# location / { +# try_files $uri $uri/ =404; +# } +#} +server { + listen 80; + server_name tradewind.vip www.tradewind.vip; + return 301 https://$host$request_uri; +}