diff options
| author |  steering7253 | 2026-04-26 05:33:46 -0600 |
|---|---|---|
| committer | steering7253 | 2026-04-26 05:33:46 -0600 |
| commit | 3679992b44585ced812f5577aec88bd1ada2bdba (patch) | |
| tree | 69a418725bb5ab2351248cc67af0d17a33aeb74a /nginx.conf | |
init
Diffstat (limited to 'nginx.conf')
| -rw-r--r-- | nginx.conf | 112 |
1 files changed, 112 insertions, 0 deletions
diff --git a/nginx.conf b/nginx.conf new file mode 100644 index 0000000..e339876 --- /dev/null +++ b/nginx.conf @@ -0,0 +1,112 @@ + +user nginx nginx; +worker_processes 1; + +error_log /var/log/nginx/error.log info; + +events { + worker_connections 1024; + use epoll; +} + +http { + include /etc/nginx/mime.types.nginx; + charset utf-8; + types_hash_max_size 4096; + default_type application/octet-stream; + + log_format main + '$remote_addr - $remote_user [$time_local] ' + '"$request" $status $bytes_sent ' + '"$http_referer" "$http_user_agent" ' + '"$gzip_ratio" handler=$sent_http_handler'; + log_format i2p + '$remote_addr - $remote_user [$time_local] ' + '"$request" $status $bytes_sent ' + '"$http_referer" "$http_user_agent" ' + '"$gzip_ratio" ' + '"$http_x_i2p_destb32" "$http_x_i2p_desthash" "$http_x_i2p_destb64"'; + + client_header_timeout 10m; + client_body_timeout 10m; + send_timeout 10m; + + connection_pool_size 256; + client_header_buffer_size 1k; + large_client_header_buffers 4 4k; + request_pool_size 4k; + + gzip off; + + output_buffers 4 32k; + postpone_output 1460; + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + + keepalive_timeout 75 20; + + ignore_invalid_headers on; + + index index.html; + + ssl_protocols TLSv1.3; + ssl_ecdh_curve X25519:prime256v1:secp384r1; + ssl_prefer_server_ciphers off; + + server { + listen 80 default_server; + listen [::]:80 default_server; + + server_name _; + location / { + return 301 https://$host$request_uri; + } + + location /.well-known/ { + root /var/www/localhost/htdocs; + } + } + + server { + listen 51.222.150.227:443 ssl default_server; + server_name cgit.space; + + ssl_certificate /etc/letsencrypt/live/cgit.space/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/cgit.space/privkey.pem; + + include server.conf; + } + + server { + listen 172.20.133.164:443 ssl; + listen [fd62:5e23:8905:3::2]:443 ssl; + server_name cgit.dn42; + + ssl_certificate /etc/letsencrypt/live/cgit.dn42/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/cgit.dn42/privkey.pem; + + include server.conf; + } + + server { + listen unix:/var/run/tor/cgitspace.sock; + server_name cgitspa3wul6tptah5zmgzimtcirefefcgy6pwyoopsofphmxyhsnjqd.onion; + + include server.conf; + } + + server { + listen unix:/var/run/tor/dn42.sock; + server_name dn422hid5ejv7p67nw3nvn3uoqhxrr57hsagg2yxwsn72vuxwgi5veyd.onion; + + location / { + proxy_pass https://dn42.wiki; + proxy_set_header Host dn42.wiki; + proxy_set_header X-Real-IP $remote_addr; + proxy_ssl_server_name on; + #proxy_set_header X-Forwarded-For $remote_addr; + } + } +} |