nginx conf

acme_http

@@ -0,0 +1,8 @@
+
+location ~ ^/(.well-known/acme-challenge/.*)$ {
+  proxy_pass http://127.0.0.1:9999/$1;
+  proxy_set_header X-Real-IP $remote_addr;
+  proxy_set_header Host $http_host;
+  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+}
+

forum_dev_warage_win

@@ -0,0 +1,111 @@
+
+# ./acme.sh --issue --standalone --httpport 9999 -d forum_dev.warage.win --certpath /etc/letsencrypt/live/forum_dev.warage.win/cert.pem --keypath /etc/letsencrypt/live/forum_dev.warage.win/privkey.pem --fullchainpath /etc/letsencrypt/live/forum_dev.warage.win/fullchain.pem;
+# --force
+
+#server{
+#  listen 80;
+#  server_name forum_dev.warage.win;
+#  include acme_http;
+#}
+
+
+#server{
+#  listen 80;
+#  server_name forum_dev.warage.win;
+#  return 301 https://forum_dev.warage.win$request_uri;
+#}
+## because cert by cloudflare
+
+server{
+  #listen 443 ssl http2;
+  listen 80;
+  
+  root /var/www/forum_dev;
+  index index.php index.html;
+  
+  server_name forum_dev.warage.win;
+  #ssl_certificate /etc/letsencrypt/live/forum_dev.warage.win/fullchain.pem;
+  #ssl_certificate_key /etc/letsencrypt/live/forum_dev.warage.win/privkey.pem;
+  #ssl_dhparam /etc/letsencrypt/live/forum_dev.warage.win/dhparams.pem;
+  #ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+  #ssl_prefer_server_ciphers on;
+  #ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
+  
+  #ssl_session_timeout 10m;
+  #add_header Strict-Transport-Security "max-age=31536000;";
+  
+  charset utf-8;
+  underscores_in_headers on;
+  
+  access_log /var/www/ok_forum_dev_warage_win.log;
+  error_log /var/www/err_forum_dev_warage_win.log;
+  
+  gzip on;
+  gzip_vary on;
+  gzip_comp_level 6;
+  gzip_min_length 1024;
+  gzip_proxied any;
+  gzip_types text/plain text/css image/svg+xml image/svg application/json application/javascript application/x-javascript text/*;
+  gzip_buffers 16 8k;
+  #add_header X-Frame-Options "DENY";
+  
+  location ~* \.tpl$ { access_log off; error_log off; return 403; }
+  location ~* \.sql$ { access_log off; error_log off; return 403; }
+  
+  location /css/ {
+    root /var/www/forum_dev_warage_win/stc;
+    try_files $uri $uri/ =404;
+    expires max;
+    access_log off;
+    error_log off;
+  }
+  location /js/ {
+    root /var/www/forum_dev_warage_win/stc;
+    try_files $uri $uri/ =404;
+    expires max;
+    access_log off;
+    error_log off;
+  }
+  location /img/ {
+    root /var/www/forum_dev_warage_win/stc;
+    try_files $uri $uri/ =404;
+    expires max;
+    access_log off;
+    error_log off;
+  }
+  
+  # ws
+  location /ws {
+    access_log off;
+    
+    proxy_pass http://127.0.0.1:5000;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+    proxy_read_timeout 86400s;
+    proxy_send_timeout 86400s;
+    
+    proxy_set_header HOST $host; # $http_host
+    proxy_set_header X-Real-IP  $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+  }
+  
+  location / {
+    ##try_files $uri $uri/ =404;
+    try_files $uri $uri/ @python;
+    ##try_files @python @python;
+    ##try_files $uri @python @python;
+    access_log off;
+  }
+  
+  location @python {
+    proxy_set_header HOST $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $http_host;
+    proxy_pass http://127.0.0.1:5000;
+  }
+}
+
+
+