Home Explore Help
Sign In
221V
/
simple-forum
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: f94592505b
Branches Tags
simple-forum
/
forum_dev_warage_win

forum_dev_warage_win 3.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111 
  1. 

  2. # ./acme.sh --issue --standalone --httpport 9999 -d forum_dev.warage.win --certpath /etc/letsencrypt/live/forum_dev.warage.win/cert.pem --keypath /etc/letsencrypt/live/forum_dev.warage.win/privkey.pem --fullchainpath /etc/letsencrypt/live/forum_dev.warage.win/fullchain.pem;
    3. 

  3. # --force
    4. 

  4. 

  5. #server{
    6. 

  6. #  listen 80;
    7. 

  7. #  server_name forum_dev.warage.win;
    8. 

  8. #  include acme_http;
    9. 

  9. #}
    10. 

  10. 

  11. 

  12. #server{
    13. 

  13. #  listen 80;
    14. 

  14. #  server_name forum_dev.warage.win;
    15. 

  15. #  return 301 https://forum_dev.warage.win$request_uri;
    16. 

  16. #}
    17. 

  17. ## because cert by cloudflare
    18. 

  18. 

  19. server{
    20. 

  20.   #listen 443 ssl http2;
    21. 

  21.   listen 80;
    22. 

  22.   
    23. 

  23.   root /var/www/forum_dev;
    24. 

  24.   index index.php index.html;
    25. 

  25.   
    26. 

  26.   server_name forum_dev.warage.win;
    27. 

  27.   #ssl_certificate /etc/letsencrypt/live/forum_dev.warage.win/fullchain.pem;
    28. 

  28.   #ssl_certificate_key /etc/letsencrypt/live/forum_dev.warage.win/privkey.pem;
    29. 

  29.   #ssl_dhparam /etc/letsencrypt/live/forum_dev.warage.win/dhparams.pem;
    30. 

  30.   #ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    31. 

  31.   #ssl_prefer_server_ciphers on;
    32. 

  32.   #ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
    33. 

  33.   
    34. 

  34.   #ssl_session_timeout 10m;
    35. 

  35.   #add_header Strict-Transport-Security "max-age=31536000;";
    36. 

  36.   
    37. 

  37.   charset utf-8;
    38. 

  38.   underscores_in_headers on;
    39. 

  39.   
    40. 

  40.   access_log /var/www/ok_forum_dev_warage_win.log;
    41. 

  41.   error_log /var/www/err_forum_dev_warage_win.log;
    42. 

  42.   
    43. 

  43.   gzip on;
    44. 

  44.   gzip_vary on;
    45. 

  45.   gzip_comp_level 6;
    46. 

  46.   gzip_min_length 1024;
    47. 

  47.   gzip_proxied any;
    48. 

  48.   gzip_types text/plain text/css image/svg+xml image/svg application/json application/javascript application/x-javascript text/*;
    49. 

  49.   gzip_buffers 16 8k;
    50. 

  50.   #add_header X-Frame-Options "DENY";
    51. 

  51.   
    52. 

  52.   location ~* \.tpl$ { access_log off; error_log off; return 403; }
    53. 

  53.   location ~* \.sql$ { access_log off; error_log off; return 403; }
    54. 

  54.   
    55. 

  55.   location /css/ {
    56. 

  56.     root /var/www/forum_dev_warage_win/stc;
    57. 

  57.     try_files $uri $uri/ =404;
    58. 

  58.     expires max;
    59. 

  59.     access_log off;
    60. 

  60.     error_log off;
    61. 

  61.   }
    62. 

  62.   location /js/ {
    63. 

  63.     root /var/www/forum_dev_warage_win/stc;
    64. 

  64.     try_files $uri $uri/ =404;
    65. 

  65.     expires max;
    66. 

  66.     access_log off;
    67. 

  67.     error_log off;
    68. 

  68.   }
    69. 

  69.   location /img/ {
    70. 

  70.     root /var/www/forum_dev_warage_win/stc;
    71. 

  71.     try_files $uri $uri/ =404;
    72. 

  72.     expires max;
    73. 

  73.     access_log off;
    74. 

  74.     error_log off;
    75. 

  75.   }
    76. 

  76.   
    77. 

  77.   # ws
    78. 

  78.   location /ws {
    79. 

  79.     access_log off;
    80. 

  80.     
    81. 

  81.     proxy_pass http://127.0.0.1:5000;
    82. 

  82.     proxy_http_version 1.1;
    83. 

  83.     proxy_set_header Upgrade $http_upgrade;
    84. 

  84.     proxy_set_header Connection "upgrade";
    85. 

  85.     proxy_read_timeout 86400s;
    86. 

  86.     proxy_send_timeout 86400s;
    87. 

  87.     
    88. 

  88.     proxy_set_header HOST $host; # $http_host
    89. 

  89.     proxy_set_header X-Real-IP  $remote_addr;
    90. 

  90.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    91. 

  91.   }
    92. 

  92.   
    93. 

  93.   location / {
    94. 

  94.     ##try_files $uri $uri/ =404;
    95. 

  95.     try_files $uri $uri/ @python;
    96. 

  96.     ##try_files @python @python;
    97. 

  97.     ##try_files $uri @python @python;
    98. 

  98.     access_log off;
    99. 

  99.   }
    100. 

  100.   
    101. 

  101.   location @python {
    102. 

  102.     proxy_set_header HOST $host;
    103. 

  103.     proxy_set_header X-Real-IP $remote_addr;
    104. 

  104.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    105. 

  105.     proxy_set_header Host $http_host;
    106. 

  106.     proxy_pass http://127.0.0.1:5000;
    107. 

  107.   }
    108. 

  108. }
    109. 

  109. 

  110. 

  111.