self-hosting:random_nginx_configs

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

self-hosting:random_nginx_configs [2019/10/01 23:08] (current)
mjorgensen created
Line 1: Line 1:
 +====== Random Nginx Configs ======
  
 +**''​nginx.conf'':​**
 +<code nginx>
 +user www-data;
 +worker_processes auto;
 +pid /​run/​nginx.pid;​
 +include /​etc/​nginx/​modules-enabled/​*.conf;​
 +
 +events {
 + worker_connections 768;
 + # multi_accept on;
 +}
 +
 +http {
 +
 + ##
 + # Basic Settings
 + ##
 +
 + sendfile on;
 + tcp_nopush on;
 + tcp_nodelay on;
 + keepalive_timeout 65;
 + types_hash_max_size 2048;
 + # server_tokens off;
 +
 + # server_names_hash_bucket_size 64;
 + # server_name_in_redirect off;
 +
 + include /​etc/​nginx/​mime.types;​
 + default_type application/​octet-stream;​
 +
 + ##
 + # SSL Settings
 + ##
 +
 + ssl_protocols TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
 + ssl_ciphers '​ECDHE-RSA-AES128-GCM-SHA256:​ECDHE-ECDSA-AES128-GCM-SHA256:​ECDHE-RSA-AES256-GCM-SHA384:​ECDHE-ECDSA-AES256-GCM-SHA384:​DHE-RSA-AES128-GCM-SHA256:​DHE-DSS-AES128-GCM-SHA256:​kEDH+AESGCM:​ECDHE-RSA-AES128-SHA256:​ECDHE-ECDSA-AES128-SHA256:​ECDHE-RSA-AES128-SHA:​ECDHE-ECDSA-AES128-SHA:​ECDHE-RSA-AES256-SHA384:​ECDHE-ECDSA-AES256-SHA384:​ECDHE-RSA-AES256-SHA:​ECDHE-ECDSA-AES256-SHA:​DHE-RSA-AES128-SHA256:​DHE-RSA-AES128-SHA:​DHE-DSS-AES128-SHA256:​DHE-RSA-AES256-SHA256:​DHE-DSS-AES256-SHA:​DHE-RSA-AES256-SHA:​AES128-GCM-SHA256:​AES256-GCM-SHA384:​AES128-SHA256:​AES256-SHA256:​AES128-SHA:​AES256-SHA:​AES:​CAMELLIA:​DES-CBC3-SHA:​!aNULL:​!eNULL:​!EXPORT:​!DES:​!RC4:​!MD5:​!PSK:​!aECDH:​!EDH-DSS-DES-CBC3-SHA:​!EDH-RSA-DES-CBC3-SHA:​!KRB5-DES-CBC3-SHA';​
 + ssl_prefer_server_ciphers on;
 +
 + ssl_dhparam /​etc/​nginx/​dhparams.pem;​
 +
 + ##
 + # Logging Settings
 + ##
 +
 + access_log /​var/​log/​nginx/​access.log;​
 + error_log /​var/​log/​nginx/​error.log;​
 +
 + ##
 + # Gzip Settings
 + ##
 +
 + gzip on;
 + gzip_disable "​msie6";​
 +
 + # gzip_vary on;
 + # gzip_proxied any;
 + # gzip_comp_level 6;
 + # gzip_buffers 16 8k;
 + # gzip_http_version 1.1;
 + # gzip_types text/plain text/css application/​json application/​javascript text/xml application/​xml application/​xml+rss text/​javascript;​
 +
 + ##
 + # Virtual Host Configs
 + ##
 +
 + include /​etc/​nginx/​conf.d/​*.conf;​
 + include /​etc/​nginx/​sites-enabled/​*;​
 +}
 +
 +
 +#mail {
 +# # See sample authentication script at:
 +# # http://​wiki.nginx.org/​ImapAuthenticateWithApachePhpScript
 +
 +# # auth_http localhost/​auth.php;​
 +# # pop3_capabilities "​TOP"​ "​USER";​
 +# # imap_capabilities "​IMAP4rev1"​ "​UIDPLUS";​
 +
 +# server {
 +#​ listen ​    ​localhost:​110;​
 +#​ protocol ​  pop3;
 +#​ proxy ​     on;
 +# }
 +
 +# server {
 +#​ listen ​    ​localhost:​143;​
 +#​ protocol ​  imap;
 +#​ proxy ​     on;
 +# }
 +#}
 +</​code>​
 +
 +**''​share.jrgnsn.net.conf'':​**
 +<code nginx>
 +server {
 +
 +    server_name share.jrgnsn.net;​
 +    root /​var/​www/​share.jrgnsn.net;​
 +    index index.html index.htm;
 +
 +    location / {
 +        try_files $uri $uri/ =404;
 +        autoindex on;
 +        autoindex_exact_size off;
 +        autoindex_localtime on;
 +    }
 +    location /secret {
 +        auth_basic ​             "These files are secret!";​
 +        auth_basic_user_file ​   /​etc/​apache2/​share.htpasswd;​
 +    }
 +
 +    listen [::]:443 ssl ipv6only=on;​ # managed by Certbot
 +    listen 443 ssl; # managed by Certbot
 +    ssl_certificate /​etc/​letsencrypt/​live/​jrgnsn.net/​fullchain.pem;​ # managed by Certbot
 +    ssl_certificate_key /​etc/​letsencrypt/​live/​jrgnsn.net/​privkey.pem;​ # managed by Certbot
 +    include /​etc/​letsencrypt/​options-ssl-nginx.conf;​ # managed by Certbot
 +    ssl_dhparam /​etc/​letsencrypt/​ssl-dhparams.pem;​ # managed by Certbot
 +
 +
 +}
 +server {
 +    if ($host = share.jrgnsn.net) {
 +        return 301 https://​$host$request_uri;​
 +    } # managed by Certbot
 +
 +
 +    listen 80;
 +    listen [::]:80;
 +
 +    server_name share.jrgnsn.net;​
 +    return 404; # managed by Certbot
 +
 +
 +}
 +</​code>​
  • self-hosting/random_nginx_configs.txt
  • Last modified: 2019/10/01 23:08
  • by mjorgensen