forked from mirror/pixelfed
delete contrib
This commit is contained in:
parent
e18d6083a2
commit
fd62962d20
2 changed files with 0 additions and 102 deletions
|
@ -1,35 +0,0 @@
|
||||||
upstream fe {
|
|
||||||
server 127.0.0.1:8080;
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
server_name real.domain;
|
|
||||||
listen [::]:443 ssl ipv6only=on;
|
|
||||||
listen 443 ssl;
|
|
||||||
ssl_certificate /etc/letsencrypt/live/real.domain/fullchain.pem; # managed by Certbot
|
|
||||||
ssl_certificate_key /etc/letsencrypt/live/real.domain/privkey.pem; # managed by Certbot
|
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
||||||
|
|
||||||
location / {
|
|
||||||
proxy_set_header Host $host;
|
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
|
||||||
proxy_set_header X-Forwarded-Host $http_x_forwarded_host;
|
|
||||||
proxy_set_header X-Forwarded-Port $http_x_forwarded_port;
|
|
||||||
proxy_redirect off;
|
|
||||||
proxy_pass http://fe/;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = real.domain) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
}
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
server_name real.domain;
|
|
||||||
return 404;
|
|
||||||
}
|
|
|
@ -1,67 +0,0 @@
|
||||||
server {
|
|
||||||
listen 443 ssl http2;
|
|
||||||
listen [::]:443 ssl http2;
|
|
||||||
server_name pixelfed.example; # change this to your fqdn
|
|
||||||
root /home/pixelfed/public; # path to repo/public
|
|
||||||
|
|
||||||
ssl_certificate /etc/nginx/ssl/server.crt; # generate your own
|
|
||||||
ssl_certificate_key /etc/nginx/ssl/server.key; # or use letsencrypt
|
|
||||||
|
|
||||||
ssl_protocols TLSv1.2;
|
|
||||||
ssl_ciphers EECDH+AESGCM:EECDH+CHACHA20:EECDH+AES;
|
|
||||||
ssl_prefer_server_ciphers on;
|
|
||||||
|
|
||||||
#add_header X-Frame-Options "SAMEORIGIN";
|
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
|
||||||
add_header X-Content-Type-Options "nosniff";
|
|
||||||
|
|
||||||
index index.php;
|
|
||||||
|
|
||||||
charset utf-8;
|
|
||||||
client_max_body_size 15M;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
try_files $uri $uri/ /index.php?$query_string;
|
|
||||||
}
|
|
||||||
|
|
||||||
location = /favicon.ico { access_log off; log_not_found off; }
|
|
||||||
location = /robots.txt { access_log off; log_not_found off; }
|
|
||||||
|
|
||||||
error_page 404 /index.php;
|
|
||||||
|
|
||||||
location ~ \.php$ {
|
|
||||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
|
||||||
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
|
|
||||||
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
|
|
||||||
fastcgi_param QUERY_STRING $query_string;
|
|
||||||
fastcgi_param REQUEST_METHOD $request_method;
|
|
||||||
fastcgi_param CONTENT_TYPE $content_type;
|
|
||||||
fastcgi_param CONTENT_LENGTH $content_length;
|
|
||||||
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
|
|
||||||
fastcgi_param REQUEST_URI $request_uri;
|
|
||||||
fastcgi_param DOCUMENT_URI $document_uri;
|
|
||||||
fastcgi_param DOCUMENT_ROOT $document_root;
|
|
||||||
fastcgi_param SERVER_PROTOCOL $server_protocol;
|
|
||||||
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
|
|
||||||
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
|
|
||||||
fastcgi_param REMOTE_ADDR $remote_addr;
|
|
||||||
fastcgi_param REMOTE_PORT $remote_port;
|
|
||||||
fastcgi_param SERVER_ADDR $server_addr;
|
|
||||||
fastcgi_param SERVER_PORT $server_port;
|
|
||||||
fastcgi_param SERVER_NAME $server_name;
|
|
||||||
fastcgi_param HTTPS $https if_not_empty;
|
|
||||||
fastcgi_param REDIRECT_STATUS 200;
|
|
||||||
fastcgi_param HTTP_PROXY "";
|
|
||||||
}
|
|
||||||
|
|
||||||
location ~ /\.(?!well-known).* {
|
|
||||||
deny all;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
server { # Redirect http to https
|
|
||||||
server_name pixelfed.example; # change this to your fqdn
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
}
|
|
Loading…
Reference in a new issue