From Tom, 4 Months ago, written in Plain Text.
This paste will cross the great divide in 1 Second.
Embed
  1. #/etc/nginx/conf.d/gateway.conf
  2. #
  3. ############################
  4. # Port    81 = Gateway     #
  5. # Port    82 = Wordpress   #
  6. # Port    83 = Nextcloud   #
  7. # Port    84 = Stikked     #
  8. # Port    85 = Roundcube   #
  9. # Port    86 = Rainloop    #
  10. # Port    87 = osTicket    #
  11. # Port    88 = Stikked     #
  12. # Port    89 = Office      #
  13. # Port    90 = FF-Sync     #
  14. # Port    91 = Framadate   #
  15. # Port    92 = Conbee      #
  16. # Port  8001 = VDR         #
  17. # Port 32400 = Plex        #
  18. ############################
  19. #
  20. ###############################################################
  21. # Subdomain für Wordpress                                     #
  22. ###############################################################
  23. #
  24. #### Let's Enrypt ####
  25. server {
  26. listen 80;
  27. server_name  192.168.200.10;
  28. charset utf-8;
  29. root /var/www;
  30. location ^~ /.well-known/acme-challenge {
  31. proxy_pass ;
  32. proxy_set_header Host $host;
  33.  }
  34. location / {
  35.  return 301 https://$host$request_uri;
  36.  }
  37. }
  38. #### Wordpress (82) ####
  39. server {
  40. listen 443 ssl http2;
  41. server_name  192.168.200.10;
  42. charset utf-8;
  43. include /etc/nginx/ssl.conf;
  44. include /etc/nginx/proxy.conf;
  45. include /etc/nginx/header.conf;
  46. location ^~ / {
  47. client_max_body_size 1024M;
  48. proxy_max_temp_file_size 1024M;
  49. proxy_connect_timeout 300;
  50. proxy_read_timeout 300;
  51. proxy_send_timeout 300;
  52. send_timeout 300;
  53. proxy_set_header Host $host;
  54. proxy_set_header X-Real-IP $remote_addr;
  55. proxy_set_header X-Forwarded-Proto $scheme;
  56. proxy_pass ;
  57. proxy_http_version 1.1;
  58. proxy_set_header Connection "";
  59. proxy_buffering off;
  60. proxy_request_buffering off;
  61.  }
  62. }
  63. ###############################################################
  64. # Subdomain für Nextcloud                                     #
  65. ###############################################################
  66. #
  67. server {
  68. listen 80;
  69. server_name ;
  70. charset utf-8;
  71. root /var/www;
  72. location ^~ /.well-known/acme-challenge {
  73. proxy_pass ;
  74.  }
  75. location / {
  76.   return 301 https://$host$request_uri;
  77.  }
  78.  
  79.  
  80. }
  81. server {
  82. listen 443 ssl http2;
  83. server_name ;
  84. charset utf-8;
  85. include /etc/nginx/ssl.conf;
  86. include /etc/nginx/proxy.conf;
  87. include /etc/nginx/header.conf;
  88. location = /.well-known/carddav {
  89. return 301 $scheme://$host/remote.php/dav;
  90. }
  91. location = /.well-known/caldav {
  92. return 301 $scheme://$host/remote.php/dav;
  93. }
  94. location ^~ / {
  95. #
  96. location = /.well-known/webfinger {
  97. return 301 /index.php$uri;
  98. }
  99. #
  100. location ^~ /.well-known {
  101. location = /.well-known/nodeinfo {
  102. return 301 /index.php$uri; }
  103. }
  104. #
  105. client_max_body_size 10240M;
  106. proxy_max_temp_file_size 10240M;
  107. proxy_connect_timeout 300;
  108. proxy_send_timeout 300;
  109. proxy_read_timeout 300;
  110. send_timeout 3600;
  111. proxy_set_header Host $host;
  112. proxy_set_header X-Real-IP $remote_addr;
  113. proxy_set_header X-Forwarded-Proto $scheme;
  114. proxy_pass ;
  115. proxy_http_version 1.1;
  116. proxy_set_header Connection "";
  117. proxy_buffering off;
  118. proxy_request_buffering off;
  119.  }
  120.  
  121. }
  122. ##############################################################
  123. # Subdomain für Roundcube                                    #
  124. ##############################################################
  125. #
  126. #server {
  127. #listen 80;
  128. #server_name ;
  129. #charset utf-8;
  130. #root /var/www;
  131. #location ^~ /.well-known/acme-challenge {
  132. #proxy_pass ;
  133. #}
  134. #location / {
  135. #return 301 https://$host$request_uri;
  136. #}
  137.  
  138.  
  139. #}
  140. #server {
  141. #listen 443 ssl http2;
  142. #server_name ;
  143. #charset utf-8;
  144. #include /etc/nginx/ssl.conf;
  145. #location ^~ / {
  146. #client_max_body_size 1024M;
  147. #proxy_max_temp_file_size 1024M;
  148. #proxy_connect_timeout 300;
  149. #proxy_send_timeout 300;
  150. #proxy_read_timeout 300;
  151. #send_timeout 300;
  152. #proxy_set_header Host $host;
  153. #proxy_set_header X-Real-IP $remote_addr;
  154. #proxy_set_header X-Forwarded-Proto $scheme;
  155. #proxy_cookie_path / "/; secure; HttpOnly";
  156. #proxy_pass ;
  157. #proxy_http_version 1.1;
  158. #proxy_set_header Connection "";
  159. #proxy_buffering off;
  160. #proxy_request_buffering off;
  161. # }
  162.  
  163. #}
  164. ##############################################################
  165. # Subdomain für Rainloop                                     #
  166. ##############################################################
  167. #
  168. #server {
  169. #listen 80;
  170. #server_name ;
  171. #charset utf-8;
  172. #root /var/www;
  173. #location ^~ /.well-known/acme-challenge {
  174. #proxy_pass ;
  175. #}
  176. #location / {
  177. #return 301 https://$host$request_uri;
  178. #}
  179. #
  180. #
  181. #}
  182. #server {
  183. #listen 443 ssl http2;
  184. #server_name ;
  185. #charset utf-8;
  186. #include /etc/nginx/ssl.conf;
  187. #location ^~ / {
  188. #client_max_body_size 1024M;
  189. #proxy_max_temp_file_size 1024M;
  190. #proxy_connect_timeout 300;
  191. #proxy_send_timeout 300;
  192. #proxy_read_timeout 300;
  193. #send_timeout 300;
  194. #proxy_set_header Host $host;
  195. #proxy_set_header X-Real-IP $remote_addr;
  196. #proxy_set_header X-Forwarded-Proto $scheme;
  197. #proxy_cookie_path / "/; secure; HttpOnly";
  198. #proxy_pass ;
  199. #proxy_http_version 1.1;
  200. #proxy_set_header Connection "";
  201. #proxy_buffering off;
  202. #proxy_request_buffering off;
  203. # }
  204. #
  205. #}
  206. ##############################################################
  207. # Subdomain für Plex                                         #
  208. ##############################################################
  209. #
  210. server {
  211.  
  212. listen 80;
  213. server_name ;
  214. charset utf-8;
  215. root /var/www;
  216. location ^~ /.well-known/acme-challenge {
  217. proxy_pass ;
  218.  }
  219. location / {
  220. return 301 https://$host$request_uri;
  221. }
  222.  
  223.  
  224. }
  225. server {
  226. listen 443 ssl http2;
  227. server_name ;
  228. charset utf-8;
  229. include /etc/nginx/ssl.conf;
  230. location ^~ / {
  231. client_max_body_size 1024M;
  232. proxy_max_temp_file_size 1024M;
  233. proxy_connect_timeout 300;
  234. proxy_read_timeout 300;
  235. proxy_send_timeout 300;
  236. send_timeout 300;
  237. proxy_set_header Host $host;
  238. proxy_set_header X-Real-IP $remote_addr;
  239. proxy_set_header X-Forwarded-Proto $scheme;
  240. proxy_cookie_path / "/; secure; HttpOnly";
  241. proxy_pass ;
  242. proxy_http_version 1.1;
  243. proxy_set_header Connection "";
  244. proxy_buffering off;
  245. proxy_request_buffering off;
  246. }
  247.  
  248. }
  249. ##############################################################
  250. # OnlyOffice                                                 #
  251. ##############################################################
  252.  
  253. server {
  254. listen 80;
  255. server_name ;
  256. charset utf-8;
  257. root /var/www;
  258. location ^~ /.well-known/acme-challenge {
  259. proxy_pass ;
  260.  }
  261. location / {
  262. return 301 https://$host$request_uri;
  263. }
  264.  
  265.  
  266. }
  267. server {
  268. listen 443 ssl http2;
  269. server_name ;
  270. charset utf-8;
  271. include /etc/nginx/ssl.conf;
  272. location ^~ / {
  273. client_max_body_size 1024M;
  274. proxy_max_temp_file_size 1024M;
  275. proxy_connect_timeout 300;
  276. proxy_send_timeout 300;
  277. proxy_read_timeout 300;
  278. send_timeout 300;
  279. proxy_set_header Host $host;
  280. proxy_set_header X-Real-IP $remote_addr;
  281. proxy_set_header X-Forwarded-Proto $scheme;
  282. proxy_cookie_path / "/; secure; HttpOnly";
  283. proxy_pass ;
  284. proxy_http_version 1.1;
  285. proxy_set_header Connection "";
  286. proxy_buffering off;
  287. proxy_request_buffering off;
  288. }
  289.  
  290. }
  291. ########################################################
  292. # Subdomain für FF-Sync                                #
  293. ########################################################
  294.  
  295. server {
  296. listen 80;
  297. server_name ;
  298. charset utf-8;
  299. root /var/www;
  300. location ^~ /.well-known/acme-challenge {
  301. proxy_pass ;
  302.  }
  303. location / {
  304. return 301 https://$host$request_uri;
  305. }
  306. }
  307. server {
  308. listen 443 ssl http2;
  309. server_name ;
  310. charset utf-8;
  311. include /etc/nginx/ssl.conf;
  312. location ^~ / {
  313. client_max_body_size 1024M;
  314. proxy_max_temp_file_size 1024M;
  315. proxy_connect_timeout 300;
  316. proxy_send_timeout 300;
  317. proxy_read_timeout 300;
  318. send_timeout 300;
  319. proxy_set_header Host $host;
  320. proxy_set_header X-Real-IP $remote_addr;
  321. proxy_set_header X-Forwarded-Proto $scheme;
  322. proxy_cookie_path / "/; secure; HttpOnly";
  323. proxy_pass ;
  324. proxy_http_version 1.1;
  325. proxy_set_header Connection "";
  326. proxy_buffering off;
  327. proxy_request_buffering off;
  328. }
  329. }
  330. ##############################################################
  331. # Subdomain für osTicket                                     #
  332. ##############################################################
  333.  
  334. server {
  335. listen 80;
  336. server_name ;
  337. charset utf-8;
  338. root /var/www;
  339. location ^~ /.well-known/acme-challenge {
  340. proxy_pass ;
  341.  }
  342. location / {
  343. return 301 https://$host$request_uri;
  344. }
  345.  
  346.  
  347. }
  348. server {
  349. listen 443 ssl http2;
  350. server_name ;
  351. charset utf-8;
  352. include /etc/nginx/ssl.conf;
  353. location ^~ / {
  354. client_max_body_size 1024M;
  355. proxy_max_temp_file_size 1024M;
  356. proxy_connect_timeout 300;
  357. proxy_send_timeout 300;
  358. proxy_read_timeout 300;
  359. send_timeout 300;
  360. proxy_set_header Host $host;
  361. proxy_set_header X-Real-IP $remote_addr;
  362. proxy_set_header X-Forwarded-Proto $scheme;
  363. proxy_cookie_path / "/; secure; HttpOnly";
  364. proxy_pass ;
  365. proxy_http_version 1.1;
  366. proxy_set_header Connection "";
  367. proxy_buffering off;
  368. proxy_request_buffering off;
  369. }
  370.  
  371. }
  372. ##############################################################
  373. #  Stikked                                                   #
  374. ##############################################################
  375. #
  376. server {
  377.  
  378. listen 80;
  379. server_name ;
  380. charset utf-8;
  381. root /var/www;
  382. location ^~ /.well-known/acme-challenge {
  383. proxy_pass ;
  384.  }
  385. location / {
  386. return 301 https://$host$request_uri;
  387. }
  388.  
  389.  
  390. }
  391. server {
  392. listen 443 ssl http2;
  393. server_name ;
  394. charset utf-8;
  395. location ^~ / {
  396. client_max_body_size 1024M;
  397. proxy_max_temp_file_size 1024M;
  398. proxy_connect_timeout 300;
  399. proxy_send_timeout 300;
  400. proxy_read_timeout 300;
  401. send_timeout 300;
  402. proxy_set_header Host $host;
  403. proxy_set_header X-Real-IP $remote_addr;
  404. proxy_set_header X-Forwarded-Proto $scheme;
  405. proxy_cookie_path / "/; secure; HttpOnly";
  406. proxy_pass ;
  407. proxy_http_version 1.1;
  408. proxy_set_header Connection "";
  409. proxy_buffering off;
  410. proxy_request_buffering off;
  411. }
  412. }
  413. #
  414. ##############################################################
  415. # Subdomain für VDR                                          #
  416. ##############################################################
  417. #
  418. server {
  419.  
  420. listen 80;
  421. server_name ;
  422. charset utf-8;
  423. root /var/www;
  424. location ^~ /.well-known/acme-challenge {
  425. proxy_pass ;
  426.  }
  427. location / {
  428. return 301 https://$host$request_uri;
  429. }
  430.  
  431.  
  432. }
  433. server {
  434. listen 443 ssl http2;
  435. server_name ;
  436. charset utf-8;
  437. include /etc/nginx/ssl.conf;
  438. location ^~ / {
  439. client_max_body_size 1024M;
  440. proxy_max_temp_file_size 1024M;
  441. proxy_connect_timeout 300;
  442. proxy_send_timeout 300;
  443. proxy_read_timeout 300;
  444. send_timeout 300;
  445. proxy_set_header Host $host;
  446. proxy_set_header X-Real-IP $remote_addr;
  447. proxy_set_header X-Forwarded-Proto $scheme;
  448. proxy_cookie_path / "/; secure; HttpOnly";
  449. proxy_pass ;
  450. proxy_http_version 1.1;
  451. proxy_set_header Connection "";
  452. proxy_buffering off;
  453. proxy_request_buffering off;
  454. }
  455.  
  456. }
  457. #
  458. #### Mailcow ####
  459. #
  460. server {
  461. listen 443 ssl http2;
  462. server_name ;
  463. charset utf-8;
  464. include /etc/nginx/ssl.conf;
  465. location ^~ / {
  466. client_max_body_size 1024M;
  467. proxy_max_temp_file_size 1024M;
  468. proxy_connect_timeout 300;
  469. proxy_send_timeout 300;
  470. proxy_read_timeout 300;
  471. send_timeout 300;
  472. proxy_set_header Host $host;
  473. proxy_set_header X-Real-IP $remote_addr;
  474. proxy_set_header X-Forwarded-Proto $scheme;
  475. proxy_cookie_path / "/; secure; HttpOnly";
  476. proxy_pass ;
  477. proxy_http_version 1.1;
  478. proxy_set_header Connection "";
  479. proxy_buffering off;
  480. proxy_request_buffering off;
  481.  }
  482.  
  483. }
  484.  
  485. ##############################################################
  486. #  Framadate                                                 #
  487. ##############################################################
  488. #
  489. server {
  490.  
  491. listen 80;
  492. server_name ;
  493. charset utf-8;
  494. root /var/www;
  495. location ^~ /.well-known/acme-challenge {
  496. proxy_pass ;
  497.  }
  498. location / {
  499. return 301 https://$host$request_uri;
  500. }
  501. }
  502. server {
  503. listen 443 ssl http2;
  504. server_name ;
  505. location  ^~ / {
  506. include /etc/nginx/proxy.conf;
  507. include /etc/nginx/header.conf;
  508. #access_log /var/log/nginx/date.access.log;
  509. #error_log /var/log/nginx/date.error.log;
  510. root /var/www/framadate/;
  511. index index.php;
  512. location ~^/(\.git)/{
  513. deny all;
  514. }
  515. location ~ /\. {
  516. deny all;
  517. }
  518. location ~ ^/composer\.json.*$|^/composer\.lock.*$|^/php\.ini.*$|^/.*\.sh {
  519. deny all;
  520. }
  521. location /admin/ {
  522. location ~ \.php$ {
  523. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  524. include fastcgi_params;
  525. include php_optimization.conf;
  526. fastcgi_pass php-handler;
  527. fastcgi_param HTTPS on;
  528. }
  529. try_files $uri $uri/ =401;
  530. }
  531. location / {
  532. rewrite "^/admin$" "/admin/" permanent;
  533. rewrite "^/([a-zA-Z0-9-]+)$" "/studs.php?poll=$1" last;
  534. rewrite "^/([a-zA-Z0-9-]+)/action/([a-zA-Z_-]+)/(.+)$" "/studs.php?poll=$1&$2=$3" last;
  535. rewrite "^/([a-zA-Z0-9-]+)/vote/([a-zA-Z0-9]{16})$" "/studs.php?poll=$1&vote=$2" last;
  536. rewrite "^/([a-zA-Z0-9]{24})/admin$" "/adminstuds.php?poll=$1" last;
  537. rewrite "^/([a-zA-Z0-9]{24})/admin/vote/([a-zA-Z0-9]{16})$" "/adminstuds.php?poll=$1&vote=$2" last;
  538. rewrite "^/([a-zA-Z0-9]{24})/admin/action/([a-zA-Z_-]+)(/([A-Za-z0-9]+))?$" "/adminstuds.php?poll=$1&$2=$4" last;
  539. try_files $uri /index.php;
  540. }
  541. location ~ \.php$ {
  542. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  543. fastcgi_index index.php;
  544. include fastcgi_params;
  545. include php_optimization.conf;
  546. fastcgi_pass php-handler;
  547. fastcgi_param HTTPS on;
  548. }
  549. }
  550. ##############################################################
  551. # Subdomain für Phoscon Conbee                               #
  552. ##############################################################
  553. #
  554. server {
  555.  
  556. listen 80;
  557. server_name ;
  558. charset utf-8;
  559. root /var/www;
  560. location ^~ /.well-known/acme-challenge {
  561. proxy_pass ;
  562.  }
  563. location / {
  564. return 301 https://$host$request_uri;
  565. }
  566.  
  567.  
  568. }
  569. server {
  570. listen 443 ssl http2;
  571. server_name ;
  572. charset utf-8;
  573. location ^~ / {
  574. client_max_body_size 1024M;
  575. proxy_max_temp_file_size 1024M;
  576. proxy_connect_timeout 300;
  577. proxy_send_timeout 300;
  578. proxy_read_timeout 300;
  579. send_timeout 300;
  580. proxy_set_header Host $host;
  581. proxy_set_header X-Real-IP $remote_addr;
  582. proxy_set_header X-Forwarded-Proto $scheme;
  583. proxy_cookie_path / "/; secure; HttpOnly";
  584. proxy_pass ;
  585. proxy_http_version 1.1;
  586. proxy_set_header Connection "";
  587. proxy_buffering off;
  588. proxy_request_buffering off;
  589. }
  590. }
  591. }
  592.