commit d785ca88405929c828343e7731f6833c6a0319a3
Author: PIVODEVAT <ivan.vekhov@mail.ru>
Date: Sun Feb 2 03:27:12 2025 +0300
init
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..e69de29
diff --git a/conf.d/gitea.conf b/conf.d/gitea.conf
new file mode 100644
index 0000000..443904b
--- /dev/null
+++ b/conf.d/gitea.conf
@@ -0,0 +1,15 @@
+server {
+ listen 443 ssl;
+ server_name root-kit.ru;
+
+ ssl_certificate /usr/local/etc/letsencrypt/live/root-kit.ru/fullchain.pem;
+ ssl_certificate_key /usr/local/etc/letsencrypt/live/root-kit.ru/privkey.pem;
+
+ location / {
+ proxy_pass http://127.0.0.1:3000;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ }
+}
diff --git a/conf.d/http.conf b/conf.d/http.conf
new file mode 100644
index 0000000..dc3f7fa
--- /dev/null
+++ b/conf.d/http.conf
@@ -0,0 +1,13 @@
+server {
+ listen 80;
+ server_name root-kit.ru;
+
+ # Prevent nginx HTTP Server Detection
+ server_tokens off;
+
+ # Редирект с HTTP на HTTPS
+ #return 301 https://$host$request_uri;
+ location / {
+ rewrite ^ https://$http_host$request_uri? permanent; # force redirect http to https
+ }
+}
diff --git a/conf.d/postfixadmin.conf b/conf.d/postfixadmin.conf
new file mode 100644
index 0000000..ddf5397
--- /dev/null
+++ b/conf.d/postfixadmin.conf
@@ -0,0 +1,26 @@
+server {
+ listen 777 ssl;
+ server_name root-kit.ru;
+
+ ssl_certificate /usr/local/etc/letsencrypt/live/root-kit.ru/fullchain.pem;
+ ssl_certificate_key /usr/local/etc/letsencrypt/live/root-kit.ru/privkey.pem;
+
+ root /usr/local/www/postfixadmin/public;
+
+ index index.php index.html index.htm;
+
+ location / {
+ try_files $uri $uri/ /index.php?$query_string;
+ }
+
+ location ~ \.php$ {
+ include fastcgi_params;
+ fastcgi_pass 127.0.0.1:9000;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ }
+
+ location ~ /\.ht {
+ deny all;
+ }
+}
diff --git a/conf.d/punkcraft.conf b/conf.d/punkcraft.conf
new file mode 100644
index 0000000..e9f3404
--- /dev/null
+++ b/conf.d/punkcraft.conf
@@ -0,0 +1,22 @@
+server {
+ listen 443 ssl;
+ server_name punkcraft.ru;
+
+ ssl_certificate /usr/local/etc/letsencrypt/live/punkcraft.ru/fullchain.pem;
+ ssl_certificate_key /usr/local/etc/letsencrypt/live/punkcraft.ru/privkey.pem;
+
+ # Указываем корневую директорию проекта
+ root /home/xer/punkcraft/frontend/dist;
+
+ # Обрабатываем запросы к статическим файлам
+ location /assets {
+ alias /home/xer/punkcraft/frontend/dist/assets;
+ expires 1y;
+ access_log off;
+ add_header Cache-Control "public";
+ }
+
+ location / {
+ try_files $uri $uri/ /index.html;
+ }
+}
diff --git a/conf.d/punkcraft_backend.conf b/conf.d/punkcraft_backend.conf
new file mode 100644
index 0000000..3d121eb
--- /dev/null
+++ b/conf.d/punkcraft_backend.conf
@@ -0,0 +1,15 @@
+server {
+ listen 3002 ssl;
+ server_name root-kit.ru;
+
+ ssl_certificate /usr/local/etc/letsencrypt/live/root-kit.ru/fullchain.pem;
+ ssl_certificate_key /usr/local/etc/letsencrypt/live/root-kit.ru/privkey.pem;
+
+ location / {
+ proxy_pass http://127.0.0.1:3001;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ }
+}
diff --git a/conf.d/seafile.conf b/conf.d/seafile.conf
new file mode 100644
index 0000000..bbf690f
--- /dev/null
+++ b/conf.d/seafile.conf
@@ -0,0 +1,72 @@
+server {
+ listen 666 ssl;
+ server_name root-kit.ru;
+ server_tokens off;
+ http2 on;
+
+ ssl_protocols TLSv1.2;
+ ssl_certificate /usr/local/etc/letsencrypt/live/root-kit.ru/fullchain.pem;
+ ssl_certificate_key /usr/local/etc/letsencrypt/live/root-kit.ru/privkey.pem;
+ ssl_prefer_server_ciphers on;
+ ssl_session_timeout 10m;
+
+
+ location / {
+ proxy_pass http://127.0.0.1:8000;
+ proxy_set_header Host $host:$server_port;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Host $server_name;
+ proxy_set_header X-Forwarded-Proto https;
+ proxy_http_version 1.1;
+ proxy_connect_timeout 36000s;
+ proxy_read_timeout 36000s;
+ proxy_send_timeout 36000s;
+ send_timeout 36000s;
+
+ # used for view/edit office file via Office Online Server
+ client_max_body_size 0;
+
+ access_log /var/log/nginx/seahub.access.log;
+ error_log /var/log/nginx/seahub.error.log;
+ }
+
+ location /seafhttp {
+ rewrite ^/seafhttp(.*)$ $1 break;
+ proxy_pass http://127.0.0.1:8082;
+ client_max_body_size 0;
+ proxy_connect_timeout 36000s;
+ proxy_read_timeout 36000s;
+ proxy_send_timeout 36000s;
+ send_timeout 36000s;
+ proxy_request_buffering off;
+ proxy_http_version 1.1;
+
+ }
+
+ location /seafmedia {
+ rewrite ^/seafmedia(.*)$ /media$1 break;
+ root /opt/seafile/seafile-server-latest/seahub;
+ }
+
+ location /seafdav {
+ proxy_pass http://127.0.0.1:8080;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Host $server_name;
+ proxy_set_header X-Forwarded-Proto https;
+ proxy_http_version 1.1;
+ proxy_connect_timeout 36000s;
+ proxy_read_timeout 36000s;
+ proxy_send_timeout 36000s;
+ send_timeout 36000s;
+
+ # This option is only available for Nginx >= 1.8.0.
+ client_max_body_size 0;
+ proxy_request_buffering off;
+
+ access_log /var/log/nginx/seafdav.access.log;
+ error_log /var/log/nginx/seafdav.error.log;
+ }
+}
diff --git a/nginx.conf b/nginx.conf
new file mode 100644
index 0000000..42dbe92
--- /dev/null
+++ b/nginx.conf
@@ -0,0 +1,12 @@
+#user nobody;
+worker_processes 1;
+
+events {
+ worker_connections 1024;
+}
+
+http {
+ include mime.types;
+ include conf.d/*.conf;
+ default_type application/octet-stream;
+}