pimiento · December 17, 2022 16:08
diff --git a/gistfile1.txt b/gistfile1.txt
 ==> 80.conf <==
 server {
  listen 80 default_server;

  access_log /var/log/nginx/80-access.log;
  error_log /var/log/nginx/80-error.log;
  
  location /.well-known/acme-challenge/ {
      root /www/certbot/;
  }
  location / {
      return 301 https://$host$request_uri;
  }
 }

 ==> apteka.pvavilin.conf <==
 server {
    listen 443 ssl;
    server_name apteka.pvavilin.ru;

    ssl_certificate /etc/letsencrypt/live/apteka.pvavilin.ru/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/apteka.pvavilin.ru/privkey.pem;
    access_log	/var/log/nginx/apteka-access.log;
    error_log	/var/log/nginx/apteka-error.log;

    location / {
        proxy_pass http://localhost:8882;

        proxy_set_header  X-Real-IP  $remote_addr;
        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
    }
 }

 ==> disk.pvavilin.conf <==
 server {
    listen 8443 ssl;
    server_name disk.pvavilin.ru;
    access_log	/var/log/nginx/disk-access.log;
    error_log	/var/log/nginx/disk-error.log;

    ssl_certificate /etc/letsencrypt/live/disk.pvavilin.ru/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/disk.pvavilin.ru/privkey.pem;
    ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384:@SECLEVEL=0;
    ssl_ecdh_curve secp384r1;

    add_header Strict-Transport-Security "max-age=31536000";
    ssl_protocols TLSv1.2;

    ssl_client_certificate /etc/ssl/lab.pvavilin.ru/ca.crt;
    ssl_verify_client optional;
    ssl_verify_depth 1;

    location / {
        proxy_pass http://localhost:8881;

        proxy_set_header  X-Real-IP  $remote_addr;
        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    location /transmission/ {
        proxy_read_timeout 300;
        proxy_pass_header  X-Transmission-Session-Id;
        proxy_set_header   X-Forwarded-Host $host;
        proxy_set_header   X-Forwarded-Server $host;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass         http://127.0.01:9091/transmission/web/;
    }

    location /rpc {
        proxy_pass         http://127.0.0.1:9091/transmission/rpc;
    }
       
    location /upload {
        proxy_pass         http://127.0.0.1:9091/transmission/upload;
    }
 }

 ==> no-default.conf <==
 server {
    listen 443 ssl;
    return 444;

    ssl_certificate /etc/letsencrypt/live/pvavilin.ru/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/pvavilin.ru/privkey.pem;
 }
	==> 80.conf <==
	server {
	listen 80 default_server;

	access_log /var/log/nginx/80-access.log;
	error_log /var/log/nginx/80-error.log;

	location /.well-known/acme-challenge/ {
	root /www/certbot/;
	}
	location / {
	return 301 https://$host$request_uri;
	}
	}

	==> apteka.pvavilin.conf <==
	server {
	listen 443 ssl;
	server_name apteka.pvavilin.ru;

	ssl_certificate /etc/letsencrypt/live/apteka.pvavilin.ru/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/apteka.pvavilin.ru/privkey.pem;
	access_log /var/log/nginx/apteka-access.log;
	error_log /var/log/nginx/apteka-error.log;

	location / {
	proxy_pass http://localhost:8882;

	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	}

	==> disk.pvavilin.conf <==
	server {
	listen 8443 ssl;
	server_name disk.pvavilin.ru;
	access_log /var/log/nginx/disk-access.log;
	error_log /var/log/nginx/disk-error.log;

	ssl_certificate /etc/letsencrypt/live/disk.pvavilin.ru/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/disk.pvavilin.ru/privkey.pem;
	ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384:@SECLEVEL=0;
	ssl_ecdh_curve secp384r1;

	add_header Strict-Transport-Security "max-age=31536000";
	ssl_protocols TLSv1.2;

	ssl_client_certificate /etc/ssl/lab.pvavilin.ru/ca.crt;
	ssl_verify_client optional;
	ssl_verify_depth 1;

	location / {
	proxy_pass http://localhost:8881;

	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}

	location /transmission/ {
	proxy_read_timeout 300;
	proxy_pass_header X-Transmission-Session-Id;
	proxy_set_header X-Forwarded-Host $host;
	proxy_set_header X-Forwarded-Server $host;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_pass http://127.0.01:9091/transmission/web/;
	}

	location /rpc {
	proxy_pass http://127.0.0.1:9091/transmission/rpc;
	}

	location /upload {
	proxy_pass http://127.0.0.1:9091/transmission/upload;
	}
	}

	==> no-default.conf <==
	server {
	listen 443 ssl;
	return 444;

	ssl_certificate /etc/letsencrypt/live/pvavilin.ru/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/pvavilin.ru/privkey.pem;
	}
No results found