add nginx conf file in _config

This commit is contained in:
binaryFate 2020-10-30 15:32:01 +01:00
parent 7a7ae92be3
commit 18ca79a102

View file

@ -1,37 +1,19 @@
# This is included as an example of a config file that works for the site. This is important so that anyone can re-host it in the event of something going wrong with the main site.
# The main takeaways from this config file are the redirects, everything is relatively bog standard.
# This is included as an example of a config file that works for the site.
# This is important so that anyone can re-host it in the event of something going wrong with the main site.
# The main takeaways from this config file are the redirects.
server {
listen 80;
listen 8080;
# Specify this vhost's domain name
server_name dlsrc.getmonero.org downloads.getmonero.orgdlsrc.monero.mu downloads.monero.mu downloads.monero.cc;
return 301 https://$server_name$request_uri;
}
server {
listen 80;
listen 443 ssl http2;
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_prefer_server_ciphers on;
# Specify this vhost's domain name
server_name updates.getmonero.org dlsrc.getmonero.org downloads.getmonero.org updates.monero.mu dlsrc.monero.mu downloads.monero.mu downloads.monero.cc;
root /var/www/downloads.getmonero.org/webroot;
server_name downloads.getmonero.org dlsrc.getmonero.org updates.getmonero.org updates.monero.mu dlsrc.monero.mu downloads.monero.mu downloads.monero.cc;
root /var/www/html;
index index.php index.html index.htm;
# Specify log locations for current site
access_log off;
error_log /var/log/nginx/default-site.log warn;
access_log /var/log/downloads_access.log;
error_log /var/log/downloads_error.log warn;
# Let's not give away too much info:
error_page 403 = 404;
# These are the restrictions I generally have on
# Disable logging for favicon
location = /favicon.ico {
log_not_found off;
@ -60,198 +42,192 @@ server {
access_log off;
log_not_found off;
}
# End of general restrictions
# Downloads!
location /win64 {
rewrite ^ /cli/monero-win-x64-v0.13.0.2.zip redirect;
rewrite ^ https://$server_name/cli/monero-win-x64-v0.17.1.1.zip redirect;
}
location /win32 {
rewrite ^ /cli/monero-win-x86-v0.13.0.2.zip redirect;
rewrite ^ https://$server_name/cli/monero-win-x86-v0.17.1.1.zip redirect;
}
location /mac64 {
rewrite ^ /cli/monero-mac-x64-v0.13.0.2.tar.bz2 redirect;
rewrite ^ https://$server_name/cli/monero-mac-x64-v0.17.1.1.tar.bz2 redirect;
}
location /linux64 {
rewrite ^ /cli/monero-linux-x64-v0.13.0.2.tar.bz2 redirect;
rewrite ^ https://$server_name/cli/monero-linux-x64-v0.17.1.1.tar.bz2 redirect;
}
location /linux32 {
rewrite ^ /cli/monero-linux-x86-v0.13.0.2.tar.bz2 redirect;
rewrite ^ https://$server_name/cli/monero-linux-x86-v0.17.1.1.tar.bz2 redirect;
}
location /linuxarm7 {
rewrite ^ /cli/monero-linux-armv7-v0.13.0.2.tar.bz2 redirect;
rewrite ^ https://$server_name/cli/monero-linux-armv7-v0.17.1.1.tar.bz2 redirect;
}
location /linuxarm8 {
rewrite ^ /cli/monero-linux-armv8-v0.13.0.2.tar.bz2 redirect;
rewrite ^ https://$server_name/cli/monero-linux-armv8-v0.17.1.1.tar.bz2 redirect;
}
location /androidarm7 {
rewrite ^ https://$server_name/cli/monero-android-armv7-v0.17.1.1.tar.bz2 redirect;
}
location /androidarm8 {
rewrite ^ https://$server_name/cli/monero-android-armv8-v0.17.1.1.tar.bz2 redirect;
}
location /freebsd64 {
rewrite ^ /cli/monero-freebsd-x64-v0.13.0.2.tar.bz2 redirect;
}
location /dragonflybsd64 {
rewrite ^ /cli/monero-dragonflybsd-x64-v0.13.0.2.tar.bz2 redirect;
rewrite ^ https://$server_name/cli/monero-freebsd-x64-v0.17.1.1.tar.bz2 redirect;
}
# GUI downloads
location /gui/win64install {
rewrite ^ https://$server_name/gui/monero-gui-install-win-x64-v0.17.1.1.exe redirect;
}
location /gui/win64 {
rewrite ^ /gui/monero-gui-win-x64-v0.13.0.2.zip redirect;
rewrite ^ https://$server_name/gui/monero-gui-win-x64-v0.17.1.1.zip redirect;
}
location /gui/mac64 {
rewrite ^ /gui/monero-gui-mac-x64-v0.13.0.2.tar.bz2 redirect;
rewrite ^ https://$server_name/gui/monero-gui-mac-x64-v0.17.1.1.dmg redirect;
}
location /gui/linux64 {
rewrite ^ /gui/monero-gui-linux-x64-v0.13.0.2.tar.bz2 redirect;
}
location /gui/linux32 {
rewrite ^ /gui/monero-gui-linux-x86-v0.13.0.2.tar.bz2 redirect;
rewrite ^ https://$server_name/gui/monero-gui-linux-x64-v0.17.1.1.tar.bz2 redirect;
}
# Other download redirects
location /cli/win64 {
rewrite ^ /win64 permanent;
rewrite ^ https://$server_name/win64 permanent;
}
location /cli/win32 {
rewrite ^ /win32 permanent;
rewrite ^ https://$server_name/win32 permanent;
}
location /cli/mac64 {
rewrite ^ /mac64 permanent;
rewrite ^ https://$server_name/mac64 permanent;
}
location /cli/linux64 {
rewrite ^ /linux64 permanent;
rewrite ^ https://$server_name/linux64 permanent;
}
location /cli/linux32 {
rewrite ^ /linux32 permanent;
rewrite ^ https://$server_name/linux32 permanent;
}
location /cli/linuxarm7 {
rewrite ^ /linuxarm7 permanent;
rewrite ^ https://$server_name/linuxarm7 permanent;
}
location /cli/linuxarm8 {
rewrite ^ /linuxarm8 permanent;
rewrite ^ https://$server_name/linuxarm8 permanent;
}
location /cli/androidarm7 {
rewrite ^ https://$server_name/androidarm7 permanent;
}
location /cli/androidarm8 {
rewrite ^ https://$server_name/androidarm8 permanent;
}
location /cli/freebsd64 {
rewrite ^ /freebsd64 permanent;
rewrite ^ https://$server_name/freebsd64 permanent;
}
location /cli/dragonflybsd64 {
rewrite ^ /dragonflybsd64 permanent;
rewrite ^ https://$server_name/dragonflybsd64 permanent;
}
location /win {
rewrite ^ /win64 permanent;
rewrite ^ https://$server_name/win64 permanent;
}
location /mac {
rewrite ^ /mac64 permanent;
rewrite ^ https://$server_name/mac64 permanent;
}
location /linux {
rewrite ^ /linux64 permanent;
rewrite ^ https://$server_name/linux64 permanent;
}
location /freebsd {
rewrite ^ /freebsd64 permanent;
rewrite ^ https://$server_name/freebsd64 permanent;
}
location /dragonflybsd {
rewrite ^ /dragonflybsd64 permanent;
rewrite ^ https://$server_name/dragonflybsd64 permanent;
}
location /arm {
rewrite ^ /linuxarm7 permanent;
rewrite ^ https://$server_name/linuxarm7 permanent;
}
location /arm64 {
rewrite ^ /linuxarm8 permanent;
rewrite ^ https://$server_name/linuxarm8 permanent;
}
location /arm7 {
rewrite ^ /linuxarm7 permanent;
rewrite ^ https://$server_name/linuxarm7 permanent;
}
location /arm8 {
rewrite ^ /linuxarm8 permanent;
rewrite ^ https://$server_name/linuxarm8 permanent;
}
location /monero.win.x64.latest.zip {
rewrite ^ /win64 permanent;
rewrite ^ https://$server_name/win64 permanent;
}
location /monero.win.x32.latest.zip {
rewrite ^ /win32 permanent;
rewrite ^ https://$server_name/win32 permanent;
}
location /monero.mac.x64.latest.tar.bz2 {
rewrite ^ /mac64 permanent;
rewrite ^ https://$server_name/mac64 permanent;
}
location /monero.linux.x64.latest.tar.bz2 {
rewrite ^ /linux64 permanent;
rewrite ^ https://$server_name/linux64 permanent;
}
location /monero.linux.x86.latest.tar.bz2 {
rewrite ^ /linux86 permanent;
rewrite ^ https://$server_name/linux86 permanent;
}
location /monero.linux.arm7.latest.tar.bz2 {
rewrite ^ /linuxarm7 permanent;
rewrite ^ https://$server_name/linuxarm7 permanent;
}
location /monero.linux.arm8.latest.tar.bz2 {
rewrite ^ /linuxarm8 permanent;
rewrite ^ https://$server_name/linuxarm8 permanent;
}
location /monero.freebsd.x64.latest.tar.bz2 {
rewrite ^ /freebsd64 permanent;
rewrite ^ https://$server_name/freebsd64 permanent;
}
location /monero.dragonflybsd.x64.latest.tar.bz2 {
rewrite ^ /dragonflybsd64 permanent;
rewrite ^ https://$server_name/dragonflybsd64 permanent;
}
location / {
try_files $uri $uri/ $uri.php $uri.htm $uri.html =404;
# try_files $uri $uri/ $uri.php $uri.htm $uri.html =404;
index index.html index.htm index.php;
# post_action @download_complete;
# post_action @download_complete;
}
# location @download_complete {
# resolver 8.8.8.8;
# proxy_pass http://statcounter.monero.cc/stat_counter.php?zz=yy&status=$request_completion&uri=$uri&remote_addr=$remote_addr&http_x_forwarded_for=$http_x_forwarded_for&body_bytes_sent=$body_bytes_sent&request_time=$request_time&scheme=$scheme&server_name=$server_name&http_user_agent=$http_user_agent;
# internal;
# resolver 8.8.8.8;
# proxy_pass http://statcounter.monero.cc/stat_counter.php?zz=yy&status=$request_completion&uri=$uri&remote_addr=$remote_addr&http_x_forwarded_for=$http_x_forwarded_for&body_bytes_sent=$body_bytes_sent&request_time=$request_time&scheme=$scheme&server_name=$server_name&http_user_agent=$http_user_agent;
# internal;
# }
# Block for processing PHP files
# Specifically matches URIs ending in .php
location ~ \.php$ {
try_files $uri =404;
# Fix for server variables that behave differently under nginx/php-fpm than typically expected
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Include the standard fastcgi_params file included with nginx
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_index index.php;
# Override the SCRIPT_FILENAME variable set by fastcgi_params
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# Pass to upstream PHP-FPM; This must match whatever you name your upstream connection
fastcgi_pass phpfpm;
}
}
}