Guest User

Untitled

a guest
Sep 19th, 2021
39
101 days
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #D I E T - P I
  2. # /etc/nginx/nginx.conf
  3.  
  4. user www-data;
  5.  
  6. # As a thumb rule: One per CPU.
  7. worker_processes 4;
  8.  
  9. pid /run/nginx.pid;
  10.  
  11. # Load dynamic modules
  12. include /etc/nginx/modules-enabled/*.conf;
  13.  
  14. # Maximum file descriptors that can be opened per process
  15. # This should be > worker_connections
  16. worker_rlimit_nofile 100;
  17.  
  18. events {
  19.     worker_connections 50;
  20. }
  21.  
  22. error_log /var/log/nginx/error.log;
  23.  
  24. http {
  25.  
  26.     charset utf-8;
  27.  
  28.     # Avoid > 2 MiB upload error: https://github.com/MichaIng/DietPi/issues/546
  29.     client_max_body_size 512M;
  30.  
  31.     # Upstream to abstract back-end connection(s) for PHP
  32.     upstream php {
  33.         server unix:/run/php/php7.3-fpm.sock;
  34.  
  35.     }
  36.  
  37.     # Set the mime-types via the mime.types external file
  38.     include mime.types;
  39.  
  40.     # And the fallback mime-type
  41.     default_type application/octet-stream;
  42.  
  43.     # Click tracking!
  44.     access_log off;
  45.  
  46.     # Hide Nginx version
  47.     server_tokens off;
  48.  
  49.     # ~2 seconds is often enough for HTML/CSS, but connections in
  50.     # Nginx are cheap, so generally it's safe to increase it
  51.     keepalive_timeout 2;
  52.  
  53.     # You usually want to serve static files with Nginx
  54.     sendfile on;
  55.  
  56.     tcp_nopush on; # off may be better for Comet/long-poll stuff
  57.     tcp_nodelay off; # on may be better for Comet/long-poll stuff
  58.  
  59.     server_name_in_redirect off;
  60.     types_hash_max_size 2048;
  61.  
  62.     gzip off;
  63.     gzip_http_version 1.0;
  64.     gzip_comp_level 1;
  65.     gzip_min_length 512;
  66.     gzip_buffers 4 8k;
  67.     gzip_proxied any;
  68.     gzip_types
  69.         # text/html is always compressed by HttpGzipModule
  70.         text/css
  71.         text/plain
  72.         text/x-component
  73.         application/javascript
  74.         application/json
  75.         application/xml
  76.         application/xhtml+xml
  77.         application/x-font-ttf
  78.         application/x-font-opentype
  79.         application/vnd.ms-fontobject
  80.         image/svg+xml
  81.         image/x-icon;
  82.  
  83.     # This should be turned on if you are going to have pre-compressed copies (.gz) of
  84.     # static files available. If not it should be left off as it will cause extra I/O
  85.     # for the check. It would be better to enable this in a location {} block for
  86.     # a specific directory:
  87.     #gzip_static on;
  88.  
  89.     gzip_disable "msie6";
  90.     gzip_vary on;
  91.    
  92.     server_names_hash_bucket_size 128;    # Ajout pour local/remote
  93.  
  94.     ##Orgv2 Let's encrypt vhost - Non SSL
  95. ##vhost_template_v: v1.0.3
  96. ##author: elmerfdz
  97.  
  98. #Note to User
  99. #Temp vhost conf until you're ready to enable LE SSL
  100. #Please delete the below block and uncomment the next 2 server blocks, when you're ready to do so.
  101. server {
  102.         listen 443 ssl http2;
  103.         listen [::]:443 ssl http2;
  104.         server_name xxx;
  105.         root /var/www/organizr.local/html;
  106.         index index.php index.html index.htm index.nginx-debian.html;
  107.         location /api/v2 {try_files $uri /api/v2/index.php$is_args$args;}          
  108.         location ~ ^/auth-(.*) { rewrite ^/auth-(.*) /api/v2/auth?group=$1; } #Org Auth
  109.         error_page 401 $scheme://$server_name/?error=$status&return=$request_uri;
  110.         error_page 400 402 403 404 405 408 500 502 503 504 $scheme://$server_name/?error=$status;
  111.         location / {try_files $uri $uri/ =404;}
  112.         include config/organizr.local/phpblock.conf;  #PHP Block
  113.         #include conf.d/apps/*.conf;  #apps
  114.        
  115. location /komga/ {
  116.   proxy_http_version 1.1;
  117.   auth_request off;
  118.   proxy_set_header  X-Real-IP $remote_addr;
  119.   proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
  120.   proxy_set_header  Upgrade $http_upgrade;
  121.   proxy_set_header  Connection "Upgrade";
  122.   proxy_pass        http://127.0.0.1:2037/komga/;
  123.   chunked_transfer_encoding off;
  124.   proxy_buffering off;
  125.   proxy_cache off;
  126. }
  127.  
  128.     location /komga/api {
  129.         auth_request off;
  130.         proxy_pass http://127.0.0.1:2037/komga/api;
  131.     }
  132.  
  133.     location /komga/opds {
  134.         auth_request off;
  135.         proxy_pass http://127.0.0.1:2037/komga/opds;
  136.     }
  137.     ssl_certificate /etc/letsencrypt/live/xxx/fullchain.pem; # managed by Certbot
  138.     ssl_certificate_key /etc/letsencrypt/live/xxx/privkey.pem; # managed by Certbot
  139.  
  140.  
  141. }
  142.  
  143. ## http://organizr.local redirects to https://organizr.local
  144. #   include config/organizr.local/http_server.conf;
  145.  
  146.  
  147. ## Serves https://www.organizr.local
  148. #server {
  149. #   listen 443 ssl http2; listen [::]:443 ssl http2;
  150. #   server_name organizr.local;
  151. #   include /etc/nginx/config/organizr.local/ssl.conf; #edit path to your certs
  152. #   root /var/www/organizr.local/html;
  153. #   index index.php index.html index.htm index.nginx-debian.html;
  154. #   location /api/v2 {try_files $uri /api/v2/index.php$is_args$args;}  
  155. #   location ~ ^/auth-(.*) { rewrite ^/auth-(.*) /api/v2/auth?group=$1; } #Org Auth
  156. #       error_page 401 $scheme://$server_name/?error=$status&return=$request_uri;
  157. #   error_page 400 402 403 404 405 408 500 502 503 504 $scheme://$server_name/?error=$status;
  158. #   location / {try_files $uri $uri/ =404;}
  159. #   include config/organizr.local/phpblock.conf;  #PHP Block
  160. #   #include conf.d/apps/*.conf;  #apps #Uncomment to enable apps
  161. #}
  162. server {
  163.     if ($host = xxx) {
  164.         return 301 https://$host$request_uri;
  165.     } # managed by Certbot
  166.  
  167.  
  168.         listen 80;
  169.         listen [::]:80;
  170.     server_name xxx;
  171.     return 404; # managed by Certbot
  172.  
  173.  
  174. }
  175.    
  176. }
  177.  
RAW Paste Data