API tools faq
paste
Advertisement
reno306

reverse

reno306
Jan 25th, 2019
191
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.09 KB | None | 0 0
raw download clone embed print report
  1. server {
  2. access_log /var/log/nginx/access.log;
  3. # access_log off;
  4. error_log /var/log/nginx/error.log;
  5. # error_log off;
  6. error_page 401 /error/401/index.html;
  7. error_page 403 /error/403/index.html;
  8. error_page 404 /error/404/index.html;
  9. error_page 502 /error/502/index.html;error_page 500 /error/500/index.html;
  10.  
  11. location ^~ /error/ {
  12. auth_basic off;
  13. internal;
  14. }
  15.  
  16. auth_basic "OpenFLIXR Login";
  17. auth_basic_user_file /etc/nginx/.htpasswd;
  18.  
  19. location ~ ^/(status|ping)$ {
  20. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  21. fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  22. include fastcgi_params;
  23. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  24. fastcgi_index index.php;
  25. }
  26.  
  27. location ~ /.well-known {
  28. allow all;
  29. }
  30.  
  31. listen 80;
  32. #listen 443 ssl http2; #ssl port config
  33. server_name openflixr; #donotremove_domainname
  34.  
  35. # SSL + hardening
  36. #ssl_certificate /etc/letsencrypt/live//fullchain.pem; #donotremove_certificatepath
  37. #ssl_certificate_key /etc/letsencrypt/live//privkey.pem; #donotremove_certificatekeypath
  38. ssl_session_timeout 10m;
  39. ssl_session_cache shared:SSL:10m;
  40. ssl_buffer_size 64k;
  41. ssl_session_tickets off;
  42. ssl_dhparam /etc/nginx/dhparam.pem;
  43. ssl_protocols TLSv1.2;
  44. ssl_ecdh_curve secp384r1;
  45. ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384';
  46. ssl_prefer_server_ciphers on;
  47. ssl_stapling on;
  48. ssl_stapling_verify on;
  49. ssl_trusted_certificate /etc/letsencrypt/live//fullchain.pem; #donotremove_trustedcertificatepath
  50. server_tokens off;
  51. add_header X-Robots-Tag "noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex";
  52. add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
  53. add_header X-Content-Type-Options "nosniff" always;
  54. add_header X-Frame-Options "SAMEORIGIN" always;
  55. #add_header X-XSS-Protection "1; mode=block";
  56. #add_header Content-Security-Policy "default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; connect-src 'self' https:; img-src 'self' https:; style-src 'self' 'unsafe-inline' https:; font-src 'self' https:; frame-src 'self' https:; object-src 'none';"; #donotremove_contentsecuritypolicy
  57.  
  58. location = / { #gravopenflixr
  59. auth_basic off; #gravopenflixr
  60. return 301 /openflixr; #gravopenflixr
  61. } #gravopenflixr
  62.  
  63. location /openflixr { add_header X-Robots-Tag "noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex"; add_header Strict-Transport-Security "max-age=31536000;includeSubDomains" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-Protection "1;mode=block";expires 1y;add_header Cache-Control "public";
  64. auth_basic off;
  65. index index.html;
  66. root /usr/share/nginx/html;
  67. }
  68.  
  69. location / {
  70. auth_basic off;
  71. index index.php;
  72. root /usr/share/nginx/html;
  73. try_files $uri $uri/ /index.php?_url=$uri&$query_string;
  74. location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
  75. location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
  76. location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
  77. location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
  78. }
  79.  
  80. location ~ \.php$ {
  81. auth_basic off;
  82. fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  83. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  84. fastcgi_index index.php;
  85. include fastcgi_params;
  86. fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
  87. }
  88.  
  89. location /spotweb {
  90. index index.php;
  91. root /usr/share/nginx/html;
  92. }
  93. if ($uri !~ "api/"){
  94. rewrite /api/?$ /spotweb/index.php?page=newznabapi last;
  95. }
  96.  
  97. location ~ /spotweb/.+\.php$ {
  98. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  99. fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  100. include fastcgi_params;
  101. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  102. fastcgi_index index.php;
  103. }
  104.  
  105. location /pihole {
  106. index index.php;
  107. root /usr/share/nginx/html;
  108. }
  109.  
  110. location ~ /pihole/.+\.php$ {
  111. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  112. fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  113. include fastcgi_params;
  114. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  115. fastcgi_index index.php;
  116. }
  117.  
  118. location /phpmyadmin {
  119. auth_basic off;
  120. index index.php
  121. root /usr/share/phpmyadmin;
  122. }
  123.  
  124. location ~ /phpmyadmin/.+\.php$ {
  125. auth_basic off;
  126. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  127. fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  128. include fastcgi_params;
  129. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  130. fastcgi_index index.php;
  131. }
  132.  
  133. location /headphones {
  134. proxy_pass http://127.0.0.1:8181;
  135. proxy_set_header Host $host;
  136. proxy_set_header X-Real-IP $remote_addr;
  137. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  138. }
  139.  
  140. location /web {
  141. auth_basic off;
  142. proxy_pass http://127.0.0.1:32400;
  143. proxy_set_header Host $host;
  144. proxy_set_header X-Real-IP $remote_addr;
  145. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  146. }
  147.  
  148. location /plex {
  149. auth_basic off;
  150. proxy_pass http://127.0.0.1/web;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  151. }
  152.  
  153. location /htpc {
  154. proxy_pass http://127.0.0.1:8085;
  155. proxy_set_header Host $host;
  156. proxy_set_header X-Real-IP $remote_addr;
  157. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  158. }
  159.  
  160. location /sabnzbd {
  161. proxy_pass http://127.0.0.1:8080;
  162. proxy_set_header Host $host;
  163. proxy_set_header X-Real-IP $remote_addr;
  164. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  165. }
  166.  
  167. location /couchpotato {
  168. proxy_pass http://127.0.0.1:5050;
  169. proxy_set_header Host $host;
  170. proxy_set_header X-Real-IP $remote_addr;
  171. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  172. }
  173.  
  174. location /sickrage {
  175. proxy_pass http://127.0.0.1:8081;
  176. proxy_set_header Host $host;
  177. proxy_set_header X-Real-IP $remote_addr;
  178. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  179. }
  180.  
  181. location /plexpy {
  182. proxy_pass http://127.0.0.1:8989;
  183. proxy_set_header Host $host;
  184. proxy_set_header X-Real-IP $remote_addr;
  185. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  186. }
  187.  
  188. location /comics {
  189. proxy_pass http://127.0.0.1:2022;
  190. proxy_set_header Host $host;
  191. proxy_set_header X-Real-IP $remote_addr;
  192. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  193. }
  194.  
  195. location /request {
  196. auth_basic off;
  197. proxy_pass http://127.0.0.1:3579;
  198. proxy_set_header Host $host;
  199. proxy_set_header X-Real-IP $remote_addr;
  200. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  201. }
  202.  
  203. location /mylar {
  204. proxy_pass http://127.0.0.1:8090;
  205. proxy_set_header Host $host;
  206. proxy_set_header X-Real-IP $remote_addr;
  207. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  208. }
  209.  
  210. location /torrent/ {
  211. proxy_pass http://127.0.0.1:9999/;
  212. proxy_set_header Host $host;
  213. proxy_set_header X-Real-IP $remote_addr;
  214. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  215. proxy_redirect off;
  216. proxy_pass_header Set-Cookie;
  217. }
  218.  
  219. location /netdata/ {
  220. proxy_pass http://127.0.0.1:19999/;
  221. proxy_set_header Host $host;
  222. proxy_set_header X-Real-IP $remote_addr;
  223. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  224. }
  225.  
  226. location /mopidy {
  227. proxy_pass http://127.0.0.1:6680;
  228. proxy_set_header Host $host;
  229. proxy_set_header X-Real-IP $remote_addr;
  230. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  231. }
  232.  
  233. location /moped {
  234. proxy_pass http://127.0.0.1:6680/moped;
  235. proxy_set_header Host $host;
  236. proxy_set_header X-Real-IP $remote_addr;
  237. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  238. }
  239.  
  240. location /mopify {
  241. proxy_pass http://127.0.0.1:6680/mopify;
  242. proxy_set_header Host $host;
  243. proxy_set_header X-Real-IP $remote_addr;
  244. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  245. }
  246.  
  247. location /spotmop {
  248. proxy_pass http://127.0.0.1:6680/spotmop;
  249. proxy_set_header Host $host;
  250. proxy_set_header X-Real-IP $remote_addr;
  251. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  252. }
  253.  
  254. location /settings {
  255. proxy_pass http://127.0.0.1:6680/settings;
  256. proxy_set_header Host $host;
  257. proxy_set_header X-Real-IP $remote_addr;
  258. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  259. }
  260.  
  261. location /hass/ {
  262. proxy_set_header X-Forwarded-Host $host;
  263. proxy_set_header X-Forwarded-Server $host;
  264. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  265. proxy_pass http://127.0.0.1:8123/;
  266. }
  267.  
  268. location /webmin/ {
  269. auth_basic off;
  270. proxy_set_header X-Forwarded-Host $host;
  271. proxy_set_header X-Forwarded-Server $host;
  272. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  273. proxy_pass http://127.0.0.1:10000/;
  274. }
  275.  
  276. location /jackett/ {
  277. proxy_pass http://127.0.0.1:9117/;
  278. proxy_set_header Host $host;
  279. proxy_set_header X-Real-IP $remote_addr;
  280. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  281. }
  282.  
  283. location /sonarr {
  284. proxy_pass http://127.0.0.1:7979;
  285. proxy_set_header Host $host;
  286. proxy_set_header X-Real-IP $remote_addr;
  287. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  288. }
  289.  
  290. location /radarr {
  291. proxy_pass http://127.0.0.1:7878;
  292. proxy_set_header Host $host;
  293. proxy_set_header X-Real-IP $remote_addr;
  294. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  295. }
  296.  
  297. location /nzbget {
  298. proxy_pass http://127.0.0.1:6789;
  299. proxy_set_header Host $host;
  300. proxy_set_header X-Real-IP $remote_addr;
  301. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  302. }
  303.  
  304. location /autosub {
  305. proxy_pass http://127.0.0.1:8888;
  306. proxy_set_header Host $host;
  307. proxy_set_header X-Real-IP $remote_addr;
  308. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  309. }
  310.  
  311. location /log/ {
  312. proxy_pass http://127.0.0.1:4321/;
  313. proxy_http_version 1.1;
  314. proxy_set_header Upgrade $http_upgrade;
  315. proxy_set_header Connection "upgrade";
  316. }
  317.  
  318. location /socket.io/ {
  319. proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
  320. proxy_set_header Accept-Encoding "";
  321. proxy_set_header X-Real-IP $remote_addr;
  322. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  323. proxy_set_header X-NginX-Proxy true;
  324. proxy_http_version 1.1;
  325. proxy_set_header Upgrade $http_upgrade;
  326. proxy_set_header Connection "upgrade";
  327. proxy_set_header Host $host;
  328. proxy_set_header X-Forwarded-Proto $scheme;
  329. proxy_pass http://127.0.0.1:4321/; # put the port of your node app here
  330. proxy_redirect off;
  331. }
  332.  
  333. location /setup { error_page 403 /error/403.a/index.html;
  334. auth_basic off;
  335. allow 10.0.0.0/8;
  336. allow 172.16.0.0/12;
  337. allow 192.168.0.0/16;
  338. allow 127.0.0.1;
  339. deny all;
  340. index index.php;
  341. root /usr/share/nginx/html;
  342. }
  343.  
  344. location ~ /setup/.+\.php$ {
  345. auth_basic off;
  346. allow 10.0.0.0/8;
  347. allow 172.16.0.0/12;
  348. allow 192.168.0.0/16;
  349. allow 127.0.0.1;
  350. deny all;
  351. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  352. fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  353. include fastcgi_params;
  354. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  355. fastcgi_index index.php;
  356. }
  357.  
  358. location /monit/ {
  359. auth_basic "OpenFLIXR Login"
  360. rewrite ^/monit/(.*) /$1 break;
  361. proxy_ignore_client_abort on;
  362. proxy_pass http://192.168.1.8:2812;
  363. # proxy_set_header Host $host;
  364. proxy_redirect http://192.168.1.8:2812 /monit;
  365. proxy_cookie_path / /monit/'
  366. }
  367.  
  368. location /syncthing/ {
  369. proxy_set_header Host $host;
  370. proxy_set_header X-Real-IP $remote_addr;
  371. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  372. proxy_set_header X-Forwarded-Proto $scheme;
  373. proxy_pass http://127.0.0.1:8384/;
  374. proxy_read_timeout 600s;
  375. proxy_send_timeout 600s;
  376. }
  377.  
  378. location /netdata/api/v1 {
  379. auth_basic off;
  380. proxy_pass http://127.0.0.1:19999/api/v1;
  381. proxy_set_header Host $host;
  382. proxy_set_header X-Real-IP $remote_addr;
  383. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  384. }
  385.  
  386. location /nzbhydra2/ {
  387. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  388. proxy_pass http://127.0.0.1:5075/nzbhydra/;
  389. }
  390.  
  391. location /latest {
  392. auth_basic off;
  393. index index.php;
  394. root /usr/share/nginx/html;
  395. }
  396.  
  397. location ~ /latest/.+.php$ {
  398. auth_basic off;
  399. fastcgi_split_path_info ^(.+.php)(/.+)$;
  400. fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  401. include fastcgi_params;
  402. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  403. fastcgi_index index.php;
  404. }
  405.  
  406. location /librarian {
  407. proxy_pass http://127.0.0.1:5299;
  408. proxy_set_header Host $host;
  409. proxy_set_header X-Real-IP $remote_addr;
  410. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  411. }
  412.  
  413. location /portainer/ {
  414. proxy_http_version 1.1;
  415. proxy_set_header Connection "";
  416. proxy_pass http://localhost:9000/;
  417. }
  418.  
  419. location /portainer/api/websocket/ {
  420. proxy_set_header Upgrade $http_upgrade;
  421. proxy_set_header Connection "upgrade";
  422. proxy_http_version 1.1;
  423. proxy_pass http://localhost:9000/api/websocket/;
  424. }
  425.  
  426. # add_config_1
  427. # add_config_2
  428. location /lidarr {
  429. proxy_pass http://127.0.0.1:8686;
  430. proxy_set_header Host $host;
  431. proxy_set_header X-Real-IP $remote_addr;
  432. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  433. }
  434.  
  435. # add_config_3
  436. # add_config_4
  437. # add_config_5
  438. # add_config_6
  439. # add_config_7
  440. # add_config_8
  441. # add_config_9
  442. # add_config_10
  443.  
  444. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!