daily pastebin goal
59%
SHARE
TWEET

reverse

reno306 Jan 25th, 2019 94 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. server  {
  2.    access_log /var/log/nginx/access.log;
  3. #    access_log off;
  4.    error_log /var/log/nginx/error.log;
  5. #    error_log off;
  6.     error_page 401 /error/401/index.html;
  7.     error_page 403 /error/403/index.html;
  8.     error_page 404 /error/404/index.html;
  9.     error_page 502 /error/502/index.html;error_page 500 /error/500/index.html;
  10.    
  11. location ^~ /error/ {
  12.     auth_basic off;
  13.     internal;
  14.     }
  15.  
  16.     auth_basic "OpenFLIXR Login";
  17.     auth_basic_user_file /etc/nginx/.htpasswd;
  18.  
  19. location ~ ^/(status|ping)$ {
  20.     fastcgi_split_path_info ^(.+\.php)(/.+)$;
  21.     fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  22.     include fastcgi_params;
  23.     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  24.     fastcgi_index index.php;
  25.     }
  26.  
  27. location ~ /.well-known {
  28.     allow all;
  29.     }
  30.  
  31. listen 80;
  32. #listen 443 ssl http2;  #ssl port config
  33. server_name openflixr;  #donotremove_domainname
  34.  
  35. # SSL + hardening
  36. #ssl_certificate /etc/letsencrypt/live//fullchain.pem; #donotremove_certificatepath
  37. #ssl_certificate_key /etc/letsencrypt/live//privkey.pem; #donotremove_certificatekeypath
  38. ssl_session_timeout 10m;
  39. ssl_session_cache shared:SSL:10m;
  40. ssl_buffer_size 64k;
  41. ssl_session_tickets off;
  42. ssl_dhparam /etc/nginx/dhparam.pem;
  43. ssl_protocols TLSv1.2;
  44. ssl_ecdh_curve secp384r1;
  45. ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384';
  46. ssl_prefer_server_ciphers on;
  47. ssl_stapling on;
  48. ssl_stapling_verify on;
  49. ssl_trusted_certificate /etc/letsencrypt/live//fullchain.pem; #donotremove_trustedcertificatepath
  50. server_tokens off;
  51. add_header X-Robots-Tag "noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex";
  52. add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
  53. add_header X-Content-Type-Options "nosniff" always;
  54. add_header X-Frame-Options "SAMEORIGIN" always;
  55. #add_header X-XSS-Protection "1; mode=block";
  56. #add_header Content-Security-Policy "default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https:; connect-src 'self' https:; img-src 'self' https:; style-src 'self' 'unsafe-inline' https:; font-src 'self' https:; frame-src 'self' https:; object-src 'none';"; #donotremove_contentsecuritypolicy
  57.  
  58. location = / {          #gravopenflixr
  59.     auth_basic off;     #gravopenflixr
  60.     return 301 /openflixr;  #gravopenflixr
  61.         }           #gravopenflixr
  62.  
  63. location /openflixr { add_header X-Robots-Tag "noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex"; add_header Strict-Transport-Security "max-age=31536000;includeSubDomains" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-Protection "1;mode=block";expires 1y;add_header Cache-Control "public";
  64.     auth_basic off;
  65.     index index.html;
  66.     root /usr/share/nginx/html;
  67.         }
  68.  
  69. location / {
  70.     auth_basic off;
  71.     index index.php;
  72.     root /usr/share/nginx/html;
  73.     try_files $uri $uri/ /index.php?_url=$uri&$query_string;
  74.     location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
  75.     location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
  76.     location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
  77.     location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
  78. }
  79.  
  80. location ~ \.php$ {
  81.     auth_basic off;
  82.     fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  83.         fastcgi_split_path_info ^(.+\.php)(/.+)$;
  84.         fastcgi_index index.php;
  85.         include fastcgi_params;
  86.         fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
  87.     }
  88.  
  89. location /spotweb {
  90.     index index.php;
  91.     root /usr/share/nginx/html;
  92.     }
  93.         if ($uri !~ "api/"){
  94.           rewrite /api/?$ /spotweb/index.php?page=newznabapi last;
  95.         }
  96.  
  97. location ~ /spotweb/.+\.php$ {
  98.     fastcgi_split_path_info ^(.+\.php)(/.+)$;
  99.     fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  100.     include fastcgi_params;
  101.     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  102.     fastcgi_index index.php;
  103.     }
  104.  
  105. location /pihole {
  106.     index index.php;
  107.     root /usr/share/nginx/html;
  108.         }
  109.  
  110. location ~ /pihole/.+\.php$ {
  111.     fastcgi_split_path_info ^(.+\.php)(/.+)$;
  112.     fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  113.     include fastcgi_params;
  114.     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  115.     fastcgi_index index.php;
  116.         }
  117.  
  118. location /phpmyadmin {
  119.     auth_basic off;
  120.     index index.php
  121.     root /usr/share/phpmyadmin;
  122.     }
  123.  
  124. location ~ /phpmyadmin/.+\.php$ {
  125.     auth_basic off;
  126.     fastcgi_split_path_info ^(.+\.php)(/.+)$;
  127.     fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  128.     include fastcgi_params;
  129.     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  130.     fastcgi_index index.php;
  131.     }
  132.  
  133. location /headphones {
  134.     proxy_pass http://127.0.0.1:8181;
  135.     proxy_set_header Host $host;
  136.     proxy_set_header X-Real-IP $remote_addr;
  137.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  138.     }
  139.  
  140. location /web {
  141.     auth_basic off;
  142.     proxy_pass http://127.0.0.1:32400;
  143.     proxy_set_header Host $host;
  144.     proxy_set_header X-Real-IP $remote_addr;
  145.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  146.     }
  147.  
  148. location /plex {
  149.     auth_basic off;
  150.     proxy_pass http://127.0.0.1/web;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  151.     }
  152.  
  153. location /htpc {
  154.     proxy_pass http://127.0.0.1:8085;
  155.     proxy_set_header Host $host;
  156.     proxy_set_header X-Real-IP $remote_addr;
  157.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  158.     }
  159.  
  160. location /sabnzbd {
  161.     proxy_pass http://127.0.0.1:8080;
  162.     proxy_set_header Host $host;
  163.     proxy_set_header X-Real-IP $remote_addr;
  164.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  165.     }
  166.  
  167. location /couchpotato {
  168.     proxy_pass http://127.0.0.1:5050;
  169.     proxy_set_header Host $host;
  170.     proxy_set_header X-Real-IP $remote_addr;
  171.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  172.     }
  173.  
  174. location /sickrage {
  175.     proxy_pass http://127.0.0.1:8081;
  176.     proxy_set_header Host $host;
  177.     proxy_set_header X-Real-IP $remote_addr;
  178.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  179.     }
  180.  
  181. location /plexpy {
  182.     proxy_pass http://127.0.0.1:8989;
  183.     proxy_set_header Host $host;
  184.     proxy_set_header X-Real-IP $remote_addr;
  185.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  186.     }
  187.  
  188. location /comics {
  189.     proxy_pass http://127.0.0.1:2022;
  190.     proxy_set_header Host $host;
  191.     proxy_set_header X-Real-IP $remote_addr;
  192.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  193.     }
  194.  
  195. location /request {
  196.     auth_basic off;
  197.     proxy_pass http://127.0.0.1:3579;
  198.     proxy_set_header Host $host;
  199.     proxy_set_header X-Real-IP $remote_addr;
  200.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  201.     }
  202.  
  203. location /mylar {
  204.     proxy_pass http://127.0.0.1:8090;
  205.     proxy_set_header Host $host;
  206.     proxy_set_header X-Real-IP $remote_addr;
  207.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  208.     }
  209.  
  210. location /torrent/ {
  211.     proxy_pass http://127.0.0.1:9999/;
  212.     proxy_set_header Host $host;
  213.     proxy_set_header X-Real-IP $remote_addr;
  214.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  215.     proxy_redirect off;
  216.     proxy_pass_header Set-Cookie;
  217.     }
  218.  
  219. location /netdata/ {
  220.     proxy_pass http://127.0.0.1:19999/;
  221.     proxy_set_header Host $host;
  222.     proxy_set_header X-Real-IP $remote_addr;
  223.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  224.     }
  225.  
  226. location /mopidy {
  227.     proxy_pass http://127.0.0.1:6680;
  228.     proxy_set_header Host $host;
  229.     proxy_set_header X-Real-IP $remote_addr;
  230.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  231.     }
  232.  
  233. location /moped {
  234.     proxy_pass http://127.0.0.1:6680/moped;
  235.     proxy_set_header Host $host;
  236.     proxy_set_header X-Real-IP $remote_addr;
  237.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  238.     }
  239.  
  240. location /mopify {
  241.     proxy_pass http://127.0.0.1:6680/mopify;
  242.     proxy_set_header Host $host;
  243.     proxy_set_header X-Real-IP $remote_addr;
  244.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  245.     }
  246.  
  247. location /spotmop {
  248.     proxy_pass http://127.0.0.1:6680/spotmop;
  249.     proxy_set_header Host $host;
  250.     proxy_set_header X-Real-IP $remote_addr;
  251.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  252.     }
  253.  
  254. location /settings {
  255.     proxy_pass http://127.0.0.1:6680/settings;
  256.     proxy_set_header Host $host;
  257.     proxy_set_header X-Real-IP $remote_addr;
  258.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  259.         }
  260.  
  261. location /hass/ {
  262.     proxy_set_header X-Forwarded-Host $host;
  263.     proxy_set_header X-Forwarded-Server $host;
  264.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  265.     proxy_pass http://127.0.0.1:8123/;
  266.     }
  267.  
  268. location /webmin/ {
  269.     auth_basic off;
  270.     proxy_set_header X-Forwarded-Host $host;
  271.     proxy_set_header X-Forwarded-Server $host;
  272.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  273.     proxy_pass http://127.0.0.1:10000/;
  274.     }
  275.  
  276. location /jackett/ {
  277.     proxy_pass http://127.0.0.1:9117/;
  278.     proxy_set_header Host $host;
  279.     proxy_set_header X-Real-IP $remote_addr;
  280.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  281.     }
  282.  
  283. location /sonarr {
  284.     proxy_pass http://127.0.0.1:7979;
  285.     proxy_set_header Host $host;
  286.     proxy_set_header X-Real-IP $remote_addr;
  287.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  288.     }
  289.  
  290. location /radarr {
  291.     proxy_pass http://127.0.0.1:7878;
  292.     proxy_set_header Host $host;
  293.     proxy_set_header X-Real-IP $remote_addr;
  294.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  295.         }
  296.  
  297. location /nzbget {
  298.     proxy_pass http://127.0.0.1:6789;
  299.     proxy_set_header Host $host;
  300.     proxy_set_header X-Real-IP $remote_addr;
  301.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  302.     }
  303.  
  304. location /autosub {
  305.     proxy_pass http://127.0.0.1:8888;
  306.     proxy_set_header Host $host;
  307.     proxy_set_header X-Real-IP $remote_addr;
  308.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  309.     }
  310.  
  311. location /log/ {
  312.     proxy_pass http://127.0.0.1:4321/;
  313.     proxy_http_version 1.1;
  314.     proxy_set_header Upgrade $http_upgrade;
  315.     proxy_set_header Connection "upgrade";
  316.     }
  317.  
  318. location /socket.io/ {
  319.     proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
  320.     proxy_set_header Accept-Encoding "";
  321.     proxy_set_header X-Real-IP $remote_addr;
  322.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  323.     proxy_set_header X-NginX-Proxy true;
  324.     proxy_http_version 1.1;
  325.     proxy_set_header Upgrade $http_upgrade;
  326.     proxy_set_header Connection "upgrade";
  327.     proxy_set_header Host $host;
  328.     proxy_set_header X-Forwarded-Proto $scheme;
  329.     proxy_pass http://127.0.0.1:4321/; # put the port of your node app here
  330.     proxy_redirect off;
  331.     }
  332.  
  333. location /setup { error_page 403 /error/403.a/index.html;
  334.     auth_basic off;
  335.     allow 10.0.0.0/8;
  336.     allow 172.16.0.0/12;
  337.     allow 192.168.0.0/16;
  338.     allow 127.0.0.1;
  339.     deny  all;
  340.     index index.php;
  341.     root /usr/share/nginx/html;
  342.     }
  343.  
  344. location ~ /setup/.+\.php$ {
  345.     auth_basic off;
  346.     allow 10.0.0.0/8;
  347.     allow 172.16.0.0/12;
  348.     allow 192.168.0.0/16;
  349.     allow 127.0.0.1;
  350.     deny  all;
  351.     fastcgi_split_path_info ^(.+\.php)(/.+)$;
  352.     fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  353.     include fastcgi_params;
  354.     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  355.     fastcgi_index index.php;
  356.     }
  357.  
  358. location /monit/ {
  359.     auth_basic "OpenFLIXR Login"
  360.     rewrite ^/monit/(.*) /$1 break;
  361.     proxy_ignore_client_abort on;
  362.     proxy_pass   http://192.168.1.8:2812;
  363. #    proxy_set_header Host $host;
  364.     proxy_redirect http://192.168.1.8:2812 /monit;
  365.     proxy_cookie_path / /monit/'
  366.     }
  367.  
  368. location /syncthing/ {
  369.     proxy_set_header        Host $host;
  370.     proxy_set_header        X-Real-IP $remote_addr;
  371.     proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
  372.     proxy_set_header        X-Forwarded-Proto $scheme;
  373.     proxy_pass              http://127.0.0.1:8384/;
  374.     proxy_read_timeout      600s;
  375.     proxy_send_timeout      600s;
  376. }
  377.  
  378. location /netdata/api/v1 {
  379.     auth_basic off;
  380.     proxy_pass http://127.0.0.1:19999/api/v1;
  381.     proxy_set_header Host $host;
  382.     proxy_set_header X-Real-IP $remote_addr;
  383.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  384.   }
  385.  
  386. location /nzbhydra2/ {
  387.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  388.     proxy_pass http://127.0.0.1:5075/nzbhydra/;
  389.   }
  390.  
  391. location /latest {
  392.     auth_basic off;
  393.     index index.php;
  394.     root /usr/share/nginx/html;
  395.         }
  396.  
  397. location ~ /latest/.+.php$ {
  398.     auth_basic off;
  399.     fastcgi_split_path_info ^(.+.php)(/.+)$;
  400.     fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
  401.     include fastcgi_params;
  402.     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  403.     fastcgi_index index.php;
  404.         }
  405.  
  406. location /librarian {
  407.     proxy_pass http://127.0.0.1:5299;
  408.     proxy_set_header Host $host;
  409.     proxy_set_header X-Real-IP $remote_addr;
  410.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  411.         }
  412.  
  413. location /portainer/ {
  414.     proxy_http_version 1.1;
  415.     proxy_set_header Connection "";
  416.     proxy_pass http://localhost:9000/;
  417.         }
  418.    
  419. location /portainer/api/websocket/ {
  420.     proxy_set_header Upgrade $http_upgrade;
  421.     proxy_set_header Connection "upgrade";
  422.     proxy_http_version 1.1;
  423.     proxy_pass http://localhost:9000/api/websocket/;
  424.         }
  425.  
  426. # add_config_1
  427. # add_config_2
  428. location /lidarr {
  429.     proxy_pass http://127.0.0.1:8686;
  430.     proxy_set_header Host $host;
  431.     proxy_set_header X-Real-IP $remote_addr;
  432.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  433.         }
  434.  
  435. # add_config_3
  436. # add_config_4
  437. # add_config_5
  438. # add_config_6
  439. # add_config_7
  440. # add_config_8
  441. # add_config_9
  442. # add_config_10
  443.  
  444.     }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top