API tools faq
paste
Guest User

Untitled

a guest
Sep 5th, 2020
96
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.96 KB | None | 0 0
raw download clone embed print report
  1. nginx: [warn] conflicting server name "chairbirds.com" on 0.0.0.0:80, ignored
  2. nginx: [warn] conflicting server name "chairbirds.com" on 0.0.0.0:443, ignored
  3. nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
  4. nginx: configuration file /etc/nginx/nginx.conf test is successful
  5. # configuration file /etc/nginx/nginx.conf:
  6. user www-data;
  7. worker_processes auto;
  8. pid /run/nginx.pid;
  9. include /etc/nginx/modules-enabled/*.conf;
  10.  
  11. events {
  12. worker_connections 768;
  13. # multi_accept on;
  14. }
  15.  
  16. http {
  17.  
  18. ##
  19. # Basic Settings
  20. ##
  21.  
  22. sendfile on;
  23. tcp_nopush on;
  24. tcp_nodelay on;
  25. keepalive_timeout 65;
  26. types_hash_max_size 2048;
  27. # server_tokens off;
  28.  
  29. # server_names_hash_bucket_size 64;
  30. # server_name_in_redirect off;
  31.  
  32. include /etc/nginx/mime.types;
  33. default_type application/octet-stream;
  34.  
  35. ##
  36. # SSL Settings
  37. ##
  38.  
  39. ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
  40. ssl_prefer_server_ciphers on;
  41.  
  42. ##
  43. # Logging Settings
  44. ##
  45.  
  46. access_log /var/log/nginx/access.log;
  47. error_log /var/log/nginx/error.log;
  48.  
  49. ##
  50. # Gzip Settings
  51. ##
  52.  
  53. gzip on;
  54.  
  55. # gzip_vary on;
  56. # gzip_proxied any;
  57. # gzip_comp_level 6;
  58. # gzip_buffers 16 8k;
  59. # gzip_http_version 1.1;
  60. # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
  61.  
  62. ##
  63. # Virtual Host Configs
  64. ##
  65.  
  66. include /etc/nginx/conf.d/*.conf;
  67. include /etc/nginx/sites-enabled/*;
  68. }
  69.  
  70.  
  71. #mail {
  72. # # See sample authentication script at:
  73. # # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
  74. #
  75. # # auth_http localhost/auth.php;
  76. # # pop3_capabilities "TOP" "USER";
  77. # # imap_capabilities "IMAP4rev1" "UIDPLUS";
  78. #
  79. # server {
  80. # listen localhost:110;
  81. # protocol pop3;
  82. # proxy on;
  83. # }
  84. #
  85. # server {
  86. # listen localhost:143;
  87. # protocol imap;
  88. # proxy on;
  89. # }
  90. #}
  91.  
  92. # configuration file /etc/nginx/modules-enabled/50-mod-http-geoip.conf:
  93. load_module modules/ngx_http_geoip_module.so;
  94.  
  95. # configuration file /etc/nginx/modules-enabled/50-mod-http-image-filter.conf:
  96. load_module modules/ngx_http_image_filter_module.so;
  97.  
  98. # configuration file /etc/nginx/modules-enabled/50-mod-http-xslt-filter.conf:
  99. load_module modules/ngx_http_xslt_filter_module.so;
  100.  
  101. # configuration file /etc/nginx/modules-enabled/50-mod-mail.conf:
  102. load_module modules/ngx_mail_module.so;
  103.  
  104. # configuration file /etc/nginx/modules-enabled/50-mod-stream.conf:
  105. load_module modules/ngx_stream_module.so;
  106.  
  107. # configuration file /etc/nginx/mime.types:
  108.  
  109. types {
  110. text/html html htm shtml;
  111. text/css css;
  112. text/xml xml;
  113. image/gif gif;
  114. image/jpeg jpeg jpg;
  115. application/javascript js;
  116. application/atom+xml atom;
  117. application/rss+xml rss;
  118.  
  119. text/mathml mml;
  120. text/plain txt;
  121. text/vnd.sun.j2me.app-descriptor jad;
  122. text/vnd.wap.wml wml;
  123. text/x-component htc;
  124.  
  125. image/png png;
  126. image/tiff tif tiff;
  127. image/vnd.wap.wbmp wbmp;
  128. image/x-icon ico;
  129. image/x-jng jng;
  130. image/x-ms-bmp bmp;
  131. image/svg+xml svg svgz;
  132. image/webp webp;
  133.  
  134. application/font-woff woff;
  135. application/java-archive jar war ear;
  136. application/json json;
  137. application/mac-binhex40 hqx;
  138. application/msword doc;
  139. application/pdf pdf;
  140. application/postscript ps eps ai;
  141. application/rtf rtf;
  142. application/vnd.apple.mpegurl m3u8;
  143. application/vnd.ms-excel xls;
  144. application/vnd.ms-fontobject eot;
  145. application/vnd.ms-powerpoint ppt;
  146. application/vnd.wap.wmlc wmlc;
  147. application/vnd.google-earth.kml+xml kml;
  148. application/vnd.google-earth.kmz kmz;
  149. application/x-7z-compressed 7z;
  150. application/x-cocoa cco;
  151. application/x-java-archive-diff jardiff;
  152. application/x-java-jnlp-file jnlp;
  153. application/x-makeself run;
  154. application/x-perl pl pm;
  155. application/x-pilot prc pdb;
  156. application/x-rar-compressed rar;
  157. application/x-redhat-package-manager rpm;
  158. application/x-sea sea;
  159. application/x-shockwave-flash swf;
  160. application/x-stuffit sit;
  161. application/x-tcl tcl tk;
  162. application/x-x509-ca-cert der pem crt;
  163. application/x-xpinstall xpi;
  164. application/xhtml+xml xhtml;
  165. application/xspf+xml xspf;
  166. application/zip zip;
  167.  
  168. application/octet-stream bin exe dll;
  169. application/octet-stream deb;
  170. application/octet-stream dmg;
  171. application/octet-stream iso img;
  172. application/octet-stream msi msp msm;
  173.  
  174. application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
  175. application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
  176. application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
  177.  
  178. audio/midi mid midi kar;
  179. audio/mpeg mp3;
  180. audio/ogg ogg;
  181. audio/x-m4a m4a;
  182. audio/x-realaudio ra;
  183.  
  184. video/3gpp 3gpp 3gp;
  185. video/mp2t ts;
  186. video/mp4 mp4;
  187. video/mpeg mpeg mpg;
  188. video/quicktime mov;
  189. video/webm webm;
  190. video/x-flv flv;
  191. video/x-m4v m4v;
  192. video/x-mng mng;
  193. video/x-ms-asf asx asf;
  194. video/x-ms-wmv wmv;
  195. video/x-msvideo avi;
  196. }
  197.  
  198. # configuration file /etc/nginx/sites-enabled/cybirds.conf:
  199.  
  200. upstream cybirds {
  201. server unix:/home/chris/mezzanine/cybirds/gunicorn.sock fail_timeout=0;
  202. }
  203.  
  204. server {
  205.  
  206. listen 80;
  207. listen 443 ssl;
  208. server_name chairbirds.com;
  209. client_max_body_size 10M;
  210. keepalive_timeout 15;
  211. error_log /home/chris/logs/cybirds_error_nginx.log info;
  212.  
  213. ssl_certificate conf/cybirds.crt;
  214. ssl_certificate_key conf/cybirds.key;
  215. ssl_session_cache shared:SSL:10m;
  216. ssl_session_timeout 10m;
  217. ssl_ciphers <stuff>
  218. ssl_prefer_server_ciphers on;
  219. ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
  220.  
  221. # Deny illegal Host headers
  222. if ($host !~* ^(chairbirds.com)$) {
  223. return 444;
  224. }
  225.  
  226. location / {
  227. proxy_redirect off;
  228. proxy_set_header Host $host;
  229. proxy_set_header X-Real-IP $remote_addr;
  230. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  231. proxy_set_header X-Forwarded-Protocol $scheme;
  232. proxy_pass http://cybirds;
  233. }
  234.  
  235. location /static/ {
  236. root /home/chris/mezzanine/cybirds;
  237. access_log off;
  238. log_not_found off;
  239. expires 30d;
  240. }
  241.  
  242. location /robots.txt {
  243. root /home/chris/mezzanine/cybirds/static;
  244. access_log off;
  245. log_not_found off;
  246. }
  247.  
  248. location /favicon.ico {
  249. root /home/chris/mezzanine/cybirds/static/img;
  250. access_log off;
  251. log_not_found off;
  252. }
  253.  
  254. location /media/ {
  255. root /home/chris/mezzanine/cybirds;
  256. }
  257. }
  258.  
  259. # configuration file /etc/nginx/sites-enabled/default:
  260. ##
  261. # You should look at the following URL's in order to grasp a solid understanding
  262. # of Nginx configuration files in order to fully unleash the power of Nginx.
  263. # https://www.nginx.com/resources/wiki/start/
  264. # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
  265. # https://wiki.debian.org/Nginx/DirectoryStructure
  266. #
  267. # In most cases, administrators will remove this file from sites-enabled/ and
  268. # leave it as reference inside of sites-available where it will continue to be
  269. # updated by the nginx packaging team.
  270. #
  271. # This file will automatically load configuration files provided by other
  272. # applications, such as Drupal or Wordpress. These applications will be made
  273. # available underneath a path with that package name, such as /drupal8.
  274. #
  275. # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
  276. ##
  277.  
  278. # Default server configuration
  279. #
  280. server {
  281. listen 80 default_server;
  282. listen [::]:80 default_server;
  283.  
  284. # SSL configuration
  285. #
  286. # listen 443 ssl default_server;
  287. # listen [::]:443 ssl default_server;
  288. #
  289. # Note: You should disable gzip for SSL traffic.
  290. # See: https://bugs.debian.org/773332
  291. #
  292. # Read up on ssl_ciphers to ensure a secure configuration.
  293. # See: https://bugs.debian.org/765782
  294. #
  295. # Self signed certs generated by the ssl-cert package
  296. # Don't use them in a production server!
  297. #
  298. # include snippets/snakeoil.conf;
  299.  
  300. root /var/www/html;
  301.  
  302. # Add index.php to the list if you are using PHP
  303. index index.html index.htm index.nginx-debian.html;
  304.  
  305. server_name _;
  306.  
  307. location / {
  308. # First attempt to serve request as file, then
  309. # as directory, then fall back to displaying a 404.
  310. try_files $uri $uri/ =404;
  311. }
  312.  
  313. # pass PHP scripts to FastCGI server
  314. #
  315. #location ~ \.php$ {
  316. # include snippets/fastcgi-php.conf;
  317. #
  318. # # With php-fpm (or other unix sockets):
  319. # fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
  320. # # With php-cgi (or other tcp sockets):
  321. # fastcgi_pass 127.0.0.1:9000;
  322. #}
  323.  
  324. # deny access to .htaccess files, if Apache's document root
  325. # concurs with nginx's one
  326. #
  327. #location ~ /\.ht {
  328. # deny all;
  329. #}
  330. }
  331.  
  332.  
  333. # Virtual Host configuration for example.com
  334. #
  335. # You can move that to a different file under sites-available/ and symlink that
  336. # to sites-enabled/ to enable it.
  337. #
  338. #server {
  339. # listen 80;
  340. # listen [::]:80;
  341. #
  342. # server_name example.com;
  343. #
  344. # root /var/www/example.com;
  345. # index index.html;
  346. #
  347. # location / {
  348. # try_files $uri $uri/ =404;
  349. # }
  350. #}
  351.  
  352. server {
  353.  
  354. # SSL configuration
  355. #
  356. # listen 443 ssl default_server;
  357. # listen [::]:443 ssl default_server;
  358. #
  359. # Note: You should disable gzip for SSL traffic.
  360. # See: https://bugs.debian.org/773332
  361. #
  362. # Read up on ssl_ciphers to ensure a secure configuration.
  363. # See: https://bugs.debian.org/765782
  364. #
  365. # Self signed certs generated by the ssl-cert package
  366. # Don't use them in a production server!
  367. #
  368. # include snippets/snakeoil.conf;
  369.  
  370. root /var/www/html;
  371.  
  372. # Add index.php to the list if you are using PHP
  373. index index.html index.htm index.nginx-debian.html;
  374. server_name chairbirds.com; # managed by Certbot
  375.  
  376.  
  377. location / {
  378. # First attempt to serve request as file, then
  379. # as directory, then fall back to displaying a 404.
  380. try_files $uri $uri/ =404;
  381. }
  382.  
  383. # pass PHP scripts to FastCGI server
  384. #
  385. #location ~ \.php$ {
  386. # include snippets/fastcgi-php.conf;
  387. #
  388. # # With php-fpm (or other unix sockets):
  389. # fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
  390. # # With php-cgi (or other tcp sockets):
  391. # fastcgi_pass 127.0.0.1:9000;
  392. #}
  393.  
  394. # deny access to .htaccess files, if Apache's document root
  395. # concurs with nginx's one
  396. #
  397. #location ~ /\.ht {
  398. # deny all;
  399. #}
  400.  
  401.  
  402. listen [::]:443 ssl ipv6only=on; # managed by Certbot
  403. listen 443 ssl; # managed by Certbot
  404. ssl_certificate <stuff> # managed by Certbot
  405. ssl_certificate_key <stuff> # managed by Certbot
  406. include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
  407. ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
  408.  
  409.  
  410.  
  411.  
  412.  
  413.  
  414. }
  415. server {
  416. if ($host = chairbirds.com) {
  417. return 301 https://$host$request_uri;
  418. } # managed by Certbot
  419.  
  420.  
  421. listen 80 ;
  422. listen [::]:80 ;
  423. server_name chairbirds.com;
  424. return 404; # managed by Certbot
  425.  
  426.  
  427. }
  428. # configuration file /etc/letsencrypt/options-ssl-nginx.conf:
  429. # This file contains important security parameters. If you modify this file
  430. # manually, Certbot will be unable to automatically provide future security
  431. # updates. Instead, Certbot will print and log an error message with a path to
  432. # the up-to-date file that you will need to refer to when manually updating
  433. # this file.
  434.  
  435. ssl_session_cache shared:le_nginx_SSL:1m;
  436. ssl_session_timeout 1440m;
  437.  
  438. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  439. ssl_prefer_server_ciphers on;
  440.  
  441. ssl_ciphers <stuff>
  442.  
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!