API tools faq
paste
Guest User

Untitled

a guest
Aug 2nd, 2017
235
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.58 KB | None | 0 0
raw download clone embed print report
  1. [root@cw008 /usr/ports/security/ca_root_nss]# cat /usr/local/etc/nginx/vhosts/virtual-ssl.conf
  2. server {
  3. listen 443 http2 ;
  4. ssl on;
  5. server_name cw008.domain.net;
  6. ssl_certificate /etc/ssl/certs/domain/domain-combined.crt;
  7. ssl_certificate_key /etc/ssl/certs/domain/domain.key;
  8.  
  9. ssl_stapling on;
  10. ssl_stapling_verify on;
  11. ssl_trusted_certificate /usr/local/etc/ssl/cert.pem;
  12. resolver 8.8.8.8 8.8.4.4;
  13. resolver_timeout 10s;
  14.  
  15. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  16. ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4';
  17. ssl_prefer_server_ciphers on;
  18.  
  19.  
  20. location / {
  21. root /tunefiles;
  22. index index.html index.htm index.php;
  23.  
  24. include thumbs.inc;
  25. include mp4_secure.inc;
  26. }
  27.  
  28. # pass the PHP scripts to FastCGI server listening on unix:/var/run/www.socket
  29. location ~ \.php$ {
  30. root /tunefiles;
  31. fastcgi_pass unix:/var/run/www.socket;
  32. fastcgi_index index.php;
  33. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  34. include fastcgi_params;
  35. #accesslog /var/log/nginx-fpm.log;
  36. }
  37.  
  38. location ~ /\.ht {
  39. deny all;
  40. }
  41. }
  42.  
  43.  
  44. [root@cw008 /usr/ports/security/ca_root_nss]# cat /usr/local/etc/nginx/mp4_secure.inc
  45. location /files/subs {
  46. location ~* \.(vtt)$ {
  47. add_header Access-Control-Allow-Origin *;
  48. }
  49. }
  50.  
  51. location /files/videos {
  52. secure_link $arg_h,$arg_ttl;
  53. secure_link_md5 "$secure_link_expires$uri 1232121231";
  54.  
  55. location ~* \.(mpd)$ {
  56. add_header Access-Control-Allow-Origin *;
  57. }
  58.  
  59. location ~ dashinit\.mp4$ {
  60. add_header Access-Control-Allow-Origin *;
  61. include cors.inc;
  62. sendfile off;
  63. aio on;
  64. mp4;
  65. mp4_buffer_size 10M;
  66. mp4_max_buffer_size 30M;
  67. expires 1y;
  68. add_header Cache-Control "public";
  69. include hotlink.inc;
  70. }
  71.  
  72. location ~ \.mp4$ {
  73. add_header Access-Control-Allow-Origin *;
  74. # if ($secure_link = "") { return 403; }
  75. # if ($secure_link = "0") { return 410; }
  76. include cors.inc;
  77. sendfile off;
  78. aio on;
  79. mp4;
  80. mp4_buffer_size 10M;
  81. mp4_max_buffer_size 30M;
  82. expires 1y;
  83. add_header Cache-Control "public";
  84. # include hotlink.inc;
  85. }
  86.  
  87. location ~ \.flv$ {
  88. add_header Access-Control-Allow-Origin *;
  89. if ($secure_link = "") { return 403; }
  90. if ($secure_link = "0") { return 410; }
  91. flv;
  92. expires 1y;
  93. add_header Cache-Control "public";
  94. include hotlink.inc;
  95. }
  96. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!