API tools faq
paste
Guest User

Untitled

a guest
Jul 18th, 2020
74
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.42 KB | None | 0 0
raw download clone embed print report
  1. nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
  2. nginx: configuration file /etc/nginx/nginx.conf test is successful
  3. # configuration file /etc/nginx/nginx.conf:
  4. # Generated by nginxconfig.io
  5. # https://www.digitalocean.com/community/tools/nginx?domains.0.server.domain=shot-on-top.com&domains.0.server.path=%2Fvar%2Fwww%2Fwww-root%2Fdata%2Fwww&domains.0.server.documentRoot=%2Fshot-on-top.com&domains.0.php.php=false&domains.0.reverseProxy.reverseProxy=true&domains.0.reverseProxy.path=%2Fvar%2Fwww%2Fnodejs%2F&domains.0.reverseProxy.proxyPass=http%3A%2F%2F5.63.152.158%3A5000&domains.0.routing.index=index.html&domains.0.routing.fallbackHtml=true&domains.0.routing.fallbackPhp=false&global.security.serverTokens=true&global.nginx.user=www-root
  6.  
  7. user www-root;
  8. pid /run/nginx.pid;
  9. worker_processes auto;
  10. worker_rlimit_nofile 65535;
  11.  
  12. events {
  13. multi_accept on;
  14. worker_connections 65535;
  15. }
  16.  
  17. http {
  18. charset utf-8;
  19. sendfile on;
  20. tcp_nopush on;
  21. tcp_nodelay on;
  22. log_not_found off;
  23. types_hash_max_size 2048;
  24. client_max_body_size 16M;
  25.  
  26. # MIME
  27. include mime.types;
  28. default_type application/octet-stream;
  29.  
  30. # Logging
  31. access_log /var/log/nginx/access.log;
  32. error_log /var/log/nginx/error.log warn;
  33.  
  34. # SSL
  35. ssl_session_timeout 1d;
  36. ssl_session_cache shared:SSL:10m;
  37. ssl_session_tickets off;
  38.  
  39. # Diffie-Hellman parameter for DHE ciphersuites
  40. ssl_dhparam /etc/nginx/dhparam.pem;
  41.  
  42. # Mozilla Intermediate configuration
  43. ssl_protocols TLSv1.2 TLSv1.3;
  44. ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
  45.  
  46. # OCSP Stapling
  47. ssl_stapling on;
  48. ssl_stapling_verify on;
  49. resolver 1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220 valid=60s;
  50. resolver_timeout 2s;
  51.  
  52. # Load configs
  53. include /etc/nginx/conf.d/*.conf;
  54. include /etc/nginx/sites-enabled/*;
  55. }
  56.  
  57. # configuration file /etc/nginx/mime.types:
  58.  
  59. types {
  60. text/html html htm shtml;
  61. text/css css;
  62. text/xml xml;
  63. image/gif gif;
  64. image/jpeg jpeg jpg;
  65. application/javascript js;
  66. application/atom+xml atom;
  67. application/rss+xml rss;
  68.  
  69. text/mathml mml;
  70. text/plain txt;
  71. text/vnd.sun.j2me.app-descriptor jad;
  72. text/vnd.wap.wml wml;
  73. text/x-component htc;
  74.  
  75. image/png png;
  76. image/svg+xml svg svgz;
  77. image/tiff tif tiff;
  78. image/vnd.wap.wbmp wbmp;
  79. image/webp webp;
  80. image/x-icon ico;
  81. image/x-jng jng;
  82. image/x-ms-bmp bmp;
  83.  
  84. font/woff woff;
  85. font/woff2 woff2;
  86.  
  87. application/java-archive jar war ear;
  88. application/json json;
  89. application/mac-binhex40 hqx;
  90. application/msword doc;
  91. application/pdf pdf;
  92. application/postscript ps eps ai;
  93. application/rtf rtf;
  94. application/vnd.apple.mpegurl m3u8;
  95. application/vnd.google-earth.kml+xml kml;
  96. application/vnd.google-earth.kmz kmz;
  97. application/vnd.ms-excel xls;
  98. application/vnd.ms-fontobject eot;
  99. application/vnd.ms-powerpoint ppt;
  100. application/vnd.oasis.opendocument.graphics odg;
  101. application/vnd.oasis.opendocument.presentation odp;
  102. application/vnd.oasis.opendocument.spreadsheet ods;
  103. application/vnd.oasis.opendocument.text odt;
  104. application/vnd.openxmlformats-officedocument.presentationml.presentation
  105. pptx;
  106. application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
  107. xlsx;
  108. application/vnd.openxmlformats-officedocument.wordprocessingml.document
  109. docx;
  110. application/vnd.wap.wmlc wmlc;
  111. application/x-7z-compressed 7z;
  112. application/x-cocoa cco;
  113. application/x-java-archive-diff jardiff;
  114. application/x-java-jnlp-file jnlp;
  115. application/x-makeself run;
  116. application/x-perl pl pm;
  117. application/x-pilot prc pdb;
  118. application/x-rar-compressed rar;
  119. application/x-redhat-package-manager rpm;
  120. application/x-sea sea;
  121. application/x-shockwave-flash swf;
  122. application/x-stuffit sit;
  123. application/x-tcl tcl tk;
  124. application/x-x509-ca-cert der pem crt;
  125. application/x-xpinstall xpi;
  126. application/xhtml+xml xhtml;
  127. application/xspf+xml xspf;
  128. application/zip zip;
  129.  
  130. application/octet-stream bin exe dll;
  131. application/octet-stream deb;
  132. application/octet-stream dmg;
  133. application/octet-stream iso img;
  134. application/octet-stream msi msp msm;
  135.  
  136. audio/midi mid midi kar;
  137. audio/mpeg mp3;
  138. audio/ogg ogg;
  139. audio/x-m4a m4a;
  140. audio/x-realaudio ra;
  141.  
  142. video/3gpp 3gpp 3gp;
  143. video/mp2t ts;
  144. video/mp4 mp4;
  145. video/mpeg mpeg mpg;
  146. video/quicktime mov;
  147. video/webm webm;
  148. video/x-flv flv;
  149. video/x-m4v m4v;
  150. video/x-mng mng;
  151. video/x-ms-asf asx asf;
  152. video/x-ms-wmv wmv;
  153. video/x-msvideo avi;
  154. }
  155.  
  156. # configuration file /etc/nginx/conf.d/default.conf:
  157. # disabled by ISPmanager
  158.  
  159. # configuration file /etc/nginx/conf.d/sysmon.conf:
  160.  
  161.  
  162. # configuration file /etc/nginx/sites-enabled/shot-on-top.com.conf:
  163. server {
  164. listen 443 ssl http2;
  165. listen [::]:443 ssl http2;
  166. server_name shot-on-top.com;
  167. root /var/www/www-root/data/www/shot-on-top.com;
  168.  
  169. # SSL
  170. ssl_certificate /etc/nginx/ssl/shot-on-top.com.crt;
  171. ssl_certificate_key /etc/nginx/ssl/shot-on-top.com.key;
  172.  
  173. # security
  174. include nginxconfig.io/security.conf;
  175.  
  176. # index.html fallback
  177. location / {
  178. try_files $uri $uri/ /index.html;
  179. }
  180.  
  181. # reverse proxy
  182. location /var/www/nodejs/ {
  183. proxy_pass http://5.63.152.158:5000;
  184. include nginxconfig.io/proxy.conf;
  185. }
  186.  
  187. # additional config
  188. include nginxconfig.io/general.conf;
  189. }
  190.  
  191. # subdomains redirect
  192. server {
  193. listen 443 ssl http2;
  194. listen [::]:443 ssl http2;
  195. server_name *.shot-on-top.com;
  196.  
  197. # SSL
  198. ssl_certificate /etc/letsencrypt/live/shot-on-top.com/fullchain.pem;
  199. ssl_certificate_key /etc/letsencrypt/live/shot-on-top.com/privkey.pem;
  200. ssl_trusted_certificate /etc/letsencrypt/live/shot-on-top.com/chain.pem;
  201. return 301 https://shot-on-top.com$request_uri;
  202. }
  203.  
  204. # HTTP redirect
  205. server {
  206. listen 80;
  207. listen [::]:80;
  208. include nginxconfig.io/letsencrypt.conf;
  209.  
  210. location / {
  211. return 301 https://shot-on-top.com$request_uri;
  212. }
  213. }
  214.  
  215. # configuration file /etc/nginx/nginxconfig.io/security.conf:
  216. # security headers
  217. add_header X-Frame-Options "SAMEORIGIN" always;
  218. add_header X-XSS-Protection "1; mode=block" always;
  219. add_header X-Content-Type-Options "nosniff" always;
  220. add_header Referrer-Policy "no-referrer-when-downgrade" always;
  221. add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
  222. add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
  223.  
  224. # . files
  225. location ~ /\.(?!well-known) {
  226. deny all;
  227. }
  228.  
  229. # configuration file /etc/nginx/nginxconfig.io/proxy.conf:
  230. proxy_http_version 1.1;
  231. proxy_cache_bypass $http_upgrade;
  232.  
  233. # Proxy headers
  234. proxy_set_header Upgrade $http_upgrade;
  235. proxy_set_header Connection "upgrade";
  236. proxy_set_header Host $host;
  237. proxy_set_header X-Real-IP $remote_addr;
  238. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  239. proxy_set_header X-Forwarded-Proto $scheme;
  240. proxy_set_header X-Forwarded-Host $host;
  241. proxy_set_header X-Forwarded-Port $server_port;
  242.  
  243. # Proxy timeouts
  244. proxy_connect_timeout 60s;
  245. proxy_send_timeout 60s;
  246. proxy_read_timeout 60s;
  247.  
  248. # configuration file /etc/nginx/nginxconfig.io/general.conf:
  249. # favicon.ico
  250. location = /favicon.ico {
  251. log_not_found off;
  252. access_log off;
  253. }
  254.  
  255. # robots.txt
  256. location = /robots.txt {
  257. log_not_found off;
  258. access_log off;
  259. }
  260.  
  261. # assets, media
  262. location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ {
  263. expires 7d;
  264. access_log off;
  265. }
  266.  
  267. # svg, fonts
  268. location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ {
  269. add_header Access-Control-Allow-Origin "*";
  270. expires 7d;
  271. access_log off;
  272. }
  273.  
  274. # gzip
  275. gzip on;
  276. gzip_vary on;
  277. gzip_proxied any;
  278. gzip_comp_level 6;
  279. gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;
  280.  
  281. # configuration file /etc/nginx/nginxconfig.io/letsencrypt.conf:
  282. # ACME-challenge
  283. location ^~ /.well-known/acme-challenge/ {
  284. root /var/www/_letsencrypt;
  285. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!