summaryrefslogtreecommitdiffstats
path: root/usr/local/etc
diff options
context:
space:
mode:
Diffstat (limited to 'usr/local/etc')
-rw-r--r--usr/local/etc/cgitrc83
-rw-r--r--usr/local/etc/gmid.conf24
-rw-r--r--usr/local/etc/nginx/nginx.conf202
-rw-r--r--usr/local/etc/pf.conf60
4 files changed, 0 insertions, 369 deletions
diff --git a/usr/local/etc/cgitrc b/usr/local/etc/cgitrc
deleted file mode 100644
index b123224..0000000
--- a/usr/local/etc/cgitrc
+++ /dev/null
@@ -1,83 +0,0 @@
-#
-# cgit config
-#
-
-css=/css/cgit.css
-logo=/img/cgit.png
-favicon=/img/favicon.ico
-
-# if you do not want that webcrawler (like google) index your site
-robots=index, nofollow
-
-# if cgit messes up links, use a virtual-root. For example, cgit.example.org/ has this value:
-virtual-root=/
-
-root-title=GitJoe
-root-desc=where the good code belongs
-root-readme=/usr/local/www/gitjoe/about.html
-footer=/usr/local/www/gitjoe/footer.html
-
-clone-url=git://gitjoe.xyz/$CGIT_REPO_URL
-
-enable-blame=0
-enable-commit-graph=1
-enable-filter-overrides=1
-enable-follow-links=1
-enable-git-config=0
-enable-http-clone=0
-enable-http-serving=0
-enable-index-links=0
-enable-index-owner=0
-enable-log-filecount=1
-enable-log-linecount=1
-enable-remote-branches=1
-enable-subject-links=1
-enable-tree-linenumbers=1
-
-branch-sort=age
-repository-sort=name
-local-time=0
-strict-export=git-daemon-export-ok
-remove-suffix=1
-side-by-side-diffs=0
-section-sort=1
-section-from-path=1
-
-cache-size=0
-
-about-filter=/usr/local/lib/cgit/filters/about-formatting-edited.sh
-source-filter=/usr/local/lib/cgit/filters/syntax-highlighting-edited.sh
-
-snapshots=tar.gz tar.bz2 tar.xz zip
-max-stats=year
-
-readme=:README.md
-readme=:readme.md
-readme=:README.org
-readme=:readme.org
-readme=:README.mkd
-readme=:readme.mkd
-readme=:README.html
-readme=:readme.html
-readme=:README.htm
-readme=:readme.htm
-readme=:README.txt
-readme=:readme.txt
-readme=:README
-readme=:readme
-readme=:INSTALL.md
-readme=:install.md
-readme=:INSTALL.org
-readme=:install.org
-readme=:INSTALL.mkd
-readme=:install.mkd
-readme=:INSTALL.html
-readme=:install.html
-readme=:INSTALL.htm
-readme=:install.htm
-readme=:INSTALL.txt
-readme=:install.txt
-readme=:INSTALL
-readme=:install
-
-scan-path=/usr/local/git
diff --git a/usr/local/etc/gmid.conf b/usr/local/etc/gmid.conf
deleted file mode 100644
index cf7b293..0000000
--- a/usr/local/etc/gmid.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-# drop privileges
-user "_gmid"
-
-# it's a good idea to enable chroot, but
-# beware that can make CGI scripting harder
-#chroot "/var/gemini"
-
-# An example of a server block:
-server "jozanofastora.xyz" {
- # set the directory to serve; it's relative to the
- # chroot (if enabled)
- root "/usr/local/gemini"
-
- # Set self-signed TLS cert and key. It's better to keep
- # the keys outside the chroot.
- #
- # You should generate them manually, for example:
- # openssl req -x509 -newkey rsa:4096 -nodes \
- # -out /usr/local/etc/ssl/gmid/localhost.crt \
- # -keyout /usr/local/etc/ssl/gmid/localhost.key \
- # -subj "/CN=localhost"
- cert "/usr/local/etc/letsencrypt/live/jozanofastora.xyz/cert.pem"
- key "/usr/local/etc/letsencrypt/live/jozanofastora.xyz/privkey.pem"
-}
diff --git a/usr/local/etc/nginx/nginx.conf b/usr/local/etc/nginx/nginx.conf
deleted file mode 100644
index 3febbf9..0000000
--- a/usr/local/etc/nginx/nginx.conf
+++ /dev/null
@@ -1,202 +0,0 @@
-worker_processes 1;
-
-events {
- worker_connections 1024;
-}
-
-http {
- include mime.types;
- default_type application/octet-stream;
- sendfile on;
- keepalive_timeout 65;
- gzip on;
- gzip_vary on;
- gzip_min_length 1k;
- gzip_proxied expired no-cache no-store private auth;
- gzip_buffers 4 16k;
- gzip_http_version 1.1;
- gzip_comp_level 2;
- gzip_types text/plain application/x-javascript application/javascript text/css application/xml application/json;
-
- map $sent_http_content_type $expires {
- default off;
- text/css 15m;
- application/javascript 15m;
- ~image/ 15m;
- }
-
- server{
- server_name jozanofastora.xyz;
- root /usr/local/www/jozan;
- index index.html;
- expires $expires;
-
- location / {
- try_files $uri $uri/ =404;
- }
- location ~ /\.ht {
- deny all;
- }
- location ~ \.cgi$ {
- include fastcgi_params;
- fastcgi_param SCRIPT_FILENAME $document_root/asm-example.cgi;
- fastcgi_param PATH_INFO $uri;
- fastcgi_param HTTP_HOST $server_name;
- fastcgi_pass unix:/var/run/fcgiwrap/fcgiwrap.sock;
- }
- error_page 403 /403.html;
- location = /403.html {
- root /usr/local/www/jozan/err;
- }
- error_page 404 /404.html;
- location = /404.html {
- root /usr/local/www/jozan/err;
- }
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- root /usr/local/www/nginx-dist;
- }
-
- listen 443 ssl;
- ssl_certificate /usr/local/etc/letsencrypt/live/jozanofastora.xyz/fullchain.pem;
- ssl_certificate_key /usr/local/etc/letsencrypt/live/jozanofastora.xyz/privkey.pem;
-}
-
- server {
- server_name gitjoe.xyz;
- root /usr/local/www/gitjoe;
- try_files $uri @cgit;
- index cgit.cgi;
-
- location @cgit {
- include fastcgi_params;
- fastcgi_param SCRIPT_FILENAME $document_root/cgit.cgi;
- fastcgi_param PATH_INFO $uri;
- fastcgi_param QUERY_STRING $args;
- fastcgi_param HTTP_HOST $server_name;
- fastcgi_param CGIT_CONFIG /usr/local/etc/cgitrc;
- fastcgi_pass unix:/var/run/fcgiwrap/fcgiwrap.sock;
-
- gzip off;
- rewrite ^/([^/]+/.*)?$ /cgit.cgi?url=$1 break;
- }
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- root /usr/local/www/nginx-dist;
- }
-
- listen 443 ssl;
- ssl_certificate /usr/local/etc/letsencrypt/live/gitjoe.xyz/fullchain.pem;
- ssl_certificate_key /usr/local/etc/letsencrypt/live/gitjoe.xyz/privkey.pem;
-}
- server{
- server_name watchoom.gitjoe.xyz;
- root /usr/local/www/watchoom;
- index index.html;
- expires $expires;
-
- location / {
- try_files $uri $uri/ =404;
- }
- location ~ /\.ht {
- deny all;
- }
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- root /usr/local/www/nginx-dist;
- }
-
- listen 443 ssl;
- ssl_certificate /usr/local/etc/letsencrypt/live/gitjoe.xyz/fullchain.pem;
- ssl_certificate_key /usr/local/etc/letsencrypt/live/gitjoe.xyz/privkey.pem;
-}
-
- server {
- server_name fossil.jozanofastora.xyz;
- index index.html;
- root /usr/local/www/fossiljoe;
-
- # Bypass Fossil for the static documentation generated from
- # our source code by Doxygen, so it merges into the embedded
- # doc URL hierarchy at Fossil’s $ROOT/doc without requiring that
- # these generated files actually be stored in the repo. This
- # also lets us set aggressive caching on these docs, since
- # they rarely change.
- location /code/doc/html {
- root /usr/local/www/fossiljoe;
-
- location ~* \.(html|ico|css|js|gif|jpg|png)$ {
- expires 7d;
- add_header Vary Accept-Encoding;
- access_log off;
- }
- }
- # Redirect everything else to the Fossil instance
- location /code {
- include scgi_params;
- scgi_param SCRIPT_NAME "/code";
- scgi_pass 127.0.0.1:12345;
- }
-}
-
-server{
- if ($host = gitjoe.xyz) {
- return 301 https://$host?p=about;
- }
-
- server_name gitjoe.xyz;
- listen 80;
- return 404;
-}
-
-server{
- if ($host = jozanofastora.xyz) {
- return 301 https://$host$request_uri;
- }
-
- server_name jozanofastora.xyz;
- listen 80;
- return 404;
-}
-
-server{
- if ($host = watchoom.gitjoe.xyz) {
- return 301 https://$host$request_uri;
- }
-
- server_name watchoom.gitjoe.xyz;
- listen 80;
- return 404;
-}
-
-#server {
-# if ($host = fossil.jozanofastora.xyz) {
-# return 301 https://$host$request_uri;
-# }
-#
-# server_name fossil.jozanofastora.xyz;
-# listen 80;
-# return 404;
-#}
-
-server {
- server_name www.jozanofastora.xyz;
- listen 80;
- listen 443 ssl;
- rewrite ^/(.*) http://jozanofastora.xyz/$1 permanent;
- ssl_certificate /usr/local/etc/letsencrypt/live/jozanofastora.xyz/fullchain.pem;
- ssl_certificate_key /usr/local/etc/letsencrypt/live/jozanofastora.xyz/privkey.pem;
- return 404;
-}
-
-server {
-
- server_name www.gitjoe.xyz git.jozanofastora.xyz;
- listen 80;
- listen 443 ssl;
- rewrite ^/(.*) http://gitjoe.xyz/?p=about permanent;
- ssl_certificate /usr/local/etc/letsencrypt/live/gitjoe.xyz/fullchain.pem;
- ssl_certificate_key /usr/local/etc/letsencrypt/live/gitjoe.xyz/privkey.pem;
- return 404;
-}
-}
diff --git a/usr/local/etc/pf.conf b/usr/local/etc/pf.conf
deleted file mode 100644
index c514fe8..0000000
--- a/usr/local/etc/pf.conf
+++ /dev/null
@@ -1,60 +0,0 @@
-## Set public interface ##
-ext_if="vtnet0"
-
-## set and drop IP ranges on the public interface ##
-martians = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, \
- 10.0.0.0/8, 169.254.0.0/16, 192.0.2.0/24, \
- 0.0.0.0/8, 240.0.0.0/4 }"
-
-table <spamd> persist
-table <spamd-allow> persist
-
-# Allowed webmail services
-#table <webmail> persist file "/usr/local/etc/pf.webmail.ip.conf"
-
-## Skip loop back interface - Skip all PF processing on interface ##
-set skip on lo
-
-## Sets the interface for which PF should gather statistics such as bytes in/out and packets passed/blocked ##
-set loginterface $ext_if
-
-# Deal with attacks based on incorrect handling of packet fragments
-scrub in all
-
-
-# Pass spamd allow list
-rdr pass log on $ext_if inet proto tcp from <spamd-allow> to $ext_if port smtp \
- -> 127.0.0.1 port 25
-# Pass webmail servers
-rdr pass log on $ext_if inet proto tcp from <gmail> to $ext_if port smtp \
- -> 127.0.0.1 port 25
-# pass submission messages.
-pass quick log on $ext_if inet proto tcp from any to $ext_if port submission modulate state
-# Pass unknown mail to spamd
-rdr pass log on $ext_if inet proto tcp from {!<spamd-allow> <spamd>} to $ext_if port smtp \
- -> 127.0.0.1 port 8025
-
-## Blocking spoofed packets
-antispoof quick for $ext_if
-
-## Set default policy ##
-block return in log all
-block out all
-
-# Drop all Non-Routable Addresses
-block drop in quick on $ext_if from $martians to any
-block drop out quick on $ext_if from any to $martians
-
-pass in inet proto tcp to $ext_if port ssh
-
-# Allow Ping-Pong stuff. Be a good sysadmin
-pass inet proto icmp icmp-type echoreq
-
-# Open up imap/pop3 support
-pass quick on $ext_if proto tcp from any to any port {imap, imaps, pop3, pop3s} modulate state
-
-
-# Allow outgoing traffic
-pass out on $ext_if proto tcp from any to any modulate state
-pass out on $ext_if proto udp from any to any keep state
-#pass quick on $ext_if from any to any port http
powered by cgit. Copyright (c) 2020-2023, Joe - this website does not use cookies or php or js